Hide Forgot
Description of problem: ftpdctl should work (since it's a basic troubleshooting tool of the FTP service) with no configuration, but it doesn't: # ftpdctl lsmod ftpdctl: error contacting server using '/run/proftpd/proftpd.sock': Connection refused # Version-Release number of selected component (if applicable): proftpd-1.3.4a-3.fc16.x86_64 How reproducible: As above. Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Here's what I added locally to proftpd.conf for ftpdctl to work: LoadModule mod_ctrls_admin.c # Allow only user root to load and unload modules, but allow everyone # to see which modules have been loaded ModuleControlsACLs insmod,rmmod allow user root ModuleControlsACLs lsmod allow user * # Support for ftpdctl <IfModule mod_ctrls.c> ControlsEngine on ControlsACLs all allow user root ControlsSocketACL allow user * ControlsLog /var/log/proftpd/controls.log </IfModule> <IfModule mod_ctrls_admin.c> AdminControlsEngine on AdminControlsACLs all allow user root </IfModule> Perhaps I should add this by default?
(In reply to comment #1) > > Perhaps I should add this by default? Mostly looks good... just one thing: instead of "user root" maybe have "group wheel" instead?
(In reply to comment #2) > (In reply to comment #1) > > > > Perhaps I should add this by default? > > Mostly looks good... just one thing: instead of "user root" maybe have "group > wheel" instead? I'm not convinced about the usefulness of "group wheel" here; the ftp server only gets the current gid of the process connecting to the controls socket, not any supplementary groups, so a member of the wheel group would have to do "newgrp wheel" before using ftpdctl to see the benefit of this. It would probably be easier to use the wheel group via sudo I think.
(In reply to comment #3) > I'm not convinced about the usefulness of "group wheel" here; the ftp server > only gets the current gid of the process connecting to the controls socket, not > any supplementary groups, so a member of the wheel group would have to do > "newgrp wheel" before using ftpdctl to see the benefit of this. Good point.
proftpd-1.3.4a-5.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/proftpd-1.3.4a-5.fc17
proftpd-1.3.4a-5.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/proftpd-1.3.4a-5.fc16
proftpd-1.3.4a-5.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
proftpd-1.3.4a-5.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.