Madhouse Posted November 4, 2013 Share Posted November 4, 2013 Sorry here goes Nov 4 19:28:23 Tower kernel: mdcmd (355): spindown 1 Nov 4 19:40:20 Tower in.telnetd[14946]: connect from 192.168.0.57 (192.168.0.57) Nov 4 19:40:22 Tower login[14947]: ROOT LOGIN on '/dev/pts/1' from '192.168.0.57' Nov 4 19:41:15 Tower sudo: root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/sbin/proftpd -c /etc/proftpd.conf Nov 4 19:41:30 Tower sudo: root : TTY=pts/1 ; PWD=/root ; USER=root ; COMMAND=/usr/local/sbin/proftpd -c /etc/proftpd.conf Nov 4 20:24:05 Tower kernel: mdcmd (356): spindown 2 Nov 4 21:06:13 Tower in.telnetd[21208]: connect from 192.168.0.52 (192.168.0.52) Nov 4 21:06:14 Tower login[21209]: invalid password for 'UNKNOWN' on '/dev/pts/2' from '192.168.0.52' Nov 4 21:06:16 Tower login[21209]: ROOT LOGIN on '/dev/pts/2' from '192.168.0.52' Nov 4 21:07:01 Tower sudo: root : TTY=pts/2 ; PWD=/root ; USER=root ; COMMAND=/usr/local/sbin/proftpd -c /etc/proftpd.conf Quote Link to comment
SlrG Posted November 4, 2013 Author Share Posted November 4, 2013 I'm still fishing in the dark and dont know where the problem is. Could you try the following commands and post their output? ps -A | grep proftpd ls /var/run | grep proftpd Oh and please post a zip of your /etc/proftpd.conf Quote Link to comment
Madhouse Posted November 4, 2013 Share Posted November 4, 2013 no output from either of those 2 lines. .. would it make sense to remove the plugin and install it again. i installed it from the control panel plugin.. Quote Link to comment
SlrG Posted November 4, 2013 Author Share Posted November 4, 2013 That might be worth a try. I don't have the control panel plugin running. Could you please post the proftpd.conf before you try? Quote Link to comment
Madhouse Posted November 4, 2013 Share Posted November 4, 2013 sure thing.. here it is. proftpd.conf Quote Link to comment
SlrG Posted November 4, 2013 Author Share Posted November 4, 2013 The config seems to be alright. Now please post your /etc/inetd.conf and the output of: /usr/local/sbin/proftpd -c /etc/proftpd.conf Quote Link to comment
Madhouse Posted November 5, 2013 Share Posted November 5, 2013 heres the output of /usr/local/sbin/proftpd -c /etc/proftpd.conf /usr/local/sbin/proftpd: error while loading shared libraries: libssl.so.1: cannot open shared object file: No such file or directory do you still need the inetd.conf? . Quote Link to comment
SlrG Posted November 5, 2013 Author Share Posted November 5, 2013 This is the problem. There is a conflict with the ssl from another plugin. I'll have to check your syslog again. Quote Link to comment
spylex Posted November 5, 2013 Share Posted November 5, 2013 @spylex: glftpd looks nice, but I think it will be hard getting it to run on unraid. I'll give it a try and report back. edit: Using the install script in the archive it is possible to install glftpd on unraid. To get the server to work, a ssl certificate hast to be created. For this to work the openssl.cfg has to be symlinked to openssl.cnf. Then use the script provided by glftpd to create the cert. Add glftpd: ALL to hosts.allow. As the created files should be identical to each unraid installation it should be possible to put them in a plugin. I don't have the time to do this however. glftpd is nice, but I found no way to limit users to specific directories. A requirement I just need. Thats great! I understand about directories, however, it does work: http://glftpd.dk/files/docs/glftpd.docs look at 'privpath' is this what you mean? And also you can set a home directory for each user (/mnt/user/) and then privpath some of the directories there. Also you can set home directories and more. I just want to be able to see who is logged in, what speed they are downloading at, etc. All these things that are really hard in proftpd are easy on glftpd especially with the windows app! Quote Link to comment
Madhouse Posted November 5, 2013 Share Posted November 5, 2013 This is the problem. There is a conflict with the ssl from another plugin. I'll have to check your syslog again. here you go. syslog.zip Quote Link to comment
SlrG Posted November 5, 2013 Author Share Posted November 5, 2013 Thank you. openssl-0.9.8n-i486-1.txz gets installed and overwrites the openssl of my plugin. Please check in unmenu if you have selected the package to be installed there. Disable it and test again (you'll have to reboot). Quote Link to comment
Madhouse Posted November 5, 2013 Share Posted November 5, 2013 great.. only thing is, its not installed in unmenu.. can i just delete it from /boot/packages? to be honest i dont use unmenu, i might as well delete it. if only i knew how. dont want to screw up some of the other plugins i have installed. Quote Link to comment
spylex Posted November 5, 2013 Share Posted November 5, 2013 @Madhouse you can check the PLGs you are installing if they are installing the wrong version. If you delete it and reboot, it might re-appear if another plugin wants to download and install it. Quote Link to comment
SlrG Posted November 6, 2013 Author Share Posted November 6, 2013 @Madhouse: No need to uninstall unmenu. I use it myself. spylex is right. As you don't have the package installed via unmenu it is part of another plugin. To find the right one, open the .plg files with a text editor of your choice and search for openssl-0.9.8n-i486-1.txz. If you don't need the identified plugin you could disable it. But chances are you don't want to loose it just to get proftpd working. It then may be possible to replace the old openssl from the plugin to use the new one and the problem will be fixed. But it might break the other plugin so it is not an ideal solution. I contacted the user piotrasd who has a slackware 13.1 build environment. Maybe with his help I'll be able to build a proftpd package with linkedin ssl libraries. It then would not be necessary anymore to install the openssl package and the conflicts will be gone. But until now I did not receive an answer from him. @spylex: I'm still trying out glftpd. If I get it to work with user specific directories I will create a plugin for it. But it will take time. Quote Link to comment
spylex Posted November 6, 2013 Share Posted November 6, 2013 @spylex: I'm still trying out glftpd. If I get it to work with user specific directories I will create a plugin for it. But it will take time. Mate, this is amazing! Just proftpd is not really good at reporting anything at this point... I think we'll be happier with glftpd. Plus it is what the scene uses Quote Link to comment
SlrG Posted November 7, 2013 Author Share Posted November 7, 2013 @Madhouse: No reply from piotrasd yet, but I tried to compile with the older ssl package and it seems to work on my system with the newer one installed, so maybe this new build will work on both. Please download it from here: http://www.sdevel.de/proftpd-1.3.5rc3.tgz Replace the package in /boot/config/plugins/proftpd with this one and either reboot or type installpkg proftpd-1.3.5rc3.tgz. Then try to start the daemon in the plugin settings again. Quote Link to comment
Madhouse Posted November 8, 2013 Share Posted November 8, 2013 @Madhouse: No reply from piotrasd yet, but I tried to compile with the older ssl package and it seems to work on my system with the newer one installed, so maybe this new build will work on both. Please download it from here: http://www.sdevel.de/proftpd-1.3.5rc3.tgz Replace the package in /boot/config/plugins/proftpd with this one and either reboot or type installpkg proftpd-1.3.5rc3.tgz. Then try to start the daemon in the plugin settings again. BRILLIANT: it worked.. sorry for all the trouble, and thanks for you effort. Should i remove the openssl package in /boot/config/plugins/proftpd? Quote Link to comment
SlrG Posted November 8, 2013 Author Share Posted November 8, 2013 No problem. Glad I could help you. If you remove the ssl package it will be redownloaded - so no, that won't help you. I'll update the plugin to use the older version and new compiled packages. You'll see that an update is available then. The update will remove the obsolete new ssl version but instead the old one will then be downloaded to the plugin dir if missing. Quote Link to comment
SlrG Posted November 9, 2013 Author Share Posted November 9, 2013 @all: Side effect of downgrading the package is, that the Simplefeatures Webserver I was still using for VirtualBox stops working if the older ssl package is installed. Manually installing the newer one fixed it, but I thought I'll let you know. Hopefully whoever updates the webserver to be standalone downgrades the package, too. Or all plugin developers should decide to use the newer one. Quote Link to comment
spylex Posted November 9, 2013 Share Posted November 9, 2013 These dependencies and discrepancies amongst plugins are out of control... >.< I'm going a standalone install of glftpd in a VM this weekend to see how it goes. Quote Link to comment
SlrG Posted November 10, 2013 Author Share Posted November 10, 2013 Yes, that dependency stuff is annoying as hell. If you follow the instructions I posted above, the install should work just fine on unraid. If you have another system in the vm it won't be much harder. The install script provided by glftpd is quite straightforward. Initial release of a glftpd unraid plugin is nearly ready. Expect it sometime next week. Quote Link to comment
spylex Posted November 12, 2013 Share Posted November 12, 2013 Sweet! I've had trouble with permissions in my 'jail' with saving userstats, just a heads up! Quote Link to comment
cirkator Posted November 27, 2013 Share Posted November 27, 2013 Sorry for not understanding the openssl package confusion. If I want to remain using the SimpleFeatures Webserver and ProFTPd at the same time, which openssl package should I use? Is it secure to have an FTP server in unRAID? I have read that the security in unRAID is not good and the system shouldn´t be opened to the internet. If I would restrict access to certain users, would that be fine?! Is it possible to configure ProFTPd to use SFTP, I have read that it is possible, but I am not sure if it is possible with this plugin. Quote Link to comment
SlrG Posted November 27, 2013 Author Share Posted November 27, 2013 Hi cirkator, it is not so much a problem of SimpleFeatures or ProFTPd but of the other plugins you are running on your system. SF Webserver (and maybe other components) need the newer SSL package openssl-1.0.1c-i486-3.txz. Some plugins (Sickbeard, Couchpotato? - I don't really know as I don't use them.) depend on the older openssl-0.9.8n-i486-1.txz package. The current version of ProFTPd works with both the older and newer package, but it installs the older one by default at the moment. I made this decision because the older one is from the slackware version that by limetechs guidelines is to be used when designing plugins for unRAID 5.0.x. SimpleFeatures was made before this guideline was released and decided to use the newer package resulting in the problems with other plugins. So what should you do. Just go ahead and install the ProFTP plugin. Now test if all your plugins work without problems. If you are using the SF Webserver this one will not. If you absolutely need it (like I do) you edit the proftp.plg file and search for this: <FILE Name="&plg;/openssl-0.9.8n-i486-1.txz" Run="upgradepkg --install-new"> <URL>-q --no-check-certificate &dsv;/openssl-0.9.8n-i486-1.txz</URL> </FILE> <?ignore <FILE Name="&plg;/openssl-1.0.1c-i486-3.txz" Run="upgradepkg --install-new"> <URL>-q --no-check-certificate &dsv;/openssl-1.0.1c-i486-3.txz</URL> </FILE> ?> Move the ignore <?ignore ?> tags from the new to the older plugin, save and reboot. The plugin will now install the newer package and SF Webserver will start working again. It might break other plugins however. (On my system it doesn't, but it might on yours.) It should be possible to use SFTP, but I haven't tried and can't assist you other then giving you a link to a post where user Necrotic describes how he has done it. Regarding security: I have my ProFTPD plugins FTP-server running unencrypted on my unRAID and until now there were no security anomalies. Remember to use a non standard port in your router that you forward to your unRAID machines FTP-Port and use a secure password. Using SFTP is a good idea, too. You then should be relatively secure. Of course there is no guarantee that you'll never be hacked even if you do all this. SlrG Quote Link to comment
cirkator Posted November 27, 2013 Share Posted November 27, 2013 Thank you for the clarification and detailed instructions. Since I am currently only using the WebServer Plugin for VirtualBox and not going to use any other plugins, I will go with the newer openssl package. If I succeed in going the SFTP route, I will post my findings and instructions. I guess it is a good idea to install DenyHosts to stop ScriptKiddies from trying to access the open port! Edit: Not a good idea, since DenyHosts only monitors the ssh-logfile and therefor is of no use for the ProFTPD plugin. I will ask user Overbyrn if there is a possibility to monitor the ftp-logfile aswell... Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.