[BlueOnyx:01411] Re: FTP issues
Alan Kline
alan at snugglebunny.us
Tue Jun 16 09:36:18 -05 2009
Thanks, Michael! The four "locale" packages were missing, as was the "ui"
package--which explains much! I reinstalled those, did the restarts that you
and Chris suggested, and FTP is now right with the world...
Where would I find a list of all of the packages that should be installed for
BX? Doing a "yum list installed" showed quite a few packages with "el5" at the
end, and I wonder how many of those should actually be "centos"...
Thanks again, Michael and Chris!
Alan
Michael Stauber wrote:
> Hi Alan,
>
>
>> Thanks, Chris...cleaned out rpmforge, and downgraded phpMyAdmin as you
>> suggested. All's well with phpMyAdmin now. But, I see that FTP is now
>> totally missing from the BX services list on both the Server Management and
>> Site Management screens. The FTP service is running, but I'm still unable
>> to connect from a remote client. SFTP is ok.
>>
>
> Yeah, like said before: RPMforge and BlueOnyx don't get along at all. It
> replaces too many RPMs that BlueOnyx depends on, which then will break things.
> Hard.
>
> If RPMforge also replaced your proftpd RPM *and* brought a different
> /etc/proftpd.conf aboard, then things may get even more tricky to repair. In
> that case check /etc/proftpd.conf and see if you find backup copies of your
> proftpd.conf. They may be named /etc/proftpd.conf.rpmsave or therelike. Make a
> copy of these before you do anything else.
>
> Then check with "rpm -qa|grep ftp|sort -u" to see what FTP related RPMs are
> present on your box.
>
> On a fully "yum updated" BlueOnyx you should see these RPM's:
>
> base-ftp-am-1.0.2-3BQ8.centos5
> base-ftp-capstone-1.2.0-77BQ22.centos5
> base-ftp-glue-1.2.0-77BQ22.centos5
> base-ftp-locale-da_DK-1.2.0-77BQ22.centos5
> base-ftp-locale-de_DE-1.2.0-77BQ22.centos5
> base-ftp-locale-en-1.2.0-77BQ22.centos5
> base-ftp-locale-ja-1.2.0-77BQ22.centos5
> base-ftp-ui-1.2.0-77BQ22.centos5
> ftp-0.17-35.el5
> proftpd-1.3.1-1BQ1
>
> If you see anything else, delete those RPM's with "rpm -e <RPM-NAME>" and then
> "yum install" the versions listed above.
>
> Once you've done that, you may have to manually restart a few services to get
> things working again:
>
> /etc/init.d/xinetd restart
> /etc/init.d/cced.init restart
> /etc/init.d/admserv restart
>
> A "good" copy of the stock BlueOnyx /etc/proftpd.conf ought to look like this:
>
> ------------------------------------------------------------------------------------------------------
> # This is the ProFTPD configuration file
> # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $
>
> ServerName "ProFTPD server"
> ServerIdent on "FTP Server ready."
> ServerAdmin root at localhost
> #ServerType standalone
> ServerType inetd
> DefaultServer on
> AccessGrantMsg "User %u logged in."
> #DisplayConnect /etc/ftpissue
> #DisplayLogin /etc/ftpmotd
> #DisplayGoAway /etc/ftpgoaway
> DeferWelcome off
> RequireValidShell off
>
> # Use this to excude users from the chroot
> DefaultRoot / wheel
> DefaultRoot / admin-users
> DefaultRoot ~/../../.. site-adm
> DefaultRoot ~ !site-adm
>
> # Use pam to authenticate (default) and be authoritative
> AuthPAMConfig proftpd
> AuthOrder mod_auth_pam.c* mod_auth_unix.c
>
> # Do not perform ident nor DNS lookups (hangs when the port is filtered)
> TimesGMT off
> IdentLookups off
>
> # begin global -- do not delete
> MaxClients 100000
> IdentLookups off
> UseReverseDNS off
> # end global -- do not delete
>
> # Port 21 is the standard FTP port.
> Port 21
>
> # Umask 022 is a good standard umask to prevent new dirs and files
> # from being group and world writable.
> Umask 022
>
> # Default to show dot files in directory listings
> ListOptions "-a"
>
> # See Configuration.html for these (here are the default values)
> #MultilineRFC2228 off
> #RootLogin off
> LoginPasswordPrompt on
> MaxLoginAttempts 3
> #MaxClientsPerHost none
> #AllowForeignAddress off # For FXP
>
> # Allow to resume not only the downloads but the uploads too
> AllowRetrieveRestart on
> AllowStoreRestart on
>
> # To prevent DoS attacks, set the maximum number of child processes
> # to 30. If you need to allow more than 30 concurrent connections
> # at once, simply increase this value. Note that this ONLY works
> # in standalone mode, in inetd mode you should use an inetd server
> # that allows you to limit maximum number of processes per service
> # (such as xinetd)
> MaxInstances 20
>
> # Set the user and group that the server normally runs at.
> User nobody
> Group nobody
>
> # Disable sendfile by default since it breaks displaying the download speeds
> in
> # ftptop and ftpwho
> UseSendfile no
>
> # This is where we want to put the pid file
> ScoreboardFile /var/run/proftpd.score
>
> # Normally, we want users to do a few things.
> <Global>
> AllowOverwrite yes
> <Limit ALL SITE_CHMOD>
> AllowAll
> </Limit>
> </Global>
>
> # Define the log formats
> LogFormat default "%h %l %u %t \"%r\" %s %b"
> LogFormat auth "%v [%P] %h %t \"%r\" %s"
>
> # TLS
> <IfModule mod_tls.c>
> TLSEngine on
> TLSLog /var/log/proftpd/tls.log
> TLSRequired off
> TLSRSACertificateFile /etc/pki/dovecot/certs/dovecot.pem
> TLSRSACertificateKeyFile /etc/pki/dovecot/private/dovecot.pem
> TLSVerifyClient off
> TLSOptions NoCertRequest
> TLSRenegotiate required off
> </IfModule>
>
> # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
> #TLSEngine on
> #TLSRequired on
> #TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
> #TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
> #TLSCipherSuite ALL:!ADH:!DES
> #TLSOptions NoCertRequest
> #TLSVerifyClient off
> #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
> #TLSLog /var/log/proftpd/tls.log
>
> # SQL authentication Dynamic Shared Object (DSO) loading
> # See README.DSO and howto/DSO.html for more details.
> #<IfModule mod_dso.c>
> # LoadModule mod_sql.c
> # LoadModule mod_sql_mysql.c
> # LoadModule mod_sql_postgres.c
> #</IfModule>
>
> # A basic anonymous configuration, with an upload directory.
> #<Anonymous ~ftp>
> # User ftp
> # Group ftp
> # AccessGrantMsg "Anonymous login ok, restrictions apply."
> #
> # # We want clients to be able to login with "anonymous" as well as "ftp"
> # UserAlias anonymous ftp
> #
> # # Limit the maximum number of anonymous logins
> # MaxClients 10 "Sorry, max %m users -- try again later"
> #
> # # Put the user into /pub right after login
> # #DefaultChdir /pub
> #
> # # We want 'welcome.msg' displayed at login, '.message' displayed in
> # # each newly chdired directory and tell users to read README* files.
> # DisplayLogin /welcome.msg
> # DisplayFirstChdir .message
> # DisplayReadme README*
> #
> # # Some more cosmetic and not vital stuff
> # DirFakeUser on ftp
> # DirFakeGroup on ftp
> #
> # # Limit WRITE everywhere in the anonymous chroot
> # <Limit WRITE SITE_CHMOD>
> # DenyAll
> # </Limit>
> #
> # # An upload directory that allows storing files but not retrieving
> # # or creating directories.
> # <Directory uploads/*>
> # AllowOverwrite no
> # <Limit READ>
> # DenyAll
> # </Limit>
> #
> # <Limit STOR>
> # AllowAll
> # </Limit>
> # </Directory>
> #
> # # Don't write anonymous accesses to the system wtmp file (good idea!)
> # WtmpLog off
> #
> # # Logging for the anonymous transfers
> # ExtendedLog /var/log/proftpd/access.log WRITE,READ default
> # ExtendedLog /var/log/proftpd/auth.log AUTH auth
> #
> #</Anonymous>
>
> <VirtualHost 192.168.10.128>
> DefaultRoot / wheel
> DefaultRoot / admin-users
> DefaultRoot ~/../../.. site-adm
> DefaultRoot ~ !site-adm
> AllowOverwrite on
> DefaultChdir /web
> DisplayLogin .ftphelp
> </VirtualHost>
> ------------------------------------------------------------------------------------------------------
>
> Of course your <VirtualHost></VirtualHost> section may look different
> depending on your IP(s). Typically you have one VirtualHost container per IP.
>
>
More information about the Blueonyx
mailing list