proFTP and CURL seem to have stopped working after upgrade to WHM 11.44.0 (build 19)
proFTP seems to have stopped working after upgrade to WHM 11.44.0 (build 19)
We finally upgraded to mysql 5.5
After then I rebuilt our PHP 5.3.28 build
Overnight cPanel appears to have upgraded us to WHM 11.44.0 (build 19)
This morning proFTPD (allowing us to ftp into the server) no longer works for IP-based sites. I can SSH or SFTP into the box, but logging in via plain FTP just times out. For name based sites, I can still log in.
Not sure where the problems are or how to go about resolving them. For now, it is a requirement that the box stay on PHP 5.3 (as of 5:20 pm the PHP rebuild seems unrelated.)
Our box is a
CENTOS 6.5 x86_64 standard
Also, after the upgrade, I had to turn off eAccelerator 0.9.6 as it was giving me opt-code errors.
UPDATE: ProFTPd still a problem
-
Further Information regarding the problem with Proftpd: From my local machine, I try to ftp into the box. I can get to the point where it asks for the user name, but then it times out before ever asking for the password: 220 ProFTPD 1.3.5rc1 Server (ftp.mysite.com) [::ffff:xx.xx.xx.xx] Name (mysite.com:philglau): ftp_user_name 421 Service not available, remote server timed out. Connection closed. ftp: Login failed
Normally it should immediately respond with.331 Password required for ftp_user_name
But it never makes it that far.0 -
--- Deleted This Update --- 0 -
Narrowed it down to just our Fixed IP sites. This leads me to believe that something about our old proftpd.conf file is no longer valid after the upgrade. I can log into some secondary namebased domains via proFTPd, but when I attempt to log into either of the two IP-based domains, I'm getting the timeout errors. Here's the proftpd.conf file. Any thoughts on what might be wrong with this configuration that would be causing the timeout? (It worked fine for many years until the upgrade to WHM 11.44.0 last night.) # This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server # and a single anonymous login. It assumes that you have a user/group # "nobody" and "ftp" for normal operation and anon. ServerName "ProFTPD" AuthUserFile /etc/proftpd/passwd.vhosts ServerType standalone DeferWelcome off DefaultServer on DefaultRoot ~ !wheel # Port 21 is the standard FTP port. AuthPAM off TransferLog /usr/local/apache/domlogs/ftpxferlog UseReverseDNS off IdentLookups off PersistentPasswd on # Take from http://forums.proftpd.org/smf/index.php?topic=5175.new;topicseen#new CapabilitiesSet +CAP_CHOWN # CapabilitiesEngine off TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 TLSRequired off DenyAll TLSOptions NoSessionReuseRequired ShowSymlinks on TLSEngine on TLSProtocol SSLv23 TLSRequired off TLSRSACertificateFile /etc/ftpd-rsa.pem TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem TLSVerifyClient off TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 TLSOptions NoSessionReuseRequired Port 21 #Port 3736 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 0022 # Set the user and group that the server normally runs at. User nobody Group proftpd # Normally, we want files to be overwriteable. AllowOverwrite on # A basic anonymous configuration, no upload directories. UseFtpUsers on RequireValidShell off User ftp Group ftp # We want clients to be able to login with "anonymous" as well as "ftp" UserAlias anonymous ftp DenyAll # Limit the maximum number of anonymous logins MaxClients 10 # We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. DisplayLogin welcome.msg DisplayChdir .message true # Limit WRITE everywhere in the anonymous chroot DenyAll ShowSymlinks on TimeoutIdle 600 MaxInstances none ServerName ftp.fixed_ip_site_one.com AuthUserFile /etc/proftpd/ridicul MaxClients 10 "Sorry, this ftp server has reached its maximum user count (%m). Please try again later" DirFakeGroup On ftpgroup DirFakeUser On ftpuser DefaultRoot ~ umask 0006 TLSEngine on TLSRequired off TLSRSACertificateFile /etc/ftpd-rsa.pem TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem TLSVerifyClient off TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 TLSOptions NoSessionReuseRequired UserOwner ridicul GroupOwner PTclient AllowOverwrite on HideGroup wheel HideUser root UseFtpUsers on RequireValidShell off UseFtpUsers on RequireValidShell off User ftp Group ftp UserAlias anonymous ftp DisplayLogin welcome.msg # DisplayChdir .message true DenyAll DenyAll AllowAll DenyAll ShowSymlinks on ServerName ftp.fixed_ip_site_two.com DisplayConnect /etc/proftp_extras/pt_welcome.txt AuthUserFile /etc/proftpd/product MaxClients 30 "Sorry, this ftp server has reached its maximum user count (%m). Please try again later" DefaultRoot ~ # this is customization below AllowFilter "^[^@&%:]*$" Umask 0006 TLSEngine on TLSRequired off TLSRSACertificateFile /etc/ftpd-rsa.pem TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem TLSVerifyClient off TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 TLSOptions NoSessionReuseRequired AllowOverwrite on HideGroup wheel HideUser root # force files uploaded to the client ftp folder to be group 'PTclient' by default # this allows PHP scripts to access the files. DirFakeGroup On ftpgroup DirFakeUser On ftpuser UserOwner nobody GroupOwner PTclient AllowAll UseFtpUsers on RequireValidShell off UseFtpUsers on RequireValidShell off User ftp Group ftp UserAlias anonymous ftp DisplayLogin welcome.msg # DisplayChdir .message true DenyAll DenyAll AllowAll DenyAll ShowSymlinks on
Here's my proftpd -V output:proftpd -V Compile-time Settings: Version: 1.3.5rc1 (devel) Platform: LINUX [Linux 2.6.32-431.11.2.el6.x86_64 x86_64] Built: Mon Oct 7 2013 17:23:12 CDT Built With: configure '--host=x86_64-redhat-linux-gnu' '--build=x86_64-redhat-linux-gnu' '--program-prefix=' '--datadir=/usr/share' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--sbindir=/usr/sbin' '--bindir=/usr/bin' '--prefix=/usr' '--exec-prefix=/usr' '--mandir=/usr/man' '--with-includes=/usr/kerberos/include' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec/proftpd' '--with-modules=mod_tls:mod_wrap:mod_sftp' '--disable-sendfile' '--enable-openssl' '--with-openssl-dir=/usr' '--enable-shadow' '--enable-dso' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-O2 -g' 'CXXFLAGS=-O2 -g' CFLAGS: -O2 -g -Wall LDFLAGS: -L$(top_srcdir)/lib LIBS: -lssl -lcrypto -lssl -lcrypto -lcap -lwrap -lnsl -lssl -lpam -lcrypto -lz -lsupp -lcrypt -ldl Files: Configuration File: /etc/proftpd.conf Pid File: /var/proftpd.pid Scoreboard File: /var/proftpd.scoreboard Header Directory: /usr/include/proftpd Shared Module Directory: /usr/libexec/proftpd Features: - Autoshadow support - Controls support + curses support - Developer support + DSO support + IPv6 support + Largefile support - Lastlog support - Memcache support + ncurses support - NLS support + OpenSSL support (FIPS enabled) - PCRE support - POSIX ACL support + Shadow file support - Sendfile support + Trace support Tunable Options: PR_TUNABLE_BUFFER_SIZE = 1024 PR_TUNABLE_DEFAULT_RCVBUFSZ = 8192 PR_TUNABLE_DEFAULT_SNDBUFSZ = 8192 PR_TUNABLE_GLOBBING_MAX_MATCHES = 100000 PR_TUNABLE_GLOBBING_MAX_RECURSION = 8 PR_TUNABLE_HASH_TABLE_SIZE = 40 PR_TUNABLE_NEW_POOL_SIZE = 512 PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80 PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30 PR_TUNABLE_SELECT_TIMEOUT = 30 PR_TUNABLE_TIMEOUTIDENT = 10 PR_TUNABLE_TIMEOUTIDLE = 600 PR_TUNABLE_TIMEOUTLINGER = 30 PR_TUNABLE_TIMEOUTLOGIN = 300 PR_TUNABLE_TIMEOUTNOXFER = 300 PR_TUNABLE_TIMEOUTSTALLED = 3600 PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 100 -
Resolution for others who might have same problem: Never figured out what was causing the problem, but by switching to 'pure-ftpd' and then back to 'proftpd' in Home "Service Configuration "FTP Server Selection, it seems to have resolved the problem. In the end prior to doing the trick above, I was able to confirm that proFTPd worked for all my name-based sites and one of my IP-based sites. Unfortunately it was not working for one other IP-based site which was our most important site. Constantly timing out prior to asking for a password. I have no idea why switching between the two made any difference. This seems like the help-desk version of "did you reboot the machine"... During the switch I did see that it completely unisntalled the proFTPd RPM, then installed Pure-FTP. Later when I flipped back the opposite direction, it then removed the pure-ftp RPM and then downloaded a new copy of the proftpd RPM. ??? If anybody knows why this 'solution' would even possibly work, please let me know. I'm extremely curious as to where I failed to look to diagnosis this problem. My guess is there was some folder or setting that got out of wack that the forced installed somehow reset. 0 -
[quote="PhilGlau, post: 1678072">Resolution for others who might have same problem: If anybody knows why this 'solution' would even possibly work, please let me know. I'm extremely curious as to where I failed to look to diagnosis this problem. My guess is there was some folder or setting that got out of wack that the forced installed somehow reset.
This would cause the configuration to be rebuilt. Would you please open a ticket (please use the link in my signature) with adiff -u proftpd.conf.old proftpd.conf
on the configuration so we can give you an idea what the rebuild removed that caused the issue.0 -
There is no 'proftpd.conf.old' in my /etc folder. diff -u proftpd.conf.old proftpd.conf
returns 'file not found'. There is a 'proftpd.conf.rpmsave' I'll use diff -u proftpd.conf.rpmsave proftpd.conf instead0 -
The only major difference I found between the newly generated proftpd.conf and my old one was the inclusion of the following in the new config file: TCPServiceName ftp0 -
Please include those details in the support ticket, and also post the ticket number here so we can update this thread with the outcome. Thank you. 0 -
Ticket ID: 5180875 0 -
To update, it looks like the particular entry in the proftpd.conf file related to this issue was: PersistentPasswd on
This is not a standard entry in the ProFTPd configuration file. Thank you.0
Please sign in to leave a comment.
Comments
10 comments