|
Titel: kein login bei debian-sarge proftpd-mysql möglich - gelöst Beitrag von: mickey am 24. August 2005, 14:27:22 hi all,
habe eure ganzen beiträge zu diesem thema schon durchforstet. nur das problem.. ich sehe keinen fehler!? also mein debug log zeigt folgendes: Code: debian:/home# proftpd -nd 9 - mod_tls/2.0.7: using OpenSSL 0.9.7g 11 Apr 2005 - parsing '/etc/proftpd.conf' configuration - FS: using system open() - FS: using system read() - dispatching directive 'ServerName' to module mod_core - dispatching directive 'ServerType' to module mod_core - dispatching directive 'DeferWelcome' to module mod_core - dispatching directive 'MultilineRFC2228' to module mod_core - dispatching directive 'DefaultServer' to module mod_core - dispatching directive 'ShowSymlinks' to module mod_ls - dispatching directive 'TimeoutNoTransfer' to module mod_xfer - dispatching directive 'TimeoutStalled' to module mod_xfer - dispatching directive 'TimeoutIdle' to module mod_core - dispatching directive 'DisplayLogin' to module mod_core - dispatching directive 'DisplayFirstChdir' to module mod_core - dispatching directive 'ListOptions' to module mod_ls - dispatching directive 'DenyFilter' to module mod_core - Compiling deny regex '\*.*/'. - Allocated deny regex at location 0x812de08. - dispatching directive 'Port' to module mod_core - dispatching directive 'MaxInstances' to module mod_core - FS: using system read() - dispatching directive 'User' to module mod_core - dispatching auth request "getpwnam" to module mod_radius - dispatching auth request "getpwnam" to module mod_sql - dispatching auth request "getpwnam" to module mod_auth_file - dispatching auth request "getpwnam" to module mod_auth_unix - dispatching directive 'Group' to module mod_core - dispatching auth request "getgrnam" to module mod_radius - dispatching auth request "getgrnam" to module mod_sql - dispatching auth request "getgrnam" to module mod_auth_file - dispatching auth request "getgrnam" to module mod_auth_unix - dispatching directive 'Umask' to module mod_core - dispatching directive 'AllowOverwrite' to module mod_xfer - dispatching directive 'TransferLog' to module mod_core - dispatching directive 'LogFormat' to module mod_log - dispatching directive 'LogFormat' to module mod_log - dispatching directive 'LogFormat' to module mod_log - dispatching directive 'ExtendedLog' to module mod_log - dispatching directive 'ExtendedLog' to module mod_log - dispatching directive 'ExtendedLog' to module mod_log - dispatching directive 'CreateHome' to module mod_auth - FS: using system stat() - dispatching directive 'RequireValidShell' to module mod_auth - dispatching directive 'IdentLookups' to module mod_core - FS: using system read() - dispatching directive 'DefaultRoot' to module mod_auth - dispatching directive 'SQLAuthTypes' to module mod_sql - dispatching directive 'SQLAuthenticate' to module mod_sql - dispatching directive 'SQLConnectInfo' to module mod_sql - dispatching directive 'SQLDefaultGID' to module mod_sql - dispatching directive 'SQLDefaultUID' to module mod_sql - dispatching directive 'SQLMinUserGID' to module mod_sql - dispatching directive 'SQLMinUserUID' to module mod_sql - dispatching directive 'SQLUserInfo' to module mod_sql - dispatching directive 'SQLHomedirOnDemand' to module mod_sql - FS: using system read() - FS: using system read() - FS: using system read() - FS: using system read() - FS: using system read() - FS: using system close() localhost.localdomain - localhost.localdomain - Config for FTP-Server: localhost.localdomain - DeferWelcome localhost.localdomain - DefaultServer localhost.localdomain - ShowSymlinks localhost.localdomain - TimeoutNoTransfer localhost.localdomain - TimeoutStalled localhost.localdomain - TimeoutIdle localhost.localdomain - DisplayLogin localhost.localdomain - DisplayFirstChdir localhost.localdomain - ListOptions localhost.localdomain - DenyFilter localhost.localdomain - UserID localhost.localdomain - UserName localhost.localdomain - GroupID localhost.localdomain - GroupName localhost.localdomain - Umask localhost.localdomain - DirUmask localhost.localdomain - AllowOverwrite localhost.localdomain - TransferLog localhost.localdomain - ExtendedLog localhost.localdomain - ExtendedLog localhost.localdomain - ExtendedLog localhost.localdomain - CreateHome localhost.localdomain - RequireValidShell localhost.localdomain - IdentLookups localhost.localdomain - DefaultRoot localhost.localdomain - SQLAuthTypes localhost.localdomain - SQLAuthenticate localhost.localdomain - SQLConnectInfo localhost.localdomain - SQLDefaultGID localhost.localdomain - SQLDefaultUID localhost.localdomain - SQLMinUserGID localhost.localdomain - SQLMinUserUID localhost.localdomain - SQLUserTable localhost.localdomain - SQLUsernameField localhost.localdomain - SQLPasswordField localhost.localdomain - SQLUidField localhost.localdomain - SQLGidField localhost.localdomain - SQLHomedirField localhost.localdomain - SQLShellField localhost.localdomain - SQLHomedirOnDemand localhost.localdomain - ROOT PRIVS at ../../../modules/mod_delay.c:295 localhost.localdomain - FS: using system open() localhost.localdomain - RELINQUISH PRIVS at ../../../modules/mod_delay.c:297 localhost.localdomain - FS: using system fstat() localhost.localdomain - FS: using system close() localhost.localdomain - dispatching auth request "getgroups" to module mod_radius localhost.localdomain - dispatching auth request "getgroups" to module mod_sql localhost.localdomain - dispatching auth request "getgroups" to module mod_auth_file localhost.localdomain - dispatching auth request "getgroups" to module mod_auth_unix localhost.localdomain - SETUP PRIVS at ../../../src/main.c:2736 localhost.localdomain - ROOT PRIVS at ../../../src/main.c:1970 localhost.localdomain - RELINQUISH PRIVS at ../../../src/main.c:1977 localhost.localdomain - ROOT PRIVS at ../../../src/main.c:2325 localhost.localdomain - opening scoreboard '/var/run/proftpd/proftpd.scoreboard' localhost.localdomain - RELINQUISH PRIVS at ../../../src/main.c:2351 localhost.localdomain - ROOT PRIVS at ../../../src/inet.c:322 localhost.localdomain - RELINQUISH PRIVS at ../../../src/inet.c:380 localhost.localdomain - ProFTPD 1.2.10 (stable) (built do mrt 22 18:28:32 CET 2001) standalone mode STARTUP localhost.localdomain - ROOT PRIVS at ../../../src/main.c:2188 localhost.localdomain - RELINQUISH PRIVS at ../../../src/main.c:2190 localhost.localdomain - FS: using system lstat() localhost.localdomain - FS: using system lstat() localhost.localdomain - ROOT PRIVS at ../../../src/main.c:1162 localhost.localdomain - RELINQUISH PRIVS at ../../../src/main.c:1166 localhost.localdomain (192.168.1.232[192.168.1.232]) - ROOT PRIVS at ../../../src/main.c:1011 localhost.localdomain (192.168.1.232[192.168.1.232]) - SETUP PRIVS at ../../../src/main.c:1016 localhost.localdomain (192.168.1.232[192.168.1.232]) - FTP session requested from unknown class localhost.localdomain (192.168.1.232[192.168.1.232]) - performing module session initializations localhost.localdomain (192.168.1.232[192.168.1.232]) - mod_delay/0.4: opening DelayTable '/var/run/proftpd/proftpd.delay' localhost.localdomain (192.168.1.232[192.168.1.232]) - ROOT PRIVS at ../../../modules/mod_delay.c:774 localhost.localdomain (192.168.1.232[192.168.1.232]) - FS: using system open() localhost.localdomain (192.168.1.232[192.168.1.232]) - RELINQUISH PRIVS at ../../../modules/mod_delay.c:776 localhost.localdomain (192.168.1.232[192.168.1.232]) - mod_log: opening ExtendedLog '/var/log/proftpd.paranoid_log' localhost.localdomain (192.168.1.232[192.168.1.232]) - ROOT PRIVS at ../../../modules/mod_log.c:1144 localhost.localdomain (192.168.1.232[192.168.1.232]) - RELINQUISH PRIVS at ../../../modules/mod_log.c:1146 localhost.localdomain (192.168.1.232[192.168.1.232]) - mod_log: opening ExtendedLog '/var/log/proftpd.auth_log' localhost.localdomain (192.168.1.232[192.168.1.232]) - ROOT PRIVS at ../../../modules/mod_log.c:1144 localhost.localdomain (192.168.1.232[192.168.1.232]) - RELINQUISH PRIVS at ../../../modules/mod_log.c:1146 localhost.localdomain (192.168.1.232[192.168.1.232]) - mod_log: opening ExtendedLog '/var/log/proftpd.access_log' localhost.localdomain (192.168.1.232[192.168.1.232]) - ROOT PRIVS at ../../../modules/mod_log.c:1144 localhost.localdomain (192.168.1.232[192.168.1.232]) - RELINQUISH PRIVS at ../../../modules/mod_log.c:1146 localhost.localdomain (192.168.1.232[192.168.1.232]) - ROOT PRIVS at ../../../modules/mod_auth.c:132 localhost.localdomain (192.168.1.232[192.168.1.232]) - opening scoreboard '/var/run/proftpd/proftpd.scoreboard' localhost.localdomain (192.168.1.232[192.168.1.232]) - RELINQUISH PRIVS at ../../../modules/mod_auth.c:134 localhost.localdomain (192.168.1.232[192.168.1.232]) - ident lookup disabled localhost.localdomain (192.168.1.232[192.168.1.232]) - connected - local : 192.168.1.163:21 localhost.localdomain (192.168.1.232[192.168.1.232]) - connected - remote : 192.168.1.232:1336 localhost.localdomain (192.168.1.232[192.168.1.232]) - FTP session opened. localhost.localdomain - FS: using system lstat() localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'USER test' to mod_rewrite localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'USER test' to mod_tls localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'USER test' to mod_core localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'USER test' to mod_core localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'USER test' to mod_delay localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'USER test' to mod_auth localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching CMD command 'USER test' to mod_ratio localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching CMD command 'USER test' to mod_auth localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - no supplemental groups found for user 'test' localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching POST_CMD command 'USER test' to mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching POST_CMD command 'USER test' to mod_delay localhost.localdomain (192.168.1.232[192.168.1.232]) - mod_delay/0.4: selecting median interval from 30 values localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching LOG_CMD command 'USER test' to mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching LOG_CMD command 'USER test' to mod_log localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_rewrite localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_delay localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching CMD command 'PASS (hidden)' to mod_auth localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getgroups" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - no supplemental groups found for user 'test' localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getpwnam" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "getpwnam" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endpwent" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_radius localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_sql localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_auth_file localhost.localdomain (192.168.1.232[192.168.1.232]) - dispatching auth request "endgrent" to module mod_auth_unix localhost.localdomain (192.168.1.232[192.168.1.232]) - FTP session closed. localhost.localdomain - FS: using system lstat() localhost.localdomain - scrubbing scoreboard localhost.localdomain - ROOT PRIVS at ../../../modules/mod_core.c:130 localhost.localdomain - RELINQUISH PRIVS at ../../../modules/mod_core.c:132 localhost.localdomain - ROOT PRIVS at ../../../modules/mod_core.c:160 localhost.localdomain - RELINQUISH PRIVS at ../../../modules/mod_core.c:189 localhost.localdomain - FS: using system lstat() localhost.localdomain - ProFTPD terminating (signal 2) localhost.localdomain - ROOT PRIVS at ../../../src/main.c:1849 localhost.localdomain - ROOT PRIVS at ../../../modules/mod_delay.c:683 localhost.localdomain - FS: using system open() localhost.localdomain - RELINQUISH PRIVS at ../../../modules/mod_delay.c:685 localhost.localdomain - FS: using system write() localhost.localdomain - FS: using system close() localhost.localdomain - RELINQUISH PRIVS at ../../../src/main.c:1872 localhost.localdomain - ProFTPD 1.2.10 standalone mode SHUTDOWN localhost.localdomain - ROOT PRIVS at ../../../src/main.c:1879 localhost.localdomain - deleting existing scoreboard '/var/run/proftpd/proftpd.scoreboard' localhost.localdomain - RELINQUISH PRIVS at ../../../src/main.c:1881 localhost.localdomain - ROOT PRIVS at ../../../modules/mod_delay.c:683 localhost.localdomain - FS: using system open() localhost.localdomain - RELINQUISH PRIVS at ../../../modules/mod_delay.c:685 localhost.localdomain - FS: using system write() localhost.localdomain - FS: using system close() Titel: kein login bei debian-sarge proftpd-mysql möglich - gelöst Beitrag von: mickey am 24. August 2005, 14:30:15 offenbar zu lang mein beitrag :-)
hier der rest: mein ftp zugang: Code: >ftp 192.168.1.163 Verbindung mit 192.168.1.163 wurde hergestellt. 220 ProFTPD 1.2.10 Server (FTP-Server) [192.168.1.163] Benutzer (192.168.1.163:(none)): test 331 Password required for test. Kennwort: Verbindung beendet durch Remotehost. und restlichen logfiles: Code: ==> /var/log/mysql.log <== 050822 22:17:41 62 Query "SELECT userid, passwd, uid, gid, homedir, shell FROM proftpd_users WHERE (userid='test') LIMIT 1" 62 Quit 050822 22:18:18 63 Connect proftpd@localhost on SysConfig_db1 ==> proftpd.auth_log <== FTP-Server [16668] 192.168.1.232 [22/Aug/2005:22:18:20 +0200] "USER test" 331 ==> proftpd.paranoid_log <== FTP-Server [16668] 192.168.1.232 [22/Aug/2005:22:18:20 +0200] "USER test" 331 und meine proftpd.conf Code: debian:/home# cat /etc/proftpd.conf # # /etc/proftpd.conf -- This is a basic ProFTPD configuration file. # To really apply changes reload proftpd after modifications. # ServerName "FTP-Server" ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayFirstChdir .message ListOptions "-l" DenyFilter \*.*/ # Uncomment this if you would use quota module: #Quotas on # Port 21 is the standard FTP port. Port 21 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User nobody Group nogroup # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. #DelayEngine off # # Logging options # TransferLog /var/log/ftp/proftpd.xferlog # Some logging formats # LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" LogFormat write "%h %l %u %t \"%r\" %s %b" # Log file/dir access ExtendedLog /var/log/proftpd.access_log WRITE,READ write # Record all logins ExtendedLog /var/log/proftpd.auth_log AUTH auth # Paranoia logging level.... ExtendedLog /var/log/proftpd.paranoid_log ALL # Use the CreateHome default settings CreateHome on 755 skel /etc/ftp/skel RequireValidShell off IdentLookups off # Hiermit wird nun der User direkt in sein Heimatverzeichnis "gesperrt" # Anschliessend kann der User keine höheren Verzeichnisse sehen # Aufgrund der Gruppenangabe, nur Benutzer der Gruppe "user", jedoch # nicht User der Gruppe "staff" werden in das Heimatverzeichnis gesperrt DefaultRoot ~ #------------------------mysql Modul: 4.x # # Zugangskontrolle # SQLAuthTypes Plaintext SQLAuthenticate users SQLConnectInfo SysConfig_db1@localhost proftpd geheim SQLDefaultGID 65534 SQLDefaultUID 65534 SQLMinUserGID 100 SQLMinUserUID 500 SQLUserInfo proftpd_users userid passwd uid gid homedir shell SQLHomedirOnDemand on aja und der mysql-db eintrag für diesen user: Code: userid passwd uid gid homedir shell test test 656 656 /home/test /bin/false was mir auffällt ist z.b.: im debug logging: no supplemental groups found for user 'test' fällt irgend jemand ein fehler auf? stehe gerade etwas auf der leitung zur info zum sarge-proftpd-mysql: Code: debian:/home# proftpd -vv - ProFTPD Version: 1.2.10 (stable) - Scoreboard Version: 01040002 - Built: do mrt 22 18:28:32 CET 2001 - Module: mod_core.c - Module: mod_xfer.c - Module: mod_auth_unix.c - Module: mod_auth_file.c - Module: mod_auth.c - Module: mod_ls.c - Module: mod_log.c - Module: mod_site.c - Module: mod_auth_pam.c - Module: mod_quotatab.c - Module: mod_sql.c - Module: mod_sql_mysql.c - Module: mod_quotatab_sql.c - Module: mod_ratio.c - Module: mod_tls.c - Module: mod_rewrite.c - Module: mod_radius.c - Module: mod_wrap.c - Module: mod_quotatab_file.c - Module: mod_delay/0.4 - Module: mod_readme.c - Module: mod_ifsession.c - Module: mod_cap/1.0 Titel: gelöst Beitrag von: mickey am 24. August 2005, 14:41:44 lag an den unzureichenden berechtigung auf diese table für den user proftp, sollte man event. doch noch in die proftpd.conf
Code: SQLLOGFILE /var/log/proftpd.sql.log reingeben. da stehen auch womöglich interessante sachen ;-) |