Ubuntu
proftpd-dfsg package

Can't replace exist file by mod-sftp

Bug #1296488 reported by sense
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
proftpd-dfsg (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Ubuntu version: 12.04.4
proftpd-basic 1.3.4a-1 (with mod_sftp 0.9.8)
sftp client: openssh-client 1:5.9p1-5ubuntu1.1

I separately test replace file in ftp and sftp(ssh) both same Proftpd server and the same user(not root). The test by ftp, it can replace the file no problem. But the test by sftp keep say:

remote open("/test.txt"): Permission denied

But when I remove test.txt first and upload the locally test.txt by sftp, it will be ok. So it's not the user's right or file path problem.

Follow is the configure file

/etc/proftpd/proftpd.conf:

Include /etc/proftpd/modules.conf
UseIPv6 off
IdentLookups off
ServerName "server_a"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-l"
DenyFilter \*.*/
DefaultRoot ~
RequireValidShell off
Port 21
<IfModule mod_dynmasq.c>
</IfModule>
MaxInstances 30
User proftpd
Group nogroup
Umask 002 002
AllowOverwrite on
PersistentPasswd off
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
<IfModule mod_quotatab.c>
    QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
<IfModule mod_delay.c>
    DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
    ControlsEngine off
    ControlsMaxClients 2
    ControlsLog /var/log/proftpd/controls.log
    ControlsInterval 5
    ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
    AdminControlsEngine off
</IfModule>
UseReverseDNS off
ServerIdent on "server_a"
<Limit LOGIN>
    DenyGroup !ftpmen
</Limit>
<Limit SITE_CHMOD>
       Order allow,deny
       DenyAll
</Limit>
Include /etc/proftpd/conf.d/sftp.conf

/etc/proftpd/conf.d/sftp.conf:

<IfModule mod_sftp.c>
    <VirtualHost 192.168.1.1>
                Port 2222
                SFTPEngine on
                SFTPHostKey /etc/ssh/ssh_host_rsa_key
                SFTPHostKey /etc/ssh/ssh_host_dsa_key
                SFTPCompression delayed
                SFTPAuthorizedUserKeys file:~/.sftp/authorized_keys
                SFTPAuthMethods publickey password
                <Limit LOGIN>
            DenyGroup !ftpmen
                </Limit>
                TransferLog /var/log/proftpd/xferlog
                DefaultRoot ~
                MaxLoginAttempts 4
                RequireValidShell off
                Umask 002 002
        </VirtualHost>
</IfModule>

Sorry for my poor English and thanks for help :)

See original description
sense (opaperjam)
description: updated
Revision history for this message
sense (opaperjam) wrote :

I run proftpd -nb10
Here is the debug log when I upload file and fail:

server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_exec
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_rewrite
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_tls
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_core
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_core
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_ratio
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_quotatab
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching PRE_CMD command 'STOR /test.txt' to mod_xfer
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): in dir_check_full(): path = '/test.txt', fullpath = '/home/test/test.txt'.
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): in dir_check_full(): setting umask to 0002 (was 0002)
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): AllowOverwrite denied permission for /test.txt
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching POST_CMD_ERR command 'STOR /test.txt' to mod_exec
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching POST_CMD_ERR command 'STOR /test.txt' to mod_quotatab
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching LOG_CMD_ERR command 'STOR /test.txt' to mod_log
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching LOG_CMD_ERR command 'STOR /test.txt' to mod_xfer
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching POST_CMD_ERR command 'OPEN /test.txt' to mod_exec
server_a proftpd[25106] 192.168.1.1 (172.16.22.194[172.16.22.194]): dispatching LOG_CMD_ERR command 'OPEN /test.txt' to mod_log
server_a proftpd[25036] 127.0.1.1: scrubbing scoreboard
server_a proftpd[25036] 127.0.1.1: ROOT PRIVS at scoreboard.c:1369
server_a proftpd[25036] 127.0.1.1: RELINQUISH PRIVS at scoreboard.c:1372
server_a proftpd[25036] 127.0.1.1: ROOT PRIVS at scoreboard.c:1403
server_a proftpd[25036] 127.0.1.1: RELINQUISH PRIVS at scoreboard.c:1509
server_a proftpd[25036] 127.0.1.1: finished scrubbing scoreboard

Revision history for this message
sense (opaperjam) wrote :

Thanks TJ Saunders, follow is his reply:

Here's your culprit here. By default, proftpd does not allow overwriting
of existing files (this includes appending to existing files); see:

  http://www.proftpd.org/docs/directives/linked/config_ref_AllowOverwrite.html

This means that adding e.g.:

  <Global>
    AllowOverwrite on
  </Global>

to your proftpd.conf should help.

And it's works.

Changed in proftpd-dfsg (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.