0

I have a freebsd server with proftpd installed. When I chmod 777 the directory I can overwrite files, but using 755 permissions on the folder I can not overwrite files in the folder.

In the conf file: I changed 'AllowOverwrite' to 'on' I changed User and group to 'root' but that didn't help.

How do i fix this error?

Here is my proftpd.conf file:

ServerName          "Servername"
ServerType          standalone
ServerIdent         on      "Servers identifying string"
DeferWelcome            on
DefaultServer           on

DisplayLogin            .welcome    # Textfile to display on login
DisplayConnect          .connect    # Textfile to display on connection
#DisplayFirstChdir               .firstchdir    # Textfile to display on first changedir

UseReverseDNS               off
IdentLookups                off

Port                21
PassivePorts            60000 65000
Umask               022
MaxInstances                    15
MaxClientsPerHost               10      "Only %m connections per host allowed"
MaxClients                      10      "Only %m total simultanious logins allowed"
MaxHostsPerUser                 1

User                root
Group               root

ScoreboardFile          /var/log/scoreboard

# Some logging formats
LogFormat                   default     "%h %l %u %t \"%r\" %s %b"
LogFormat                   auth        "%v [%P] %h %t \"%r\" %s"
LogFormat                   write       "%h %l %u %t \"%r\" %s %b"

# Define log-files to use
TransferLog                 /var/log/proftpd.xferlog
ExtendedLog                 /var/log/proftpd.access_log    WRITE,READ write
ExtendedLog                 /var/log/proftpd.auth_log      AUTH auth
ExtendedLog                 /var/log/proftpd.paranoid_log  ALL default
SQLLogFile          /var/log/proftpd.mysql

# Set up authentication via SQL
# ===========
AuthOrder                       mod_sql.c
SQLAuthTypes            Backend
SQLConnectInfo              proftpd_admin@localhost proftpd Icl0ud
SQLUserInfo             usertable userid passwd uid gid homedir shell 
SQLGroupInfo            grouptable groupname gid members 
SQLUserWhereClause          "disabled=0 and (NOW()<=expiration or expiration=-1 or expiration=0)"

# Log the user logging in
SQLLog PASS counter
SQLNamedQuery counter UPDATE "lastlogin=now(), count=count+1 WHERE userid='%u'" usertable

# logout log
SQLLog EXIT time_logout
SQLNamedQuery time_logout UPDATE "lastlogout=now() WHERE userid='%u'" usertable

# display last login time when PASS command is given
SQLNamedQuery login_time SELECT "lastlogin from usertable where userid='%u'"
SQLShowInfo PASS "230" "Last login was: %{login_time}"

# xfer Log in mysql
SQLLog RETR,STOR transfer1
SQLNamedQuery  transfer1 INSERT "'%u', '%f', '%b', '%h', '%a', '%m', '%T', now(), 'c', NULL" xfer_stat
SQLLOG ERR_RETR,ERR_STOR transfer2
SQLNamedQuery  transfer2 INSERT "'%u', '%f', '%b', '%h', '%a', '%m', '%T', now(), 'i', NULL" xfer_stat


AllowStoreRestart       on
AllowRetrieveRestart        on
RequireValidShell               off
PathDenyFilter                  "\\.ftp)|\\.ht)[a-z]+$"
DefaultRoot             ~
DenyFilter          \*.*/


<Directory /usr/home/*>
    AllowOverwrite      on
    HideNoAccess        off
    <Limit READ>
        AllowAll
        </Limit>

    <Limit WRITE>
        DenyGroup   !admins
    </Limit>
</Directory>

<Directory /*>
    AllowOverwrite      on
    HideNoAccess        on

    <Limit READ>
            DenyGroup   !admins
        </Limit>

        <Limit STOR MKD>
            AllowAll
        </Limit>
</Directory>
Castaglia
  • 3,349
  • 3
  • 21
  • 42
FLY
  • 159
  • 4
  • 11

2 Answers2

1

Are you in admins group ?

DenyGroup !admins

Sergei
  • 1,226
  • 16
  • 25
  • I am but I will dubblecheck that. But doesn't the ! mean not, so all non admins will be denied? – FLY Dec 28 '11 at 08:33
  • to isolate the problem ,why not check if original proftpd conf file works (the one that came with the package).If you still have the issues does not, we an take proftpd out of equation – Sergei Dec 28 '11 at 09:40
  • Not sure if it was removing the DenyGroup but i forgot te restart proftpd. Restarting it gave me an error that user / group root was non existing. changed to admin/wheel and now it's working fine :) thnx for the suggestions! – FLY Dec 28 '11 at 11:06
0

My sudo journalctl -ae proftpd's output (Debian) was

… systemd[1]: Starting proftpd.service - ProFTPD FTP Server...
… proftpd[2383423]: Checking syntax of configuration file
… proftpd[2383423]: mod_dso/0.5: unable to load 'mod_rewrite.c'; check to see if '/usr/lib/proftpd/mod_rewrite.la' exists
… proftpd[2383423]: fatal: LoadModule: error loading module 'mod_rewrite.c': No such file or directory on line 74 of '/etc/proftpd/modules.conf'
… proftpd[2383423]: warning: unable to include '/etc/proftpd/modules.conf': Operation not permitted
… proftpd[2383423]: mod_memcache/0.1: compiled using libmemcached-1.0.18 headers, but linked to libmemcached-1.1.3 library
… proftpd[2383424]: mod_dso/0.5: unable to load 'mod_rewrite.c'; check to see if '/usr/lib/proftpd/mod_rewrite.la' exists
… proftpd[2383424]: fatal: LoadModule: error loading module 'mod_rewrite.c': No such file or directory on line 74 of '/etc/proftpd/modules.conf'
… proftpd[2383424]: warning: unable to include '/etc/proftpd/modules.conf': Operation not permitted
… proftpd[2383424]: mod_memcache/0.1: compiled using libmemcached-1.0.18 headers, but linked to libmemcached-1.1.3 library
… proftpd[2383425]: localhost - ProFTPD 1.3.8 (stable) (built Thu Dec 15 2022 21:47:50 UTC) standalone mode STARTUP
… systemd[1]: Started proftpd.service - ProFTPD FTP Server.

You can see fatal above. Because of it, /etc/proftpd/proftpd.conf never loaded, therefore the default built-in configuration got used.

In my case, I had to:

  1. comment out LoadModule mod_rewrite.c in /etc/proftpd/modules.conf
  2. then sudo systemctl restart proftpd

It's very bad (especially for security reasons) that proftpd is programmed to continue to load after a fatal error while ignoring all configs.

Arzet Ro
  • 101