[Résolu] [Pure-ftpd] 421 enable to switch capabilities

Salut à tous,
je poste un message d’aide sur le forum car vraiment je n’arrive pas à trouver ce qui ne va pas avec pure-ftpd.
après avoir fait un apt-get install pure-ftpd tous s’installe comme il faut, je configure les switchs, je demande de vérifier le puredb au démarrage et il reconnait bien les virtual users.

mais au redémarrage de la machine il me met une erreur “421 enable to switch capabilities : not permitted”

J’ai regarder mes fichiers de config et rien d’anormal…je vois vraiment pas ce qui cloche mais impossible de démarrer le serveur :confused:

Bon j’ai résolu le problème mais voilà qu’en surgit un autre.

au démarrage du serveur avec la commande /etc/init.d/pure-ftpd
il me met cette ligne :

qui active plusieurs switchs par défaut et ça à chaque démarrage du serveur
qui ne me servent pas car je veux le configurer comme ceci :

Ma question est …comment s’y prend-t-on pour modifier les options de démarrage de ce serveur ??
J’ai lu la doc en entier !!! celle du site de pure-ftpd !!
Si quelqu’un à déjà eu ce problème qu’il me fasse signe !! je suis presque au but et je sais que c’est une bêtise.

donnes le contenu de /etc/init.d/pure-ftpd

[code]#! /bin/sh

pure-ftpd starts and stops the pure-ftpd ftp daemon

PATH=/sbin:/bin:/usr/sbin:/usr/bin
NAME=pure-ftpd
DESC=“ftp server”
: ${SSDAEMONLOGOPTS:="–quiet"}
UPLOADDAEMON=/usr/sbin/pure-uploadscript
UDNAME=pure-uploadscript
UDDESC="ftp upload handler"
WRAPPER=/usr/sbin/pure-ftpd-wrapper

try to figure with suffix this script is called,

$0 might be a symlink pointing to this script

if [ -h $0 ]; then
ME=/bin/readlink $0
else
ME=$0
fi

SUFFIX=basename $ME | sed -ne 's/^pure-ftpd-\(.*\)/\1/p'
if [ “$SUFFIX” ] ; then
DAEMON=/usr/sbin/pure-ftpd-$SUFFIX
else
DAEMON=/usr/sbin/pure-ftpd
fi

test -x $DAEMON || exit 0
test -x $WRAPPER || exit 0

export STANDALONE_OR_INETD=inetd
test -r /etc/default/pure-ftpd-common && . /etc/default/pure-ftpd-common

set -e

start_uploadscript() {
if [ “$UPLOADSCRIPT” -a “$STANDALONE_OR_INETD” != inetd ] &&
egrep -i ‘^[ ](yes|1|on)[ ]’ /etc/pure-ftpd/conf/CallUploadScript > /dev/null 2>&1
then
UOPTS="“
test “$UPLOADUID” && UOPTS=”$UOPTS -u $UPLOADUID"
test “$UPLOADGID” && UOPTS="$UOPTS -g $UPLOADGID"
echo -n "$1 $UDDESC: "
start-stop-daemon --start $SSDAEMONLOGOPTS --oknodo
–exec $UPLOADDAEMON – -r “$UPLOADSCRIPT” -B $UOPTS
echo “$UDNAME.”

fi

}

case “$1” in
start)
test “$STANDALONE_OR_INETD” = standalone || exit 0
echo -n "Starting $DESC: "
start-stop-daemon --start $SSDAEMONLOGOPTS --pidfile /var/run/pure-ftpd/pure-ftpd.pid
–exec $WRAPPER – $SUFFIX
start_uploadscript Starting
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop $SSDAEMONLOGOPTS --oknodo
–pidfile /var/run/pure-ftpd/pure-ftpd.pid
start-stop-daemon --stop $SSDAEMONLOGOPTS --oknodo --exec $UPLOADDAEMON
echo “$NAME.”
;;
restart|force-reload)
test “$STANDALONE_OR_INETD” = standalone || exit 0
echo -n "Restarting $DESC: "
start-stop-daemon --stop $SSDAEMONLOGOPTS --oknodo
–pidfile /var/run/pure-ftpd/pure-ftpd.pid
start-stop-daemon --stop $SSDAEMONLOGOPTS --oknodo --exec $UPLOADDAEMON
sleep 1
start-stop-daemon --start $SSDAEMONLOGOPTS --pidfile
/var/run/pure-ftpd/pure-ftpd.pid --exec $WRAPPER – $SUFFIX
start_uploadscript Restarting
;;
*)
N=/etc/init.d/$NAME
echo “Usage: $N {start|stop|restart|force-reload}” >&2
exit 1
;;
esac

exit 0
[/code]

essayes de comprendre le rôle et la fabrication de $SSDAEMONLOGOPTS, et vois si tu ne peux pas passer tes arguments par /etc/default/pure-ftpd-common

quel est le contenu de ce fichier ?

voici le /usr/sbin/pure-ftp-wrapper :

[code]#! /usr/bin/perl

Copyright 2002,2003,2004 by Stefan Hornburg (Racke) racke@linuxia.de

This program is free software; you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation; either version 2 of the License, or

(at your option) any later version.

This program is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

GNU General Public License for more details.

You should have received a copy of the GNU General Public

License along with this program; if not, write to the Free

Software Foundation, Inc., 59 Temple Place, Suite 330, Boston,

MA 02111-1307 USA.

use strict;
use warnings;

use File::Basename;
use File::Spec;

my $daemon = ‘/usr/sbin/pure-ftpd’;
my @capabilities = @ARGV;

if ($ARGV[0]) {
$daemon = “$daemon-$ARGV[0]”;
}

configuration schema

fields of the array:

0. option name

1. parser

2. priority

SysLogFacility has the highest priority, because we want to

avoid to log to the wrong location (see pure-ftpd manpage).

my %conf = (‘AllowAnonymousFXP’ => [’-W’],
‘AllowDotFiles’ => [’-z’],
‘AllowUserFXP’ => [’-w’],
‘AltLog’ => [’-O %s’, &parse_string],
‘AnonymousBandwidth’ => [’-t %s’, &parse_number_1_2],
‘AnonymousCanCreateDirs’ => [’-M’],
‘AnonymousCantUpload’ => [’-i’],
‘AnonymousOnly’, => [’-e’],
‘AnonymousRatio’ => [’-q %d:%d’, &parse_number_2],
‘AntiWarez’ => [’-s’],
‘AutoRename’ => [’-r’],
‘Bind’ => [’-S %s’, &parse_string],
‘BrokenClientsCompatibility’ => [’-b’],
‘CallUploadScript’ => [’-o’],
‘ChrootEveryone’ => [’-A’],
‘CreateHomeDir’ => [’-j’],
‘CustomerProof’ => [’-Z’],
‘Daemonize’ => [’-B’],
‘DisplayDotFiles’ => [’-D’],
‘DontResolve’ => [’-H’],
‘ForcePassiveIP’ => [’-P %s’, &parse_string],
‘FortunesFile’ => [’-F %s’, &parse_filename],
‘IPV4Only’ => [’-4’],
‘IPV6Only’ => [’-6’],
‘KeepAllFiles’ => [’-K’],
‘LimitRecursion’ => [’-L %d:%d’, &parse_number_2],
‘LogPID’ => [’-1’],
‘MaxClientsNumber’ => [’-c %d’, &parse_number_1],
‘MaxClientsPerIP’ => [’-C %d’, &parse_number_1],
‘MaxDiskUsage’ => [’-k %d’, &parse_number_1],
‘MaxIdleTime’ => [’-I %d’, &parse_number_1],
‘MaxLoad’ => [’-m %d’, &parse_number_1],
‘MinUID’ => [’-u %d’, &parse_number_1],
‘NATmode’ => [’-N’],
‘NoAnonymous’ => [’-E’],
‘NoChmod’ => [’-R’],
‘NoRename’ => [’-G’],
‘NoTruncate’ => [’-0’],
‘PassivePortRange’ => [’-p %d:%d’, &parse_number_2],
‘PerUserLimits’ => [’-y %d:%d’, &parse_number_2],
‘ProhibitDotFilesRead’ => [’-X’],
‘ProhibitDotFilesWrite’ => [’-x’],
‘Quota’ => [’-n %d:%d’, &parse_number_2],
‘SyslogFacility’ => [’-f %s’, &parse_word, 99],
‘TLS’ => [’-Y %d’, &parse_number_1],
‘TrustedGID’ => [’-a %d’, &parse_number_1],
‘TrustedIP’ => [’-V %s’, &parse_ip],
‘Umask’ => [’-U %s:%s’, &parse_umask],
‘UserBandwidth’ => [’-T %s’, &parse_number_1_2],
‘UserRatio’ => [’-Q %d:%d’, &parse_number_2],
‘VerboseLog’ => [’-d’],
);

my %authconf = (‘ExtAuth’ => [‘extauth:%s’, &parse_sockname],
‘LDAPConfigFile’ => [‘ldap:%s’, &parse_filename, 0,
‘ldap’],
‘MySQLConfigFile’ => [‘mysql:%s’, &parse_filename, 0,
‘mysql’],
‘PGSQLConfigFile’ => [‘pgsql:%s’, &parse_filename, 0,
‘postgresql’],
‘PAMAuthentication’ => [‘pam’],
‘PureDB’ => [‘puredb:%s’, &parse_filename],
‘UnixAuthentication’ => [‘unix’],
);

examine all configuration files in /etc/pure-ftpd/conf

my @conffiles;

opendir (ETCCONF, ‘/etc/pure-ftpd/conf’)
|| die “$0: Couldn’t examine directory /etc/pure-ftpd/conf: $!\n”;
@conffiles = readdir (ETCCONF);
closedir (ETCCONF);

examine authentication files in /etc/pure-ftpd/auth

my @authfiles;

opendir (ETCAUTH, ‘/etc/pure-ftpd/auth’)
|| die “$0: Couldn’t examine directory /etc/pure-ftpd/auth: $!\n”;
@authfiles = sort (grep {-l “/etc/pure-ftpd/auth/$_”} readdir (ETCAUTH));
closedir (ETCAUTH);

my ($file, $cref, $name);
my (@options, $option, $ret);

for my $authname (@authfiles) {
# check if corresponding file exists
next unless $file = readlink("/etc/pure-ftpd/auth/$authname");
unless (File::Spec->file_name_is_absolute($file)) {
$file = File::Spec->catfile(’/etc/pure-ftpd/auth’,$file);
}
next unless -f $file;

# check if configuration directive exists
$name = basename($file);

# check if we have the right capability for this authentication method
next if $authconf{$authname}->[3] && ! grep {$authconf{$authname}->[3] eq $_} @capabilities;

if ($ret = parse_file(\%authconf, $file, $name)) {
	$ret->[0] = "-l $ret->[0]";
	push (@options, $ret);
}

}

for (@conffiles) {
# skip files with dots in front and others
next unless /^\w/;
# skip files created by dpkg
next if /dpkg/;
# skip authentication configuration files
next if exists $authconf{$_};

$file = "/etc/pure-ftpd/conf/$_";
if ($ret = parse_file(\%conf, $file, $_)) {
	push (@options, $ret);
}

}

@options = map {split(/ /, $_->[0], 2)} (sort {$b->[1] <=> $a->[1]} @options);

if (exists $ENV{STANDALONE_OR_INETD} && $ENV{STANDALONE_OR_INETD} eq ‘standalone’) {
push (@options, ‘-B’);
print "Running: $daemon ", join (’ ', @options), “\n”;
}

force PID file to /var/run/pure-ftpd/pure-ftpd.pid

push(@options, ‘-g’, ‘/var/run/pure-ftpd/pure-ftpd.pid’);

exec { $daemon } ($daemon, @options) or die “$0: Cannot exec $daemon: $!”;

sub parse_file {
my ($cref, $file, $option) = @_;
my @lines;

unless (exists $cref->{$option}) {
	die "$0: Invalid configuration file $file: No corresponding directive\n";
}

open (FILE, $file)
	|| die "$0: Couldn't open configuration file $file: $!\n";
while (<FILE>) {
	next unless /\S/;
	s/^\s+//;
	s/\s+$//;
	next if /^\#/;
	push (@lines, $_);
}
close (FILE);

# call parser
for my $line (@lines) {
	my $buf = '';

	if (defined $cref->{$option}->[1]) {
		$ret = $cref->{$option}->[1]->(\$buf, $cref->{$option}->[0], $line);
	} else {
		$ret = parse_yesno(\$buf, $cref->{$option}->[0], $line);
	}

	unless ($ret) {
		die "$0: Invalid configuration file $file: $buf\n";
	}

	return [$buf, $cref->{$option}->[2] || 0] if length $buf;
}

}

sub parse_filename {
my ($buf, $fmt, $val) = @_;

unless (-f $val) {
	$$buf = qq{"$val": No such file};
	return;
}
$$buf = sprintf $fmt, $val;
return 1;

}

sub parse_ip {
my ($buf, $fmt, $val) = @_;

if ($val =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/
	&& $1 < 256 && $2 < 256 && $3 < 256 && $4 < 256) {
	$$buf = sprintf $fmt, $val;
	return 1;
}

$$buf = qq{"$val": Invalid IP address};

}

sub parse_number_1 {
my ($buf, $fmt, $val) = @_;

if ($val =~ /\D/) {
	$$buf = qq{"$val" not a number};
	return;
}

$$buf = sprintf $fmt, $val;
return 1;

}

sub parse_number_1_2 {
my ($buf, $fmt, $val) = @_;

if ($val =~ /^(\d+)(\s+|:)(\d+)$/) {
	$$buf = sprintf $fmt, "$1:$3";
	return 1;
}

if ($val =~ /^(\d+)$/) {
	$$buf = sprintf $fmt, $1;
	return 1;
}

$$buf = qq{"$val" not one or two numbers};
return;

}

sub parse_number_2 {
my ($buf, $fmt, $val) = @_;

if ($val !~ /^(\d+)\s+(\d+)$/) {
	$$buf = qq{"$val" not two numbers};
	return;
}

$$buf = sprintf $fmt, $1, $2;
return 1;

}

sub parse_sockname {
my ($buf, $fmt, $val) = @_;

unless (-S $val) {
	$$buf = qq{"$val": No such socket};
	return;
}
$$buf = sprintf $fmt, $val;
return 1;

}

sub parse_string {
my ($buf, $fmt, $val) = @_;

if ($val =~ /\s/) {
	$$buf = qq{"$val" contains whitespace};
	return;
}

$$buf = sprintf $fmt, $val;
return 1;

}

sub parse_umask {
my ($buf, $fmt, $val) = @_;

if ($val !~ /^([0-7]{3,3})\s+([0-7]{3,3})$/) {
	$$buf = qq{"$val" not two octal numbers};
	return;
}

$$buf = sprintf $fmt, $1, $2;
return 1;

}

sub parse_word {
my ($buf, $fmt, $val) = @_;

if ($val !~ /^(\w+)$/) {
	$$buf = qq{"$val" contains non-word characters};
	return;
}

$$buf = sprintf $fmt, $1;
return 1;

}

sub parse_yesno {
my ($buf, $fmt, $val) = @_;
my @y = (‘yes’, 1, ‘on’);
my @n = (‘no’, 0, ‘off’);

if (grep {$_ eq lc($val)} @y) {
	# result is 'yes'
	$$buf = $fmt;
	return 1;
}
if (grep {$_ eq lc($val)} @n) {
	# result is 'no'
	$$buf = '';
	return 1;
}
# error
$$buf = qq{"$val" not convertible to true or false};
return;

}

END

=head1 NAME

pure-ftpd-wrapper - configures and starts Pure-FTPd daemon

=head1 SYNOPSIS

pure-ftpd-wrapper

=head1 DESCRIPTION

B reads the configuration for the Pure-FTPd daemon
from files in the directory F</etc/pure-ftpd/conf>. Each file in this
directory is related to a command line option. No more than one
line with configuration values is allowed. Empty lines or lines
starting with the comment character C<#> are discarded.

The Pure-FTPd daemon allows to use different authentication methods
together. The authentication methods are tried in the order they are
specified on the command line. In order to achieve the same flexibility
with files in the F</etc/pure-ftpd> directory, B
checks all valid symbolic links within the directory F</etc/pure-ftpd/auth>
in alphabetical order. E.g., a link in this directory pointing to
F</etc/pure-ftpd/conf/PureDB> would enable authentication against
a PureDB database.

There are no means to configure the I setting, it is hardwired
to /var/run/pure-ftpd/pure-ftpd.pid in this script.

=head1 CONFIGURATION

=head2 Boolean values

The strings C,C<1>,C enable the corresponding commandline option
(case doesn’t matter). To disable the option use C,C<0> or C.

Configuration files containing boolean values are C,
C, C, C,
C, C, C, C,
C, C, C,
C, C, C, C,
C, C, C, C, C,
C, C, C, C, C,
C, C, C
and C.

=head2 Numerical values

There are several types of numerical values (one number, two numbers
one or two numbers, two octal numbers).

=over 4

=item One number

C, C, C, C,
C, C, C, C.

=item Two numbers

C, C, C,
C, C, C.

=item One or two numbers

C, C.

=item Two octal numbers

C.

=back

=head2 String values

=over

=item Arbritrary strings

C, C, C.

=item Words

C.

=head2 IP values

C.

=head2 File values

These values designate an existing file or socket.

=over

=item File

C, C, C, C, C.

=item Socket

C.

=back

=head1 AUTHOR

This manual page was written by Stefan Hornburg (Racke) racke@linuxia.de
for the Debian GNU/Linux system.[/code]

voici le /etc/defaut/pure-ftpd-common :

[code]# Configuration for pure-ftpd

(this file is sourced by /bin/sh, edit accordingly)

STANDALONE_OR_INETD: valid values are “standalone” and “inetd”.

Any change here overrides the setting in debconf.

STANDALONE_OR_INETD=standalone

UPLOADSCRIPT: if this is set and the daemon is run in standalone mode,

pure-uploadscript will also be run to spawn the program given below

for handling uploads. see /usr/share/doc/pure-ftpd/README.gz or

pure-uploadscript(8)

example: UPLOADSCRIPT=/usr/local/sbin/uploadhandler.pl

UPLOADSCRIPT=

if set, pure-uploadscript will spawn $UPLOADSCRIPT running as the

given uid and gid

UPLOADUID=
UPLOADGID=
[/code]

Je viens de relire pour la 12 ème fois le manpage de pure-ftpd mais je vois pas ce qu’il faut pour changer la configuration !!! pffff

il n’y a rien d’autre ou tu retrouverais les arguments "-l pam -u 1000 -E -0 clf:/var/log/pure-ftpd/transfer.log -B"
fais une recherche dans le contednu des fichiers un peu partout pour trouver cette chaine ou une partie.

non, car chaque switch est réparti vers un fichier différent :
ex:. le switch -l se trouve dans /etc/pure-ftpd/conf
le switch pam se trouve dans un autre fichier avec le chemin jusqu’auu fichier PAM ainsi de suite !!!

en fait il faut reconstruire les fichiers qu’il me faut avec la configuration qu’il me faut et les switchs mais je connais pas la commande !!

je suis en train de décortiquer cette article : littleboboy.net/cgi-bin/man/ … apper#lbAB

on va voir si je trouve une réponse

Bon voilà le topo,
J’ai désinstaller le log et compiler la version à partir des sources de pure-ftpd.org et là je peux le configurer comme je veux !!
Je déconseille à tous d’installer la version pour debian (elle est fonctionnelle mais très basique) mais on se heurte au problème de configuration qui est monstrueux.

[quote=“dexmon”]Bon voilà le topo,
J’ai désinstaller le log et compiler la version à partir des sources de pure-ftpd.org et là je peux le configurer comme je veux !!
Je déconseille à tous d’installer la version pour debian (elle est fonctionnelle mais très basique) mais on se heurte au problème de configuration qui est monstrueux.[/quote]Es tu certain que ce n’est pas simplement que tu ne l’as pas compris ?
Je déconseille à tous d’installer un paquet autrement qu’avec apt sauf quand on a pas le choix. :laughing:

oui j’y ai été un peu fort là !! :slightly_smiling: C’est que j’ai passer la nuit sur ce problème !
mais je viens de faire un test avec le paquet debian et il fonctionne ! :open_mouth:
Je devais arrêter le serveur mettre un “&” à la fin de l’instruction et le lancer avec les nouvelles instructions ! pfff
Pour les instructions où il faut mettre un path ! il faut créer un fichier avec le nom de la directive dans /etc/pure-ftpd/conf et inscrire le path dans le fichier !!