Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C.UTF-8; export LANGUAGE=; omv-salt deploy run --no-color proftpd 2>&1' with exit code '1': debian:
----------
ID: configure_proftpd_mod_core
Function: file.managed
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: File /etc/proftpd/proftpd.conf updated
Started: 15:23:50.214466
Duration: 209.16 ms
Changes:
----------
diff:
---
+++
@@ -1,210 +1,43 @@
-#
-# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
-# To really apply changes, reload proftpd after modifications, if
-# it runs in daemon mode. It is not required in inetd/xinetd mode.
-#
-
-# Includes DSO modules
Include /etc/proftpd/modules.conf
-
-# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 on
-# If set on you can experience a longer connection delay in many cases.
-
- IdentLookups off
-
-
-ServerName "Debian"
-# Set to inetd only if you would run proftpd by inetd/xinetd/socket.
-# Read README.Debian for more information on proper configuration.
+ServerName OMV
ServerType standalone
-DeferWelcome off
-
-# Disable MultilineRFC2228 per https://github.com/proftpd/proftpd/issues/1085
-# MultilineRFC2228on
+DeferWelcome on
DefaultServer on
ShowSymlinks on
-
+DisplayChdir .message true
+ListOptions "-l"
+MaxInstances 30
+DenyFilter \*.*/
+User proftpd
+Group nogroup
+PersistentPasswd off
+TimesGMT off
+SetEnv TZ :/etc/timezone
+AllowOverwrite on
+AuthOrder mod_auth_pam.c* mod_auth_unix.c
+DefaultTransferMode ascii
+Port 21
+TransferLog NONE
+UseReverseDNS off
+TimeoutIdle 1200
TimeoutNoTransfer 600
TimeoutStalled 600
-TimeoutIdle 1200
+DeleteAbortedStores off
+MaxConnectionsPerHost 2
+DisplayLogin /etc/proftpd/welcome.msg
+
+ HideFiles (welcome.msg)
+
+
+ Umask 000 000
+
+ AllowUser OR BlueCoffee
+ DenyAll
+
+
+ AllowUser OR BlueCoffee
+ DenyAll
+
+
-DisplayLogin welcome.msg
-DisplayChdir .message true
-ListOptions "-l"
-
-DenyFilter \*.*/
-
-# Use this to jail all users in their homes
-# DefaultRoot~
-
-# Users require a valid shell listed in /etc/shells to login.
-# Use this directive to release that constrain.
-# RequireValidShelloff
-
-# Port 21 is the standard FTP port.
-Port 21
-
-# In some cases you have to specify passive ports range to by-pass
-# firewall limitations. Ephemeral ports can be used for that, but
-# feel free to use a more narrow range.
-# PassivePorts 49152 65534
-
-# If your host was NATted, this option is useful in order to
-# allow passive tranfers to work. You have to use your public
-# address and opening the passive ports used on your firewall as well.
-# MasqueradeAddress 1.2.3.4
-
-# This is useful for masquerading address with dynamic IPs:
-# refresh any configured MasqueradeAddress directives every 8 hours
-
-# DynMasqRefresh 28800
-
-
-# To prevent DoS attacks, set the maximum number of child processes
-# to 30. If you need to allow more than 30 concurrent connections
-# at once, simply increase this value. Note that this ONLY works
-# in standalone mode, in inetd mode you should use an inetd server
-# that allows you to limit maximum number of processes per service
-# (such as xinetd)
-MaxInstances 30
-
-# Set the user and group that the server normally runs at.
-User proftpd
-Group nogroup
-
-# Umask 022 is a good standard umask to prevent new files and dirs
-# (second parm) from being group and world writable.
-Umask 022 022
-# Normally, we want files to be overwriteable.
-AllowOverwrite on
-
-# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
-# PersistentPasswd off
-
-# This is required to use both PAM-based authentication and local passwords
-# AuthOrder mod_auth_pam.c* mod_auth_unix.c
-
-# Be warned: use of this directive impacts CPU average load!
-# Uncomment this if you like to see progress and transfer rate with ftpwho
-# in downloads. That is not needed for uploads rates.
-#
-# UseSendFile off
-
-TransferLog /var/log/proftpd/xferlog
-SystemLog /var/log/proftpd/proftpd.log
-
-# Logging onto /var/log/lastlog is enabled but set to off by default
-#UseLastlog on
-
-# In order to keep log file dates consistent after chroot, use timezone info
-# from /etc/localtime. If this is not set, and proftpd is configured to
-# chroot (e.g. DefaultRoot or ), it will use the non-daylight
-# savings timezone regardless of whether DST is in effect.
-#SetEnv TZ :/etc/localtime
-
-
-QuotaEngine off
-
-
-
-Ratios off
-
-
-
-# Delay engine reduces impact of the so-called Timing Attack described in
-# http://www.securityfocus.com/bid/11430/discuss
-# It is on by default.
-
-DelayEngine on
-
-
-
-ControlsEngine off
-ControlsMaxClients 2
-ControlsLog /var/log/proftpd/controls.log
-ControlsInterval 5
-ControlsSocket /var/run/proftpd/proftpd.sock
-
-
-
-AdminControlsEngine off
-
-
-#
-# Alternative authentication frameworks
-#
-#Include /etc/proftpd/ldap.conf
-#Include /etc/proftpd/sql.conf
-
-#
-# This is used for FTPS connections
-#
-#Include /etc/proftpd/tls.conf
-
-#
-# This is used for SFTP connections
-#
-#Include /etc/proftpd/sftp.conf
-
-#
-# This is used for other add-on modules
-#
-#Include /etc/proftpd/dnsbl.conf
-#Include /etc/proftpd/geoip.conf
-#Include /etc/proftpd/snmp.conf
-
-#
-# Useful to keep VirtualHost/VirtualRoot directives separated
-#
-#Include /etc/proftpd/virtuals.conf
-
-# A basic anonymous configuration, no upload directories.
-
-#
-# User ftp
-# Group nogroup
-# # We want clients to be able to login with "anonymous" as well as "ftp"
-# UserAlias anonymous ftp
-# # Cosmetic changes, all files belongs to ftp user
-# DirFakeUser on ftp
-# DirFakeGroup on ftp
-#
-# RequireValidShell off
-#
-# # Limit the maximum number of anonymous logins
-# MaxClients 10
-#
-# # We want 'welcome.msg' displayed at login, and '.message' displayed
-# # in each newly chdired directory.
-# DisplayLogin welcome.msg
-# DisplayChdir .message
-#
-# # Limit WRITE everywhere in the anonymous chroot
-#
-#
-# DenyAll
-#
-#
-#
-# # Uncomment this if you're brave.
-# #
-# # # Umask 022 is a good standard umask to prevent new files and dirs
-# # # (second parm) from being group and world writable.
-# # Umask022 022
-# #
-# # DenyAll
-# #
-# #
-# # AllowAll
-# #
-# #
-#
-#
-
-# Include other custom configuration files
-# !! Please note, that this statement will read /all/ file from this subdir,
-# i.e. backup files created by your editor, too !!!
-# Eventually create file patterns like this: /etc/proftpd/conf.d/*.conf
-#
-Include /etc/proftpd/conf.d/
----------
ID: configure_proftpd_mod_core_welcome_msg
Function: file.managed
Name: /etc/proftpd/welcome.msg
Result: True
Comment: File /etc/proftpd/welcome.msg updated
Started: 15:23:50.423743
Duration: 5.452 ms
Changes:
----------
diff:
New file
----------
ID: prereq_proftpd_mod_tls_certificates
Function: salt.state
Result: True
Comment: States ran successfully. Updating debian.
Started: 15:23:50.435322
Duration: 15755.202 ms
Changes:
debian:
----------
ID: remove_ssl_certificates_crt
Function: module.run
Result: True
Comment: file.find: []
Started: 15:23:52.159434
Duration: 4611.268 ms
Changes:
----------
file.find:
----------
ID: remove_ssl_certificates_key
Function: module.run
Result: True
Comment: file.find: []
Started: 15:23:56.770830
Duration: 1.686 ms
Changes:
----------
file.find:
----------
ID: update_ssl_certificates
Function: cmd.run
Name: update-ca-certificates --fresh
Result: True
Comment: Command "update-ca-certificates --fresh" run
Started: 15:23:56.773279
Duration: 9409.582 ms
Changes:
----------
pid:
72574
retcode:
0
stderr:
stdout:
Clearing symlinks in /etc/ssl/certs...
done.
Updating certificates in /etc/ssl/certs...
129 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
----------
ID: remove_ssh_certificates
Function: module.run
Result: True
Comment: file.find: []
Started: 15:24:06.183140
Duration: 2.486 ms
Changes:
----------
file.find:
Summary for debian
------------
Succeeded: 4 (changed=4)
Failed: 0
------------
Total states run: 4
Total run time: 14.025 s
----------
ID: configure_proftpd_mod_tls
Function: file.managed
Name: /etc/proftpd/tls.conf
Result: True
Comment: File /etc/proftpd/tls.conf updated
Started: 15:24:06.190686
Duration: 195.335 ms
Changes:
----------
diff:
---
+++
@@ -1,59 +1,11 @@
-#
-# Proftpd sample configuration for FTPS connections.
-#
-# Note that FTPS impose some limitations in NAT traversing.
-# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
-# for more information.
-#
-
+LoadModule mod_tls.c
-#TLSEngine on
-#TLSLog /var/log/proftpd/tls.log
-#TLSProtocol SSLv23
-#
-# Server SSL certificate. You can generate a self-signed certificate using
-# a command like:
-#
-# openssl req -x509 -newkey rsa:1024 \
-# -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt \
-# -nodes -days 365
-#
-# The proftpd.key file must be readable by root only. The other file can be
-# readable by anyone.
-#
-# chmod 0600 /etc/ssl/private/proftpd.key
-# chmod 0640 /etc/ssl/private/proftpd.key
-#
-#TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
-#TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
-#
-# CA the server trusts...
-#TLSCACertificateFile /etc/ssl/certs/CA.pem
-# ...or avoid CA cert and be verbose
-#TLSOptions NoCertRequest EnableDiags
-# ... or the same with relaxed session use for some clients (e.g. FireFtp)
-#TLSOptions NoCertRequest EnableDiags NoSessionReuseRequired
-#
-#
-# Per default drop connection if client tries to start a renegotiate
-# This is a fix for CVE-2009-3555 but could break some clients.
-#
-#TLSOptions AllowClientRenegotiations
-#
-# Authenticate clients that want to use FTP over TLS?
-#
-#TLSVerifyClient off
-#
-# Are clients required to use FTP over TLS when talking to this server?
-#
-#TLSRequired on
-#
-# Allow SSL/TLS renegotiations when the client requests them, but
-# do not force the renegotations. Some clients do not support
-# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
-# clients will close the data connection, or there will be a timeout
-# on an idle data connection.
-#
-#TLSRenegotiate required off
+ TLSEngine off
+ TLSLog /var/log/proftpd/tls.log
+ TLSProtocol TLSv1.2
+ TLSRSACertificateFile /etc/ssl/certs/openmediavault-.crt
+ TLSRSACertificateKeyFile /etc/ssl/private/openmediavault-.key
+ TLSVerifyClient off
+ TLSRenegotiate required off
+ TLSRequired off
-
----------
ID: configure_proftpd_mod_auth
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 9 lines
Started: 15:24:06.386143
Duration: 26.95 ms
Changes:
----------
diff:
---
+++
@@ -41,3 +41,12 @@
+
+ DefaultRoot /srv/ftp
+ MaxClients 5
+ MaxLoginAttempts 1
+ RequireValidShell on
+ # This option is useless because this is handled via the PAM
+ # pam_listfile.so module, so set it to 'off' by default.
+ UseFtpUsers off
+
----------
ID: proftpd_ftpusers_deny_root
Function: file.uncomment
Name: /etc/ftpusers
Result: True
Comment: Pattern already uncommented
Started: 15:24:06.413210
Duration: 1.997 ms
Changes:
----------
ID: configure_proftpd_mod_auth_pam
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 4 lines
Started: 15:24:06.415308
Duration: 1.829 ms
Changes:
----------
diff:
---
+++
@@ -50,3 +50,7 @@
# pam_listfile.so module, so set it to 'off' by default.
UseFtpUsers off
+
+ AuthPAM on
+ AuthPAMConfig proftpd
+
----------
ID: configure_proftpd_mod_ban
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 7 lines
Started: 15:24:06.417235
Duration: 26.823 ms
Changes:
----------
diff:
---
+++
@@ -54,3 +54,10 @@
AuthPAM on
AuthPAMConfig proftpd
+
+ BanEngine off
+ BanControlsACLs all allow user root
+ BanLog /var/log/proftpd/ban.log
+ BanMessage Host %a has been banned
+ BanTable /run/proftpd/ban.tab
+
----------
ID: configure_proftpd_mod_ctrls
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 7 lines
Started: 15:24:06.444169
Duration: 2.266 ms
Changes:
----------
diff:
---
+++
@@ -61,3 +61,10 @@
BanMessage Host %a has been banned
BanTable /run/proftpd/ban.tab
+
+ ControlsEngine on
+ ControlsMaxClients 2
+ ControlsLog /var/log/proftpd/controls.log
+ ControlsInterval 5
+ ControlsSocket /run/proftpd/proftpd.sock
+
----------
ID: configure_proftpd_mod_ctrls_admin
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.446532
Duration: 1.76 ms
Changes:
----------
diff:
---
+++
@@ -68,3 +68,6 @@
ControlsInterval 5
ControlsSocket /run/proftpd/proftpd.sock
+
+ AdminControlsEngine off
+
----------
ID: configure_proftpd_mod_delay
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.448390
Duration: 1.69 ms
Changes:
----------
diff:
---
+++
@@ -71,3 +71,6 @@
AdminControlsEngine off
+
+ DelayEngine on
+
----------
ID: configure_proftpd_mod_facl
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.450176
Duration: 1.715 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,6 @@
DelayEngine on
+
+ FACLEngine on
+
----------
ID: configure_proftpd_mod_ident
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 4 lines
Started: 15:24:06.451985
Duration: 23.107 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,7 @@
FACLEngine on
+LoadModule mod_ident.c
+
+ IdentLookups off
+
----------
ID: configure_proftpd_mod_quotatab
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.475203
Duration: 1.769 ms
Changes:
----------
diff:
---
+++
@@ -81,3 +81,6 @@
IdentLookups off
+
+ QuotaEngine off
+
----------
ID: configure_proftpd_mod_ratio
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.477072
Duration: 1.723 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,6 @@
QuotaEngine off
+
+ Ratios off
+
----------
ID: configure_proftpd_mod_vroot
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 6 lines
Started: 15:24:06.478895
Duration: 44.453 ms
Changes:
----------
diff:
---
+++
@@ -87,3 +87,9 @@
Ratios off
+LoadModule mod_vroot.c
+
+ VRootEngine on
+ VRootLog /var/log/proftpd/vroot.log
+ VRootAlias "/srv/dev-disk-by-uuid-44ca8b44-6287-4667-ad48-2c15c770e305/Data/CCTV/" "/CCTV"
+
----------
ID: configure_proftpd_mod_wrap
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 5 lines
Started: 15:24:06.523466
Duration: 2.192 ms
Changes:
----------
diff:
---
+++
@@ -93,3 +93,8 @@
VRootLog /var/log/proftpd/vroot.log
VRootAlias "/srv/dev-disk-by-uuid-44ca8b44-6287-4667-ad48-2c15c770e305/Data/CCTV/" "/CCTV"
+
+ TCPAccessFiles /etc/hosts.allow /etc/hosts.deny
+ TCPAccessSyslogLevels info warn
+ TCPServiceName ftpd
+
----------
ID: create_proftpd_hosts_file_-etc-hosts.allow
Function: file.managed
Name: /etc/hosts.allow
Result: True
Comment: File /etc/hosts.allow exists with proper permissions. No changes made.
Started: 15:24:06.525758
Duration: 1.033 ms
Changes:
----------
ID: create_proftpd_hosts_file_-etc-hosts.deny
Function: file.managed
Name: /etc/hosts.deny
Result: True
Comment: File /etc/hosts.deny exists with proper permissions. No changes made.
Started: 15:24:06.526889
Duration: 1.024 ms
Changes:
----------
ID: disable_proftpd_socket_activation
Function: service.dead
Name: proftpd.socket
Result: True
Comment: The service proftpd.socket is already dead
Started: 15:24:07.359932
Duration: 53.95 ms
Changes:
----------
ID: test_proftpd_service_config
Function: cmd.run
Name: proftpd --configtest
Result: False
Comment: Command "proftpd --configtest" run
Started: 15:24:07.415708
Duration: 54.503 ms
Changes:
----------
pid:
73968
retcode:
1
stderr:
2023-10-20 15:24:07,468 OMV proftpd[73969]: error: unable to stat() /var/log/proftpd: No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: mod_ctrls/0.9.5: unable to open ControlsLog '/var/log/proftpd/controls.log': No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: fatal: ControlsLog: unable to open '/var/log/proftpd/controls.log': No such file or directory on line 67 of '/etc/proftpd/proftpd.conf'
stdout:
Checking syntax of configuration file
----------
ID: start_proftpd_service
Function: service.running
Name: proftpd
Result: False
Comment: One or more requisite failed: omv.deploy.proftpd.default.test_proftpd_service_config
Started: 15:24:07.473321
Duration: 0.003 ms
Changes:
----------
ID: monitor_proftpd_service
Function: module.run
Result: False
Comment: One or more requisite failed: omv.deploy.proftpd.default.start_proftpd_service
Started: 15:24:07.475178
Duration: 0.003 ms
Changes:
Summary for debian
-------------
Succeeded: 20 (changed=17)
Failed: 3
-------------
Total states run: 23
Total run time: 16.414 s
[ERROR ] Command 'proftpd' failed with return code: 1
[ERROR ] stdout: Checking syntax of configuration file
[ERROR ] stderr: 2023-10-20 15:24:07,468 OMV proftpd[73969]: error: unable to stat() /var/log/proftpd: No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: mod_ctrls/0.9.5: unable to open ControlsLog '/var/log/proftpd/controls.log': No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: fatal: ControlsLog: unable to open '/var/log/proftpd/controls.log': No such file or directory on line 67 of '/etc/proftpd/proftpd.conf'
[ERROR ] retcode: 1
[ERROR ] {'pid': 73968, 'retcode': 1, 'stdout': 'Checking syntax of configuration file', 'stderr': "2023-10-20 15:24:07,468 OMV proftpd[73969]: error: unable to stat() /var/log/proftpd: No such file or directory\n2023-10-20 15:24:07,468 OMV proftpd[73969]: mod_ctrls/0.9.5: unable to open ControlsLog '/var/log/proftpd/controls.log': No such file or directory\n2023-10-20 15:24:07,468 OMV proftpd[73969]: fatal: ControlsLog: unable to open '/var/log/proftpd/controls.log': No such file or directory on line 67 of '/etc/proftpd/proftpd.conf'"}
OMV\ExecException: Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C.UTF-8; export LANGUAGE=; omv-salt deploy run --no-color proftpd 2>&1' with exit code '1': debian:
----------
ID: configure_proftpd_mod_core
Function: file.managed
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: File /etc/proftpd/proftpd.conf updated
Started: 15:23:50.214466
Duration: 209.16 ms
Changes:
----------
diff:
---
+++
@@ -1,210 +1,43 @@
-#
-# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
-# To really apply changes, reload proftpd after modifications, if
-# it runs in daemon mode. It is not required in inetd/xinetd mode.
-#
-
-# Includes DSO modules
Include /etc/proftpd/modules.conf
-
-# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 on
-# If set on you can experience a longer connection delay in many cases.
-
- IdentLookups off
-
-
-ServerName "Debian"
-# Set to inetd only if you would run proftpd by inetd/xinetd/socket.
-# Read README.Debian for more information on proper configuration.
+ServerName OMV
ServerType standalone
-DeferWelcome off
-
-# Disable MultilineRFC2228 per https://github.com/proftpd/proftpd/issues/1085
-# MultilineRFC2228on
+DeferWelcome on
DefaultServer on
ShowSymlinks on
-
+DisplayChdir .message true
+ListOptions "-l"
+MaxInstances 30
+DenyFilter \*.*/
+User proftpd
+Group nogroup
+PersistentPasswd off
+TimesGMT off
+SetEnv TZ :/etc/timezone
+AllowOverwrite on
+AuthOrder mod_auth_pam.c* mod_auth_unix.c
+DefaultTransferMode ascii
+Port 21
+TransferLog NONE
+UseReverseDNS off
+TimeoutIdle 1200
TimeoutNoTransfer 600
TimeoutStalled 600
-TimeoutIdle 1200
+DeleteAbortedStores off
+MaxConnectionsPerHost 2
+DisplayLogin /etc/proftpd/welcome.msg
+
+ HideFiles (welcome.msg)
+
+
+ Umask 000 000
+
+ AllowUser OR BlueCoffee
+ DenyAll
+
+
+ AllowUser OR BlueCoffee
+ DenyAll
+
+
-DisplayLogin welcome.msg
-DisplayChdir .message true
-ListOptions "-l"
-
-DenyFilter \*.*/
-
-# Use this to jail all users in their homes
-# DefaultRoot~
-
-# Users require a valid shell listed in /etc/shells to login.
-# Use this directive to release that constrain.
-# RequireValidShelloff
-
-# Port 21 is the standard FTP port.
-Port 21
-
-# In some cases you have to specify passive ports range to by-pass
-# firewall limitations. Ephemeral ports can be used for that, but
-# feel free to use a more narrow range.
-# PassivePorts 49152 65534
-
-# If your host was NATted, this option is useful in order to
-# allow passive tranfers to work. You have to use your public
-# address and opening the passive ports used on your firewall as well.
-# MasqueradeAddress 1.2.3.4
-
-# This is useful for masquerading address with dynamic IPs:
-# refresh any configured MasqueradeAddress directives every 8 hours
-
-# DynMasqRefresh 28800
-
-
-# To prevent DoS attacks, set the maximum number of child processes
-# to 30. If you need to allow more than 30 concurrent connections
-# at once, simply increase this value. Note that this ONLY works
-# in standalone mode, in inetd mode you should use an inetd server
-# that allows you to limit maximum number of processes per service
-# (such as xinetd)
-MaxInstances 30
-
-# Set the user and group that the server normally runs at.
-User proftpd
-Group nogroup
-
-# Umask 022 is a good standard umask to prevent new files and dirs
-# (second parm) from being group and world writable.
-Umask 022 022
-# Normally, we want files to be overwriteable.
-AllowOverwrite on
-
-# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
-# PersistentPasswd off
-
-# This is required to use both PAM-based authentication and local passwords
-# AuthOrder mod_auth_pam.c* mod_auth_unix.c
-
-# Be warned: use of this directive impacts CPU average load!
-# Uncomment this if you like to see progress and transfer rate with ftpwho
-# in downloads. That is not needed for uploads rates.
-#
-# UseSendFile off
-
-TransferLog /var/log/proftpd/xferlog
-SystemLog /var/log/proftpd/proftpd.log
-
-# Logging onto /var/log/lastlog is enabled but set to off by default
-#UseLastlog on
-
-# In order to keep log file dates consistent after chroot, use timezone info
-# from /etc/localtime. If this is not set, and proftpd is configured to
-# chroot (e.g. DefaultRoot or ), it will use the non-daylight
-# savings timezone regardless of whether DST is in effect.
-#SetEnv TZ :/etc/localtime
-
-
-QuotaEngine off
-
-
-
-Ratios off
-
-
-
-# Delay engine reduces impact of the so-called Timing Attack described in
-# http://www.securityfocus.com/bid/11430/discuss
-# It is on by default.
-
-DelayEngine on
-
-
-
-ControlsEngine off
-ControlsMaxClients 2
-ControlsLog /var/log/proftpd/controls.log
-ControlsInterval 5
-ControlsSocket /var/run/proftpd/proftpd.sock
-
-
-
-AdminControlsEngine off
-
-
-#
-# Alternative authentication frameworks
-#
-#Include /etc/proftpd/ldap.conf
-#Include /etc/proftpd/sql.conf
-
-#
-# This is used for FTPS connections
-#
-#Include /etc/proftpd/tls.conf
-
-#
-# This is used for SFTP connections
-#
-#Include /etc/proftpd/sftp.conf
-
-#
-# This is used for other add-on modules
-#
-#Include /etc/proftpd/dnsbl.conf
-#Include /etc/proftpd/geoip.conf
-#Include /etc/proftpd/snmp.conf
-
-#
-# Useful to keep VirtualHost/VirtualRoot directives separated
-#
-#Include /etc/proftpd/virtuals.conf
-
-# A basic anonymous configuration, no upload directories.
-
-#
-# User ftp
-# Group nogroup
-# # We want clients to be able to login with "anonymous" as well as "ftp"
-# UserAlias anonymous ftp
-# # Cosmetic changes, all files belongs to ftp user
-# DirFakeUser on ftp
-# DirFakeGroup on ftp
-#
-# RequireValidShell off
-#
-# # Limit the maximum number of anonymous logins
-# MaxClients 10
-#
-# # We want 'welcome.msg' displayed at login, and '.message' displayed
-# # in each newly chdired directory.
-# DisplayLogin welcome.msg
-# DisplayChdir .message
-#
-# # Limit WRITE everywhere in the anonymous chroot
-#
-#
-# DenyAll
-#
-#
-#
-# # Uncomment this if you're brave.
-# #
-# # # Umask 022 is a good standard umask to prevent new files and dirs
-# # # (second parm) from being group and world writable.
-# # Umask022 022
-# #
-# # DenyAll
-# #
-# #
-# # AllowAll
-# #
-# #
-#
-#
-
-# Include other custom configuration files
-# !! Please note, that this statement will read /all/ file from this subdir,
-# i.e. backup files created by your editor, too !!!
-# Eventually create file patterns like this: /etc/proftpd/conf.d/*.conf
-#
-Include /etc/proftpd/conf.d/
----------
ID: configure_proftpd_mod_core_welcome_msg
Function: file.managed
Name: /etc/proftpd/welcome.msg
Result: True
Comment: File /etc/proftpd/welcome.msg updated
Started: 15:23:50.423743
Duration: 5.452 ms
Changes:
----------
diff:
New file
----------
ID: prereq_proftpd_mod_tls_certificates
Function: salt.state
Result: True
Comment: States ran successfully. Updating debian.
Started: 15:23:50.435322
Duration: 15755.202 ms
Changes:
debian:
----------
ID: remove_ssl_certificates_crt
Function: module.run
Result: True
Comment: file.find: []
Started: 15:23:52.159434
Duration: 4611.268 ms
Changes:
----------
file.find:
----------
ID: remove_ssl_certificates_key
Function: module.run
Result: True
Comment: file.find: []
Started: 15:23:56.770830
Duration: 1.686 ms
Changes:
----------
file.find:
----------
ID: update_ssl_certificates
Function: cmd.run
Name: update-ca-certificates --fresh
Result: True
Comment: Command "update-ca-certificates --fresh" run
Started: 15:23:56.773279
Duration: 9409.582 ms
Changes:
----------
pid:
72574
retcode:
0
stderr:
stdout:
Clearing symlinks in /etc/ssl/certs...
done.
Updating certificates in /etc/ssl/certs...
129 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
----------
ID: remove_ssh_certificates
Function: module.run
Result: True
Comment: file.find: []
Started: 15:24:06.183140
Duration: 2.486 ms
Changes:
----------
file.find:
Summary for debian
------------
Succeeded: 4 (changed=4)
Failed: 0
------------
Total states run: 4
Total run time: 14.025 s
----------
ID: configure_proftpd_mod_tls
Function: file.managed
Name: /etc/proftpd/tls.conf
Result: True
Comment: File /etc/proftpd/tls.conf updated
Started: 15:24:06.190686
Duration: 195.335 ms
Changes:
----------
diff:
---
+++
@@ -1,59 +1,11 @@
-#
-# Proftpd sample configuration for FTPS connections.
-#
-# Note that FTPS impose some limitations in NAT traversing.
-# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
-# for more information.
-#
-
+LoadModule mod_tls.c
-#TLSEngine on
-#TLSLog /var/log/proftpd/tls.log
-#TLSProtocol SSLv23
-#
-# Server SSL certificate. You can generate a self-signed certificate using
-# a command like:
-#
-# openssl req -x509 -newkey rsa:1024 \
-# -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt \
-# -nodes -days 365
-#
-# The proftpd.key file must be readable by root only. The other file can be
-# readable by anyone.
-#
-# chmod 0600 /etc/ssl/private/proftpd.key
-# chmod 0640 /etc/ssl/private/proftpd.key
-#
-#TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
-#TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
-#
-# CA the server trusts...
-#TLSCACertificateFile /etc/ssl/certs/CA.pem
-# ...or avoid CA cert and be verbose
-#TLSOptions NoCertRequest EnableDiags
-# ... or the same with relaxed session use for some clients (e.g. FireFtp)
-#TLSOptions NoCertRequest EnableDiags NoSessionReuseRequired
-#
-#
-# Per default drop connection if client tries to start a renegotiate
-# This is a fix for CVE-2009-3555 but could break some clients.
-#
-#TLSOptions AllowClientRenegotiations
-#
-# Authenticate clients that want to use FTP over TLS?
-#
-#TLSVerifyClient off
-#
-# Are clients required to use FTP over TLS when talking to this server?
-#
-#TLSRequired on
-#
-# Allow SSL/TLS renegotiations when the client requests them, but
-# do not force the renegotations. Some clients do not support
-# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
-# clients will close the data connection, or there will be a timeout
-# on an idle data connection.
-#
-#TLSRenegotiate required off
+ TLSEngine off
+ TLSLog /var/log/proftpd/tls.log
+ TLSProtocol TLSv1.2
+ TLSRSACertificateFile /etc/ssl/certs/openmediavault-.crt
+ TLSRSACertificateKeyFile /etc/ssl/private/openmediavault-.key
+ TLSVerifyClient off
+ TLSRenegotiate required off
+ TLSRequired off
-
----------
ID: configure_proftpd_mod_auth
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 9 lines
Started: 15:24:06.386143
Duration: 26.95 ms
Changes:
----------
diff:
---
+++
@@ -41,3 +41,12 @@
+
+ DefaultRoot /srv/ftp
+ MaxClients 5
+ MaxLoginAttempts 1
+ RequireValidShell on
+ # This option is useless because this is handled via the PAM
+ # pam_listfile.so module, so set it to 'off' by default.
+ UseFtpUsers off
+
----------
ID: proftpd_ftpusers_deny_root
Function: file.uncomment
Name: /etc/ftpusers
Result: True
Comment: Pattern already uncommented
Started: 15:24:06.413210
Duration: 1.997 ms
Changes:
----------
ID: configure_proftpd_mod_auth_pam
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 4 lines
Started: 15:24:06.415308
Duration: 1.829 ms
Changes:
----------
diff:
---
+++
@@ -50,3 +50,7 @@
# pam_listfile.so module, so set it to 'off' by default.
UseFtpUsers off
+
+ AuthPAM on
+ AuthPAMConfig proftpd
+
----------
ID: configure_proftpd_mod_ban
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 7 lines
Started: 15:24:06.417235
Duration: 26.823 ms
Changes:
----------
diff:
---
+++
@@ -54,3 +54,10 @@
AuthPAM on
AuthPAMConfig proftpd
+
+ BanEngine off
+ BanControlsACLs all allow user root
+ BanLog /var/log/proftpd/ban.log
+ BanMessage Host %a has been banned
+ BanTable /run/proftpd/ban.tab
+
----------
ID: configure_proftpd_mod_ctrls
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 7 lines
Started: 15:24:06.444169
Duration: 2.266 ms
Changes:
----------
diff:
---
+++
@@ -61,3 +61,10 @@
BanMessage Host %a has been banned
BanTable /run/proftpd/ban.tab
+
+ ControlsEngine on
+ ControlsMaxClients 2
+ ControlsLog /var/log/proftpd/controls.log
+ ControlsInterval 5
+ ControlsSocket /run/proftpd/proftpd.sock
+
----------
ID: configure_proftpd_mod_ctrls_admin
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.446532
Duration: 1.76 ms
Changes:
----------
diff:
---
+++
@@ -68,3 +68,6 @@
ControlsInterval 5
ControlsSocket /run/proftpd/proftpd.sock
+
+ AdminControlsEngine off
+
----------
ID: configure_proftpd_mod_delay
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.448390
Duration: 1.69 ms
Changes:
----------
diff:
---
+++
@@ -71,3 +71,6 @@
AdminControlsEngine off
+
+ DelayEngine on
+
----------
ID: configure_proftpd_mod_facl
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.450176
Duration: 1.715 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,6 @@
DelayEngine on
+
+ FACLEngine on
+
----------
ID: configure_proftpd_mod_ident
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 4 lines
Started: 15:24:06.451985
Duration: 23.107 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,7 @@
FACLEngine on
+LoadModule mod_ident.c
+
+ IdentLookups off
+
----------
ID: configure_proftpd_mod_quotatab
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.475203
Duration: 1.769 ms
Changes:
----------
diff:
---
+++
@@ -81,3 +81,6 @@
IdentLookups off
+
+ QuotaEngine off
+
----------
ID: configure_proftpd_mod_ratio
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 3 lines
Started: 15:24:06.477072
Duration: 1.723 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,6 @@
QuotaEngine off
+
+ Ratios off
+
----------
ID: configure_proftpd_mod_vroot
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 6 lines
Started: 15:24:06.478895
Duration: 44.453 ms
Changes:
----------
diff:
---
+++
@@ -87,3 +87,9 @@
Ratios off
+LoadModule mod_vroot.c
+
+ VRootEngine on
+ VRootLog /var/log/proftpd/vroot.log
+ VRootAlias "/srv/dev-disk-by-uuid-44ca8b44-6287-4667-ad48-2c15c770e305/Data/CCTV/" "/CCTV"
+
----------
ID: configure_proftpd_mod_wrap
Function: file.append
Name: /etc/proftpd/proftpd.conf
Result: True
Comment: Appended 5 lines
Started: 15:24:06.523466
Duration: 2.192 ms
Changes:
----------
diff:
---
+++
@@ -93,3 +93,8 @@
VRootLog /var/log/proftpd/vroot.log
VRootAlias "/srv/dev-disk-by-uuid-44ca8b44-6287-4667-ad48-2c15c770e305/Data/CCTV/" "/CCTV"
+
+ TCPAccessFiles /etc/hosts.allow /etc/hosts.deny
+ TCPAccessSyslogLevels info warn
+ TCPServiceName ftpd
+
----------
ID: create_proftpd_hosts_file_-etc-hosts.allow
Function: file.managed
Name: /etc/hosts.allow
Result: True
Comment: File /etc/hosts.allow exists with proper permissions. No changes made.
Started: 15:24:06.525758
Duration: 1.033 ms
Changes:
----------
ID: create_proftpd_hosts_file_-etc-hosts.deny
Function: file.managed
Name: /etc/hosts.deny
Result: True
Comment: File /etc/hosts.deny exists with proper permissions. No changes made.
Started: 15:24:06.526889
Duration: 1.024 ms
Changes:
----------
ID: disable_proftpd_socket_activation
Function: service.dead
Name: proftpd.socket
Result: True
Comment: The service proftpd.socket is already dead
Started: 15:24:07.359932
Duration: 53.95 ms
Changes:
----------
ID: test_proftpd_service_config
Function: cmd.run
Name: proftpd --configtest
Result: False
Comment: Command "proftpd --configtest" run
Started: 15:24:07.415708
Duration: 54.503 ms
Changes:
----------
pid:
73968
retcode:
1
stderr:
2023-10-20 15:24:07,468 OMV proftpd[73969]: error: unable to stat() /var/log/proftpd: No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: mod_ctrls/0.9.5: unable to open ControlsLog '/var/log/proftpd/controls.log': No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: fatal: ControlsLog: unable to open '/var/log/proftpd/controls.log': No such file or directory on line 67 of '/etc/proftpd/proftpd.conf'
stdout:
Checking syntax of configuration file
----------
ID: start_proftpd_service
Function: service.running
Name: proftpd
Result: False
Comment: One or more requisite failed: omv.deploy.proftpd.default.test_proftpd_service_config
Started: 15:24:07.473321
Duration: 0.003 ms
Changes:
----------
ID: monitor_proftpd_service
Function: module.run
Result: False
Comment: One or more requisite failed: omv.deploy.proftpd.default.start_proftpd_service
Started: 15:24:07.475178
Duration: 0.003 ms
Changes:
Summary for debian
-------------
Succeeded: 20 (changed=17)
Failed: 3
-------------
Total states run: 23
Total run time: 16.414 s
[ERROR ] Command 'proftpd' failed with return code: 1
[ERROR ] stdout: Checking syntax of configuration file
[ERROR ] stderr: 2023-10-20 15:24:07,468 OMV proftpd[73969]: error: unable to stat() /var/log/proftpd: No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: mod_ctrls/0.9.5: unable to open ControlsLog '/var/log/proftpd/controls.log': No such file or directory
2023-10-20 15:24:07,468 OMV proftpd[73969]: fatal: ControlsLog: unable to open '/var/log/proftpd/controls.log': No such file or directory on line 67 of '/etc/proftpd/proftpd.conf'
[ERROR ] retcode: 1
[ERROR ] {'pid': 73968, 'retcode': 1, 'stdout': 'Checking syntax of configuration file', 'stderr': "2023-10-20 15:24:07,468 OMV proftpd[73969]: error: unable to stat() /var/log/proftpd: No such file or directory\n2023-10-20 15:24:07,468 OMV proftpd[73969]: mod_ctrls/0.9.5: unable to open ControlsLog '/var/log/proftpd/controls.log': No such file or directory\n2023-10-20 15:24:07,468 OMV proftpd[73969]: fatal: ControlsLog: unable to open '/var/log/proftpd/controls.log': No such file or directory on line 67 of '/etc/proftpd/proftpd.conf'"} in /usr/share/php/openmediavault/system/process.inc:242
Stack trace:
#0 /usr/share/php/openmediavault/engine/module/serviceabstract.inc(62): OMV\System\Process->execute()
#1 /usr/share/openmediavault/engined/rpc/config.inc(178): OMV\Engine\Module\ServiceAbstract->deploy()
#2 [internal function]: Engined\Rpc\Config->applyChanges(Array, Array)
#3 /usr/share/php/openmediavault/rpc/serviceabstract.inc(123): call_user_func_array(Array, Array)
#4 /usr/share/php/openmediavault/rpc/serviceabstract.inc(149): OMV\Rpc\ServiceAbstract->callMethod('applyChanges', Array, Array)
#5 /usr/share/php/openmediavault/rpc/serviceabstract.inc(620): OMV\Rpc\ServiceAbstract->OMV\Rpc\{closure}('/tmp/bgstatusAu...', '/tmp/bgoutputD5...')
#6 /usr/share/php/openmediavault/rpc/serviceabstract.inc(159): OMV\Rpc\ServiceAbstract->execBgProc(Object(Closure))
#7 /usr/share/openmediavault/engined/rpc/config.inc(199): OMV\Rpc\ServiceAbstract->callMethodBg('applyChanges', Array, Array)
#8 [internal function]: Engined\Rpc\Config->applyChangesBg(Array, Array)
#9 /usr/share/php/openmediavault/rpc/serviceabstract.inc(123): call_user_func_array(Array, Array)
#10 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('applyChangesBg', Array, Array)
#11 /usr/sbin/omv-engined(537): OMV\Rpc\Rpc::call('Config', 'applyChangesBg', Array, Array, 1)
#12 {main}