Титла: Проблем при настройката на виртуалните сървъри на proftpd
Публикувано от: angie_bg в Aug 10, 2016, 18:23
ProFTPD Version 1.3.4a Linux angies-server 3.2.0-91-generic-pae #129-Ubuntu SMP Wed Sep 9 11:27:47 UTC 2015 i686 i686 i386 GNU/Linux Здравейте, идеята ми е да имам 2 вида достъп до ftp сървъра: анонимен на порт 21 и с автентикация на друг порт, напр. на 1234. При предишните ми опити (без вирт. сървъри) форма за автентикация излизаше само при липсата на секция <Anonymous>, а при наличието ѝ, когато искам да вляза като регистриран потребител трябва името/паролата да въведа като открит текст в url. Всъщност ме устройва и влизането на анонимните потребители да е с anonymous/email, ако се ползва някаква форма за автентикация. До момента не открих как да направя това. Използвам примера от http://www.proftpd.org/docs/configs/virtual.conf ($2) с леки модификации: # # Proftpd sample configuration for Virtual Hosts and Virtual Roots. # # Note that FTP protocol requires IP based virtual host, not name based. # # http://www.proftpd.org/docs/configs/virtual.conf # First virtual server <VirtualHost example.eu> ServerName "Virtual.com's FTP Server"
MaxClients 10 MaxLoginAttempts 1
# DeferWelcome prevents proftpd from displaying the servername # until a client has authenticated. DeferWelcome on
# Limit normal user logins, because we only want to allow # guest logins. <Limit LOGIN> DenyAll </Limit>
# Next, create a "guest" account (which could be used # by a customer to allow private access to their web site, etc) <Anonymous /srv/ftp> User angie Group angie # AnonRequirePassword on
<Limit LOGIN> AllowAll </Limit>
HideUser root HideGroup root
# A private directory that we don't want the user getting in to. <Directory logs> <Limit READ WRITE DIRS> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> # Another virtual server, this one running on our primary address, # but on port 4000. The only access is to a single anonymous login. <VirtualHost example.eu> ServerName "Our private FTP server" Port 1234 Umask 027
<Limit LOGIN> DenyAll </Limit>
<Anonymous /srv/ftp/anonymous> User ftp Group nogroup UserAlias anonymous ftp
<Limit LOGIN> AllowAll </Limit>
<Limit WRITE> DenyAll </Limit>
<Directory incoming> <Limit WRITE> AllowAll </Limit> </Directory> </Anonymous> </VirtualHost>
Нямам искане за някакъв вид автентикация, но винаги, независимо дали на порт 21 или на порт 1234, ми излиза форма за въвеждане на име и парола, като се влиза в домашната директория на потребителя, чието име/парола са въведени. Това ме навежда на мисълта, че виртуалните сървъри не работят. proftpd -d 10 не дава някакво важно съобщение за грешка: angie@angies-server:/etc/proftpd$ sudo proftpd -d 10 angies-server proftpd[8318]: using PCRE 8.12 2011-01-15 angies-server proftpd[8318]: using TCP receive buffer size of 87380 bytes angies-server proftpd[8318]: using TCP send buffer size of 16384 bytes angies-server proftpd[8318]: testing Unix domain socket using S_ISFIFO angies-server proftpd[8318]: testing Unix domain socket using S_ISSOCK angies-server proftpd[8318]: using S_ISSOCK macro for Unix domain socket detection angies-server proftpd[8318]: ROOT PRIVS at mod_core.c:358 angies-server proftpd[8318]: loading 'mod_ctrls_admin.c' angies-server proftpd[8318]: loading 'mod_tls.c' angies-server proftpd[8318]: mod_tls/2.4.3: compiled using OpenSSL version 'OpenSSL 1.0.0e 6 Sep 2011' headers, but linked to OpenSSL version 'OpenSSL 1.0.1 14 Mar 2012' library angies-server proftpd[8318]: mod_tls/2.4.3: using OpenSSL 1.0.0e 6 Sep 2011 angies-server proftpd[8318]: loading 'mod_radius.c' angies-server proftpd[8318]: loading 'mod_quotatab.c' angies-server proftpd[8318]: loading 'mod_quotatab_file.c' angies-server proftpd[8318]: loading 'mod_quotatab_radius.c' angies-server proftpd[8318]: loading 'mod_wrap.c' angies-server proftpd[8318]: loading 'mod_rewrite.c' angies-server proftpd[8318]: loading 'mod_load.c' angies-server proftpd[8318]: loading 'mod_ban.c' angies-server proftpd[8318]: loading 'mod_wrap2.c' angies-server proftpd[8318]: loading 'mod_wrap2_file.c' angies-server proftpd[8318]: loading 'mod_dynmasq.c' angies-server proftpd[8318]: loading 'mod_exec.c' angies-server proftpd[8318]: loading 'mod_shaper.c' angies-server proftpd[8318]: loading 'mod_ratio.c' angies-server proftpd[8318]: loading 'mod_site_misc.c' angies-server proftpd[8318]: loading 'mod_sftp.c' angies-server proftpd[8318]: mod_sftp/0.9.8: compiled using OpenSSL version 'OpenSSL 1.0.0e 6 Sep 2011' headers, but linked to OpenSSL version 'OpenSSL 1.0.1 14 Mar 2012' library angies-server proftpd[8318]: mod_sftp/0.9.8: using OpenSSL 1.0.0e 6 Sep 2011 angies-server proftpd[8318]: loading 'mod_sftp_pam.c' angies-server proftpd[8318]: loading 'mod_facl.c' angies-server proftpd[8318]: loading 'mod_unique_id.c' angies-server proftpd[8318]: loading 'mod_copy.c' angies-server proftpd[8318]: loading 'mod_deflate.c' angies-server proftpd[8318]: mod_deflate/0.5.5: using zlib 1.2.3.4 angies-server proftpd[8318]: loading 'mod_ifversion.c' angies-server proftpd[8318]: loading 'mod_tls_memcache.c' angies-server proftpd[8318]: mod_tls_memcache/0.1: notice: unable to register 'memcache' SSL session cache: Memcache support not enabled angies-server proftpd[8318]: loading 'mod_ifsession.c' angies-server proftpd[8318]: RELINQUISH PRIVS at mod_core.c:380 angies-server proftpd[8318]: disabling runtime support for IPv6 connections angies-server proftpd[8318]: DenyFilter: compiling regex '\*.*/' angies-server proftpd[8318]: <IfModule>: using 'mod_dynmasq.c' section at line 58 angies-server proftpd[8318]: retrieved UID 108 for user 'proftpd' angies-server proftpd[8318]: retrieved GID 65534 for group 'nogroup' angies-server proftpd[8318]: ROOT PRIVS at mod_log.c:588 angies-server proftpd[8318]: RELINQUISH PRIVS at mod_log.c:593 angies-server proftpd[8318]: <IfModule>: using 'mod_quotatab.c' section at line 108 angies-server proftpd[8318]: <IfModule>: using 'mod_ratio.c' section at line 112 angies-server proftpd[8318]: <IfModule>: using 'mod_delay.c' section at line 120 angies-server proftpd[8318]: <IfModule>: using 'mod_ctrls.c' section at line 124 angies-server proftpd[8318]: ROOT PRIVS at mod_ctrls.c:112 angies-server proftpd[8318]: RELINQUISH PRIVS at mod_ctrls.c:114 angies-server proftpd[8318]: <IfModule>: using 'mod_ctrls_admin.c' section at line 132 angies-server proftpd[8318]: ROOT PRIVS at mod_core.c:358 angies-server proftpd[8318]: retrieved UID 0 for user 'root' angies-server proftpd[8318]: retrieved GID 0 for group 'root' angies-server proftpd[8318]: <Directory logs>: adding section for resolved path '/logs' angies-server proftpd[8318]: <Directory incoming>: adding section for resolved path '/incoming' angies-server proftpd[8318]: <IfModule>: skipping 'mod_vroot.c' section at line 127 angies-server proftpd[8318]: RELINQUISH PRIVS at mod_core.c:380 angies-server proftpd[8318]: <Directory /srv/www/>: adding section for resolved path '/srv/www/' angies-server proftpd[8318]: ROOT PRIVS at mod_core.c:358 angies-server proftpd[8318]: RELINQUISH PRIVS at mod_core.c:380 angies-server proftpd[8318] localhost: angies-server proftpd[8318] localhost: Config for Angie's FTP Server: angies-server proftpd[8318] localhost: IdentLookups angies-server proftpd[8318] localhost: DeferWelcome angies-server proftpd[8318] localhost: MultilineRFC2228 angies-server proftpd[8318] localhost: DefaultServer angies-server proftpd[8318] localhost: ShowSymlinks angies-server proftpd[8318] localhost: TimeoutNoTransfer angies-server proftpd[8318] localhost: TimeoutStalled angies-server proftpd[8318] localhost: TimeoutIdle angies-server proftpd[8318] localhost: DisplayLogin angies-server proftpd[8318] localhost: DisplayChdir angies-server proftpd[8318] localhost: ListOptions angies-server proftpd[8318] localhost: DenyFilter angies-server proftpd[8318] localhost: PassivePorts angies-server proftpd[8318] localhost: UserID angies-server proftpd[8318] localhost: UserName angies-server proftpd[8318] localhost: GroupID angies-server proftpd[8318] localhost: GroupName angies-server proftpd[8318] localhost: Umask angies-server proftpd[8318] localhost: DirUmask angies-server proftpd[8318] localhost: AllowOverwrite angies-server proftpd[8318] localhost: TransferLog angies-server proftpd[8318] localhost: QuotaEngine angies-server proftpd[8318] localhost: Ratios angies-server proftpd[8318] localhost: DelayEngine angies-server proftpd[8318] localhost: /srv/www/ angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: AllowUser angies-server proftpd[8318] localhost: ShowSymlinks angies-server proftpd[8318] localhost: TimeoutNoTransfer angies-server proftpd[8318] localhost: TimeoutStalled angies-server proftpd[8318] localhost: TimeoutIdle angies-server proftpd[8318] localhost: DisplayLogin angies-server proftpd[8318] localhost: DisplayChdir angies-server proftpd[8318] localhost: ListOptions angies-server proftpd[8318] localhost: DenyFilter angies-server proftpd[8318] localhost: Umask angies-server proftpd[8318] localhost: DirUmask angies-server proftpd[8318] localhost: AllowOverwrite angies-server proftpd[8318] localhost: TransferLog angies-server proftpd[8318] localhost: Ratios angies-server proftpd[8318] localhost: angies-server proftpd[8318] localhost: Config for Virtual.com's FTP Server: angies-server proftpd[8318] localhost: /srv/ftp/ angies-server proftpd[8318] localhost: /logs angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: DenyAll angies-server proftpd[8318] localhost: HideUser angies-server proftpd[8318] localhost: HideGroup angies-server proftpd[8318] localhost: MaxClients angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: AllowAll angies-server proftpd[8318] localhost: UserName angies-server proftpd[8318] localhost: GroupName angies-server proftpd[8318] localhost: HideUser angies-server proftpd[8318] localhost: HideGroup angies-server proftpd[8318] localhost: MaxClients angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: DenyAll angies-server proftpd[8318] localhost: MaxClients angies-server proftpd[8318] localhost: MaxLoginAttempts angies-server proftpd[8318] localhost: DeferWelcome angies-server proftpd[8318] localhost: /srv/www/ angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: AllowUser angies-server proftpd[8318] localhost: MaxClients angies-server proftpd[8318] localhost: angies-server proftpd[8318] localhost: Config for Our private FTP server: angies-server proftpd[8318] localhost: /srv/ftp/anonymous/ angies-server proftpd[8318] localhost: /incoming angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: AllowAll angies-server proftpd[8318] localhost: Umask angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: DenyAll angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: AllowAll angies-server proftpd[8318] localhost: UserName angies-server proftpd[8318] localhost: GroupName angies-server proftpd[8318] localhost: UserAlias angies-server proftpd[8318] localhost: Umask angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: DenyAll angies-server proftpd[8318] localhost: Umask angies-server proftpd[8318] localhost: /srv/www/ angies-server proftpd[8318] localhost: Limit angies-server proftpd[8318] localhost: AllowUser angies-server proftpd[8318] localhost: Umask angies-server proftpd[8318] localhost: ROOT PRIVS at mod_delay.c:425 angies-server proftpd[8318] localhost: RELINQUISH PRIVS at mod_delay.c:430 angies-server proftpd[8318] localhost: mod_lang/0.9: binding to text domain 'proftpd' using locale path '/usr/share/locale' angies-server proftpd[8318] localhost: mod_lang/0.9: using locale files in '/usr/share/locale' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'it': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'ru': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'zh_CN': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'zh_TW': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'bg_BG': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'fr_FR': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'ja_JP': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: skipping possible language 'ko_KR': not supported by setlocale(3); see `locale -a' angies-server proftpd[8318] localhost: mod_lang/0.9: added the following supported languages: en_US.UTF-8, en_US angies-server proftpd[8318] localhost: retrieved group ID: 65534 angies-server proftpd[8318] localhost: setting group ID: 65534 angies-server proftpd[8318] localhost: SETUP PRIVS at main.c:3325 angies-server proftpd[8318] localhost: ROOT PRIVS at main.c:2295 angies-server proftpd[8318] localhost: RELINQUISH PRIVS at main.c:2304
Пробвах и двата вирт. сървъра да се различават и по име, напр. example.eu и ftp.example.eu. Резултатът е същият. Някакви идеи?
Титла: Re: Проблем при настройката на виртуалните сървъри на proftpd
Публикувано от: gosho_tr в Aug 11, 2016, 11:44
Ето ти набързо скалъпено решение за убунту(може да си го донаточиш): ---------------------------------------------------------------------------------------- В proftopd.conf променяш следното:
DefaultRoot ~ /това е ако желаеш потребителите да не могат да се шляят в директории кото не са техни/
/Забраняваш достъпа на всички/ <Limit LOGIN> DenyALL </Limit>
<Anonymous ~ftp> User ftp Group nogroup UserAlias anonymous ftp RequireValidShell off MaxClients 10 DisplayLogin welcome.msg DisplayChdir .message <Directory *>
/Разрешаваш достъпа на Anonymous/ <Limit WRITE> DenyAll </Limit> </Directory> <Limit LOGIN> AllowALL </Limit>
</Anonymous>
Include /etc/proftpd/virtuals.conf
--------------------------------------------------------------------------------------- Ето и съдържанието на virtuals.conf
<VirtualHost 0.0.0.0> Port 1234 Umask 022 ServerName "Allow access for system users" DefaultRoot ~ MaxLoginAttempts 3 RequireValidShell no AllowOverwrite yes </VirtualHost>
Титла: Re: Проблем при настройката на виртуалните сървъри на proftpd
Публикувано от: angie_bg в Aug 11, 2016, 19:40
Gosho_tr, благодаря за решението [_]3. Получи се това, което желаех, но имам още 2 въпроса: 1. Възможно ли е вместо адрес на виртуалния хост да се използва домейн? Защото в примерния файл virtuals.conf, създаден при инсталацията на proftpd е написано: "# Note that FTP protocol requires IP based virtual host, not name based.", а в примерите от цитирания линк е: "<VirtualHost ftp.virtual.com>", т. е. name based virtual host. 2. Възможно ли е, и ако да - как, да излиза и при анонимните потребители форма за регистрация, при която те да въвеждат име напр. anonymous, а за парола - (произволна) електронна поща? Поздрави, А.
Титла: Re: Проблем при настройката на виртуалните сървъри на proftpd
Публикувано от: runtime в Aug 12, 2016, 09:26
1. Не е проблем да си ползваш имена DNS names, too, can be used with the <VirtualHost> configuration directive 2. Не съм напълно сигурен, но до колкото се сещам сървъра няма такава опция. Ще трябва да си направиш някакво къстъм решение през web да се регистрират и да ги пише във файла.
Титла: Re: Проблем при настройката на виртуалните сървъри на proftpd
Публикувано от: gosho_tr в Aug 12, 2016, 12:14
По точка 2. хвърли едно око тук, може и да сътвориш нещо с тази опционалност: http://www.proftpd.org/docs/directives/linked/config_ref_AnonRequirePassword.html
Титла: Re: Проблем при настройката на виртуалните сървъри на proftpd
Публикувано от: angie_bg в Aug 14, 2016, 13:50
Здравейте, Благодаря много за съветите! Всичко работи, както си го представям, но това което ме тормози, е че при влизане във ftp сървъра от команден ред (ftp1.jpg) или с Filezilla (ftp2.jpg) той иска парола за анонимния потребител, а когато влизам чрез браузър (ftp3.jpg) - не. Защо? (https://photos.google.com/share/AF1QipPSMvExI65p_Dh-VbnRBA1pv0Uq3xqUjozFwN2R8GozK7exWlBO-c5xTFwlMHwEZQ/photo/AF1QipOfzf6xs9A6ujPK2EK3SG7P-zw_K9AFesGJ2nGN?key=YkpkendyVWVpTndMZ0tDYkJwRXNxRFFmcWsxVU9R) (https://photos.google.com/share/AF1QipPSMvExI65p_Dh-VbnRBA1pv0Uq3xqUjozFwN2R8GozK7exWlBO-c5xTFwlMHwEZQ/photo/AF1QipO6h4OKWwjtX-AZlT--c0GpP3j7NeN5m7QTlWYm?key=YkpkendyVWVpTndMZ0tDYkJwRXNxRFFmcWsxVU9R) (https://photos.google.com/share/AF1QipPSMvExI65p_Dh-VbnRBA1pv0Uq3xqUjozFwN2R8GozK7exWlBO-c5xTFwlMHwEZQ/photo/AF1QipMBLV7XHV5Hn40vZMi3pQoUUYg5nnORJBdIgXbD?key=YkpkendyVWVpTndMZ0tDYkJwRXNxRFFmcWsxVU9R)
Титла: Re: Проблем при настройката на виртуалните сървъри на proftpd
Публикувано от: Acho в Aug 14, 2016, 19:39
Защото вероятно браузера му праща някаква си там служебна парола за анонимоус лоджин.
|