even if i clikc on start or refresh button nothing happens. proftpd remains unstarted
also i could not login to virtualmin with username cejey. i forgot the email on file. so i created this new account.
Status:
Closed (fixed)
Proftpd Not starting and subdomain mail not working.
Comments
hints to problems and solutions are found in logs. without logs no one can provide a sane solution.
logs can be found in /var/log directory and in webmin - System - System Logs
per haps you can find some relevant entries?
This is what i see with regards to proftpd:
Jun 13 10:05:13 ns1 proftpd[3703]: ns1.bislinks.com - Check the ServerType directive to ensure you are configured correctly.
with regards to mail errors:
Jun 11 00:50:24 ns1 dovecot-auth: pam_ldap: error trying to bind as user "uid=mgideon.rachelmurthy,dc=users,dc=bislinks,dc=com" (Invalid credentials) Jun 11 00:55:37 ns1 dovecot-auth: pam_ldap: error trying to bind as user "uid=mgideon.rachelmurthy,dc=users,dc=bislinks,dc=com" (Invalid credentials) Jun 11 01:11:25 ns1 dovecot-auth: pam_ldap: error trying to bind as user "uid=rg,dc=users,dc=bislinks,dc=com" (Invalid credentials) Jun 12 09:20:53 ns1 dovecot-auth: pam_ldap: error trying to bind as user "uid=wilson,dc=users,dc=bislinks,dc=com" (Invalid credentials) Jun 12 11:32:20 ns1 su: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP server Jun 12 11:32:20 ns1 su: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
any ideas.
Submitted by andreychek on Sat, 06/13/2009 - 10:15 Comment #3
Ahh, so are you using LDAP on your server?
And are services other than FTP having trouble at the moment?
However, I'm curious what happens if you log in on the command line, and restart ProFTP from there. You can do that with something like:
/etc/init.d/proftpd restart
Do you see any errors or warnings?
yes. i am using ldap.
not sure if i have trouble with other services.
the trouble with mail started after i restarted the box, it was ok until the machine restart.
this is what i got after running the above command:
Shutting down proftpd: [FAILED] Starting proftpd: [ OK ]
I dont see any obvious warnings but i still see proftpd as not started in the systems info when i logged into webmin
i remember now: i also had problems logging in to ssh as a sub domain user
Submitted by andreychek on Sat, 06/13/2009 - 10:37 Comment #6
Well, the LDAP errors you're getting suggest that the LDAP server cannot be contacted.
I'm not quite sure whether the two errors your getting are related or not, yet :-)
For FTP -- if you type:
ps auxw | grep ftp
Do you see any results?
Regarding LDAP -- I'd like to verify that it's started up at the moment, it almost sounds like it stopped. What distro/ldap server are you using? How to do that differs.
You aren't by chance running out of disk space are you?
ps auxw | grep ftp root 2937 0.0 0.0 5176 520 ? Ss Jun12 0:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf root 9440 0.0 0.0 3916 704 pts/2 S+ 10:39 0:00 grep ftp auto 20140 0.0 0.0 6612 1604 ? Ss 08:22 0:00 /usr/libexec/openssh/sftp-server auto 20256 0.0 0.0 6616 1632 ? Ss 08:25 0:00 /usr/libexec/openssh/sftp-server auto 26701 0.0 0.0 6612 1600 ? Ss 09:06 0:00 /usr/libexec/openssh/sftp-server
i am using openldap; installed throug webmin and setup as per ldap documentation on webmin documentation
Submitted by andreychek on Sat, 06/13/2009 - 10:48 Comment #8
Aha!
Well, there's the FTP issue.
It looks like VSFTP is running, and that would certainly keep ProFTP from starting up.
Since the vsftp service is normally shut off by Virtualmin at install-time, it looks like something may have re-enabled that. That's okay though, we can fix it! ;-)
To do that, go into Webmin -> System -> Bootup and Shutdown, and set the "vsftp" service to not start at boot (check the box next to the service, and hit the button at the bottom named "Disable on Boot").
Also verify that ProFTP is set to start on bootup.
At this point, see if you can restart FTP.
Submitted by andreychek on Sat, 06/13/2009 - 10:50 Comment #9
Oops, in addition to having to select "Disable on Boot" for vsftp, you also have to choose "stop" to actually stop the service, prior to trying to startup proftp.
Proftpd started up well and i also set it up to start at bootup and completely disabled vsftpd
However, i could not still login to sftp as e.g.: rg.bislinks.com
This is the error i get when i try to create a virtual server: k.bislinks.com
Creating administration group k .. .. done Creating administration user k .. .. administration user was created but does not exist!
Failed to create virtual server : Critical feature Administration user was not properly created - Virtual server creation halted.
Submitted by andreychek on Sat, 06/13/2009 - 11:13 Comment #12
Okay, so we're off to a good start with FTP, now to fix the other issues, which appear to be LDAP related.
I suspect your LDAP server is either not functioning properly, or perhaps isn't running.
It sounds like you're running LDAP on this particular server (as opposed to it running on a remote server). If that's the case, what does this command show:
ps auxw | grep slapd
ps auxw | grep slapd ldap 2804 0.1 0.3 114336 5940 ? Ssl Jun12 1:30 /usr/sbin/slapd -h ldap:/// ldaps:/// -u ldap root 15528 0.0 0.0 3912 672 pts/2 R+ 11:17 0:00 grep slapd
Submitted by andreychek on Sat, 06/13/2009 - 11:27 Comment #14
Okay, so if you run this command:
/etc/init.d/slapd restart
And then attempt logging in over SSH (or SFTP) again, does that work? And if not, what's in the log file regarding ldap/slapd? -Eric
/etc/init.d/slapd restart -bash: /etc/init.d/slapd: No such file or directory
also when i log in as a sub user (****.bislinks.com) i get this error: id: cannot find name for user ID 596. however i am able to log into the ssh as **** on ****.bislinks.com
I am able to access openldap from webmin under servers.
i am running OpenLDAP 2.3.43
Submitted by andreychek on Sat, 06/13/2009 - 11:37 Comment #17
Which distro did you say you're using again?
The startup script is not called "slapd" on all distros apparently :-)
/var/webmin/miniserv.error:
[11/Jun/2009:00:57:26 -0500] Reloading configuration [11/Jun/2009:01:01:42 -0500] Reloading configuration [11/Jun/2009:01:06:26 -0500] Reloading configuration Failed to initialize SSL connection [11/Jun/2009:08:34:48 -0500] miniserv.pl started [11/Jun/2009:08:34:48 -0500] PAM authentication enabled Error: Failed to add user to LDAP database : index generation failed Error: Failed to add user to LDAP database : index generation failed Error: Failed to add user to LDAP database : index generation failed [12/Jun/2009:11:39:50 -0500] miniserv.pl started [12/Jun/2009:11:39:50 -0500] PAM authentication enabled Failed to initialize SSL connection Failed to initialize SSL connection Failed to initialize SSL connection Error: '24.121.141.11.' is not a valid nameserver Error: You cannot create a record with the same name as an existing name alias record. [12/Jun/2009:23:09:55 -0500] [212.204.230.201] Bad Request : This web server is running in SSL mode. Try the URL https://ns1.bislinks.com:10000/ instead.
[12/Jun/2009:23:09:56 -0500] [212.204.230.201] /unauthenticated//../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/shells : File not found [13/Jun/2009:11:06:02 -0500] Reloading configuration Error: Critical feature Administration user was not properly created - Virtual server creation halted.
i dont know how to find out distro
Submitted by andreychek on Sat, 06/13/2009 - 11:47 Comment #20
Alright, give me a moment to throw down some lunch -- but I think it might help if I logged in and poked around a bit if that's okay.
I don't believe the remote support module is working at the moment, the easiest way to do this would simply be to email root login details to eric@virtualmin.com -- and include a link to this bug report in the message body if you can.
Thanks!
which slapd gives me /usr/sbin/slapd: will that help in any way
Yes, That's perfectly ok with me. Enjoy lunch. I have sent root u/p to eric@virtualmin.com
Submitted by andreychek on Sat, 06/13/2009 - 13:59 Comment #23
Howdy -- just to make sure you received my email, I'll need your hostname or IP address in addition to the password.
Once I have that, I'll be able to log in and see whats going on there. Thanks!
Submitted by andreychek on Sat, 06/13/2009 - 14:31 Comment #24
Alright, I see the errors you're talking about over at bislinks.com -- I also see a minor issue with the ldap config file.
I corrected that, and restarted ldap.
Can you try it again?
i tried to create a.bislinks.com and the error i got is
Creating administration group a .. .. done Creating administration user a .. .. administration user was created but does not exist!
Failed to create virtual server : Critical feature Administration user was not properly created - Virtual server creation halted.
i tried to login to ssh as a sub user (wilson.bislinks.com with username wilson)using PUTTY: i got this error Cannot initialize SFTP protocol. Is the host running a SFTP server? this account was created last week
Submitted by andreychek on Sat, 06/13/2009 - 22:17 Comment #26
Okay, a few things --
First, SFTP is setup and running on your server. I was able to log in using it.
Second, I see this error in the logs:
Jun 13 22:00:15 ns1 sshd[12462]: Invalid user wilson.bislinks from 24.121.159.127
That suggests someone is trying to log in using wilson.bislinks, rather than just "wilson".
The user "wilson" does exist -- the user "wilson.bislinks" does not.
Third - regarding not being able to add a Virtual Server --
I assume that at one point, you were able to add Virtual Servers with LDAP setup?
That shouldn't just break on it's own -- when did that break? And has something changed recently?
Any system updates? Changes in the server config?
Submitted by JamieCameron on Sat, 06/13/2009 - 22:31 Comment #27
It sounds like your system isn't configured to use the LDAP server for users and groups.
If you go to Webmin -> System -> LDAP Client -> Validate Configuration, does it report that everything is OK?
wilson.bislinks.com was created when ldap was running.
validation results: Finding LDAP base for users .. .. found base dc=users,dc=bislinks,dc=com.
Connecting to LDAP server .. .. connected to localhost
Searching for users .. .. found 16 users.
Checking Unix users service .. .. service is setup to query LDAP.
Looking for Unix user example .. .. user found successfully.
Your system has been successfully configured as an LDAP client!
Submitted by andreychek on Sun, 06/14/2009 - 09:52 Comment #29
Yeah, LDAP itself seems to be working for reads -- I'm able to query specific users and groups within it.
The LDAP config check runs okay, as does the Virtualmin config check.
However, writes to it seem to be having trouble. In addition to what we already saw, with Virtualmin being unable to create a Virtual Server, if I go into LDAP Users and Groups, and try to modify attributes belonging to a user, I receive:
"Failed to save user : Failed to modify user in LDAP database : Unknown error"
I'll continue to look into what might be causing that.
Submitted by JamieCameron on Sun, 06/14/2009 - 15:20 Comment #30
I logged into your system, and it looks like the LDAP database is corrupt in some way .. reads work, but writes are failing. One possible solution is :
1) Dump the whole database with ldapsearch or slapd_db_dump
2) Remove the LDAP server package and delete all DB data files
3) Re-install the LDAP server
4) Restore all the data.
Let us know if you'd like us to do that..
YES, PLEASE DO IT FOR ME
Submitted by JamieCameron on Mon, 06/15/2009 - 13:03 Comment #32
Ok, I am doing this now..
Submitted by JamieCameron on Mon, 06/15/2009 - 13:21 Comment #33
Ok, done .. and domain creation seems to work fine!
For the record, I had to do the following :
/etc/init.d/ldap stopslapcat >/root/ldap.ldif
rm /var/lib/ldap/*
/etc/init.d/ldap start
/etc/init.d/ldap stop
slapadd </root/ldap.ldif
chown -R ldap: /var/lib/ldap
/etc/init.d/ldap start
THANKS VERY MUCH.
i dont know if it is related ldap or not. when i login to usermin as wilson, it says user does not exist. no mail is received by user wilson
Submitted by JamieCameron on Tue, 06/16/2009 - 11:28 Comment #35
What is the exact error you are getting in Usermin?
the same thing is happenning to another user too.
this is what is coming on the left side of usermin.
wilson wilson@ns1.bislinks.com Inbox Sent mail Drafts Sent Search: Manage Folders Address Book Mail Preferences The Unix user wilson does not exist.
Return to previous page
IN HORDE: i can login to horde as wilson but no mail can be received to wilson@wilson.bislinks.com
Submitted by andreychek on Tue, 06/16/2009 - 12:43 Comment #38
Well, the user "wilson" does exist, and shows up as being in LDAP.
However, looking at the secure log, when attempting to authenticate over Dovecot, it says:
Jun 16 01:32:45 ns1 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:213.10.55.189 user=wilson Jun 16 01:32:45 ns1 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown
That may mean there's a problem with the PAM setup for Dovecot.
pls let me know what to do about it
Submitted by JamieCameron on Tue, 06/16/2009 - 15:47 Comment #40
Fixed - the issue was that your LDAP server wasn't allowing non-root users to read data, so the 'wilson' user could not determine that he existed! This probably broke mail too.
The fix was to edit /etc/openldap/slapd.conf and change the line :
access to * by users read to :
access to * by users read by anonymous read
THANK YOU SO MUCH
Submitted by JamieCameron on Tue, 06/16/2009 - 19:04 Comment #42
No probs .. I will mark this bug as fixed.
Submitted by Issues on Tue, 06/30/2009 - 19:18 Comment #43
Automatically closed -- issue fixed for 2 weeks with no activity.