| View previous topic :: View next topic |
| Author |
Message |
noisebleed
Apprentice
Joined: 03 Oct 2006
Posts: 177
Location: Porto, Portugal
|
 Posted: Thu Jan 17, 2008 2:58 pm Post subject: Proftpd: 530-Unable to set anonymous privileges. [SOLVED] |
 |
|
Hi. I'm trying to setup a ftp server with Proftpd but without success. 
I want a tech user (alias of ftp) to login with password.
/etc/proftpd/proftpd.conf:
| Code: | ServerName "NG-001"
ServerType standalone
DefaultServer on
RequireValidShell off
AuthPAM off
AuthPAMConfig ftp
Port 21
PassivePorts 49000 49010
Umask 022
MaxInstances 10
SystemLog /var/log/proftpd.log
User ftp
Group ftp
DefaultRoot ~
<Directory />
AllowOverwrite on
</Directory>
<Anonymous /var/www/tech/>
User ftp
Group ftp
UserAlias tech ftp
AnonRequirePassword on
RequireValidShell off
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message
<Limit LOGIN>
Order deny,allow
Allow from all
</Limit>
# Hide all files owned by user 'root'
HideUser root
<Limit WRITE>
Deny from all
</Limit>
<Directory ./>
<Limit READ WRITE DIRS STOR CWD CDUP>
AllowAll
</Limit>
</Directory>
</Anonymous>
|
I'm trying to establish a connection through FileZilla but all I get is:
| Code: | Response: 220 ProFTPD 1.3.1rc2 Server (NG-001) [10.17.1.1]
Command: USER tech
Response: 331 Password required for tech
Command: PASS ********
Response: 530-Unable to set anonymous privileges.
Response: 530 Login incorrect.
|
From the log file /var/log/proftpd.log:
| Code: | Jan 17 12:34:59 porteiro proftpd[20228] porteiro.noisebleed.pt: ProFTPD 1.3.1rc2 (devel) (built Ter Jan 15 14:41:25 WET 2008) standalone mode STARTUP
Jan 17 12:35:18 porteiro proftpd[20240] porteiro.noisebleed.pt (10.17.1.19[10.17.1.19]): FTP session opened.
Jan 17 12:35:18 porteiro proftpd[20240] porteiro.noisebleed.pt (10.17.1.19[10.17.1.19]): ftp: Directory /var/www/tech/ is not accessible.
Jan 17 12:35:19 porteiro proftpd[20240] porteiro.noisebleed.pt (10.17.1.19[10.17.1.19]): FTP session closed.
|
I have /var/www/tech and it is the home of the ftp user.
The password for ftp user was defined through passwd in a root shell. Is this ok?
The ftp also has the shell /bin/ftp = /bin/false defined in /etc/shells.
The Proftpd version installed is 1.3.1_rc2-rc3 and was compiled with the following flags.
| Code: | | USE="acl mysql ncurses nls opensslcrypt pam radius ssl tcpd -authfile -clamav -hardened -ifsession -ipv6 -ldap -noauthunix -postgres -rewrite (-selinux) -shaper -sitemisc -softquota -vroot -xinetd" |
Is it ok to have proftpd compiled with acl?
When i try the 503 error still occurs.
Then i edited /etc/pam.d/ftp
| Code: | auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth include system-auth
# If this is enabled, anonymous logins will fail because the 'ftp' user does
# not have a "valid" shell, as listed in /etc/shells.
#
# If you enable this, it is recommended that you do *not* give the 'ftp'
# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and
# add /bin/false to /etc/shells.
# auth required pam_shells.so
account include system-auth
session include system-auth
|
and uncommented | Code: | | auth required pam_shells.so |
and tryed with again with but i didn't get any improvement.
Also when i start the proftpd service i get:
| Code: | * Starting proftpd ...
- warning: the DisplayFirstChdir directive is deprecated and will be removed in
a future release. Please use the DisplayChdir directive. [ ok ] |
Can anyone help me on this configuration? Thanks.
Last edited by noisebleed on Thu Jan 17, 2008 5:40 pm; edited 2 times in total |
|
| Back to top |
|
 |
noisebleed
Apprentice
Joined: 03 Oct 2006
Posts: 177
Location: Porto, Portugal
|
| Posted: Thu Jan 17, 2008 5:39 pm Post subject: |
|
|
| I found the solution. Recompiled the package with USE="-acl" and now i can connect to server. Still having problems (Error 550) but error 530 is solved. |
|
| Back to top |
|
|
microtechno
Apprentice
Joined: 17 Apr 2006
Posts: 224
Location: Adelaide, Australia
|
| Posted: Sun Mar 02, 2008 1:13 pm Post subject: |
|
|
| Quote: | * Starting proftpd ...
- warning: the DisplayFirstChdir directive is deprecated and will be removed in
a future release. Please use the DisplayChdir directive. [ ok ] |
to fix this change the line
| Code: | | DisplayFirstChdir .message |
to
| Code: | | DisplayChdir .message |
that is all that i know.. i am having my own problems with proftpd.. user access and the like.. so i shall keep an eye on this thread
have u checked the gentoo wiki though. I followed that.. and have a usable login.. just not what i want (no anonymous)
_________________
The next statement is true.......The last statement was false..
My Computer
Asus M2N-SLI Deluxe MB
AMD X2 6000+
3GB DDR 667
Gigabyte ATI Radeon 2900XT
Dual Boot Vista/Gentoo (Gnome)
|
|
| Back to top |
|
|
noisebleed
Apprentice
Joined: 03 Oct 2006
Posts: 177
Location: Porto, Portugal
|
| Posted: Mon Mar 03, 2008 11:36 am Post subject: |
|
|
Hi.
Thanks for replying. My ftp server is running ok now. At the time I had the user "tech" alias of ftp authenticating with no problems.
The only issued that remained was that i wanted to chowned all files to apache as the ftp folder is used to hold web pages but I couldn't get the UserOwner/GroupOwner directives working.
Right now my co-worker changed the ftp config to move towards a mysql based config to add/del users so I'm not using the original config anymore.
If you are going for a mysql config I can send you our config. Good luck. |
|
| Back to top |
|
|
microtechno
Apprentice
Joined: 17 Apr 2006
Posts: 224
Location: Adelaide, Australia
|
| Posted: Mon Mar 03, 2008 10:10 pm Post subject: |
|
|
yeh that would be good thanks
just pm it.
i shall give it a try with mysql. thanks
_________________
The next statement is true.......The last statement was false..
My Computer
Asus M2N-SLI Deluxe MB
AMD X2 6000+
3GB DDR 667
Gigabyte ATI Radeon 2900XT
Dual Boot Vista/Gentoo (Gnome)
|
|
| Back to top |
|
|
|
Networking & Security
