Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Login error #42

Open
andmattia opened this issue Feb 19, 2017 · 7 comments
Open

Login error #42

andmattia opened this issue Feb 19, 2017 · 7 comments

Comments

@andmattia
Copy link

andmattia commented Feb 19, 2017
edited

I install the lastest version but is impossible to login. I'm login only with real user.

`SQLBackend mysql
SQLEngine on
#SQLPasswordEngine on
#SQLAuthenticate users*
SQLPasswordEncoding hex
SQLAuthTypes SHA1

SQLConnectInfo proftpd_admin@localhost root pass
SQLUserInfo users userid passwd uid gid homedir shell
SQLGroupInfo groups groupname gid members
SQLUserWhereClause "disabled != 1"
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "login_count=login_count+1, last_login=now() WHERE userid='%u'" users

Used to track xfer traffic per user (without invoking a quota)

SQLLog RETR bytes-out-count
SQLNamedQuery bytes-out-count UPDATE "bytes_out_used=bytes_out_used+%b WHERE userid='%u'" users
SQLLog RETR files-out-count
SQLNamedQuery files-out-count UPDATE "files_out_used=files_out_used+1 WHERE userid='%u'" users

SQLLog STOR bytes-in-count
SQLNamedQuery bytes-in-count UPDATE "bytes_in_used=bytes_in_used+%b WHERE userid='%u'" users
SQLLog STOR files-in-count
SQLNamedQuery files-in-count UPDATE "files_in_used=files_in_used+1 WHERE userid='%u'" users
`
@ChristianBeer
Copy link
Owner

Your configuration differs from the example in those two lines:

#SQLPasswordEngine on
#SQLAuthenticate users*

They should rather be:

SQLPasswordEngine       on
SQLAuthenticate         on

You should also make sure that mod_sql_passwdis enabled in proftpd.

@andmattia
Copy link
Author

@ChristianBeer thaks for you quick reply.

I modify as you sugget me but is impossibile to login.

2017-02-19 18:31:44,934 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching CMD command 'USER test' to mod_ratio
2017-02-19 18:31:44,934 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching CMD command 'USER test' to mod_auth
2017-02-19 18:31:44,934 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching POST_CMD command 'USER test' to mod_exec
2017-02-19 18:31:44,934 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching POST_CMD command 'USER test' to mod_sql
2017-02-19 18:31:44,934 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching POST_CMD command 'USER test' to mod_delay
2017-02-19 18:31:44,934 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching LOG_CMD command 'USER test' to mod_sql
2017-02-19 18:31:44,934 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching LOG_CMD command 'USER test' to mod_log
2017-02-19 18:31:47,208 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_exec
2017-02-19 18:31:47,208 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_rewrite
2017-02-19 18:31:47,208 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
2017-02-19 18:31:47,208 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-02-19 18:31:47,208 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-02-19 18:31:47,208 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_ifsession
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_shaper
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap2
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_ban
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_radius
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_sql_passwd
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_sql
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): dispatching CMD command 'PASS (hidden)' to mod_auth
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): no supplemental groups found for user 'test'
2017-02-19 18:31:47,211 FTP-0001 proftpd[44976] FTP-0001 (x.x.x.6[x.x.x.6]): USER test (Login failed): No such user found
``

@ChristianBeer
Copy link
Owner

One other thing that I can immediately think of is

AuthOrder                       mod_sql.c mod_auth_unix.c

Which was the default on Debian if I remember correctly. I'm running proftpd 1.3.5 maybe something changed in how authentication is handled in a newer version that you are using?

@andmattia
Copy link
Author

version 1.3.5a on ubuntu 16.04.2 LTS. I check AuthOrder and is exact in this order

@andmattia
Copy link
Author

andmattia commented Feb 19, 2017
edited

If I try to login with real user it's work but if i try to create user via web gui and try to login not working

sql.conf

SQLBackend              mysql
SQLEngine               on
SQLPasswordEngine       on
SQLAuthenticate         on
SQLPasswordEncoding     hex
SQLAuthTypes            SHA1

SQLConnectInfo          proftpd_admin@localhost root  password
SQLUserInfo             users userid passwd uid gid homedir shell
SQLGroupInfo            groups groupname gid members
SQLUserWhereClause      "disabled != 1"
SQLLog PASS             updatecount
SQLNamedQuery           updatecount UPDATE "login_count=login_count+1, last_login=now() WHERE userid='%u'" users

 # Used to track xfer traffic per user (without invoking a quota)
SQLLog RETR             bytes-out-count
SQLNamedQuery           bytes-out-count UPDATE "bytes_out_used=bytes_out_used+%b WHERE userid='%u'" users
SQLLog RETR             files-out-count
SQLNamedQuery           files-out-count UPDATE "files_out_used=files_out_used+1 WHERE userid='%u'" users

SQLLog STOR             bytes-in-count
SQLNamedQuery           bytes-in-count UPDATE "bytes_in_used=bytes_in_used+%b WHERE userid='%u'" users
SQLLog STOR             files-in-count
SQLNamedQuery           files-in-count UPDATE "files_in_used=files_in_used+1 WHERE userid='%u'" users

proftpd.conf

Include /etc/proftpd/modules.conf
UseIPv6				on
IdentLookups			off
ServerName			"FTP Dev"
ServerType			standalone
DeferWelcome			off
SQLAuthTypes Backend
MultilineRFC2228		on
DefaultServer			on
ShowSymlinks			on

TimeoutNoTransfer		600
TimeoutStalled			600
TimeoutIdle			1200

DisplayLogin                    welcome.msg
DisplayChdir               	.message true
ListOptions                	"-l"

DenyFilter			\*.*/
Port				21
<IfModule mod_dynmasq.c>
# DynMasqRefresh 28800
</IfModule>
MaxInstances			30
User				proftpd
Group				nogroup
Umask				022  022
AllowOverwrite			on
TransferLog /var/log/proftpd/xferlog
SystemLog   /var/log/proftpd/proftpd.log
CreateHome              on
AuthOrder               mod_sql.c mod_auth_unix.c
DefaultRoot             ~
<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine        off
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>
Include /etc/proftpd/sql.conf
Include /etc/proftpd/virtuals.conf
Include /etc/proftpd/conf.d/

@andmattia
Copy link
Author

I found the problem. In proftpd.conf I put

SQLAuthTypes Backend

I remove it and leave only in sql.conf

SQLAuthTypes            SHA1

And now I'm able to login. So now I see 2 other issue:

  1. If i put home dire on config the home dir on mysql is not used but i see that remote dir allow user to navigate to parent
  2. using umask permission for user create via webUi is impossible to C/U/D file

@ChristianBeer
Copy link
Owner

  1. I'm using DefaultRoot ~ ftpusers in proftpd.conf where ftpusers is the groupname as specified in /etc/group
  2. I don't know what you mean. My setting is Umask 022 022 which sets all uploaded files to 644 and since I use one real user for all virtual users they can in theory delete files. I'm controlling write access with a custom Directory configuration in proftpd.conf. This way I can better control which virtual group can create directories in my directory structure. So this is very use-case specific and depends how you configure proftpd in the end. This is mainly controlled by the UID/GID settings in the webUI.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ChristianBeer @andmattia