i having problem with proftpd authention, when i add user via shell account.so i plan to uninstall it…can u all tell me how i can remove it?
regards.
i having problem with proftpd authention, when i add user via shell account.so i plan to uninstall it…can u all tell me how i can remove it?
regards.
Were you looking to remove proftpd or the user in question?
As as for making shell users work, try adding:
AuthOrder mod_auth_unix mod_sql_mysql
in the Global section in the /etc/proftpd.conf
Chris
I wanted to do a similar thing, and followed your instuctions, but got the error:
[CODE
I have a 'fresh' install from Sago, so im pretty sure you will see this creep up more.
Too bad there isnt a section of nodeworx to create ftp users that belong to the server, not a site (this could work w/ dbs, and ssh logins as well).
I wanted to do a similar thing, and followed your instuctions, but got the error:
[CODE
I'm dumb, let me investigate this further and get a working solution.
>
I have a 'fresh' install from Sago, so im pretty sure you will see this creep up more.
>
Too bad there isnt a section of nodeworx to create ftp users that belong to the server, not a site (this could work w/ dbs, and ssh logins as well).
General ftp/db users are really "outside" the system at this point. ssh users may be added at the node/siteworx level in the future based on user interest.
Chris
Cool, getting that up would be nice, right now im just ftping into a site, then moving it via ssh.
Even if there was an interface directly into that db table, that would be nice. I can get the db login via /etc/proftpd.conf correct? It is the ‘SQLConnectInfo’ line. Is it a table in the mysql db that is hidden from root? Or am I just missing it?
Adding users for ftp, and ssh via nodeWorx would be nice, but i understand you guys have more pressing issues / features.
Even if there was an interface directly into that db table, that would be nice. I can get the db login via /etc/proftpd.conf correct? It is the ‘SQLConnectInfo’ line. Is it a table in the mysql db that is hidden from root? Or am I just missing it?
Just a word about the setup here. The are 2 mysql instances running at any one time. 1 instance is for the system, and is your normal every day mysql on port 3306 with a unix socket at /var/lib/mysql/mysql.sock.
The second is the iworx extra special mysql instance for iworx only. It runs on 2306, has it’s own set of perms and uses the unix socket at /home/interworx/var/lib/mysql.sock (if memory serves). The “root” user for the system mysql is NOT the same as the root user for the iworx mysql. They are 2 different entities. The proftpd.conf shows you the connection info for the ‘iworx’ user to the iworx mysql instance and you can query the iworx db direct (not that I recommend doing so) using that login info.
Chris
hmmmm. off topic, but it would probably make sence to back up this db as well. just in case I have a major crash or something.
Possible feature would be making a backup user w/ readonly to everything for this purpose, so you could backup your interworx configs, etc. This is in all honesty my bigest concern, i have all of my sytems backed up, but the interworx configs i would have to completly remake.
Whats the worst that could happen (I am incredibly paranoid, and will leave this alone for the time being)
My big problem now is that since proftp is chrooted, I can’t get to my backup drive to transfer backups off. Even mounting(mount --bind) the directory in a ‘user’ directory, i still cant access the files, I was hoping this would get around it.
What im actually going to do, to kludge around this, is set up a ftp server on a local and scp remotly.
We’re actually actively working on a much better backup script that will backup your entire siteworx account. This means email accounts, quotas, emails, ftp accounts, SSL certs, subdomains, etc, will be included in the backup. Also, you will also be able to restore backups too.
I just wish there was an easy way to make system ftp accounts (outside of a site). So i could get these backups, instead of jumping through lots of hoops :(.
Ive even gone as far as trying to mount my backup drive in a site, but it didnt help
What im actually going to do, to kludge around this, is set up a ftp server on a local and scp remotly.
Can you explain this a bit more eDixon? Why wouldn’t simply using SCP entirely instead of FTP solve this problem? I’m not trying to nit pick, but trying to get an idea of what you’d like to see ftp-wise, and how it’s better than just using SCP, which you can safely do as root as to see the whole filesystem.
Chris
I’m curious about this myself. I used scp to back up my files the last time I did a move. The only neagative thing is if you have lots of files but you can zip or tar them to make the process go faster.
Ah, sorry, w/ the upgrade ive neglected this thread
I had to scrap the scp thing, as my craptacular firewall(local) will not allow it. I should have been a little more clear. More of a situational issue than a server problem. I can scp up to the server, but coming inbound, the firewall blocks it.
Im also unable to initiate a ftp inbound, again, stupid firewall I cant bypass :(.
Ive had to return to the idea of running a second ftp server on this box on a different port.
UPDATE:
I got the AuthOrder working with the latest proftpd that was just released tonight. Simply add:
AuthOrder mod_sql.c mod_auth_unix.c
to your /etc/proftpd.conf file and you can login via a unix user acct or an iworx-cp created DB auth’d account. Just yum update first and you’ll be good to go.
Chris
<VOICE char=‘Mr. Burns’>
Excellent
</VOICE>
Is using the update in nodeworx ok?
Thanks again.
Is using the update in nodeworx ok?
Yes, using the software update in NodeWorx will get you the new RPM, but you’ll have to hand edit the /etc/proftpd.conf.
Chris
Updating and editing that line, and reloading the config didnt seem to enable shell users to work, but it isnt giving me errors. I will mess around w/ it some more today and see where i get.
For some reason, my yum isn’t working correctly (I’ll need to talk to Sago about that), so I wasn’t able to yum update to the newest proftpd.
Instead, I’ll detail the wrong way to do the update.
[list=1]
So, now I can login with both Interworx users and Linux users. I’m happy, except for now I need to find out how to adjust FTP permissions for said Linux users.
YUM on an InterWorx box is configured to upgrade certain packages ONLY from the InterWorx upgrade sites sites (e.g. httpd) because InterWorx uses a (slightly) modified version. This could be the case for proftp. IIRC these are listed in your /etc/yum.conf file. Chris, am I on the right track here or has this changed?
On the 1.7.1 install, nothing was getting upgraded at all when I ran yum. That could have been due to some custom 1.7.1 upgrade config of Interworx’s.
Yum kicked in during the 1.8 upgrade. This is my first experience using this combo of Interworx and RH, so I wasn’t too sure what yum was supposed to be doing – but I think I have a better picture now.
Under the old 1.7.1 InterWorx your yum.conf file was pointed to the old RedHat 9 update repository (unless you moved it manually to the Fedoralegacy repository). Even if you did move it by hand, Fedoralegacy only released about 4 updates between the time I RH0 went EOL at the end of April and when I finally ditched it. Two fof them were for the CVS server which most of us don’t even use.
The upgrade from 1.7.1 to 1.8.0 altered your YUM repositories to the Fedoralegacy project (for Red Hat 9 boxes) and NEW InterWorx repositories which are now distributing new RPM’s for PHP, MySQL and several other “key” packages. (Okay it actually replaced the files in question)
Assuming yum is working properly (and set to auto-update in NodeWorx) once a week or so (probably less with RH9), you will get some of your software updated in the middle of the night. You can review this in the NodeWorx=>Updates screen. Ideally it will keep all (or at least most) of your software up to date (the RPM’s need to be in one of the archives it searches) so you don’t have to search all over the Net. Anything that you installed the old fashioned way (from source) will need to be upgraded manually.
Yum also is great because it provides a fast and easy way to install any package that would have shipped withthe OS without havig to locate it and download it.
Let’s just say you want to install a package named foobar. You’d type the followung command from the shell
yum install foobar
and assuming it was in the archive, yum would download and install the package. If it had any “dependancies” (packages the package you want needs to run correctly) it asks if it can doanload and intall them (assuming they are in the repository) and then proceeds with installing the package you want. I think it’s neat.
I take it from your writing you are running RH9, so I probably get more up to date packates than you rught now because I’m running CentOS. But the principles are the same.
Tim
PS If you want to get really technical the “old” (pre 1.8.0) InterWorx used two yum conf files (yum-os.conf and yum-iworx.conf) which were consolidated to a singel yum.conf file with they update to 1.8.0