Ïàò÷ äëÿ vsftpd

**cipipi** · 24-11-2008, 21:09

bbsc, Ñïàñèáî... :\

Îçàäà÷èëè ñî ñêîðîñòÿìè, íå çíàþ äàæå ãäå è ãëÿäåòü. Äóìàë êàêàÿ ïåðåìåííàÿ â èñõîäíèêàõ íå òàê ñòîèò ïîñëå íî÷íûõ áäåíèé.
Ç.Û.
ß âîò òîëüêî íå ðàçîáðàëñÿ... ×åðåç ðåïîçèòàðèé êàêèå ïàêåòû íóæíî ñòàâèòü äëÿ ðåàëèçàöèè pam èëè tcpwrapers... Ãëàçà ðàçáåãàþòñÿ ñìîòðåòü äëèííûå ñïèñêè... Ïîäîçðåâàþ, ÷òî PAM âîîáùå íåò â ðåïîçèòàðèè.

**bbsc** · 24-11-2008, 21:18

cipipi,
1) Íàñ÷åò ñêîðîñòè. Âû óâåðåíû, ÷òî â vsftpd.conf ó Âàñ íå óñòàíîâëåíî anon_max_rate=45000?
2) Íàñ÷åò PAM - íå çíàþ. Îíî ó ìåíÿ ñîáðàëîñü ñ PAM (ññûëêà íà ïîñò â ìîåì ïîñòå âûøå Âàøåãî), ÿ åãî è íå òðîãàë.
3) Íàñ÷åò tcp_wrappers âîïðîñ ñëîæíåå. Äåëî â òîì, ÷òî íóæíàÿ áèáëèîòåêà èç ðåïîçèòàðèÿ ñîáðàíà íå ñ òåìè îïöèÿìè, êîòîðûå íóæíû, ñàìà ïî ñåáå. Ïîýòîìó íåîáõîäèìî ñíà÷àëà ïåðåñîáðàòü tcp_wrappers ñ ïîääåðæêîé ðàñøèðåííîãî íàáîðà îïöèé, çàòåì íà èõ áèáëèîòåêå óæå ñîáèðàòü vsftpd. Ññûëêà òà æå, òàì ðàáî÷èé áèíàðíèê

**BlackHorse** · 03-01-2009, 20:48

Cïàñèáî çà ïàò÷åíûé vsftpd! Ñóïåð, òåïåðü ÔÒÏ ðàçãîâàðèâàåò ïî-ðóññêè!

Åñòü àëüòåðíàòèâíûé ñïîñîá ðåøåíèÿ ïðîáëåìû:
Äëÿ ëå÷åíèÿ ñàìáû ìíå ïîìîã ñîâåò ïî ïåðåíîñó êîíôèãà ñàìáû â äðóãîå ìåñòî
http://wl500g.info/showpost.php?p=33826&postcount=2
è â ïåðåíåñåííûé êîíôèã ÿ äîáàâèë ñòðîêó (ïî ñðàâíåíèþ ñî ñòàíäàðòíûì êîíôèãîì îò 1.9.2.7-10)
coding system = utf8

ïðàâäà ïîòðåáîâàëîñü ïðîïèñàòü åùå â íà÷àëî ôàéëà S97Samba "óáèéñòâî" ñàìáû
killall smbd
killall nmbd

Íó è êèíóòü çàïóñê S97Samba â post-mount

Íó è òåïåðü íàñëàæäàþñü ðóññêèìè áóêâàìè îò transmission â øàðå, ãäå ëåæàòü òîððåíòû...

**cipipi** · 16-01-2009, 16:55

Ìäà, ïðîáëåìà ñî ñêîðîñòüþ äåéñòâèòåëüíî ðåøèëàñü óñòàíîâêîé â äåôîëòíîå ñîñòîÿíèå anon_rate_max=0
2 bbsc Ìîæåò ïîäñêàæåòå êàê îòêîìïèëèòü ñ âîçìîæíîñòüþ tcpwrappers, à òî ÿ óæå íà÷àë êîïàòü â ñòîðîíó glibc, ÷óþ ýòî äîáðîì íå êîí÷èòñÿ.

**bbsc** · 16-01-2009, 17:33

cipipi, íåò, äåëî íå â glibc.
Ñíà÷àëà íóæíî ñêîìïèëèòü tcp_wrappers ñ ïîääåðæêîé ðàñøèðåííîãî íàáîðà îïöèé (óêàçûâàþòñÿ â ïðîöåññå êîìïèëÿöèè, ñì. makefile).
Çàòåì óæå çàíèìàòüñÿ êîìïèëÿöèåé vsftpd, èìåÿ áèáëèîòåêó îò tcp_wrappers.
ß æå, êàæåòñÿ, äâóìÿ ïîñòàìè âûøå óæå ïèñàë.

**cipipi** · 16-01-2009, 17:43

bbsñ, thx....
Ïîïðîáóþ... Ïî ðåçóëüòàòàì îòïèøóñü...

**cipipi** · 17-01-2009, 00:32

×åãî-òî íè÷åãî íå ïîíèìàþ...
2 bbscÊàê êîìïèëèðîâàë tcpwrappers:
Â Makefile èçìåíèòü ïóòè â ïàðàìåòðå TABLES, íà ñëåäóùèå
/opt/etc/hosts.deny /opt/etc/hosts.allow
ðàcêîììåíòèðîâàòü ñòðîêó
STYLE = -DPROCESS_OPTIONS # Enable language extentions
Çàïóñêàåì

Code:

 make REAL_DAEMON_DIR=/opt/sbin linux

Ïîÿâèëîñü ïÿòü áèíàðíèêîâ:
safe_finger
tcpd
tcpdchk
tcpdmatch
try-from
Ïîìåùàåì èõ â ïàïêó /opt/sbin
Íà âñÿêèé ïåðåïèñûâàþ õèäåð tcpd.h èç èñõîäíèêîâ â /opt/include

Êîìïèëèðóþ çàíîâî vsftpd... Ó ìåíÿ òàêîå îùóùåíèå, ÷òî åìó ïðè êîìïèëÿöèè íàïëåâàòü íà áèíàðíèêè
è îí èñïîëüçóåò òîëüêî õèäåð. Ðàçìåð áèíàðíèêà vsftpd íå èçìåíèëñÿ.... Íî, âñå ðàâíî êèäàþ åãî â /opt/sbin
. Íàñòðàèâàþ tcpwrappers ïî ïåðâîèñòî÷íèêàì è ïî http://wl500g.info/showpost.php?p=119458&postcount=132. Çàïóñêàþ... ïðè êîííåêòå ñïðàøèâàåò ïàðîëü è ïîòîì íè÷åãî íå äåëàåò (íèêàêîãî îáìåíà íå ïðîèñõîäèò)...
Ìîæåò åùå ÷òî ïîäïðàâèòü â èñõîäíèêàõ vsftpd íàäî.. ß íå ïîíèìàþ ÷åãî ïðîèñõîäèò.

**bbsc** · 17-01-2009, 07:51

Ïðèäåòñÿ âñïîìèíàòü...
1. Êà÷àåì è ðàñïàêîâûâàåì èñõîäíèêè tcp_wrappers ftp://ftp.porcupine.org/pub/security...ers_7.6.tar.gz .
2. Ïðèêëàäûâàåì ïàò÷ îòñþäà: http://svn.nslu2-linux.org/svnroot/o...wrappers.patch
3. Ðàñêîììåíòèðóåì â Makefile ñòðî÷êó STYLE = -DPROCESS_OPTIONS
4. Êîìïèëèðóåì.
5. Áåðåì ïîëó÷åííûé ôàéë libwrap.a è êëàäåì â /opt/lib
6. Ïîñëå ýòîãî íà÷èíàåì âîçèòüñÿ ñ êîìïèëÿöèåé vsftpd.

Ìîæåò, ÷åãî ïðîïóñòèë

- äàâíî äåëî áûëî.

**cipipi** · 17-01-2009, 13:35

Èñïîëüçîâàë tcp_wrappers_7.6-ipv6.4
Íè÷åãî íå ìåíÿÿ ñ ïðåäûäóùåãî ìîåãî ïîñòà, è ïîñëå ïîäñêàçêè

Originally Posted by bbsc

5. Áåðåì ïîëó÷åííûé ôàéë libwrap.a è êëàäåì â /opt/lib

óâèäåë êðîìå 5 áèíàðíèêîâ åùå è áèáëèîòåêó libwrap.a, êîòîðóþ
áëàãîïîëó÷íî ïîìåñòèë â /opt/lib (íå çàáûâ ïîìåíÿòü àòðèáóòû chmod +x /opt/lib/ibwrap.a).
Îòêîìïèëèðîâàë çàíîâî vsftpd. Ðàçìåð áèíàðíèêà èçìåíèëñÿ, ÷òî íå ìîæåò íå ðàäîâàòü. Çàïóñòèë, è âñå çàðàáîòàëî. Ñêîðîñòè â çàâèñèìîñòè îò IPîâ ìåíÿåò + äîïîëíèòåëüíûå ïëþøêè è ïîëåçíîñòè.
2 bbsc, thx

Âûêëàäûâàþ áèíàðíèê, êîòîðûé ðàáîòàåò ñ SSL è tcpwrappers, à òàêæå èìååò äîï ïàðàìåòðû:
anonymous_name (ïî óìîë÷àíèþ ANONYMOUS (âñåãäà çàäàâàòü â âåðõíåì ðåãèñòðå)) - ýòî èìÿ àíîíèìóñà. Ó ìåíÿ, íàïðèìåð, ñòîèò anonymous_name=GUEST è âñå àíîíèìóñû ìîãóò çàõîäèòü òîëüêî ïîä ëîãèíîì guest èëè Guest (ðåãèñòð âàæåí òîëüêî äëÿ ïàðàìåòðà), òîãäà ñòðîêà àíîíèìíîãî âõîäà ê ôòï çàïèøåòñÿ ftp://guest@myftp.ru, ãäå myftp.ru - IP èëè äîìåííîå èìÿ ôòð ñåðâåðà.
Äëÿ ÷åãî ýòî? Òóò íàïèñàíî: http://wl500g.info/showpost.php?p=127945&postcount=5
Ïàðàìåòð anonymous_name ÍÅ ïåðåçàãðóæàåìûé (óêàçûâàåòñÿ åäèíîæäû â äåôîëòíîì êîíôèãå).

passwd_file - "îïöèÿ îò Îëåãà". Óæå îïèñàíà â ýòîé âåòêå. Ìîæåò áûòü ïîëüçèòåëüíà äëÿ ïîëíîñòüþ àíîíèìóñíîãî ñåðâåðà. Â ïåðåìåøêó ñ ëîêàëüíûìè íà÷èíàåò ãëþ÷èòü.

**regesh** · 11-02-2009, 20:27

Êîâûðÿë ñ ïðàâàìè äîñòóïà ê ïàïêàì è ÷åãî òî ðåøèë àïíóòü vsftpd
Íó è òåïåðü èç âíå íà ìîé ôòï íå çàéòè, òî÷íåå ïî÷òè íå çàéòè âûäàåò
òàêóþ îøèáêó!

Îøèáêà: Îòêëþ÷åí îò ñåðâåðà: ECONNABORTED - Connection aborted
Îøèáêà: Íå ìîãó ïîëó÷èòü ñïèñîê êàòàëîãîâ!

Ïðè òîì ÷òî èç ëîêàëêè âñ¸ ãóä!

**NetSpider** · 09-01-2012, 16:07

Ïåðåñòàë ðàáîòàòü vsftpd, âñòðîåííûé â ïðîøèâêó íà ðåâèçèè 3722. Ïðè ïîïûòêå çàéòè âûñêàêèâàåò îøèáêà. Ïðî÷èòàë â èíòåðíåòå ñëåäóþùåå:

?: Ïðè âõîäå ïîëüçîâàòåëåì íà FTP-Server âåðñèè 2.3.5 âûäàåòñÿ ñîîáùåíèå: "500 OOPS: vsftpd: refusing to run with writable root inside chroot()".
Âñ¸ âåðíî, â 2.3.5 óæåñòî÷åíû ïðàâèëà áåçîïàñíîñòè. Òåïåðü ñåðâåð íå äåëàåò chroot() â äîìàøíèé êàòàëîã ïîëüçîâàòåëÿ, åñëè íà íåãî ñòîÿò ïðàâà íà çàïèñü. Äëÿ ýòîãî íåîáõîäèìî ïðîèçâåñòè ïåðåíàñòðîéêó äîìàøíèõ êàòàëîãîâ, ëèáî çàïðåòèòü îïöèþ chroot_local_user. Åñëè âñ¸ òàêè íåîáõîäèì chroot() â äîìàøíèé êàòàëîã ïîëüçîâàòåëÿ ñ ïðàâàìè íà çàïèñü, òî òîãäà ìîæíî âîñïîëüçîâàòüñÿ ââåäåííîé â ðàñøèðåííîé ñáîðêå îïöèåé allow_writable_root (äàííàÿ îïöèÿ íå ðåêîìåíäóåòñÿ ê èñïîëüçîâàíèþ!).

**lly** · 09-01-2012, 18:02

Originally Posted by NetSpider

Ïåðåñòàë ðàáîòàòü vsftpd, âñòðîåííûé â ïðîøèâêó íà ðåâèçèè 3722. Ïðè ïîïûòêå çàéòè âûñêàêèâàåò îøèáêà. Ïðî÷èòàë â èíòåðíåòå ñëåäóþùåå:

Âî-ïåðâûõ, îïöèÿ íàçûâàåòñÿ anon_allow_writable_root.
Âî-âòîðûõ, îíà è òàê óñòàíàâëèâàåòñÿ ïðè "Anonymous Users Access" îòëè÷íûì îò "Disabled"

**NetSpider** · 10-01-2012, 07:23

Originally Posted by lly

Âî-ïåðâûõ, îïöèÿ íàçûâàåòñÿ anon_allow_writable_root.
Âî-âòîðûõ, îíà è òàê óñòàíàâëèâàåòñÿ ïðè "Anonymous Users Access" îòëè÷íûì îò "Disabled"

Òàê åñòü ïðîáëåìà èëè íåò? Èëè ó ìåíÿ ÷òî-òî íå òàê íàñòðîåíî?
Íàñòðîéêè ñëåäóþùèå:
Anonymous Users Access: Disabled (ìíå íóæíî ÷òîá çàõîäèëè òîëüêî òå, êîòîðûå åñòü â ñïèñêå)
Allow Super User to Login? Yes
Public Directory: ftp/public
Private Directory: ftp

Ïîëüçîâàòåëü
test test Read Only

Ïðè ïîïûòêå çàëîãèíèòüñÿ âûäàåò:

Code:

netspider@netspider-nb:~$ ftp 192.168.1.1
Connected to 192.168.1.1.
220 (vsFTPd 2.3.5)
Name (192.168.1.1:netspider): test
331 Please specify the password.
Password:
500 OOPS: vsftpd: refusing to run with writable root inside chroot()
Login failed.
ftp>

**TReX** · 11-01-2012, 07:12

Originally Posted by lly

NetSpider
Íà äîñóãå ãëÿíó ïîäðîáíåå äîêó íà vsftpd.

Ïîäòâåðæäàþ ïðîáëåìó ñ vsftpd
1.9.2.7-rtn-r3728

Code:

<- 220 (vsFTPd 2.3.5)
-> USER admin
<- 331 Please specify the password.
-> PASS *hidden*
<- 500 OOPS: vsftpd: refusing to run with writable root inside chroo
-> QUIT
<- 500 OOPS: child died

Anonymous Users Access: Disabled
Allow Super User to Login? Yes

**TReX** · 11-01-2012, 12:23

Originally Posted by lly

Òåïåðü ïîíÿë. Âîïðîñ äåéñòâèòåëüíî íåîäíîçíà÷íûé - èëè ïîâòîðÿòü ñõåìó äëÿ vsftpd èëè äîáàâëÿòü â /etc/passwd.

À vsftpd òî ïî÷èíèòå? Ïëîõî áåç íåãî æèòü (

Thread: Ïàò÷ äëÿ vsftpd

Thread Tools

Rate This Thread

Display

vsftpd 2.3.5

Tags for this Thread

Posting Permissions