[galaxy-dev] FTP Upload configuration

Sat, 20 Jul 2013 08:08:52 -0700 

Dear all,
I'm installing a local version of Galaxy but I'm having issues configuring the FTP upload functionality that I need. I assume the documentation in the wiki about configuring proftpd is outdated since Galaxy has recently changed authentication method. I apologize in advance for the length of this e-mail, thanks to everyone who will bother to reply. 


My Galaxy set up uses Postgresql as db and nginx and it seems working 
fine. I installed the latest available version of Proftpd (1.3.5rc3) and 
compiled it with all the needed (I think) modules. Here they are:


mod_core.c
mod_xfer.c
mod_rlimit.c
mod_auth_unix.c
mod_auth.c
mod_ls.c
mod_log.c
mod_site.c
mod_delay.c
mod_facts.c
mod_sql.c
mod_sql_postgres.c
mod_sql_passwd.c
mod_auth_pam.c
mod_cap.c

***********************

My proftpd.conf looks like this:

# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "ProFTPD 4 Galaxy"
ServerType                      standalone
DefaultServer                   on
AuthPAM                         off
SyslogFacility                  DAEMON
SyslogLevel                     debug
# Set up mod_sql_password - Galaxy passwords are stored as hex-encoded SHA1
SQLPasswordEngine               on
SQLPasswordEncoding             hex
AuthOrder                       mod_sql.c       
RequireValidShell               off

# Set up mod_sql to authenticate against the Galaxy database
SQLEngine                       on
SQLBackend                      postgres
SQLConnectInfo                  galaxy_prod@localhost:5432 galaxy password
#SQLAuthTypes                   SHA1
SQLAuthTypes                    SHA1 SHA256 pbkdf2
SQLPasswordPBKDF2               SHA256 1000 24
SQLAuthenticate                 users
SQLDefaultHomedir               /var/opt/local/proftpd
SQLUserInfo                     custom:/LookupGalaxyUser
SQLPasswordUserSalt             sql:/GetUserSalt

#SQLNamedQuery                  LookupGalaxyUser SELECT 
"email,password,'497','495','/home/galaxy/galaxy_dist/database/ftp/%U','/bin/bash' 
FROM galaxy_user WHERE email='%U'"
SQLNamedQuery	 LookupGalaxyUser  SELECT "email, (CASE WHEN 
substring(password from 1 for 6) = 'PBDKF2' THEN substring(password from 
38 for 69) ELSE password END) AS 
password2,'galaxy','galaxy','/home/galaxy/galaxy-dist/database/ftp/%U','/bin/bash' 
FROM galaxy_user WHERE email='%U'"
SQLNamedQuery	 GetUserSalt SELECT "(CASE WHEN SUBSTRING (password from 1 
for 6) = 'PBDKF2' THEN SUBSTRING (password from 21 for 36) END) AS salt 
FROM galaxy_user WHERE email='%U'"


SQLLogFile                      /var/log/proftpd.log
SQLDefaultGID                   1002
SQLDefaultUID                   1002


# Port 21 is the standard FTP port.
Port                            21
PassivePorts                    30000 40000

# Don't use IPv6 support by default.
UseIPv6                         off

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           077

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                    30

# Set the user and group under which the server will run.
User                            galaxy
Group                           galaxy

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~
CreateHome                      on dirmode 700

# Normally, we want files to be overwriteable.
AllowOverwrite          on
AllowStoreRestart               on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>

# Bar use of RETR (download) since this is not a public file drop
<Limit RETR>
 DenyAll
</Limit>

*************************************************


I have found the SQLNamedQuery directives by googling around and I have 
figured out they should work both with old and new password encryption 
methods used by Galaxy. My installation however is fresh and thus I 
should have only password encrypted with the new method.


When I try to ftp the server this is what shows up in the log:

2013-07-20 16:35:54,618 mod_sql/4.3[4127]: >>> sql_sess_init

2013-07-20 16:35:54,618 mod_sql/4.3[4127]: entering 	postgres 
cmd_defineconnection

2013-07-20 16:35:54,618 mod_sql/4.3[4127]:  name: 'default'
2013-07-20 16:35:54,618 mod_sql/4.3[4127]:  user: 'galaxy'
2013-07-20 16:35:54,618 mod_sql/4.3[4127]:  host: 'localhost'
2013-07-20 16:35:54,618 mod_sql/4.3[4127]:    db: 'galaxy_prod'
2013-07-20 16:35:54,618 mod_sql/4.3[4127]:  port: '5432'
2013-07-20 16:35:54,618 mod_sql/4.3[4127]:   ttl: '0'

2013-07-20 16:35:54,618 mod_sql/4.3[4127]: exiting 	postgres 
cmd_defineconnection
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: connection 'default' 
successfully established

2013-07-20 16:35:54,618 mod_sql/4.3[4127]: mod_sql engine     : on
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: negative_cache     : off
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: authenticate       : users
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: usertable          : users
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: userid field       : userid
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: password field     : passwd
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: UID field          : uid
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: GID field          : gid
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: homedir field      : homedir

2013-07-20 16:35:54,618 mod_sql/4.3[4127]: homedir(default)   : 
'/var/opt/local/proftpd'

2013-07-20 16:35:54,618 mod_sql/4.3[4127]: shell field        : shell
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: SQLMinUserUID      : 999
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: SQLMinUserGID      : 999
2013-07-20 16:35:54,618 mod_sql/4.3[4127]: <<< sql_sess_init
2013-07-20 16:36:01,533 mod_sql/4.3[4127]: >>> sql_escapestr

2013-07-20 16:36:01,533 mod_sql/4.3[4127]: entering 	postgres 
cmd_escapestring

2013-07-20 16:36:01,533 mod_sql/4.3[4127]: entering     postgres cmd_open
2013-07-20 16:36:01,537 mod_sql/4.3[4127]: Postgres server version: 9.2.4
2013-07-20 16:36:01,537 mod_sql/4.3[4127]: connection 'default' opened

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: exiting      postgres cmd_open
2013-07-20 16:36:01,537 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: exiting      postgres cmd_close

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: exiting 	postgres 
cmd_escapestring

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: <<< sql_escapestr
2013-07-20 16:36:01,537 mod_sql/4.3[4127]: >>> sql_lookup

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: >>> process_named_query 
'GetUserSalt'
2013-07-20 16:36:01,537 mod_sql/4.3[4127]: entering 	postgres 
cmd_escapestring

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: entering     postgres cmd_open

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: exiting      postgres cmd_open
2013-07-20 16:36:01,537 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: exiting      postgres cmd_close

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: exiting 	postgres 
cmd_escapestring

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: entering     postgres cmd_select
2013-07-20 16:36:01,537 mod_sql/4.3[4127]: entering     postgres cmd_open

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: exiting      postgres cmd_open

2013-07-20 16:36:01,537 mod_sql/4.3[4127]: query "SELECT (CASE WHEN 
SUBSTRING (password from 1 for 6) = 'PBDKF2' THEN SUBSTRING (password 
from 21 for 36) END) AS salt FROM galaxy_user WHERE 
email='federico.zambe...@gmail.com'"

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_close
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_select

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: <<< process_named_query 
'GetUserSalt'

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: <<< sql_lookup
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: >>> sql_pre_pass
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: <<< sql_pre_pass
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: >>> cmd_getpwnam

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering 	postgres 
cmd_escapestring

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_open

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_open
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_close

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting 	postgres 
cmd_escapestring
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: cache miss for user 
'federico.zambe...@gmail.com'

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: >>> sql_lookup

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: >>> process_named_query 
'LookupGalaxyUser'
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering 	postgres 
cmd_escapestring

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_open

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_open
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_close

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting 	postgres 
cmd_escapestring
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering 	postgres 
cmd_escapestring

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_open

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_open
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_close

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting 	postgres 
cmd_escapestring

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_select
2013-07-20 16:36:01,540 mod_sql/4.3[4127]: entering     postgres cmd_open

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: exiting      postgres cmd_open

2013-07-20 16:36:01,540 mod_sql/4.3[4127]: query "SELECT email, (CASE 
WHEN substring(password from 1 for 6) = 'PBDKF2' THEN substring(password 
from 38 for 69) ELSE password END) AS 
password2,'galaxy','galaxy','/home/galaxy/galaxy-dist/database/ftp/federico.zambe...@gmail.com','/bin/bash' 
FROM galaxy_user WHERE email='federico.zambe...@gmail.com'"

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: exiting      postgres cmd_close
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: exiting      postgres cmd_select

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: <<< process_named_query 
'LookupGalaxyUser'

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: <<< sql_lookup

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: custom SQLUserInfo query 
'LookupGalaxyUser' returned 6 columns for user 'federico.zambe...@gmail.com'
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: user UID 0 below 
SQLMinUserUID 999, using SQLDefaultUID 1002
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: user GID 0 below 
SQLMinUserGID 999, using SQLDefaultGID 1002
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: cache miss for user 
'federico.zambe...@gmail.com'
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: user 
'federico.zambe...@gmail.com' cached
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: + pwd.pw_name  : 
federico.zambe...@gmail.com

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: + pwd.pw_uid   : 1002
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: + pwd.pw_gid   : 1002

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: + pwd.pw_dir   : 
/home/galaxy/galaxy-dist/database/ftp/federico.zambe...@gmail.com

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: + pwd.pw_shell : /bin/bash
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: <<< cmd_getpwnam
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: >>> cmd_auth

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: entering 	postgres 
cmd_escapestring

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: entering     postgres cmd_open

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: connection 'default' count is 
now 2

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: exiting      postgres cmd_open
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: entering     postgres cmd_close

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: connection 'default' count is 
now 1

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: exiting      postgres cmd_close

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: exiting 	postgres 
cmd_escapestring
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: cache hit for user 
'federico.zambe...@gmail.com'

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: >>> cmd_check

2013-07-20 16:36:01,541 mod_sql/4.3[4127]: checking password using 
SQLAuthType 'sha1'
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: 'sha1' SQLAuthType handler 
reports failure
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: checking password using 
SQLAuthType 'sha256'
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: 'sha256' SQLAuthType handler 
reports failure
2013-07-20 16:36:01,541 mod_sql/4.3[4127]: checking password using 
SQLAuthType 'pbkdf2'
2013-07-20 16:36:01,547 mod_sql/4.3[4127]: 'pbkdf2' SQLAuthType handler 
reports failure

2013-07-20 16:36:01,547 mod_sql/4.3[4127]: <<< cmd_check
2013-07-20 16:36:01,547 mod_sql/4.3[4127]: <<< cmd_auth
2013-07-20 16:36:02,861 mod_sql/4.3[4127]: entering     postgres cmd_exit

*********************************************************************


It looks like it is able to retrieve the user from the db but then it 
somewhat fails to check the password validity.


Thanks again.

Bye and have a nice w.e.


--
============================================
Federico Zambelli, Ph.D.
Bioinformatics, Evolution and Comparative Genomics Lab
Dept. of Biosciences
University of Milano - Italy

What can be asserted without proof can be dismissed without proof.
============================================
___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
 http://lists.bx.psu.edu/

To search Galaxy mailing lists use the unified search at:
 http://galaxyproject.org/search/mailinglists/














    











					Reply via email to