proftpd wont start

[felix001]

Ive just install proftpd on rhel 5 but it wont start. Im trying to start it via the init.d, but it just says fails.
The logs show no errors, my hostname is set in hosts and i get the right ip when i ping local host.

Does anyone have any ideas ??

 

[felix001]

I add the domain to the hostname and now it starts but i cant log in as an anonymous user.... but it also doesnt accept root ????


# This is the ProFTPD configuration file
# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName "ProFTPD server"
ServerIdent on "FTP Server ready."
ServerAdmin root@localhost
ServerType standalone
#ServerType inetd
DefaultServer on
AccessGrantMsg "User %u logged in."
#DisplayConnect /etc/ftpissue
#DisplayLogin /etc/ftpmotd
#DisplayGoAway /etc/ftpgoaway
DeferWelcome off

# Use this to excude users from the chroot
DefaultRoot ~ !adm

# Use pam to authenticate (default) and be authoritative
AuthPAMConfig proftpd
AuthOrder mod_auth_pam.c* mod_auth_unix.c

# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups on
UseReverseDNS on

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# Default to show dot files in directory listings
ListOptions "-a"

# See Configuration.html for these (here are the default values)
#MultilineRFC2228 off
RootLogin on
#LoginPasswordPrompt on
#MaxLoginAttempts 3
#MaxClientsPerHost none
#AllowForeignAddress off # For FXP

# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart on
AllowStoreRestart on

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 20

# Set the user and group that the server normally runs at.
User root
Group root

# Disable sendfile by default since it breaks displaying the download speeds in
# ftptop and ftpwho
UseSendfile no

# This is where we want to put the pid file
ScoreboardFile /var/run/proftpd.score

# Normally, we want users to do a few things.
<Global>
AllowOverwrite yes
<Limit ALL SITE_CHMOD>
AllowAll
</Limit>
</Global>

# Define the log formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"

# TLS
# Explained at

http://www.castaglia.org/proftpd/modules/mod_tls.html

#TLSEngine on
#TLSRequired on
#TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
#TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
#TLSCipherSuite ALL:!ADH:!DES
#TLSOptions NoCertRequest
#TLSVerifyClient off
##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
#TLSLog /var/log/proftpd/tls.log

# SQL authentication Dynamic Shared Object (DSO) loading
# See README.DSO and howto/DSO.html for more details.
#<IfModule mod_dso.c>
# LoadModule mod_sql.c
# LoadModule mod_sql_mysql.c
# LoadModule mod_sql_postgres.c
#</IfModule>

# A basic anonymous configuration, with an upload directory.
#<Anonymous ~ftp>
# User ftp
#Group ftp
#AccessGrantMsg "Anonymous login ok, restrictions apply."
#
# # We want clients to be able to login with "anonymous" as well as "ftp"
#UserAlias anonymous ftp
#
# # Limit the maximum number of anonymous logins
# MaxClients 10 "Sorry, max %m users -- try again later"
#
# # Put the user into /pub right after login
# #DefaultChdir /pub
#
# # We want 'welcome.msg' displayed at login, '.message' displayed in
# # each newly chdired directory and tell users to read README* files.
# DisplayLogin /welcome.msg
# DisplayFirstChdir .message
# DisplayReadme README*
#
# # Some more cosmetic and not vital stuff
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# # Limit WRITE everywhere in the anonymous chroot
# <Limit WRITE SITE_CHMOD>
# DenyAll
# </Limit>
#
# # An upload directory that allows storing files but not retrieving
# # or creating directories.
# <Directory uploads/*>
# AllowOverwrite no
# <Limit READ>
# DenyAll
# </Limit>
#
# <Limit STOR>
# AllowAll
# </Limit>
# </Directory>
#
# # Don't write anonymous accesses to the system wtmp file (good idea!)
# WtmpLog off
#
# # Logging for the anonymous transfers
# ExtendedLog /var/log/proftpd/access.log WRITE,READ default
# ExtendedLog /var/log/proftpd/auth.log AUTH auth
#
#</Anonymous>

 

[QatQat]

Hi Felix,

I don't use proftp so I am not too familiar with config files syntax but one thing I can tell you is that it is not a good idea to permit root login via ftp.

Another suggestion is to not touch RHEL standard choice of servers when you can.

RHEL ships with vsftpd which is easy to configure, stable and secure (or as secure as it gets when using ftp which is not too secure).

QaTQat

--------------------------------------
If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!

 

[RhythmAce]

I agree with QatQat that login by root is a very bad idea. I also ain't too hip on running the server as root. I would change it to user ftp and group ftp or create your own user and group for it to run as. As to why it won't start, we need to make sure a few files are in the right place. First, proftpd.conf should be /etc/proftpd.conf. Second the executable should be in /usr/sbin/proftpd. To check you can type "whereis proftpd". Next your startup script should be in /etc/rc.d/init.d/proftpd. If your installation didn't provide a startup script, here is one that should work:

#!/bin/sh
#
# Startup script for ProFTPD
#
# chkconfig: 345 85 15
# description: ProFTPD is an enhanced FTP server with \
#              a focus toward simplicity, security, and ease of configuration. \
#              It features a very Apache-like configuration syntax, \
#              and a highly customizable server infrastructure, \
#              including support for multiple 'virtual' FTP servers, \
#              anonymous FTP, and permission-based directory visibility.
# processname: proftpd
# config: /etc/proftpd.conf
#
# By: Osman Elliyasa <osman@Cable.EU.org>
# $Id: proftpd.init.d,v 1.7 2002/12/07 21:50:27 jwm Exp $

# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/proftpd ]; then
      . /etc/sysconfig/proftpd
fi

PATH="$PATH:/usr/local/sbin"

# See how we were called.
case "$1" in
	start)
		echo -n "Starting proftpd: "
		daemon proftpd $OPTIONS
		echo
		touch /var/lock/subsys/proftpd
		;;
	stop)
		echo -n "Shutting down proftpd: "
		killproc proftpd
		echo
		rm -f /var/lock/subsys/proftpd
		;;
	status)
		status proftpd
		;;
	restart)
		$0 stop
		$0 start
		;;
	reread)
		echo -n "Re-reading proftpd config: "
		killproc proftpd -HUP
		echo
		;;
	suspend)
		hash ftpshut >/dev/null 2>&1
		if [ $? = 0 ]; then
			if [ $# -gt 1 ]; then
				shift
				echo -n "Suspending with '$*' "
				ftpshut $*
			else
				echo -n "Suspending NOW "
				ftpshut now "Maintanance in progress"
			fi
		else
			echo -n "No way to suspend "
		fi
		echo
		;;
	resume)
		if [ -f /etc/shutmsg ]; then
			echo -n "Allowing sessions again "
			rm -f /etc/shutmsg
		else
			echo -n "Was not suspended "
		fi
		echo
		;;
	*)
		echo -n "Usage: $0 {start|stop|restart|status|reread|resume"
		hash ftpshut
		if [ $? = 1 ]; then
			echo '}'
		else
			echo '|suspend}'
			echo 'suspend accepts additional arguments which are passed to ftpshut(8)'
		fi
		exit 1
esac

if [ $# -gt 1 ]; then
	shift
	$0 $*
fi

exit 0

Just copy and past this if you need to. The owner should be root. Root can read and write but make it read only for everyone else. If you've done all this and it still doesn't work, check to make sure /usr/sbin/proftpd is executable. If you've installed from an rpm, this should all be setup correctly. The only change you would have had to make is the default user and group. I think it is set to nobody and RHEL does't have that user already created for you.