www.ProFTPD.de
13. März 2007, 22:02:49 *
Willkommen Gast. Bitte einloggen oder registrieren.
Haben Sie Ihre Aktivierungs E-Mail übersehen?

Einloggen mit Benutzername, Passwort und Sitzungslänge
News: SMF - Neu installiert!
 
  Übersicht Hilfe Suche Login Registrieren  
  Zeige Beiträge
Seiten: [1]
1  ProFTPD / ProFTPD - Deutsch / Re: chroot funzt net am: 03. August 2006, 14:00:18
 Grinsend

OK, nach langem Probieren habe ich folgenden Abschnitt eingefügt. Jetzt funzt alles. Juhu.

<Limit SITE_CHMOD>
   AllowAll
</Limit>


Danke für die Hilfe

grolleimer
2  ProFTPD / ProFTPD - Deutsch / Re: chroot funzt net am: 03. August 2006, 13:19:23

Hier erstmal die Ausgabe der Shell beim Starten:
####################
  - FS: using system open()
 - FS: using system read()
 - dispatching directive 'DefaultServer' to module mod_core
 - dispatching directive 'Port' to module mod_core
 - dispatching directive 'ServerName' to module mod_core
 - dispatching directive 'DisplayLogin' to module mod_core
 - dispatching directive 'ServerType' to module mod_core
 - dispatching directive 'DeferWelcome' to module mod_core
 - dispatching directive 'ShowSymlinks' to module mod_ls
 - dispatching directive 'MultilineRFC2228' to module mod_core
 - dispatching directive 'ShowSymlinks' to module mod_ls
 - dispatching directive 'AllowOverwrite' to module mod_xfer
 - dispatching directive 'TimeoutNoTransfer' to module mod_xfer
 - dispatching directive 'TimeoutStalled' to module mod_xfer
 - dispatching directive 'TimeoutIdle' to module mod_core
 - dispatching directive 'DisplayFirstChdir' to module mod_core
 - dispatching directive 'ListOptions' to module mod_ls
 - dispatching directive 'DenyFilter' to module mod_core
 - DenyFilter: compiling deny regex '\*.*/'
 - dispatching directive 'PathAllowFilter' to module mod_core
 - PathAllowFilter: compiling allow regex '(^[a-zA-Z0-9/_].*$)|(^.htaccess)'
 - dispatching directive 'MaxInstances' to module mod_core
 - dispatching directive 'RequireValidShell' to module mod_auth
 - dispatching directive 'DefaultRoot' to module mod_auth
 - dispatching directive 'SystemLog' to module mod_log
 - dispatching directive 'DebugLevel' to module mod_core
 - dispatching directive 'User' to module mod_core
 - dispatching auth request "getpwnam" to module mod_ldap
 - dispatching auth request "getpwnam" to module mod_auth_file
 - dispatching auth request "getpwnam" to module mod_auth_unix
 - retrieved UID 65534 for user 'nobody'
 - dispatching directive 'Group' to module mod_core
 - dispatching auth request "getgrnam" to module mod_ldap
 - dispatching auth request "getgrnam" to module mod_auth_file
 - dispatching auth request "getgrnam" to module mod_auth_unix
 - retrieved GID 65534 for group 'nogroup'
 - FS: using system read()
 - dispatching directive 'ScoreboardFile' to module mod_core
 - dispatching directive '<Directory>' to module mod_core
 - <Directory /*>: deferring resolution of path
 - dispatching directive 'Umask' to module mod_core
 - dispatching directive 'AllowOverwrite' to module mod_xfer
 - dispatching directive '</Directory>' to module mod_core
 - dispatching directive '<VirtualHost>' to module mod_core
 - ''IP virtueller Host'' resolved to IPv4 address 'IP virtueller Host'
 - dispatching directive 'Group' to module mod_core
 - dispatching auth request "getgrnam" to module mod_ldap
 - dispatching auth request "getgrnam" to module mod_auth_file
 - dispatching auth request "getgrnam" to module mod_auth_unix
 - retrieved GID 20000 for group 'web'
 - dispatching directive 'DefaultServer' to module mod_core
 - dispatching directive 'Port' to module mod_core
 - dispatching directive 'ServerName' to module mod_core
 - dispatching directive 'DisplayLogin' to module mod_core
 - dispatching directive 'ServerAdmin' to module mod_core
 - dispatching directive 'ServerIdent' to module mod_core
 - dispatching directive 'ListOptions' to module mod_ls
 - dispatching directive 'RequireValidShell' to module mod_auth
 - dispatching directive 'DefaultRoot' to module mod_auth
 - dispatching directive 'LDAPServer' to module mod_ldap
 - dispatching directive 'LDAPDNInfo' to module mod_ldap
 - dispatching directive 'LDAPDoAuth' to module mod_ldap
 - dispatching directive 'LDAPDefaultUID' to module mod_ldap
 - dispatching directive 'LDAPDefaultGID' to module mod_ldap
 - dispatching directive 'CreateHome' to module mod_auth
 - FS: using system read()
 - dispatching directive 'LDAPDoQuotaLookups' to module mod_ldap
 - dispatching directive 'QuotaEngine' to module mod_quotatab
 - dispatching directive 'QuotaTallyTable' to module mod_quotatab
 - dispatching directive 'QuotaDisplayUnits' to module mod_quotatab
 - dispatching directive 'QuotaShowQuotas' to module mod_quotatab
 - dispatching directive 'QuotaLog' to module mod_quotatab
 - dispatching directive 'QuotaLimitTable' to module mod_quotatab
 - dispatching directive '<Directory>' to module mod_core
 - <Directory /*>: deferring resolution of path
 - dispatching directive 'Umask' to module mod_core
 - dispatching directive 'AllowOverwrite' to module mod_xfer
 - dispatching directive '</Directory>' to module mod_core
 - dispatching directive '</VirtualHost>' to module mod_core
 - ''IP virtueller Host'' resolved to IPv4 address 'IP virtueller Host'
 - attempting to resolve 'slacky' to IPv4 address via DNS
 - resolved 'slacky' to IPv4 address 127.0.0.1
 - FS: using system read()
 - FS: using system close()
 - attempting to resolve 'slacky' to IPv4 address via DNS
 - resolved 'slacky' to IPv4 address 127.0.0.1
slacky -
slacky - Config for Webserver fuer Domainkunden:
slacky - /*
slacky -  Umask
slacky -  DirUmask
slacky -  AllowOverwrite
slacky -  DisplayLogin
slacky -  ShowSymlinks
slacky -  DisplayFirstChdir
slacky -  ListOptions
slacky -  DenyFilter
slacky -  PathAllowFilter
slacky -  RequireValidShell
slacky - DefaultServer
slacky - DisplayLogin
slacky - DeferWelcome
slacky - ShowSymlinks
slacky - ShowSymlinks
slacky - AllowOverwrite
slacky - TimeoutNoTransfer
slacky - TimeoutStalled
slacky - TimeoutIdle
slacky - DisplayFirstChdir
slacky - ListOptions
slacky - DenyFilter
slacky - PathAllowFilter
slacky - RequireValidShell
slacky - DefaultRoot
slacky - DebugLevel
slacky - UserID
slacky - UserName
slacky - GroupID
slacky - GroupName
slacky - ''IP virtueller Host'' resolved to IPv4 address 'IP virtueller Host'
slacky -
slacky - Config for Webserver fuer Homepagekunden:
slacky - /*
slacky -  Umask
slacky -  DirUmask
slacky -  AllowOverwrite
slacky -  DisplayLogin
slacky -  ListOptions
slacky -  RequireValidShell
slacky - GroupID
slacky - GroupName
slacky - DisplayLogin
slacky - ServerIdent
slacky - ListOptions
slacky - RequireValidShell
slacky - DefaultRoot
slacky - LDAPServer
slacky - LDAPDNInfo
slacky - LDAPDoAuth
slacky - LDAPDefaultUID
slacky - LDAPDefaultGID
slacky - CreateHome
slacky - LDAPDoQuotaLookups
slacky - QuotaEngine
slacky - QuotaTallyTable
slacky - QuotaDisplayUnits
slacky - QuotaShowQuotas
slacky - QuotaLog
slacky - QuotaLimitTable
slacky - dispatching event 'core.postparse' to mod_delay
slacky - ROOT PRIVS at mod_delay.c:292
slacky - FS: using system open()
slacky - RELINQUISH PRIVS at mod_delay.c:294
slacky - FS: using system fstat()
slacky - mod_delay/0.5: mapping DelayTable '/usr/local/var/proftpd/proftpd.delay' into memory
slacky - mod_delay/0.5: write-locking DelayTable '/usr/local/var/proftpd/proftpd.delay'
slacky - FS: using system ftruncate()
slacky - mod_delay/0.5: resetting DelayTable '/usr/local/var/proftpd/proftpd.delay'
slacky - mod_delay/0.5: unlocking DelayTable '/usr/local/var/proftpd/proftpd.delay'
slacky - mod_delay/0.5: unmapping DelayTable '/usr/local/var/proftpd/proftpd.delay' from memory
slacky - FS: using system close()
slacky - dispatching auth request "getgroups" to module mod_ldap
slacky - dispatching auth request "getgroups" to module mod_auth_file
slacky - dispatching auth request "getgroups" to module mod_auth_unix
slacky - retrieved group ID: 65534
slacky - setting group ID: 65534
slacky - SETUP PRIVS at main.c:2897
slacky - ROOT PRIVS at main.c:1991
slacky - RELINQUISH PRIVS at main.c:1998
proftpd.
##########################

Nun kommt noch das Log aus /var/log/proftpd.log:
##############################

Aug 03 13:21:39 slacky proftpd[29243] slacky: FS: using system chdir()
Aug 03 13:21:39 slacky proftpd[29243] slacky: ROOT PRIVS at main.c:2346
Aug 03 13:21:39 slacky proftpd[29243] slacky: deleting existing scoreboard '/var/run/proftpd.scoreboard'
Aug 03 13:21:39 slacky proftpd[29243] slacky: opening scoreboard '/var/run/proftpd.scoreboard'
Aug 03 13:21:39 slacky proftpd[29243] slacky: RELINQUISH PRIVS at main.c:2372
Aug 03 13:21:39 slacky proftpd[29243] slacky: dispatching event 'core.startup' to mod_core
Aug 03 13:21:39 slacky proftpd[29243] slacky: ROOT PRIVS at inet.c:323
Aug 03 13:21:39 slacky proftpd[29243] slacky: RELINQUISH PRIVS at inet.c:363
Aug 03 13:21:39 slacky proftpd[29243] slacky: Failed binding to 0.0.0.0, port 21: Address already in use
Aug 03 13:21:39 slacky proftpd[29243] slacky: Check the ServerType directive to ensure you are configured correctly.
Aug 03 13:21:39 slacky proftpd[29243] slacky: dispatching event 'core.exit' to core
Aug 03 13:21:39 slacky proftpd[29243] slacky: dispatching event 'core.exit' to mod_delay
Aug 03 13:21:39 slacky proftpd[29243] slacky: ROOT PRIVS at mod_delay.c:828
Aug 03 13:21:39 slacky proftpd[29243] slacky: FS: using system open()
Aug 03 13:21:39 slacky proftpd[29243] slacky: RELINQUISH PRIVS at mod_delay.c:830
Aug 03 13:21:39 slacky proftpd[29243] slacky: mod_delay/0.5: write-locking DelayTable '/usr/local/var/proftpd/proftpd.delay'
Aug 03 13:21:39 slacky proftpd[29243] slacky: mod_delay/0.5: mapping DelayTable '/usr/local/var/proftpd/proftpd.delay' into memory
Aug 03 13:21:39 slacky proftpd[29243] slacky: mod_delay/0.5: unmapping DelayTable '/usr/local/var/proftpd/proftpd.delay' from memory
Aug 03 13:21:39 slacky proftpd[29243] slacky: mod_delay/0.5: unlocking DelayTable '/usr/local/var/proftpd/proftpd.delay'
Aug 03 13:21:39 slacky proftpd[29243] slacky: FS: using system write()
Aug 03 13:21:39 slacky proftpd[29243] slacky: FS: using system close()
################################

Danach ist Schluß. Da kommt auch nix mehr rein, trotz Verbindungsaufbau


:-(
grolleimer
3  ProFTPD / ProFTPD - Deutsch / Re: chroot funzt net am: 03. August 2006, 11:25:47
Hi, danke erstmal für Deine Antwort.
Ich habe die configs nochmal verglichen (War ein Serverumzug, funktionierende config hatte ich mitgenommen).
Der einzige Unterschied ist die Direktive: LDAPHomedirOnDemand on

Diese hat proftpd beim Start als fehlerhaft deklariert:
 - Fatal: unknown configuration directive 'LDAPHomedirOnDemand' on line 57 of '/usr/local/etc/proftpd.conf'

Nur, in der Doku gibt es diese Directive. Hat ja auch mal funktioniert. Nun ist aber schon mal klar warum es kein chroot gibt. mod_ldap liegt hier in der Version 2.8.16 vor.
Sollte also hinhauen.

Haste da vielleicht ne Idee?
Gruß
grolleimer

4  ProFTPD / ProFTPD - Deutsch / chroot funzt net am: 02. August 2006, 14:32:15
Hallo,

meine User können aus Ihrem chroot raus und ALLES sehen.
Ich habe nen Debian Sarge am laufen und proftp Version 1.3.0. Meine Config:

###########################
DefaultServer                   on
Port                            21
ServerName                      "Webserver fuer Domainkunden"
DisplayLogin                    /etc/proftpd/login.message.domain.txt

ServerType                      standalone
DeferWelcome                    off

ShowSymlinks                    on
MultilineRFC2228                on
ShowSymlinks                    on
AllowOverwrite                  on

TimeoutNoTransfer               600
TimeoutStalled                  600
TimeoutIdle                     1200

DisplayFirstChdir               .message
ListOptions                     "-l"

DenyFilter                      \*.*/

PathAllowFilter                 "(^[a-zA-Z0-9\/_].*$)|(^\.htaccess)"

MaxInstances                    100
RequireValidShell               off
DefaultRoot                     ~

SystemLog                       /var/log/proftpd.log
DebugLevel                      10

User                            nobody
Group                           nogroup
ScoreboardFile                  /var/run/proftpd.scoreboard

<Directory /*>
  Umask                         022  022
  AllowOverwrite                on
</Directory>

<VirtualHost 'hier steht eine zweite IP des Servers'>
        Group                   web
        DefaultServer           off
        Port                    21
        ServerName              "Webserver fuer Homepagekunden"
        DisplayLogin            /etc/proftpd/login.message.homepage.txt
        ServerAdmin             abc@abc.de
        ServerIdent             on "Willkommen bei mir"
        ListOptions             "" strict
        RequireValidShell       off
        DefaultRoot             ~

        LDAPServer              'hier steht die LDAP IP'
        LDAPDNInfo              cn=root,ou=ich,o=selbst passwort
        LDAPDoAuth              on ou=homepage,o=selbst
        LDAPDefaultUID          30000
        LDAPDefaultGID          30000
        CreateHome              on 0755
#       LDAPHomedirOnDemand     on 0755
        LDAPDoQuotaLookups       on "ou=homepage,o=selbst" "(&(uid=%v)(objectclass=posixAccount))"

        QuotaEngine             on
        QuotaTallyTable         file:/etc/proftpd/proftpd.tallytab
        QuotaDisplayUnits       Mb
        QuotaShowQuotas         on
        QuotaLog                /var/log/proftpd_quota.log
        QuotaLimitTable         ldap:
        <Directory /*>
            Umask               022 022
            AllowOverwrite      on
        </Directory>
</VirtualHost>
########################

Hat jemand eine Idee? DefaultRoot ist doch korrekt gesetz

Gruß
grolleimer
Seiten: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC Prüfe XHTML 1.0 Prüfe CSS
Seite erstellt in 0.078 Sekunden mit 16 Zugriffen.