Login Problem

[digidax]

Ziel: Loginverwaltung über mysql
Problem: FTP login nicht möglich

FTP Log:
Connecting to ftp.domain.com, Port 21
USER Cherry@ftp.domain.com
331 Password required for Cherry.
PASS xxxxxx
530 Login incorrect.
QUIT
Connect attempt failed.

proftpd_sql.log:
Jul 27 13:34:23 mod_sql/4.11[6111]: backend module 'mod_sql_mysql/4.04'
Jul 27 13:34:23 mod_sql/4.11[6111]: backend api    'mod_sql_api_v1'
Jul 27 13:34:23 mod_sql/4.11[6111]: >>> sql_getconf
Jul 27 13:34:23 mod_sql/4.11[6111]: entering    mysql cmd_defineconnection
Jul 27 13:34:23 mod_sql/4.11[6111]:  name: 'default'
Jul 27 13:34:23 mod_sql/4.11[6111]:  user: 'ftp'
Jul 27 13:34:23 mod_sql/4.11[6111]:  host: '192.168.130.205'
Jul 27 13:34:23 mod_sql/4.11[6111]:    db: 'ftp'
Jul 27 13:34:23 mod_sql/4.11[6111]:  port: '3306'
Jul 27 13:34:23 mod_sql/4.11[6111]:   ttl: '0'
Jul 27 13:34:23 mod_sql/4.11[6111]: exiting    mysql cmd_defineconnection
Jul 27 13:34:23 mod_sql/4.11[6111]: entering    mysql cmd_open
Jul 27 13:34:23 mod_sql/4.11[6111]: connection 'default' opened
Jul 27 13:34:23 mod_sql/4.11[6111]: connection 'default' count is now 1
Jul 27 13:34:23 mod_sql/4.11[6111]: exiting    mysql cmd_open
Jul 27 13:34:23 mod_sql/4.11[6111]: backend successfully connected.
Jul 27 13:34:23 mod_sql/4.11[6111]: mod_sql status     : on
Jul 27 13:34:23 mod_sql/4.11[6111]: negative_cache     : off
Jul 27 13:34:23 mod_sql/4.11[6111]: authenticate       : users
Jul 27 13:34:23 mod_sql/4.11[6111]: usertable          : ftp
Jul 27 13:34:23 mod_sql/4.11[6111]: userid field       : username
Jul 27 13:34:23 mod_sql/4.11[6111]: password field     : password
Jul 27 13:34:23 mod_sql/4.11[6111]: uid field          : uid
Jul 27 13:34:23 mod_sql/4.11[6111]: gid field          : gid
Jul 27 13:34:23 mod_sql/4.11[6111]: homedir field      : homedir
Jul 27 13:34:23 mod_sql/4.11[6111]: shell field        : shell
Jul 27 13:34:23 mod_sql/4.11[6111]: homedirondemand    : false
Jul 27 13:34:23 mod_sql/4.11[6111]: SQLMinUserUID      : 500
Jul 27 13:34:23 mod_sql/4.11[6111]: SQLMinUserGID      : 100
Jul 27 13:34:23 mod_sql/4.11[6111]: <<< sql_getconf
Jul 27 13:34:33 mod_sql/4.11[6111]: >>> cmd_getpwnam
Jul 27 13:34:33 mod_sql/4.11[6111]: entering    mysql cmd_escapestring
Jul 27 13:34:33 mod_sql/4.11[6111]: exiting    mysql cmd_escapestring
Jul 27 13:34:33 mod_sql/4.11[6111]: cache miss for user 'Cherry'
Jul 27 13:34:33 mod_sql/4.11[6111]: : entering    mysql cmd_select
Jul 27 13:34:33 mod_sql/4.11[6111]: entering    mysql cmd_open
Jul 27 13:34:33 mod_sql/4.11[6111]: connection 'default' count is now 2
Jul 27 13:34:33 mod_sql/4.11[6111]: exiting    mysql cmd_open
Jul 27 13:34:33 mod_sql/4.11[6111]: query "SELECT username, password, uid, gid, homedir, shell FROM ftp WHERE (username='Cherry') LIMIT 1"
Jul 27 13:34:33 mod_sql/4.11[6111]: entering    mysql cmd_close
Jul 27 13:34:33 mod_sql/4.11[6111]: connection 'default' count is now 1
Jul 27 13:34:33 mod_sql/4.11[6111]: exiting    mysql cmd_close
Jul 27 13:34:33 mod_sql/4.11[6111]: exiting    mysql cmd_select
Jul 27 13:34:33 mod_sql/4.11[6111]: NULL shell column value, setting to ""
Jul 27 13:34:33 mod_sql/4.11[6111]: cache miss for user 'Cherry'
Jul 27 13:34:33 mod_sql/4.11[6111]: user 'Cherry' cached
Jul 27 13:34:33 mod_sql/4.11[6111]: + pwd.pw_name  : Cherry
Jul 27 13:34:33 mod_sql/4.11[6111]: + pwd.pw_uid   : 65534
Jul 27 13:34:33 mod_sql/4.11[6111]: + pwd.pw_gid   : 65534
Jul 27 13:34:33 mod_sql/4.11[6111]: + pwd.pw_dir   : /srv/ftp
Jul 27 13:34:33 mod_sql/4.11[6111]: + pwd.pw_shell :
Jul 27 13:34:33 mod_sql/4.11[6111]: <<< cmd_getpwnam
Jul 27 13:34:33 mod_sql/4.11[6111]: >>> cmd_auth
Jul 27 13:34:33 mod_sql/4.11[6111]: entering    mysql cmd_escapestring
Jul 27 13:34:33 mod_sql/4.11[6111]: exiting    mysql cmd_escapestring
Jul 27 13:34:33 mod_sql/4.11[6111]: cache hit for user 'Cherry'
Jul 27 13:34:33 mod_sql/4.11[6111]: >>> cmd_check
Jul 27 13:34:33 mod_sql/4.11[6111]: checking auth_type Plaintext
Jul 27 13:34:33 mod_sql/4.11[6111]: 'Plaintext' auth handler reports success
Jul 27 13:34:33 mod_sql/4.11[6111]: cache hit for user 'Cherry'
Jul 27 13:34:33 mod_sql/4.11[6111]: <<< cmd_check
Jul 27 13:34:33 mod_sql/4.11[6111]: <<< cmd_auth
Jul 27 13:34:33 mod_sql/4.11[6111]: entering    mysql cmd_close
Jul 27 13:34:33 mod_sql/4.11[6111]: connection 'default' closed
Jul 27 13:34:33 mod_sql/4.11[6111]: connection 'default' count is now 0
Jul 27 13:34:33 mod_sql/4.11[6111]: exiting    mysql cmd_close


Jemand eine Idee? Hab ich etwas vergessen oder überlesen?

vlg
Digidax

[stonki]

debug log ?

[Anonymous]

 sorry, vergaß:

zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ROOT PRIVS at main.c:1011
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - SETUP PRIVS at main.c:1016
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - FTP session requested from unknown class
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - performing module session initializations
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ROOT PRIVS at mod_sql.c:3657
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - RELINQUISH PRIVS at mod_sql.c:3659
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ROOT PRIVS at mod_auth.c:132
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - opening scoreboard '/usr/local/var/proftpd/proftpd.scoreboard'
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - RELINQUISH PRIVS at mod_auth.c:134
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - performing ident lookup
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ident connection failed: Interrupted system call
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ident lookup returned 'UNKNOWN'
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - connected - local  : 192.168.178.20:21
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - connected - remote : 84.180.24.13:4251
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - FTP session opened.
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'USER Cherry' to mod_core
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'USER Cherry' to mod_core
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'USER Cherry' to mod_auth
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching CMD command 'USER Cherry' to mod_auth
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "getgroups" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "getgroups" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "getgroups" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - no supplemental groups found for user 'Cherry'
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching POST_CMD command 'USER Cherry' to mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching LOG_CMD command 'USER Cherry' to mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching LOG_CMD command 'USER Cherry' to mod_log
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching CMD command 'PASS (hidden)' to mod_auth
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "getgroups" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "getgroups" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "getgroups" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - no supplemental groups found for user 'Cherry'
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "getpwnam" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "gid_name" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "gid_name" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "gid_name" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "auth" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "check" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "setgrent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "setgrent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "setgrent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - USER Cherry (Login failed): Invalid shell: ''
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'QUIT' to mod_core
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'QUIT' to mod_core
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'QUIT' to mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching PRE_CMD command 'QUIT' to mod_log
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching CMD command 'QUIT' to mod_core
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - FTP session closed.
zion - FS: using system lstat()
zion - FS: using system lstat()
zion - ROOT PRIVS at main.c:1162
zion - RELINQUISH PRIVS at main.c:1166
zion - FS: using system lstat()
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ROOT PRIVS at main.c:1011
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - SETUP PRIVS at main.c:1016
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - FTP session requested from unknown class
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - performing module session initializations
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ROOT PRIVS at mod_sql.c:3657
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - RELINQUISH PRIVS at mod_sql.c:3659
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ROOT PRIVS at mod_auth.c:132
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - opening scoreboard '/usr/local/var/proftpd/proftpd.scoreboard'
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - RELINQUISH PRIVS at mod_auth.c:134
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - performing ident lookup
zion - scrubbing scoreboard
zion - ROOT PRIVS at mod_core.c:130
zion - RELINQUISH PRIVS at mod_core.c:132
zion - ROOT PRIVS at mod_core.c:160
zion - RELINQUISH PRIVS at mod_core.c:189
zion - FS: using system lstat()
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ident connection failed: Interrupted system call
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - ident lookup returned 'UNKNOWN'
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - connected - local  : 192.168.178.20:21
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - connected - remote : 84.180.24.13:4252
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - FTP session opened.
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endpwent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_sql
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_file
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - dispatching auth request "endgrent" to module mod_auth_unix
zion (p54B4180D.dip0.t-ipconnect.de[84.180.24.13]) - FTP session closed.

[stonki]

steht da doch: invalid shell. Also "RequireValidShell off" in die config rein

[Anonymous]

Danke, es funktioniert!
Eine Frage wäre da noch. Mit:

DefaultRoot ~ user,!master

"sperre" ich Mitglieder der Gruppe "user" ein, master jedoch nicht.
In der Konfig habe ich
 SQLAuthenticate users* groups*
ergänzt.

eine Mysql Tabelle "groups" existiert auch:
groupname  gid       members  
user            65555   upload
master        65556   Cherry

die Tabelle "ftp" sieht so aus:

username  uid  gid  password  homedir  count  ui  shell  letzter_zugriff  zugang  
Cherry NULL 65555 geheim /srv/ftp NULL 1 NULL NULL NULL
upload NULL 65556 geheim /srv/ftp/test NULL 2 NULL NULL NULL

leider unterscheidet er nicht zwischen den Gruppen? Hättest Du bitte noch einen Tip für mich?

[stonki]

Danke, es funktioniert!
Eine Frage wäre da noch. Mit:

DefaultRoot ~ user,!master

"sperre" ich Mitglieder der Gruppe "user" ein, master jedoch nicht.
In der Konfig habe ich
 SQLAuthenticate users* groups*
ergänzt.

eine Mysql Tabelle "groups" existiert auch:
groupname  gid       members  
user            65555   upload
master        65556   Cherry

die Tabelle "ftp" sieht so aus:

username  uid  gid  password  homedir  count  ui  shell  letzter_zugriff  zugang  
Cherry NULL 65555 geheim /srv/ftp NULL 1 NULL NULL NULL
upload NULL 65556 geheim /srv/ftp/test NULL 2 NULL NULL NULL

leider unterscheidet er nicht zwischen den Gruppen? Hättest Du bitte noch einen Tip für mich?

users* und groups* funktioniert nicht mehr. Das wird nun ueber Authorder gesteuert. Also es koennen sich im Moment auch System User anmelden.
Ansonsten kann ich Dir dabei auch nicht helfen, ich habe nie gruppen verwendet :(

[Anonymous]

Ok, ann löse ich das übers SQL. Danke nochmal.