Bug 369195

Summary:	net-ftp/vsftpd-2.3.4 is giving error although config is right
Product:	Gentoo Linux	Reporter:	selberbauer <kyogron>
Component:	Current packages	Assignee:	Markos Chandras (RETIRED) <hwoarang>
Status:	RESOLVED WORKSFORME
Severity:	normal	CC:	bugs, c1pher, net-ftp, wired
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description selberbauer 2011-05-29 15:15:38 UTC

I have emerged vsftpd and tried certain vsftpd.conf threw.
From Tutorials, from forums, myself - none of these worked properly (i didn't forgot "/etc/init.d/vsftpd start") when I am trying to log on with the browser it doesn't works, i am getting the error that something with the ftp (service,module) is wrong (opera, links) and sometime I just cant log in (chromium, inet explorer). When trying over "ftp" as terminal tool it doesn't accepts my password either i am getting threw with anonymous settings. I tired tutorials on gentoo-wiki, ubuntuusers.de, with virtual-users, with user-list, with local users, with anonymous nearly everthing..


Reproducible: Always

Steps to Reproduce:
1. emerge vsftpd
2. vim /etc/vsftpd/vsftpd.conf
3. /etc/init.d/vsftpd start
4. ftp localhost
Actual Results:  
I should log succesfuly in with ftp, browser or something else


http://forums.gentoo.org/viewtopic-t-879303.html

config:

server vsftpd # cat vsftpd.conf 
 # vsftpd.conf 

 # Anonyme Benutzer 
 anonymous_enable=NO 
 anon_upload_enable=NO 
 anon_mkdir_write_enable=NO 
 anon_root=/home/ftp 

 # Gast Benutzer 
 #guest_enable=YES 
 #guest_username=gast 

 # Lokale Benutzer 
 local_enable=YES 
 chroot_local_user=YES 
 write_enable=NO 

 # Virtuelle Benutzer ( userlist) 
 userlist_deny=NO 
 userlist_enable=YES 
 userlist_file=/etc/vsftpd/user_list 

 # Logs 
 xferlog_enable=YES 

 # Verbindung 
 anon_max_rate=0 
 local_max_rate=0 
 ftp_data_port=20 
 listen_port=21 
 max_clients=0 
 max_per_ip=0 
 pasv_min_port=0 
 pasv_max_port=0 
 idle_session_timeout=600 
 data_connection_timeout=120 

 # Ascii *load 
 ascii_upload_enable=NO 
 ascii_download_enable=NO 

 listen=YES

Comment 1 Wormo (RETIRED) gentoo-dev

2011-05-31 06:01:37 UTC

Please post your vsftpd logfile as well, and output from 'emerge --info vsftpd'

Comment 2 selberbauer 2011-05-31 12:47:27 UTC

No problem,
server ~ # emerge --info vsftpd
Portage 2.1.9.50 (default/linux/amd64/10.0/server, gcc-4.5.2, glibc-2.13-r2, 2.6.39-gentoo x86_64)
=================================================================
                        System Settings
=================================================================
System uname: Linux-2.6.39-gentoo-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_5000+-with-gentoo-2.0.2
Timestamp of tree: Mon, 30 May 2011 12:15:01 +0000
app-shells/bash:          4.2_p10
dev-lang/python:          2.7.1-r1, 3.2
dev-util/cmake:           2.8.4-r1
sys-apps/baselayout:      2.0.2
sys-apps/openrc:          0.8.2-r1
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.68
sys-devel/automake:       1.11.1-r1
sys-devel/binutils:       2.21
sys-devel/gcc:            4.5.2
sys-devel/gcc-config:     1.4.1-r1
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82
sys-kernel/linux-headers: 2.6.38 (virtual/os-headers)
sys-libs/glibc:           2.13-r2
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=athlon64 -O3 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=athlon64 -O3 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests binpkg-logs distlocks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="de_DE.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="de"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="acl amd64 apci berkdb bzip2 cli cracklib crypt cups cxx dri fortran gdbm gpm iconv ipv6 mmx modules mudflap multilib ncurses nls nptl nptlonly openmp pam pcre pppd python readline samba session snmp sse sse2 ssl sysfs tcpd truetype unicode xml xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="braindump flow karbon kexi kpresenter krita tables words" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

=================================================================
                        Package Settings
=================================================================

net-ftp/vsftpd-2.3.4 was built with the following:
USE="(multilib) pam ssl tcpd -caps (-selinux) -xinetd"

Comment 3 Alex Legler (RETIRED) archtester

2011-05-31 14:17:06 UTC

(In reply to comment #2)

the vsftp log is still missing. without it we have no chance at finding the cause for this.

Comment 4 selberbauer 2011-05-31 20:52:29 UTC

cat vsftp*
Sun May 22 10:32:33 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 10:32:34 2011 [pid 1] [anonymous] FAIL LOGIN: Client "192.168.178.21"
Sun May 22 10:32:41 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 10:32:41 2011 [pid 1] [<user>] OK LOGIN: Client "192.168.178.21"
Sun May 22 10:33:03 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 10:33:04 2011 [pid 1] [anonymous] FAIL LOGIN: Client "192.168.178.21"
Sun May 22 10:33:11 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 10:33:11 2011 [pid 1] [<user>] OK LOGIN: Client "192.168.178.21"
Sun May 22 10:33:14 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 10:33:14 2011 [pid 1] [<user>] OK LOGIN: Client "192.168.178.21"
Sun May 22 21:54:20 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 21:54:20 2011 [pid 1] [ftp] OK LOGIN: Client "192.168.178.21", anon password "chrome@example.com"
Sun May 22 21:54:24 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 21:54:24 2011 [pid 1] [ftp] OK LOGIN: Client "192.168.178.21", anon password "?"
Sun May 22 21:55:12 2011 [pid 2] CONNECT: Client "127.0.0.1"
Sun May 22 22:06:21 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 22 22:06:42 2011 [pid 1] [ftp] OK LOGIN: Client "192.168.178.21", anon password "?"
Mon May 23 14:16:28 2011 [pid 2] CONNECT: Client "127.0.0.1"
Mon May 23 14:17:30 2011 [pid 2] CONNECT: Client "127.0.0.1"
Mon May 23 14:17:37 2011 [pid 1] [root] FAIL LOGIN: Client "127.0.0.1"
Mon May 23 14:17:42 2011 [pid 2] CONNECT: Client "127.0.0.1"
Mon May 23 14:17:45 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Mon May 23 14:24:17 2011 [pid 2] CONNECT: Client "127.0.0.1"
Mon May 23 14:24:24 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Mon May 23 14:28:11 2011 [pid 2] CONNECT: Client "127.0.0.1"
Mon May 23 14:28:21 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Mon May 23 14:29:07 2011 [pid 2] CONNECT: Client "127.0.0.1"
Mon May 23 14:29:23 2011 [pid 2] CONNECT: Client "127.0.0.1"
Mon May 23 14:29:30 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Fri May 27 15:35:22 2011 [pid 2] CONNECT: Client "127.0.0.1"
Fri May 27 15:35:28 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Fri May 27 15:35:33 2011 [pid 2] CONNECT: Client "127.0.0.1"
Fri May 27 15:36:13 2011 [pid 2] CONNECT: Client "127.0.0.1"
Fri May 27 15:36:21 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Sun May 29 17:17:12 2011 [pid 2] CONNECT: Client "127.0.0.1"
Sun May 29 17:17:16 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Sun May 29 17:17:30 2011 [pid 2] CONNECT: Client "127.0.0.1"
Sun May 29 17:17:33 2011 [pid 1] [root] FAIL LOGIN: Client "127.0.0.1"
Sun May 29 17:17:39 2011 [pid 2] CONNECT: Client "127.0.0.1"
Sun May 29 17:17:44 2011 [pid 1] [ftpuser] FAIL LOGIN: Client "127.0.0.1"
Sun May 29 17:17:48 2011 [pid 2] CONNECT: Client "127.0.0.1"
Sun May 29 17:17:52 2011 [pid 1] [anonymous] FAIL LOGIN: Client "127.0.0.1"
Sun May 29 17:17:58 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 29 17:17:58 2011 [pid 1] [anonymous] FAIL LOGIN: Client "192.168.178.21"
Sun May 29 17:18:04 2011 [pid 2] CONNECT: Client "192.168.178.21"
Sun May 29 17:18:04 2011 [pid 1] [<user>] FAIL LOGIN: Client "192.168.178.21"
Tue May 31 22:48:06 2011 [pid 2] CONNECT: Client "127.0.0.1"
Tue May 31 22:48:15 2011 [pid 1] [<user>] FAIL LOGIN: Client "127.0.0.1"
Tue May 31 22:48:35 2011 [pid 2] CONNECT: Client "192.168.178.21"
Tue May 31 22:48:35 2011 [pid 1] [anonymous] FAIL LOGIN: Client "192.168.178.21"
Tue May 31 22:48:40 2011 [pid 2] CONNECT: Client "192.168.178.21"
Tue May 31 22:48:40 2011 [pid 1] [<user>] FAIL LOGIN: Client "192.168.178.21"

Comment 5 Wormo (RETIRED) gentoo-dev

2011-06-02 06:40:08 UTC

Ok now let's ask the local vsftpd experts to take a look...

Comment 6 Markos Chandras (RETIRED) gentoo-dev

2011-06-03 23:09:02 UTC

Errrr. are you trying to login as anonymous? If so, why are you using

 anonymous_enable=NO 
 anon_upload_enable=NO 
 anon_mkdir_write_enable=NO 

The log states that you are trying to make a connection as anonymous :/

Comment 7 selberbauer 2011-06-04 06:35:12 UTC

(In reply to comment #6)
> Errrr. are you trying to login as anonymous? If so, why are you using
> 
>  anonymous_enable=NO 
>  anon_upload_enable=NO 
>  anon_mkdir_write_enable=NO 
> 
> The log states that you are trying to make a connection as anonymous :/

Of course i changed the anon settings and restartet the service before trying to log on. I just cant understand why it doesnt works, I have tried so much combinations and all fails :(

Comment 8 Wormo (RETIRED) gentoo-dev

2011-06-06 06:18:36 UTC

When using non-anonymous user, are you seeing any PAM log entries about trying to authenticate the user (e.g. in /var/log/auth.log)? 

Also, what does your /etc/vsftpd/user_list look like -- does it have users that should be allowed, or users that should be denied?

Comment 9 Jeroen Roovers (RETIRED) gentoo-dev

2011-06-08 15:29:03 UTC

No need to bounce this back.

Comment 10 selberbauer 2011-06-08 15:44:34 UTC

Sry for letting you so long waiting.

I am now using a ssh solution to get my data which has a little bit more pros then a ftp-solution.

But I dont want to leave this here unclear, so I will provide the needed information

Comment 11 selberbauer 2011-06-08 15:47:16 UTC

So,
the user_list contains:
<user>
<password>

I searched for a auth.log but didnt find one:
 ls /var/log
apache2  cups  dmesg  emerge-fetch.log  emerge.log  lastlog  mysql  news  portage  samba  sandbox  tallylog  vsftpd.log  wtmp


Regards

Comment 12 selberbauer 2011-06-08 15:50:36 UTC

The user_list is only for who can log on.
I have enabled this in the config and when I now want give my username from user_list theres not even a pw input, it just gives:
server vsftpd # ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.3.4)
Name (localhost:root): <user>
530 Please login with USER and PASS.
SSL not available
530 Permission denied.
Login failed.
ftp>

Regards

Comment 13 Markos Chandras (RETIRED) gentoo-dev

2011-06-08 16:20:49 UTC

(In reply to comment #11)
> So,
> the user_list contains:
> <user>
> <password>
> 
> I searched for a auth.log but didnt find one:
>  ls /var/log
> apache2  cups  dmesg  emerge-fetch.log  emerge.log  lastlog  mysql  news 
> portage  samba  sandbox  tallylog  vsftpd.log  wtmp
> 
> 
> Regards

I think vsftpd wants and htpasswd compatible file in order to work. So your approach as

<user>
<password> wont work

Ready about htpasswd. The file should probably be

<user>:<hashed_password>

Comment 14 selberbauer 2011-06-08 16:46:24 UTC

Ok i generated a has file

cat user_list
john:$1$s8hIVj22$2rG176icei/QsWNf6FT21/
# john pw: tux

ftp localhost
 ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.3.4)
Name (localhost:root): john
530 Please login with USER and PASS.
SSL not available
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp>



vsftpd.conf
 vi vsftpd.conf
# vsftpd.conf
# Author: Bodo Kaiser

# Anonyme Benutzer
anonymous_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_root=/home/ftp

# Gast Benutzer
#guest_enable=YES
#guest_username=gast

# Lokale Benutzer
local_enable=YES
chroot_local_user=YES
write_enable=NO

# Virtuelle Benutzer ( userlist)
#userlist_deny=NO
userlist_enable=YES
userlist_file=/etc/vsftpd/user_list

# Logs
xferlog_enable=YES

# Verbindung
anon_max_rate=0
local_max_rate=0
ftp_data_port=20
listen_port=21
max_clients=0
max_per_ip=0
pasv_min_port=0
pasv_max_port=0
idle_session_timeout=600
data_connection_timeout=120

# Ascii *load
ascii_upload_enable=NO
ascii_download_enable=NO

listen=YES

Comment 15 Benny Pedersen 2011-07-05 15:32:46 UTC

https://bugs.gentoo.org/show_bug.cgi?id=357001 not this problem ?

Comment 16 Markos Chandras (RETIRED) gentoo-dev

2011-08-29 22:16:46 UTC

In my opinion this bug needs more discussion in the Gentoo forums. It may be some other option in that system that blocks vsftpd from working properly. As far as I can tell there is nothing more we can do.

Comment 17 Johan Bergström 2011-08-29 22:18:52 UTC

I(In reply to comment #16)
> In my opinion this bug needs more discussion in the Gentoo forums. It may be
> some other option in that system that blocks vsftpd from working properly. As
> far as I can tell there is nothing more we can do.

I agree. FWIW, I haven't been able to reproduce this.