# [ProFTPD] ROOT PRIVS: ID switching disabled [solved]

## st4n

Hi,

I have a trouble with proftpd. First of all my configuration

and so on:

grep -v ^# /etc/proftpd/proftpd.conf

```
AllowOverride           off

AllowOverwrite          on

AllowRetrieveRestart    on

AllowStoreRestart       on

AuthGroupFile           /home/realuser/ftpd.group

AuthPAM                 off

AuthUserFile            /home/realuser/ftpd.passwd

DefaultRoot             ~

DefaultServer           on

DelayEngine             off

DirFakeGroup            on

DirFakeUser             on

Group                   proftpd

IdentLookups            off

MaxClients              20

MaxInstances            20

MaxLoginAttempts        2

RequireValidShell       off

ServerAdmin             realuser@host.domain

ServerName              "http://host.domain/realuser"

ServerType              standalone

Umask                   002

UseFtpUsers             off

UseReverseDNS           off

User                    proftpd

<Directory /home/realuser>

        HideNoAccess    on

        GroupOwner      realgroup

        UserOwner       realuser

</Directory>
```

cat /home/realuser/ftpd.passwd

```
realuser:md5passwd:1001:101::/home/realuser:/bin/false

web2:md5passwd:10032:101::/home/realuser/32:/bin/false

web1:md5passwd:12316:101::/home/realuser/2316:/bin/false

web4:md5passwd:12317:101::/home/realuser/2317:/bin/false

web6:md5passwd:12324:101::/home/realuser/2324:/bin/false

web3:md5passwd:12327:101::/home/realuser/2327:/bin/false
```

cat /home/realuser/ftpd.group

```
realgroup:x:101:realuser
```

ls -asl /home/realuser/

```
total 52

 0 drwxrwxr-x  7 realuser realgroup   368 Feb  8 14:46 .

 0 drwxr-xr-x  7 root  root    168 Feb  8 13:17 ..

 4 -rw-rw-r--  1 realuser realgroup  1780 Feb  8 16:13 .bash_history

 4 -rw-rw-r--  1 realuser realgroup   232 Feb  8 12:48 .bash_profile

 4 -rw-rw-r--  1 realuser realgroup   812 Feb  8 12:48 .bashrc

 0 drwxrwxr-x  3 realuser realgroup    72 Feb  8 12:53 2316

 0 drwxrwxr-x  3 realuser realgroup    72 Feb  8 12:53 2317

 0 drwxrwxr-x  3 realuser realgroup    72 Feb  8 14:40 2324

 0 drwxrwxr-x  3 realuser realgroup    72 Feb  8 12:53 2327

 0 drwxrwxr-x  3 realuser realgroup    72 Feb  8 12:53 32

 4 -r--r-----  1 realuser realgroup    18 Feb  8 14:46 ftpd.group

 4 -r--r-----  1 realuser realgroup   467 Feb  8 14:40 ftpd.passwd
```

Thats it. Here is my problem:

If I upload files, that does not exist on the ftp, they get the UID 100032 and so on. Like written in the Fake-/etc/passwd.

But they should belong the realuser and realgroup, like written in the proftpd.conf.

This two logs show what I mean:

ftp host.domain

```
Connected to 1.2.3.4.

220 ProFTPD 1.2.10 Server (http://host.domain/realuser) [1.2.3.4]

Name (1.2.3.4:ident): web6

331 Password required for web6.

Password:

230 User web6 logged in.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls -asl

200 PORT command successful

150 Opening ASCII mode data connection for file list

drwxrwxr-x   3 ftp      ftp            72 Feb  8 13:40 .

drwxrwxr-x   3 ftp      ftp            72 Feb  8 13:40 ..

226 Transfer complete.

ftp> put start

local: start remote: start

200 PORT command successful

150 Opening BINARY mode data connection for start

226 Transfer complete.

155 bytes sent in 0.000118 secs (1.3e+03 Kbytes/sec)

ftp> ls -asl

200 PORT command successful

150 Opening ASCII mode data connection for file list

drwxrwxr-x   3 ftp      ftp            96 Feb  8 15:46 .

drwxrwxr-x   3 ftp      ftp            96 Feb  8 15:46 ..

-rw-rw-r--   1 ftp      ftp           155 Feb  8 15:46 start

226 Transfer complete.

ftp> quit

221 Goodbye.
```

ls -asl /home/realuser/2324/  

```
total 4

0 drwxrwxr-x  3 realuser realgroup  96 Feb  8 16:46 .

0 drwxrwxr-x  7 realuser realgroup 368 Feb  8 14:46 ..

4 -rw-rw-r--  1 12324 realgroup 155 Feb  8 16:46 start
```

Like you can see, the file start belongs to the wrong owner. The proftpd debug says the following:

proftpd -d 9 -n

```
 ...

host.domain (1.2.3.4[1.2.3.4]) - ROOT PRIVS: ID switching disabled

host.domain (1.2.3.4[1.2.3.4]) - FS: using system chown()

host.domain (1.2.3.4[1.2.3.4]) - ROOT PRIVS: ID switching disabled

host.domain (1.2.3.4[1.2.3.4]) - chown(start) as root failed: Operation not permitted

host.domain (1.2.3.4[1.2.3.4]) - ROOT PRIVS: ID switching disabled

host.domain (1.2.3.4[1.2.3.4]) - ROOT PRIVS: ID switching disabled

 ...
```

I hope you understand what problem i have and you could help me.

MFG, Stan <st4n> Behrens

ps: sorry for my bad english :)

----------

## st4n

Hi,

added this to my proftpd.conf and works fine now:

```
cat >> /etc/proftpd/proftpd.conf << "EOF"

<IfModule mod_cap.c>

        CapabilitiesEngine      off

</IfModule>

EOF
```

MFG, Stan <st4n> Behrens

----------

