• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    How to disable FOG FTP passive mode?

    Scheduled Pinned Locked Moved Solved
    FOG Problems
    3
    24
    2.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Single @Sebastian Roth
      last edited by

      @Sebastian-Roth

      root@nik-buz-s01:~# id fogproject
      uid=1002(fogproject) gid=1003(fogproject) groups=1003(fogproject),113(ftp)
      root@nik-buz-s01:~# id ftp
      uid=106(ftp) gid=113(ftp) groups=113(ftp)
      root@nik-buz-s01:~# ps aux | grep ftp
      root       717  0.0  0.0   2800   924 ?        Ss   Feb24   0:00 /usr/sbin/in.tftpd --listen --user root --address :69 --ipv4 -s /tftpboot
      root      5411  0.0  0.0   6704   888 pts/0    S+   17:32   0:00 grep ftp
      root     13669  0.0  0.0   6620  2456 ?        Ss   Mar10   0:25 /usr/sbin/vsftpd /etc/vsftpd.conf
      
      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by

        @Single Please try logging into FTP via command line client and try renaming/moving those directories:

        ftp fog.server.ip.add
        ...
        ls /images/dev
        rename /images/dev/10bf4879d860 /images/buz20_test
        

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        S 1 Reply Last reply Reply Quote 0
        • S
          Single @Sebastian Roth
          last edited by Single

          @Sebastian-Roth said in How to disable FOG FTP passive mode?:

          rename /images/dev/10bf4879d860 /images/buz20_test

          ftp> ls /images/dev
          200 PORT command successful. Consider using PASV.
          150 Here comes the directory listing.
          226 Transfer done (but failed to open directory).
          ftp> rename /images/dev/10bf4879d860 /images/buz20_test
          550 RNFR command failed.
          

          Why???

          FTP is allowed in nft firewall

          ...
          ct state new tcp dport { ftp-data, ftp } accept comment "Allow access to FTP-server"
          ...
          
          1 Reply Last reply Reply Quote 0
          • S
            Sebastian Roth Moderator
            last edited by

            @Single Try changing the ownership (chown -R fogproject:fogproject /images) and then FTP again. Doesn’t make sense, but give it a go.

            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

            S 1 Reply Last reply Reply Quote 0
            • S
              Single @Sebastian Roth
              last edited by

              @Sebastian-Roth nothing changed

              1 Reply Last reply Reply Quote 0
              • S
                Sebastian Roth Moderator
                last edited by

                @Single I can’t imagine this to be a firewall issue though we can make sure. Just use ftp command line client directly on the FOG server (ftp localhost) and try rename.

                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                1 Reply Last reply Reply Quote 0
                • S
                  Single
                  last edited by Single

                  # mount | grep images
                  /dev/sdc2 on /images type ext4 (rw,relatime)
                  

                  Now it’s looks like it is vsftpd problem. Mb it can be helpful if I paste my vsftpd.conf here:

                  max_per_ip=200
                  
                  anonymous_enable=NO
                  userlist_enable=YES
                  userlist_file=/etc/vsftpd/vsftpd.userlist
                  user_config_dir=/etc/vsftpd/user_config_dir/
                  userlist_deny=NO
                  local_enable=YES
                  virtual_use_local_privs=YES
                  
                  write_enable=YES
                  local_umask=022
                  dirmessage_enable=YES
                  xferlog_enable=YES
                  connect_from_port_20=YES
                  
                  xferlog_std_format=NO
                  log_ftp_protocol=YES
                  vsftpd_log_file=/var/log/vsftp.log
                  
                  chroot_local_user=YES
                  secure_chroot_dir=/var/run/vsftpd/empty
                  allow_writeable_chroot=YES
                  
                  listen=YES
                  listen_ipv6=NO
                  
                  pam_service_name=vsftpd
                  
                  pasv_enable=NO
                  tcp_wrappers=YES
                  seccomp_sandbox=NO
                  
                  #cat /etc/vsftpd/user_config_dir/fogproject 
                  local_root=/images
                  write_enable=YES
                  
                  1 Reply Last reply Reply Quote 0
                  • S
                    Sebastian Roth Moderator
                    last edited by Sebastian Roth

                    @Single said in How to disable FOG FTP passive mode?:

                    Mb it can be helpful if I paste my vsftpd.conf here

                    You are kidding, right?!?! I have not tested this yet but I am fairly sure the config is causing the issue. If you had told us you have a modified config (different from what FOG generates for you) then we would have found the solution in no time. 🙂

                    chroot_local_user=YES
                    secure_chroot_dir=/var/run/vsftpd/empty
                    allow_writeable_chroot=YES
                    

                    Pretty sure this is part of the issue. But there might be other config options as well.

                    Default config generated by FOG:

                    max_per_ip=200
                    anonymous_enable=NO
                    local_enable=YES
                    write_enable=YES
                    local_umask=022
                    dirmessage_enable=YES
                    xferlog_enable=YES
                    connect_from_port_20=YES
                    xferlog_std_format=YES
                    listen=YES
                    pam_service_name=vsftpd
                    userlist_enable=NO
                    seccomp_sandbox=NO
                    

                    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                    1 Reply Last reply Reply Quote 0
                    • S
                      Single
                      last edited by

                      I’ll check and let you know
                      Probably I was stupid but it was required to have more than one FTP user with different FTP folders in that server.

                      1 Reply Last reply Reply Quote 0
                      • S
                        Sebastian Roth Moderator
                        last edited by

                        @Single It’s all good, you are allowed to modify the config on your server to whatever you want. Just saying that letting us know right away would have saved you a lot of time. 🙂

                        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                        S 1 Reply Last reply Reply Quote 0
                        • S
                          Single @Sebastian Roth
                          last edited by Single

                          @Sebastian-Roth Thx for your help, Sebatian!
                          I commented out line

                          chroot_local_user=YES
                          

                          And now everything is just fine about my FOG installation.
                          MB it makes sense to add into FOG wiki - that vsftpd option is incompatible to FOG.

                          Now I need to find a way to chroot one user but not to chroot other, but it is definitely not a FOG problem. (And, it’s simple)

                          Thanks again.

                          Best regards!

                          1 Reply Last reply Reply Quote 1
                          • 1
                          • 2
                          • 2 / 2
                          • First post
                            Last post

                          195

                          Online

                          12.0k

                          Users

                          17.3k

                          Topics

                          155.2k

                          Posts
                          Copyright © 2012-2024 FOG Project