Proftpd.conf Setting Changes Not Being Recognized
Posted: 27. January 2008 15:40
I have been having a problem with Proftpd recognizing any settings I am changing in proftpd.conf. I have spent quite a few hours over quite a few days reading documentation and forums with no further success in testing.
The first example is changing "umask 022" to "umask 026 027". All files and folders still get created from a umask of 022, meaning files show up with permissions of 644 and directories have permissions of 755.
The second thing I was trying to do was to block root access. Whether I set "RootLogin off" or "UseFtpUsers on" root can still log in. I did verify that root was in /etc/ftpusers.
The last one is changing DefaultRoot. Whether I set it to "DefaultRoot ~", "DefaultRoot /home/%u" or "DefaultRoot /opt/lampp/htdocs" it has no impact. Although the first two are setting the root directory to the user's home directory the third is not resulting in any change to that. The user is still showing up logged into the home directory. What was more important for me was to restrict the root directory (chroot) to the user's home directory. In all three cases, I could navigate away from the user directory.
I checked that the syntax in the proftpd.conf was fine with proftpd -t. It came out OK. I made sure it was using the config file I thought it was by using proftpd -c /opt/lampp/etc/proftpd.conf. Doing a proftpd -V showed it was using that conf file location anyway but I wanted to be sure. I checked the requirements of each directive and that they were compiled in modules with proftpd -l. These were typically mod_core or mod_auth.
I also tried starting proftpd from the command line using proftpd -nd9 to provide debug information. It did look like it was examining each of the directives in the configuration file. There were no obvious errors.
For background, I am running a reasonably current Debian Sarge distribution on my server. The version of Xampp I am running is 1.6.1 which has ProFTPD 1.3.0a. I also tried taking ProFTPD 1.3.1 out of Xampp 1.6.5. It ran the same.
I am using Filezilla as the ftp client from a Windows PC. I am running iptables as a firewall and am blocking port 21. The client is then set up as SFTP using SSH2.
Thank you in advance for any insight you can provide. I am not sure what else to read or test.
Doug Peterson
The first example is changing "umask 022" to "umask 026 027". All files and folders still get created from a umask of 022, meaning files show up with permissions of 644 and directories have permissions of 755.
The second thing I was trying to do was to block root access. Whether I set "RootLogin off" or "UseFtpUsers on" root can still log in. I did verify that root was in /etc/ftpusers.
The last one is changing DefaultRoot. Whether I set it to "DefaultRoot ~", "DefaultRoot /home/%u" or "DefaultRoot /opt/lampp/htdocs" it has no impact. Although the first two are setting the root directory to the user's home directory the third is not resulting in any change to that. The user is still showing up logged into the home directory. What was more important for me was to restrict the root directory (chroot) to the user's home directory. In all three cases, I could navigate away from the user directory.
I checked that the syntax in the proftpd.conf was fine with proftpd -t. It came out OK. I made sure it was using the config file I thought it was by using proftpd -c /opt/lampp/etc/proftpd.conf. Doing a proftpd -V showed it was using that conf file location anyway but I wanted to be sure. I checked the requirements of each directive and that they were compiled in modules with proftpd -l. These were typically mod_core or mod_auth.
I also tried starting proftpd from the command line using proftpd -nd9 to provide debug information. It did look like it was examining each of the directives in the configuration file. There were no obvious errors.
For background, I am running a reasonably current Debian Sarge distribution on my server. The version of Xampp I am running is 1.6.1 which has ProFTPD 1.3.0a. I also tried taking ProFTPD 1.3.1 out of Xampp 1.6.5. It ran the same.
I am using Filezilla as the ftp client from a Windows PC. I am running iptables as a firewall and am blocking port 21. The client is then set up as SFTP using SSH2.
Thank you in advance for any insight you can provide. I am not sure what else to read or test.
Doug Peterson