public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-dev] Normal user login with ProFTPd?
@ 2001-08-19 17:48 Will Rogers
  2001-08-19 19:39 ` Chad Huneycutt
  0 siblings, 1 reply; 7+ messages in thread
From: Will Rogers @ 2001-08-19 17:48 UTC (permalink / raw
  To: gentoo-dev

Hi folks,

I'm a new Gentoo user (as of Friday) and so far I'm liking it a lot.
I'm coming from Debian and I like the inroads y'all've made in the
flexibility and packaging departments.  Not to mention being up to date.

Anyway, to the point:

I'm setting up proftpd and I've got it configured with xinetd to allow
anonymous access, but I can't figure out how to allow normal system user
accounts to log in and access their home directories.  I read through
the documentation on the proftpd home page and it seems that PAM is the
way to do this, so I did an 'AuthPAM on' in my proftpd.conf, but it
didn't Just Work(tm) and I'm not sure how to proceed.  I've only run
wu-ftpd before and it was an install, start, done kind of deal.


Thanks for any assistance you can render,

Will Rogers
wjr@wam.umd.edu




^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-dev] Normal user login with ProFTPd?
  2001-08-19 17:48 [gentoo-dev] Normal user login with ProFTPd? Will Rogers
@ 2001-08-19 19:39 ` Chad Huneycutt
  2001-08-19 21:10   ` Will Rogers
  0 siblings, 1 reply; 7+ messages in thread
From: Chad Huneycutt @ 2001-08-19 19:39 UTC (permalink / raw
  To: gentoo-dev

Will Rogers wrote:

>I'm setting up proftpd and I've got it configured with xinetd to allow
>anonymous access, but I can't figure out how to allow normal system user
>accounts to log in and access their home directories.  I read through
>the documentation on the proftpd home page and it seems that PAM is the
>way to do this, so I did an 'AuthPAM on' in my proftpd.conf, but it
>didn't Just Work(tm) and I'm not sure how to proceed.  I've only run
>wu-ftpd before and it was an install, start, done kind of deal.
>
Will,
   Someone may be able to supply a complete answer, but here is what I 
can tell you.  Looks like you may need to do a little debugging for us 
(if no one else has already done it).  Here are some things to check:
* do you have pam in your USE variable in /etc/make.conf?  That enables 
the --with-pam flag or whatever for the proftpd ebuild
* do you have /etc/pam.d/ftp?  That should be the pam configuration file 
that is used (this is set in the proftpd conf file as AuthPAMConfig).

If you have all that, then I suggest that you grab 
usr/portage/distfiles/proftpd-1.2.2rcd3.tar.bz2 file, open it and read 
the README.PAM file.

I am sure that someone on the server team will get around to this, but 
if you beat them to it, please report back and let us know what you 
determine.

Thanks,
   Chad (chadh)




^ permalink raw reply	[flat|nested] 7+ messages in thread

* RE: [gentoo-dev] Normal user login with ProFTPd?
  2001-08-19 19:39 ` Chad Huneycutt
@ 2001-08-19 21:10   ` Will Rogers
  2001-08-19 21:42     ` Ben Lutgens
  0 siblings, 1 reply; 7+ messages in thread
From: Will Rogers @ 2001-08-19 21:10 UTC (permalink / raw
  To: gentoo-dev

> * do you have pam in your USE variable in /etc/make.conf?  

The only edits I've done to make.conf are to uncommend the optimization
options for 686 processors.  The /etc/make.profile file has USE set to
include all of the recommended options (including pam).  My
understanding is that this sets the defaults; make.conf customizes those
defaults.  Is this correct?

> * do you have /etc/pam.d/ftp?  That should be the pam 
> configuration file 
> that is used (this is set in the proftpd conf file as AuthPAMConfig).

The file exists.  I tried using the default settings and the Red Hat and
SuSE recommended settings from the README.PAM in the proftpd source
archive, none seemed to work.

I downloaded the source and recompiled it (I had done a binary
installation from the rc5 cd before) and it didn't change anything.  I
can still log in anonymously but not with my user account.  There might
be something basic I'm missing; has anyone else gotten this to work?  I
found it really tough to find documentation on logging in to system user
accounts on the proftpd site.  If someone could post a simple
step-by-step maybe we could figure out where the problem is.

A few more observations:

The binary I had first installed from the rc5 cd put its configuration
in /etc/proftp/proftpd.conf, but the version I downloaded and compiled
(both marked 1.2.2_rc3) put it in /etc/proftpd/proftpd.conf (note the
difference in directory name).

The default proftpd.conf file does not work out of the box--it causes a
"could not change gid" error.  I changed the "Group nogroup" to "Group
nobody" and it worked fine.


Thanks again,

Will Rogers
wjr@wam.umd.edu




^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-dev] Normal user login with ProFTPd?
  2001-08-19 21:10   ` Will Rogers
@ 2001-08-19 21:42     ` Ben Lutgens
  2001-08-19 22:56       ` Will Rogers
  0 siblings, 1 reply; 7+ messages in thread
From: Ben Lutgens @ 2001-08-19 21:42 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 1055 bytes --]

On Sun, Aug 19, 2001 at 11:09:25PM -0400, Will Rogers wrote:
>The default proftpd.conf file does not work out of the box--it causes a
>"could not change gid" error.  I changed the "Group nogroup" to "Group
>nobody" and it worked fine.
>

Fixed on CVS.

I have pam in USE, but my proftd.conf says 
ServerName          "ProFTPD"
ServerType          standalone
DefaultServer       on
AuthPAM             off
AuthPAMConfig       ftp

I can log in as a normal user just fine

blutgens@ares:~> ncftp -u blutgens localhost
NcFTP 3.0.2 (October 19, 2000) by Mike Gleason (ncftp@ncftp.com).
Connecting to 127.0.0.1...                                                      
ProFTPD 1.2.2rc3 Server (ProFTPD) [ares.dolly-llama.org]
Logging in...                                                                   
Password requested by 127.0.0.1 for user "blutgens".

    Password required for blutgens.

Password: 

User blutgens logged in.
Logged in to localhost

I'd like to help but it's nearly impossible if I can't duplicate it. 

[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* RE: [gentoo-dev] Normal user login with ProFTPd?
  2001-08-19 21:42     ` Ben Lutgens
@ 2001-08-19 22:56       ` Will Rogers
  2001-08-20  2:48         ` Thomas M. Beaudry
  0 siblings, 1 reply; 7+ messages in thread
From: Will Rogers @ 2001-08-19 22:56 UTC (permalink / raw
  To: gentoo-dev

<snip trouble with logging in non-anonymously to proftpd>
> I can log in as a normal user just fine
> 
...
> User blutgens logged in.
> Logged in to localhost
> 
> I'd like to help but it's nearly impossible if I can't duplicate it. 

After several hours of fiddling and searching the web, I fixed it.  I
found some similar problems mentioned on www.geocrawler.com and I put a
'RequireValidShell off' line in my proftpd.conf...  and WHAM!  It
worked.

Sheesh.

Now, _why_ does that work?


Will Rogers, who is going to sleep now.
wjr@wam.umd.edu




^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-dev] Normal user login with ProFTPd?
  2001-08-19 22:56       ` Will Rogers
@ 2001-08-20  2:48         ` Thomas M. Beaudry
  2001-08-20  7:21           ` Will Rogers
  0 siblings, 1 reply; 7+ messages in thread
From: Thomas M. Beaudry @ 2001-08-20  2:48 UTC (permalink / raw
  To: gentoo-dev

On Mon, Aug 20, 2001 at 12:55:51AM -0400, Will Rogers wrote:
> <snip trouble with logging in non-anonymously to proftpd>
> > I can log in as a normal user just fine
> > 
> ...
> > User blutgens logged in.
> > Logged in to localhost
> > 
> > I'd like to help but it's nearly impossible if I can't duplicate it. 
> 
> After several hours of fiddling and searching the web, I fixed it.  I
> found some similar problems mentioned on www.geocrawler.com and I put a
> 'RequireValidShell off' line in my proftpd.conf...  and WHAM!  It
> worked.
> 
> Sheesh.
> 
> Now, _why_ does that work?
>

Probably the user id associated with the login does not have a shell
associated with it in /etc/password.

-- 
Thomas M. Beaudry K8LA / YS1ZTM
k8la@arrl.net



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-dev] Normal user login with ProFTPd?
  2001-08-20  2:48         ` Thomas M. Beaudry
@ 2001-08-20  7:21           ` Will Rogers
  0 siblings, 0 replies; 7+ messages in thread
From: Will Rogers @ 2001-08-20  7:21 UTC (permalink / raw
  To: gentoo-dev

On Monday, August 20, 2001 at 4:34 AM, Thomas M. Beaudry wrote:
> On Mon, Aug 20, 2001 at 12:55:51AM -0400, Will Rogers wrote:
> > <snip trouble with logging in non-anonymously to proftpd>
> >
> > After several hours of fiddling and searching the web, I fixed it.  I
> > found some similar problems mentioned on www.geocrawler.com and I put a
> > 'RequireValidShell off' line in my proftpd.conf...  and WHAM!  It
> > worked.
> >
> > Now, _why_ does that work?
> >
>
> Probably the user id associated with the login does not have a shell
> associated with it in /etc/password.

Ahh...  yes.  That makes perfect sense.  Both user accounts I tried it with
have no shell set (defaults to bash).  That didn't occur to me at 1am when I
was banging my head against the wall trying to fix it.

Thanks a ton, I feel much better now.

Will Rogers
wjr@wam.umd.edu




^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2001-08-20 13:20 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-08-19 17:48 [gentoo-dev] Normal user login with ProFTPd? Will Rogers
2001-08-19 19:39 ` Chad Huneycutt
2001-08-19 21:10   ` Will Rogers
2001-08-19 21:42     ` Ben Lutgens
2001-08-19 22:56       ` Will Rogers
2001-08-20  2:48         ` Thomas M. Beaudry
2001-08-20  7:21           ` Will Rogers

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox