DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD General

FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 22nd August 2008
jsadm jsadm is offline
New User
 
Join Date: Aug 2008
Posts: 3
Default inetd, ftpd problems

I'm having issues with inetd/ftpd on a FreeBSD 5.1 server. Apparently any time the server is rebooted, the inetd process starts, as it's running on the process list and there's an inetd.pid file in /var/run. However, ftp connections are not accepted, and I then have to start ftpd manually.

Here is a portion of my rc.conf file (the lines after all the ipconfig lines and other network settings):

inetd_enable="YES" # Run the network daemon dispatcher (YES/NO).
kern_securelevel_enable="NO"
sendmail_enable="YES"
sshd_enable="YES"
usbd_enable="YES"
apache_enable="YES"
ftpd_enable="YES"

All lines in my inetd.conf file are commented out other than these two:

ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l

First off, did I properly enable my server to accept ftp connections? Every installation guide I've seen basically said enabling inetd and uncommenting those lines in inetd.conf would do it, but that's not the case in my experience so far.

Secondly, I'm not beholden to using the BSD ftp, but it's simple and basically all I need it to do is chroot users to their home directories. If anyone has any suggestions on another ftp daemon that's decent, I'm open to using it.

Thanks,
James
Reply With Quote
  #2   (View Single Post)  
Old 22nd August 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

If you're enabling ftpd via inetd, why are you enabling it in rc.conf?

Either enable it in rc.conf or inetd.conf, not both.
Reply With Quote
  #3   (View Single Post)  
Old 22nd August 2008
jsadm jsadm is offline
New User
 
Join Date: Aug 2008
Posts: 3
Default

Quote:
Originally Posted by BSDfan666 View Post
If you're enabling ftpd via inetd, why are you enabling it in rc.conf?

Either enable it in rc.conf or inetd.conf, not both.
Actually, I dug a little deeper and found that ftpd_enable isn't supported by rc.conf in FreeBSD 5.1. Seen here: http://www.freebsd.org/cgi/man.cgi?q...SE&format=html

or by grepping through /etc/default/rc.conf for "ftpd" in my install.

So I don't think that line in the rc.conf meant anything and was ignored, but that still doesn't explain why inetd wasn't listening for FTP requests. Besides if inetd_enable and ftpd_enable were both supported and both worked, I would have assumed the ftpd_enable line would have caused a error to be logged somewhere mentioning a service already listening on port 21. I never found any such error messages.
Reply With Quote
  #4   (View Single Post)  
Old 22nd August 2008
crayoxide crayoxide is offline
Fdisk Soldier
 
Join Date: May 2008
Posts: 46
Default

Quote:
Originally Posted by jsadm View Post
Secondly, I'm not beholden to using the BSD ftp, but it's simple and basically all I need it to do is chroot users to their home directories. If anyone has any suggestions on another ftp daemon that's decent, I'm open to using it.
/usr/ports/ftp/proftpd

http://www.proftpd.org/docs/howto/Chroot.html

Additionally, must you run 5.1?
Reply With Quote
  #5   (View Single Post)  
Old 22nd August 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

If ftp is running, whether that be from inetd or as standalone, it will show as a LISTEN in netstat -an output.

Code:
$ netstat -an -f inet

Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
tcp        0      0  *.21                   *.*                    LISTEN
tcp        0      0  *.6000                 *.*                    LISTEN
tcp        0      0  127.0.0.1.587          *.*                    LISTEN
tcp        0      0  127.0.0.1.25           *.*                    LISTEN
tcp        0      0  *.22                   *.*                    LISTEN
tcp        0      0  *.515                  *.*                    LISTEN
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
udp        0      0  192.168.222.20.2012    194.165.35.111.123    
udp        0      0  192.168.222.20.7197    145.24.129.5.123      
udp        0      0  192.168.222.20.4237    213.154.229.26.123    
udp        0      0  192.168.222.20.3805    130.89.164.77.123     
udp        0      0  192.168.222.20.14453   213.249.66.35.123     
udp        0      0  *.514                  *.*
You check if inetd is running by the following:
Code:
$ pgrep inetd

26811

$ ps -aux | grep inetd

root     26811  0.0  0.1   440   840 ??  Is    12:53AM    0:00.00 inetd
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #6   (View Single Post)  
Old 22nd August 2008
jsadm jsadm is offline
New User
 
Join Date: Aug 2008
Posts: 3
Default

Quote:
Originally Posted by crayoxide View Post
/usr/ports/ftp/proftpd

http://www.proftpd.org/docs/howto/Chroot.html

Additionally, must you run 5.1?
Thanks for the suggestion, I'll check out proftpd. Nope, no more 5.1. I just came into this company as a contractor after their two previous contract "sysadmins" left, both in the same year. Neither of those contractors had a technical degree nor did they have significant sysadmin experience from the state of the 7 servers I've seen. Their remaining IT staff is Windows only. I have a little bit of sysadmin experience (my degree is in CS and I primarily develop software), but there's no one else there able to handle this and I guess the can't find/afford a decent sysadmin.

This weekend I get paid double overtime to set up a new server to migrate an old production server to, since it failed temporarily this past week. So FreeBSD 7 it will be. Though given that the services/apps on that server haven't been updated in at least 4 years, I'll have my work cut out for me.
Reply With Quote
  #7   (View Single Post)  
Old 22nd August 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

I would suggest vsftpd. ftp.freebsd.org is using it
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #8   (View Single Post)  
Old 24th August 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

Quote:
Originally Posted by J65nko
I would suggest vsftpd.
+1

Flexible, "secure" (as ftpd services go), well documented, actively developed, etc.
__________________
Kill your t.v.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ftpd problem narcotico FreeBSD General 3 11th July 2008 03:08 AM
ftpd and hiding . files crofox OpenBSD Packages and Ports 5 26th June 2008 03:01 AM
pure-ftpd hirohitosan FreeBSD Ports and Packages 3 10th June 2008 06:31 PM
FTPD User Access Denied wastedbreath FreeBSD General 7 21st May 2008 03:44 AM
Runing vsftpd in standalone mode or with inetd? bigb89 FreeBSD Security 2 8th May 2008 11:38 PM


All times are GMT. The time now is 11:23 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick