Sada je: 29 srp 2021, 03:29.
Linux, poslužitelj, mreže i sigurnost

Moderator/ica: Moderatori/ce

glaskoncILLa je napisao/la:gdje ih chroota? mislim, ne bi li trebali imati nekakva prava na bilo koji direktorij u koji uskoce?


Po defaultu ih chroota (no, nije to sistemski chroot kroz komandu, vec njegov built-in mehanizam) ih u dir koji si im stavio kao home (-d switch), ne moras niti kreirati $HOME virtualnom korisniku na filesystemu, samo moras vrtiti pure-ftpd s -j argumentom a $HOME ce se kreirati sam prilikom korisnickog logina (nesto poput PAM-ovog pam_mkhomedir.so)

Npr., fizicki korisnik ima $HOME postavljen kao /opt, virtualni ima $HOME /opt/bla, virtualni ce biti chrootan unutar /opt/bla.

redtux vjerojatno ne vrti pure-ftpd s -j switchem, pa je i imao onaj problem s nepronalaskom direktorija virtualnog korisnika (inace bi se direktorij kreirao automatski).

Uglavnom, izuzetno fora FTP daemon.
When you're a kid and you wanna go "Weee !", but you ain't got drugs yet ... You hold out for your life, hold on to your little GONADS ... and STRIFE.
Avatar
Postovi: 910
Postovi: 910
Pridružen/a: 12 svi 2010, 07:57
Podijelio/la zahvalu: 0 puta
Primio/la zahvalu: 13 puta
OS: linux
nisam sinoc stigao napravit, evo bacam se upravo sad na posao - dradeove prijedloge.
Avatar
Postovi: 84
Postovi: 84
Pridružen/a: 03 stu 2012, 23:02
Podijelio/la zahvalu: 1 puta
Primio/la zahvalu: 0 puta
Spol: M
OS: CentOS 6.3
@drade, evo izlist;

Kod: Označi sve
mysql> show create database pureftpd\G
*************************** 1. row ***************************
       Database: pureftpd
Create Database: CREATE DATABASE `pureftpd` /*!40100 DEFAULT CHARACTER SET latin1 */
1 row in set (0.00 sec)

mysql> show variables like "character_set_database";
+------------------------+--------+
| Variable_name          | Value  |
+------------------------+--------+
| character_set_database | latin1 |
+------------------------+--------+
1 row in set (0.00 sec)

mysql> show variables like "collation_database";
+--------------------+-------------------+
| Variable_name      | Value             |
+--------------------+-------------------+
| collation_database | latin1_swedish_ci |
+--------------------+-------------------+
1 row in set (0.00 sec)

mysql> use pureftpd;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> SELECT language FROM userlist WHERE user='admin';
ERROR 1054 (42S22): Unknown column 'language' in 'field list'


Kod: Označi sve
tail /var/log/httpd/error_log
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strtotime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/db_info.inc.php on line 88, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strftime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/common.lib.php on line 1483, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strftime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/common.lib.php on line 1484, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strftime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/common.lib.php on line 1486, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strtotime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/db_info.inc.php on line 93, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strftime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/common.lib.php on line 1483, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strftime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/common.lib.php on line 1484, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:35:30 2012] [error] [client XX.XX.XX.XX] PHP Warning:  strftime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in /usr/share/phpmyadmin/libraries/common.lib.php on line 1486, referer: http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e
[Thu Nov 29 10:36:07 2012] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/
[Thu Nov 29 10:41:07 2012] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/


Kod: Označi sve
tail /var/log/httpd/access_log
XX.XX.XX.XX - - [29/Nov/2012:10:35:10 +0100] "GET /phpmyadmin/themes/original/img/error.ico HTTP/1.1" 200 318 "http://home.domena.com/phpmyadmin/db_structure.php?token=fa300cbd8a6145f3e9550641fd51787e&db=ftpusers" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
XX.XX.XX.XX - - [29/Nov/2012:10:35:12 +0100] "GET /phpmyadmin/sql.php?db=ftpusers&token=fa300cbd8a6145f3e9550641fd51787e&goto=db_structure.php&sql_query=DROP+DATABASE+%60ftpusers%60&zero_rows=Database+%60ftpusers%60+has+been+dropped.&goto=main.php&back=db_structure.php&reload=1&purge=1&is_js_confirmed=1 HTTP/1.1" 302 - "http://home.domena.com/phpmyadmin/db_structure.php?token=fa300cbd8a6145f3e9550641fd51787e&db=ftpusers" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
XX.XX.XX.XX - - [29/Nov/2012:10:35:12 +0100] "GET /phpmyadmin/main.php?reload=1&message=Database+%60ftpusers%60+has+been+dropped.+%28Query+took+0.0009+sec%29&sql_query=DROP+DATABASE+%60ftpusers%60&token=fa300cbd8a6145f3e9550641fd51787e HTTP/1.1" 200 72280 "http://home.domena.com/phpmyadmin/db_structure.php?token=fa300cbd8a6145f3e9550641fd51787e&db=ftpusers" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
XX.XX.XX.XX - - [29/Nov/2012:10:35:13 +0100] "GET /phpmyadmin/navigation.php?token=fa300cbd8a6145f3e9550641fd51787e HTTP/1.1" 200 3980 "http://home.domena.com/phpmyadmin/index.php?db=ftpusers&token=fa300cbd8a6145f3e9550641fd51787e" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
XX.XX.XX.XX - - [29/Nov/2012:10:35:15 +0100] "GET /phpmyadmin/navigation.php?server=1&token=fa300cbd8a6145f3e9550641fd51787e&db=&table=&lang=en-utf-8&collation_connection=utf8_unicode_ci HTTP/1.1" 200 3980 "http://home.domena.com/phpmyadmin/index.php?db=ftpusers&token=fa300cbd8a6145f3e9550641fd51787e" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
XX.XX.XX.XX - - [29/Nov/2012:10:35:29 +0100] "GET /phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e HTTP/1.1" 200 2341 "http://home.domena.com/phpmyadmin/navigation.php?server=1&token=fa300cbd8a6145f3e9550641fd51787e&db=&table=&lang=en-utf-8&collation_connection=utf8_unicode_ci" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
XX.XX.XX.XX - - [29/Nov/2012:10:35:30 +0100] "GET /phpmyadmin/navigation.php?token=fa300cbd8a6145f3e9550641fd51787e&db=pureftpd HTTP/1.1" 200 5804 "http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
XX.XX.XX.XX - - [29/Nov/2012:10:35:30 +0100] "GET /phpmyadmin/db_structure.php?token=fa300cbd8a6145f3e9550641fd51787e&db=pureftpd HTTP/1.1" 200 18508 "http://home.domena.com/phpmyadmin/index.php?db=pureftpd&token=fa300cbd8a6145f3e9550641fd51787e" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
127.0.0.1 - - [29/Nov/2012:10:36:07 +0100] "GET / HTTP/1.0" 403 5039 "-" "check_http/v1.4.16 (nagios-plugins 1.4.16)"
127.0.0.1 - - [29/Nov/2012:10:41:07 +0100] "GET / HTTP/1.0" 403 5039 "-" "check_http/v1.4.16 (nagios-plugins 1.4.16)"



Po cemu moze nastetit sustavu (ako mislis na OS) promjene po mysql-u, jer koliko vidim ono sto bi trebao napravit iz tvog posta je iskljucivo promjena char encodinga
Avatar
Postovi: 84
Postovi: 84
Pridružen/a: 03 stu 2012, 23:02
Podijelio/la zahvalu: 1 puta
Primio/la zahvalu: 0 puta
Spol: M
OS: CentOS 6.3
Napravio sam (necu mjesati sa gornjim postom radi bolje preglednosti)

Kod: Označi sve
mysql> use pureftpd;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> ALTER DATABASE pureftpd CHARACTER SET utf8;
Query OK, 1 row affected (0.00 sec)

mysql> ALTER TABLE ftpd CHARACTER SET utf8;
Query OK, 0 rows affected (0.11 sec)
Records: 0  Duplicates: 0  Warnings: 0

mysql> ALTER TABLE settings CHARACTER SET utf8;
Query OK, 8 rows affected (0.04 sec)
Records: 8  Duplicates: 0  Warnings: 0

mysql> ALTER TABLE userlist CHARACTER SET utf8;
Query OK, 2 rows affected (0.05 sec)
Records: 2  Duplicates: 0  Warnings: 0

mysql> show create database pureftpd\G
*************************** 1. row ***************************
       Database: pureftpd
Create Database: CREATE DATABASE `pureftpd` /*!40100 DEFAULT CHARACTER SET utf8 */
1 row in set (0.00 sec)

mysql> use pureftpd;
Database changed
mysql> show variables like "character_set_database";
+------------------------+-------+
| Variable_name          | Value |
+------------------------+-------+
| character_set_database | utf8  |
+------------------------+-------+
1 row in set (0.00 sec)

mysql> show variables like "collation_database";
+--------------------+-----------------+
| Variable_name      | Value           |
+--------------------+-----------------+
| collation_database | utf8_general_ci |
+--------------------+-----------------+
1 row in set (0.00 sec)


/etc/init.d/pure-ftpd restart
Stopping pure-ftpd:                                        [  OK  ]
Starting pure-ftpd:                                        [  OK  ]



http://i.imgur.com/Cc2gT.png

Nazalost promjena charseta nije pomogla.
Avatar
Postovi: 84
Postovi: 84
Pridružen/a: 03 stu 2012, 23:02
Podijelio/la zahvalu: 1 puta
Primio/la zahvalu: 0 puta
Spol: M
OS: CentOS 6.3
Prve stvari prvo.

Nadji php.ini (/etc/php.ini) i u njemu nadji pa promijeni (ili dodaj) sljedece:
Kod: Označi sve
date.timezone = "Europe/Zagreb"


Restartaj http servis, pa postaj log datoteke ponovno. Takodjer, nakon restarta http daemona provjeri da li ti radi pure webUI.

Inace, ovakva vrsta pomaganja izlazi iz "forum help" price te se naplacuje.
When you're a kid and you wanna go "Weee !", but you ain't got drugs yet ... You hold out for your life, hold on to your little GONADS ... and STRIFE.
Avatar
Postovi: 910
Postovi: 910
Pridružen/a: 12 svi 2010, 07:57
Podijelio/la zahvalu: 0 puta
Primio/la zahvalu: 13 puta
OS: linux
Dodano,
http error.log;

Kod: Označi sve
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: User in /var/www/html/pure-ftpd-webui/lang/english.php on line 39, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: User in /var/www/html/pure-ftpd-webui/lang/english.php on line 41, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: User in /var/www/html/pure-ftpd-webui/lang/english.php on line 43, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: User in /var/www/html/pure-ftpd-webui/lang/english.php on line 45, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: User in /var/www/html/pure-ftpd-webui/lang/english.php on line 47, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: User in /var/www/html/pure-ftpd-webui/lang/english.php on line 49, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: user in /var/www/html/pure-ftpd-webui/lang/english.php on line 100, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: user in /var/www/html/pure-ftpd-webui/lang/english.php on line 102, referer: http://home.domena.com/pure-ftpd-webui/index.php
[Thu Nov 29 13:59:03 2012] [error] [client XX.XX.XX.XX] PHP Notice:  Undefined index: user in /var/www/html/pure-ftpd-webui/lang/english.php on line 104, referer: http://home.domena.com/pure-ftpd-webui/index.php



lajne u /var/www/html/pure-ftpd-webui/lang/english.php:


Kod: Označi sve
$um_edit_loginok = "Login $array[User] successfully changed to $User";
$um_edit_loginerror = "ERROR: $result";
$um_edit_statusok = "$array[User] status successfully changed";
$um_edit_statuserror = "ERROR: $result";
$um_edit_passwdok = "$array[User] password successfully changed";
$um_edit_passwderror = "ERROR: $result";
$um_edit_ullimitok = "Upload speed limit for user $array[User] successfully changed";
$um_edit_ullimiterror = "ERROR: $result";
$um_edit_dllimitok = "Download speed limit for user $array[User] successfully changed";
$um_edit_dllimiterror = "ERROR: $result";
$um_edit_permipok = "Permitted IP-address for user $array[User] successfully changed";
$um_edit_permiperror = "ERROR: $result";
$um_edit_quotasizeok = "Quota for uploaded/downloaded data size for user $array[User] successfully changed";
$um_edit_quotasizeerror = "ERROR: $result";
$um_edit_quotafilesok = "Quota for uploaded/downloaded files count for user $array[User] successfully changed";
$um_edit_quotafileserror = "ERROR: $result";


Pure ftpd web ui i dalje ima error.

Ukoliko proizlazi iz okvira forum helpa, onda eventualno mozda netko ima savjet za neko drugo web rjesenje, kako sam i pitao u prvom postu (ukoliko ovo bude nerijeseno). Nadalje, spreman sam i platiti svaki oblik pomoci i korisnih informacija.
Avatar
Postovi: 84
Postovi: 84
Pridružen/a: 03 stu 2012, 23:02
Podijelio/la zahvalu: 1 puta
Primio/la zahvalu: 0 puta
Spol: M
OS: CentOS 6.3
Ma pomoci cu ti ja, vec sam poceo. Samo napominjem da su inace ovakve stvari su malo izvan obicnog "helpa".

Kada dodjem doma s posla ti pomognem da to pokrenes.

EDIT:
Daj mi output naredbe )iz mysql prompta):
Kod: Označi sve
use pureftpd;
select * from userlist;
When you're a kid and you wanna go "Weee !", but you ain't got drugs yet ... You hold out for your life, hold on to your little GONADS ... and STRIFE.
Avatar
Postovi: 910
Postovi: 910
Pridružen/a: 12 svi 2010, 07:57
Podijelio/la zahvalu: 0 puta
Primio/la zahvalu: 13 puta
OS: linux
U potpunosti razumijem. Oduzim se posto poto.

Kod: Označi sve
+----+-------+----------------------------------+
| id | user  | pass                             |
+----+-------+----------------------------------+
|  1 | admin | h4shp4ss|
|  2 | ftp   | h4shp4ss|
+----+-------+----------------------------------+
2 rows in set (0.00 sec)


Znaci usera 'public' sam napravio preko pure-pw komande, i on mi se nalazi u pureftpd.pdb, a uera 'ftp' sam napravio preko INSERT-a u bazi. Oba rade sto se tice spajanja na ftp i oba imaju mapiran /opt kao root.


Kod: Označi sve
 /etc/init.d/pure-ftpd status
pure-ftpd (pid  12873) is running...

+------+---------+-------+------+-------------------------------------------+
| PID  |  Login  |For/Spd| What |                 File/IP                   |
+------+---------+-------+------+-------------------------------------------+
|13454 | ftp     | 00:00 | IDLE |                                           |
|  ''  |    ''   |   ''  |  ''  | ->        XX-XX-XX-X.adsl.net.t-com.hr |
+------+---------+-------+------+-------------------------------------------+
|13387 | public  | 00:04 | IDLE |                                           |
|  ''  |    ''   |   ''  |  ''  | ->        XX-XX-XX-X.adsl.net.t-com.hr |
+------+---------+-------+------+-------------------------------------------+
Avatar
Postovi: 84
Postovi: 84
Pridružen/a: 03 stu 2012, 23:02
Podijelio/la zahvalu: 1 puta
Primio/la zahvalu: 0 puta
Spol: M
OS: CentOS 6.3
Prema ovom http://pure-ftpd-webui.org/browser/edit_settings.php, nedostaje mi kolona language u tablici userlist, jer ja samo imam id, user i pass.
Avatar
Postovi: 84
Postovi: 84
Pridružen/a: 03 stu 2012, 23:02
Podijelio/la zahvalu: 1 puta
Primio/la zahvalu: 0 puta
Spol: M
OS: CentOS 6.3
Ajde napravi ovo (u mysql promptu):
Kod: Označi sve
use pureftpd;
ALTER TABLE userlist ADD `language` varchar(50) COLLATE utf8_bin DEFAULT NULL;
When you're a kid and you wanna go "Weee !", but you ain't got drugs yet ... You hold out for your life, hold on to your little GONADS ... and STRIFE.
Avatar
Postovi: 910
Postovi: 910
Pridružen/a: 12 svi 2010, 07:57
Podijelio/la zahvalu: 0 puta
Primio/la zahvalu: 13 puta
OS: linux

Na mreži
Trenutno korisnika/ca: / i 1 gost.