Re: FreeBSD pam.d proftpd problem
On Nov 11, 2007 9:26 PM, Beech Rintoul <[EMAIL PROTECTED]> wrote: > >[snip] > > Have you checked the following? > > FreeBSD > --- > > To use PAM with ProFTPD, you must edit /etc/pam.conf and add the > following lines (if they are not already present): > > ftpd authrequiredpam_unix.so try_first_pass > ftpd account requiredpam_unix.so try_first_pass > ftpd session requiredpam_permit.so > > In your proftpd.conf, you'll need to set AuthPAMConfig to 'ftpd'. PAM > authentication should now work properly. Hi Beech, thank you for answer. I've just try it but it doesn't work. always same error "421 Service not available, remote server has closed connection". It's very strange cause i use other two ProFTPD with freebsd, 1.3.1rc1 on 5.5-STABLE and a 1.3.1rc2 on 6.2-STABLE. > > Beech > Best Regards, Riccardo Giuntoli -- Name: Riccardo Giuntoli Email: [EMAIL PROTECTED] Homepage: http://www.luxoro.org/ Location: Genova, Italy PGP Key: 0x67123739 PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739 Key server: hkp://wwwkeys.eu.pgp.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD pam.d proftpd problem
On Sunday 11 November 2007, Riccardo Giuntoli said: > Hi there, > > i use proftpd as my ftp solution in other three production servers > with no problem. Last week we buy out fourth server, and i started > to install and configure FreeBSD as usual. After upgrade the > sources and the ports i've got: > > [EMAIL PROTECTED]/home/taglio(106): uname -a > FreeBSD tsunami.chroot.eu 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #0: > Fri Nov 9 12:15:54 EST 2007 > [EMAIL PROTECTED]:/usr/obj/usr/src/sys/TSUNAMI i386 > [EMAIL PROTECTED] ]/home/taglio(107): > > And i've installed proftpd: > > [EMAIL PROTECTED]/home/taglio(107): proftpd -v > - ProFTPD Version 1.3.1 > [EMAIL PROTECTED]/home/taglio(108): > > For an initial simple configuration with no vhosts i've edited > /usr/local/etc/proftpd.conf like this: > > [EMAIL PROTECTED]/usr/local/etc(110): cat proftpd.conf > ServerName "Chroot tsunami hosting" > ServerType standalone > DefaultServer on > ScoreboardFile /var/run/proftpd.scoreboard > Port21 > Umask 022 > MaxInstances30 > Usernobody > Group nogroup > DefaultRoot ~/www > AllowOverwrite on > > DenyAll > > TimeoutIdle 0 > TimeoutLinger 0 > TimeoutLogin 0 > TimeoutNoTransfer 0 > TimeoutSession 0 > TimeoutStalled 0 > [EMAIL PROTECTED] ]/usr/local/etc(111): > > and in /etc/pam.d/ftpd i've got this: > > [EMAIL PROTECTED]/usr/local/etc(111): cat /etc/pam.d/ftpd > ftpd authrequiredpam_unix.so try_first_pass > ftpd account requiredpam_unix.so try_first_pass > ftpd session requiredpam_permit.so > [EMAIL PROTECTED]/usr/local/etc(112): > > After checking syntax and have started the proftpd daemon i've got > this problem : > > [EMAIL PROTECTED]/usr/local/etc(112): ftp localhost > Trying 127.0.0.1... > Connected to localhost.chroot.eu. > 421 Service not available, remote server has closed connection. > ftp> > > That i've got also on external interfaces. > > Can someone help me with some ideas? > > Thank you in advance, best regards, Riccardo Giuntoli Have you checked the following? FreeBSD --- To use PAM with ProFTPD, you must edit /etc/pam.conf and add the following lines (if they are not already present): ftpd authrequiredpam_unix.so try_first_pass ftpd account requiredpam_unix.so try_first_pass ftpd session requiredpam_permit.so In your proftpd.conf, you'll need to set AuthPAMConfig to 'ftpd'. PAM authentication should now work properly. Beech -- --- Beech Rintoul - FreeBSD Developer - [EMAIL PROTECTED] /"\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://www.freebsd.org X - NO Word docs in e-mail | Latest Release: / \ - http://www.FreeBSD.org/releases/6.2R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD pam.d proftpd problem
On Nov 11, 2007 6:51 PM, Chris Haulmark <[EMAIL PROTECTED]> wrote: > [snip] > > You did not enable PAM in proftpd.conf. There is no vhosts > configured in the proftpd.conf either. Did you intend to use > vhosts? > PAM is enable by default, isn't it? I use the simplest configuration that i can to debug the problem (no vhost, no ssl) > Also are you using inetd to serve the FTP connections? If so, > why configure ProFTPD as your standalone server. I use standalone configuration, no inetd cause i use inetd in another ipaddres to server mail related services (pop pops imap imaps) > > Did you read any documentations on how to enable pam for ProFTPD? > If so, which documentations? I've read almost all to use this simple configuration. I use proftpd in other 2 productions server with more complex configuration. > > I found that there's a bug that might have been fixed back in Jan > but it gave out similar errors. It is located at: > > http://bugs.proftpd.org/show_bug.cgi?id=2877 Yes i've read this. But it is not related to the mine. I've opened another thread in ProFTPD forum: http://forums.proftpd.org/smf/index.php?topic=3111.0 > [snip] Thank you for the interest, best regards, Riccardo Giuntoli -- Name: Riccardo Giuntoli Email: [EMAIL PROTECTED] Homepage: http://www.luxoro.org/ Location: Genova, Italy PGP Key: 0x67123739 PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739 Key server: hkp://wwwkeys.eu.pgp.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: FreeBSD pam.d proftpd problem
> On Nov 11, 2007 4:59 PM, Chris Haulmark <[EMAIL PROTECTED]> wrote: > > [snip] > > > > Why not enable logging for ProFTPD and read the logs > > after the attempts again? > > > > Do the same for debugging too. > > > >[snip] > > > > Got this: > > [EMAIL PROTECTED]/usr/local/etc(107)# proftpd -4 -n -d10 > - mod_tls/2.1.2: using OpenSSL 0.9.7e-p1 25 Oct 2004 > - retrieved UID 65534 for user 'nobody' > - retrieved GID 65533 for group 'nogroup' > tsunami.chroot.eu - > tsunami.chroot.eu - Config for Chroot tsunami hosting: > tsunami.chroot.eu - Limit > tsunami.chroot.eu - DenyAll > tsunami.chroot.eu - DefaultServer > tsunami.chroot.eu - Umask > tsunami.chroot.eu - UserID > tsunami.chroot.eu - UserName > tsunami.chroot.eu - GroupID > tsunami.chroot.eu - GroupName > tsunami.chroot.eu - DefaultRoot > tsunami.chroot.eu - AllowOverwrite > tsunami.chroot.eu - TimeoutIdle > tsunami.chroot.eu - TimeoutLinger > tsunami.chroot.eu - TimeoutLogin > tsunami.chroot.eu - TimeoutNoTransfer > tsunami.chroot.eu - TimeoutStalled > tsunami.chroot.eu - ROOT PRIVS at mod_delay.c:307 > tsunami.chroot.eu - RELINQUISH PRIVS at mod_delay.c:309 > tsunami.chroot.eu - retrieved group ID: 65534 > tsunami.chroot.eu - setting group ID: 65534 > tsunami.chroot.eu - SETUP PRIVS at main.c:2849 > tsunami.chroot.eu - ROOT PRIVS at main.c:1926 > tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1933 > tsunami.chroot.eu - ROOT PRIVS at main.c:2257 > tsunami.chroot.eu - opening scoreboard '/var/run/proftpd.scoreboard' > tsunami.chroot.eu - RELINQUISH PRIVS at main.c:2283 > tsunami.chroot.eu - ROOT PRIVS at inet.c:250 > tsunami.chroot.eu - RELINQUISH PRIVS at inet.c:267 > tsunami.chroot.eu - ROOT PRIVS at inet.c:343 > tsunami.chroot.eu - RELINQUISH PRIVS at inet.c:406 > tsunami.chroot.eu - getnameinfo error: ai_family not supported > tsunami.chroot.eu - ProFTPD 1.3.1 (stable) (built Sun Nov 11 06:25:49 > EST 2007) standalone mode STARTUP > tsunami.chroot.eu - ROOT PRIVS at pidfile.c:42 > tsunami.chroot.eu - RELINQUISH PRIVS at pidfile.c:44 > tsunami.chroot.eu - getnameinfo error: ai_family not supported > tsunami.chroot.eu - ROOT PRIVS at main.c:1054 > tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1058 > tsunami.chroot.eu - getnameinfo error: ai_family not supported > tsunami.chroot.eu - no matching vhost found for (null)#21, using > DefaultServer 'Chroot tsunami hosting' > tsunami.chroot.eu - getnameinfo error: ai_family not supported > tsunami.chroot.eu - getnameinfo error: ai_family not supported > ^Ctsunami.chroot.eu - ProFTPD terminating (signal 2) > tsunami.chroot.eu - ROOT PRIVS at main.c:1789 > tsunami.chroot.eu - ROOT PRIVS at mod_delay.c:1095 > tsunami.chroot.eu - RELINQUISH PRIVS at mod_delay.c:1097 > tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1811 > tsunami.chroot.eu - ProFTPD 1.3.1 standalone mode SHUTDOWN > tsunami.chroot.eu - ROOT PRIVS at main.c:1818 > tsunami.chroot.eu - deleting existing scoreboard > '/var/run/proftpd.scoreboard' > tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1820 > [EMAIL PROTECTED]/usr/local/etc(108)# > > Any suggestions? I will point out some things out for you to read up on. You did not enable PAM in proftpd.conf. There is no vhosts configured in the proftpd.conf either. Did you intend to use vhosts? Also are you using inetd to serve the FTP connections? If so, why configure ProFTPD as your standalone server. Did you read any documentations on how to enable pam for ProFTPD? If so, which documentations? I found that there's a bug that might have been fixed back in Jan but it gave out similar errors. It is located at: http://bugs.proftpd.org/show_bug.cgi?id=2877 Chris > > Best Regards, Riccardo Giuntoli. > > -- > Name: Riccardo Giuntoli > Email: [EMAIL PROTECTED] > Homepage: http://www.luxoro.org/ > Location: Genova, Italy > PGP Key: 0x67123739 > PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739 > Key server: hkp://wwwkeys.eu.pgp.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD pam.d proftpd problem
On Nov 11, 2007 4:59 PM, Chris Haulmark <[EMAIL PROTECTED]> wrote: > [snip] > > Why not enable logging for ProFTPD and read the logs > after the attempts again? > > Do the same for debugging too. > >[snip] > Got this: [EMAIL PROTECTED]/usr/local/etc(107)# proftpd -4 -n -d10 - mod_tls/2.1.2: using OpenSSL 0.9.7e-p1 25 Oct 2004 - retrieved UID 65534 for user 'nobody' - retrieved GID 65533 for group 'nogroup' tsunami.chroot.eu - tsunami.chroot.eu - Config for Chroot tsunami hosting: tsunami.chroot.eu - Limit tsunami.chroot.eu - DenyAll tsunami.chroot.eu - DefaultServer tsunami.chroot.eu - Umask tsunami.chroot.eu - UserID tsunami.chroot.eu - UserName tsunami.chroot.eu - GroupID tsunami.chroot.eu - GroupName tsunami.chroot.eu - DefaultRoot tsunami.chroot.eu - AllowOverwrite tsunami.chroot.eu - TimeoutIdle tsunami.chroot.eu - TimeoutLinger tsunami.chroot.eu - TimeoutLogin tsunami.chroot.eu - TimeoutNoTransfer tsunami.chroot.eu - TimeoutStalled tsunami.chroot.eu - ROOT PRIVS at mod_delay.c:307 tsunami.chroot.eu - RELINQUISH PRIVS at mod_delay.c:309 tsunami.chroot.eu - retrieved group ID: 65534 tsunami.chroot.eu - setting group ID: 65534 tsunami.chroot.eu - SETUP PRIVS at main.c:2849 tsunami.chroot.eu - ROOT PRIVS at main.c:1926 tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1933 tsunami.chroot.eu - ROOT PRIVS at main.c:2257 tsunami.chroot.eu - opening scoreboard '/var/run/proftpd.scoreboard' tsunami.chroot.eu - RELINQUISH PRIVS at main.c:2283 tsunami.chroot.eu - ROOT PRIVS at inet.c:250 tsunami.chroot.eu - RELINQUISH PRIVS at inet.c:267 tsunami.chroot.eu - ROOT PRIVS at inet.c:343 tsunami.chroot.eu - RELINQUISH PRIVS at inet.c:406 tsunami.chroot.eu - getnameinfo error: ai_family not supported tsunami.chroot.eu - ProFTPD 1.3.1 (stable) (built Sun Nov 11 06:25:49 EST 2007) standalone mode STARTUP tsunami.chroot.eu - ROOT PRIVS at pidfile.c:42 tsunami.chroot.eu - RELINQUISH PRIVS at pidfile.c:44 tsunami.chroot.eu - getnameinfo error: ai_family not supported tsunami.chroot.eu - ROOT PRIVS at main.c:1054 tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1058 tsunami.chroot.eu - getnameinfo error: ai_family not supported tsunami.chroot.eu - no matching vhost found for (null)#21, using DefaultServer 'Chroot tsunami hosting' tsunami.chroot.eu - getnameinfo error: ai_family not supported tsunami.chroot.eu - getnameinfo error: ai_family not supported ^Ctsunami.chroot.eu - ProFTPD terminating (signal 2) tsunami.chroot.eu - ROOT PRIVS at main.c:1789 tsunami.chroot.eu - ROOT PRIVS at mod_delay.c:1095 tsunami.chroot.eu - RELINQUISH PRIVS at mod_delay.c:1097 tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1811 tsunami.chroot.eu - ProFTPD 1.3.1 standalone mode SHUTDOWN tsunami.chroot.eu - ROOT PRIVS at main.c:1818 tsunami.chroot.eu - deleting existing scoreboard '/var/run/proftpd.scoreboard' tsunami.chroot.eu - RELINQUISH PRIVS at main.c:1820 [EMAIL PROTECTED]/usr/local/etc(108)# Any suggestions? Best Regards, Riccardo Giuntoli. -- Name: Riccardo Giuntoli Email: [EMAIL PROTECTED] Homepage: http://www.luxoro.org/ Location: Genova, Italy PGP Key: 0x67123739 PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739 Key server: hkp://wwwkeys.eu.pgp.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: FreeBSD pam.d proftpd problem
> [EMAIL PROTECTED]/usr/local/etc(112): ftp localhost > Trying 127.0.0.1... > Connected to localhost.chroot.eu. > 421 Service not available, remote server has closed connection. > ftp> > > That i've got also on external interfaces. > > Can someone help me with some ideas? > > Thank you in advance, best regards, Riccardo Giuntoli > Why not enable logging for ProFTPD and read the logs after the attempts again? Do the same for debugging too. Chris > > > -- > Name: Riccardo Giuntoli > Email: [EMAIL PROTECTED] > Homepage: http://www.luxoro.org/ > Location: Genova, Italy > PGP Key: 0x67123739 > PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739 > Key server: hkp://wwwkeys.eu.pgp.net > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > [EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
