====== Solving ProFTPd issues ======

If you got here is probably because, after an installation or update of ispcp, you ended up with a non-working ftp service. The first and foremost thing to do when trying to solve misconfigured services is always trying to come up with some logs stating which is the problem.

Also, you should always first focus to the **errors** above possible warnings (although these can calso help you identify the current issue). In the proftpd case, the best and easiest way is to launch it in debug mode (we need to stop it first!):

<cli>/etc/init.d/proftpd stop
proftpd -n -d5</cli>

This command will give you some information on the loading process of the proftpd service, and the process followed when a user tries to connect (if it was able to start, of course). Hopefully you will then be able to identify your problem in the following table (follow the link to see how it can be solved).

^ Log message(s) or error symptoms ^ Solution |
| ''Fatal: unknown configuration directive 'SQLAuthTypes' on line xxx of '/etc/proftpd/proftpd.conf'' | [[#sql_module_not_loaded|SQL Module not loaded]] |
| The FTP service is UP (running) but connections are rejected | [[#password_for_user_vftp_is_wrong|Password for user vftp is wrong]] |
| The FTP service is UP (running) but users can not connect | [[#regenerate_configuration|Regenerate configuration]] |
| The FTP service is UP (running) but external users can not connect (webftp works but ftp clients can not connect) | [[#check_connectivity|Check connectivity]] |
| ''Can not open directory. Please contact system administrator'' (in the GUI) | [[#can_not_open_directory|Can not open directory]] |
| Failed binding to 0.0.0.0, port 21: Address already in use. Check the ServerType directive to ensure you are configured correctly. | [[#address_already_in_use|Address already in use]] |

===== I've none of this symptoms =====

Okay, if you can't see any of the above symptomps on your server, the next thing you should try is [[#regenerate_configuration|Regenerating the configuration]].

If this didn't work either, make sure that your are editing the correct configuration file. The correct path is listed in the configuration regeneration section, but maybe there's something strange on your system. To make sure that you're looking at the correct one, insert some random text at the very beggining of the ''proftpd.conf'' and launching it in debug mode as show above.

Now the server should complain about the random text and refuse to start. If it starts normally, you were looking at an incorrect file! Locate the good one and repeat this guide from the beggining.

===== No way to make it work, what next? =====

If -and only if- your problem is not listed here or it refuses to work after following this guide, it's time to ask for help in the [[http://www.isp-control.net/forum/|forum]]. I'm going to tell you a secret: there are **much more** chances that you will get your problem solved fast and quick if you provide complete and meaningful information about it. In the proftpd case this means that you should, at least, include the following in your post:

  - Your OS/Distribution/version (for example: GNU/Linux Debian Lenny or FreeBSD 4.1).
  - Otput of the "''proftpd -n -d5''" shown above.
  - Path (i.e: ''/etc/proftpd/proftpd.conf'') and contents of the proftpd.conf file.

Remember though that those people that help you are giving their time so you don't waste yours. Thus, it would be great if you can spend some of this time that you just saved enhancing this guide. It's as simple as adding your error symptoms in the above table and a little section on how to solve this problem at the bottom. Thanks for helping us making ispcp better each day!

===== Issue resolution =====

==== Password for user vftp is wrong ====

If your connection attempts are being rejected straight away without allowing you to give any user information, the most probable issue is that the password for the vftp mysql user defined in your proftpd.conf doesn't match the real password for this user in mysql. Thus, you should first make sure that this is the issue, by trying to connect to mysql as this user:

<cli># grep vftp /etc/proftpd/proftpd.conf  # make sure that you put the correct file here!
SQLConnectInfo             ispcp@localhost vftp **your_vftp_password**
# mysql -uvftp -p'**your_vftp_password**' # in single quotes!</cli>

If it successfully connected, your problem is not a password missmatch so you should [[#solving_proftpd_issues|search for another issue]]. If the connection failed, it's time to change the vftp user password so proftp can connect to mysql:

<cli># mysql -uroot -p'your_mysql_root_pass'
mysql> use mysql;
...
mysql> update user set Password=PASSWORD('**your_vftp_password**') where user='vftp';
mysql> flush privileges;
mysql> exit;</cli>

And that's it! Try to restart proftpd and connect again, eveything should go smooth now :)

==== SQL Module not loaded ====

Ok, proftpd is complaining about an inexistent directive because either the sql module is not installed or not being loaded by your configuration. First of all, we are going to make sure it is installed, so execute the following command depending on your OS/Dist. version:

^ OS/Dist ^ Command |
| Debian Etch (4.0) | ''apt-get install proftpd-mysql'' |
| Debian Lenny (5.0) | ''apt-get install proftpd-mod-mysql'' |
| CentOS (5.X) | ''yum install proftpd-mysql'' |

Next, we need to make sure that the configuration tells ProFTPd to actually load this module at startup. To check this, look for a the mentioned directive(s) on the file(s) from the table below, and make sure that it is uncommented.

^ OS/Dist ^ Config file ^ Directive(s) |
| Debian Etch (4.0) | ''/etc/proftpd/modules.conf'' | ''LoadModule mod_sql.c''\\ ''LoadModule mod_sql_mysql.c'' |
|  | ''/etc/proftpd/proftpd.conf'' | ''Include /etc/proftpd/modules.conf'' |
| Debian Lenny (5.0) | ''/etc/proftpd/modules.conf'' | ''LoadModule mod_sql.c''\\ ''LoadModule mod_sql_mysql.c'' |
|  | ''/etc/proftpd/proftpd.conf'' | ''Include /etc/proftpd/modules.conf'' |
| CentOS (5.X) | grep LoadModule /etc/proftpd.conf -n -A2 -B2 | look for 'LoadModule mod_sql.c' and 'LoadModule mod_sql_mysql.c' |
 

Once you've done this, try to restart the service and see if it works. It may be the case that this is just the first of a series of problems, so you must re-check the debug output from as explained on the beggining and this file for further tweaking.

==== Can not open directory ====

If you get this "Can not open directory" message when accessing the gui's "Choose dir" function, it means that your FTP service is not working correctly. This is because the GUI can not directly access the user's files for security reasons, so it uses FTP to accomplish this task.

By the way, the problem of this message is that it gives absolutely no information about **why** the service isn't working properly, so you need to search the causes by following this guide from the [[#solving_proftpd_issues|very beggining]].

==== Check connectivity ====

If the web ftp client works but you can not connect to the server using a "normal" FTP client, first test it with other ftp client programs to make sure that it's not an specific issue of your client. If you can not connect with any program, then most probably there's a firewall somewhere between your computer and your server that is blocking these connections.

Checking if there is a firewall inbetween is quite straightforward. Just try to connect manually using telnet, by running in a terminal (*nix like) or command window (windows):
<code>telnet your.server.tld 21</code>
If you get a welcome banner as response, then there are no firewalls and you should look for another issue. Otherwise (your connection is refused or you don't obtain any answer), it means that, in fact, there is a firewall blocking ftp connections to your server.

As ispcp itself doesn't block any traffic, this is an issue of your network setup and you must solve it yourself.

==== Regenerate configuration ====

Ok, here's a tricky problem. As this is description is rather unspecific, there may be different problems causing it. By the way, the most probable thing is that for some random unknown reason you ended up with a non-ispcp prepared ProFTPd configuration, so it doesn't know how to identify ispcp users.

The easiest and quickest way to solve this is by completely replacing your current config with the default one from ispcp's distribution, and manually adjusting the parameters. The original configuration find is OS/Distro/Version dependant:

^ OS/Dist ^ Configuration file ^ Destination path |
| Debian Etch (4.0) | [[http://www.isp-control.net/ispcp/export/1713/tags/omega-1.0.0/configs/debian/proftpd/proftpd1.3.conf|link]] | ''/etc/proftpd/proftpd.conf'' |
| Debian Lenny (5.0) | [[http://www.isp-control.net/ispcp/export/1713/tags/omega-1.0.0/configs/debian/proftpd/proftpd1.3.conf.lenny|link]] | ''/etc/proftpd/proftpd.conf'' |
| CentOS (5.X) | [[http://www.isp-control.net/ispcp/browser/tags/omega-1.0.2/configs/centos/proftpd/proftpd1.3.conf|link]] | ''/etc/proftpd.conf'' |

You can easily grab this file directly to the proftpd configuration folder using the command "''wget <link_address>''". After that, rename it to proftpd.conf if necessary and replace the following variable placeholders (replace **all** and **only** the portion shown here, not any surrounding quotes/whatever):

^ Variable ^ What to replace it with |
^ {HOST_NAME} | The hostname of your machine (this hostname **must** appear on your ''/etc/hosts'' file, pointing to the server's IP address |
^ {DATABASE_NAME} | Name of the ispcp database, most probably **ispcp** |
^ {DATABASE_HOST} | Host where mysql is located, most probably **localhost** |
^ {DATABASE_USER} | Mysql user created for this purpose during ispcp's installation, **vftp** by default |
^ {DATABASE_PASS} | Password of this mysql user (you can change it using phpmyadmin if you don't remember it) |
^ {FTPD_MIN_UID} | Minimum user id of users allowed to open ftp connections (**2000** by default) |
^ {FTPD_MIN_GID} | Minimum group id of users allowed to open ftp connections (**2000** by default) |

Ok, now you should try restaring the service and connecting with any user. Just make sure that you're using correct credentials! If it didn't work, lauch proftpd in debug mode [[#solving_proftpd_issues|as shown in the beggining]] and try to find another symptom.


==== Address already in use ====

You get this error message if you try to launch proftpd when there's another running program that is listening to port 21. The two main reasons for this are either: (1) You have a previously launched proftpd instance running or (2) There's another program interfering, like inetd/xinetd.

The easiest method to see which program is blocking the ftp port is by using netstat. Executing "''netstat -tlnp | grep 21''" will give you some output like this:

<code>tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      10659/proftpd: (acc</code>

On the right side of this output you can see which pid/program_name is listening on this port. If it's proftpd, try to stop the service (usually ''/etc/init.d/proftpd stop'') and re-execute this command to check that it has disappeared. If it stays, get more aggressive by directly killing the proceess (''kill -09 <pid>'').

If the program shown listening on this port is inetd/xinetd, you should deactivate this service on it's configuration (very system dependant) or, even better, totally get rid of it all ;)

Once there are no processes listening on this port, you can retry executing proftpd in debug mode [[#solving_proftpd_issues|as in the beggining]] and proceed from here :)