# Proftpd: 530-Unable to set anonymous privileges. [SOLVED]

## noisebleed

Hi. I'm trying to setup a ftp server with Proftpd but without success.  :Sad: 

I want a tech user (alias of ftp) to login with password.

/etc/proftpd/proftpd.conf:

```
ServerName              "NG-001"

ServerType              standalone

DefaultServer           on

RequireValidShell       off

AuthPAM                 off

AuthPAMConfig           ftp

Port                    21

PassivePorts            49000 49010

Umask                           022

MaxInstances            10

SystemLog /var/log/proftpd.log        

User                            ftp

Group                           ftp

DefaultRoot ~

<Directory />

        AllowOverwrite          on

</Directory>

<Anonymous /var/www/tech/>

  User                  ftp

  Group                 ftp

  UserAlias             tech ftp

  AnonRequirePassword   on

  RequireValidShell     off

  MaxClients            10

  DisplayLogin          welcome.msg

  DisplayFirstChdir     .message

  <Limit LOGIN>

    Order               deny,allow

    Allow               from all

 </Limit>

  # Hide all files owned by user 'root'

  HideUser                      root

  <Limit WRITE>

    Deny from all

  </Limit>

  <Directory ./>

    <Limit READ WRITE DIRS STOR CWD CDUP>

      AllowAll

    </Limit>

  </Directory>

</Anonymous>

```

I'm trying to establish a connection through FileZilla but all I get is:

```
Response:   220 ProFTPD 1.3.1rc2 Server (NG-001) [10.17.1.1]

Command:   USER tech

Response:   331 Password required for tech

Command:   PASS ********

Response:   530-Unable to set anonymous privileges.

Response:   530 Login incorrect.

```

From the log file /var/log/proftpd.log:

```
Jan 17 12:34:59 porteiro proftpd[20228] porteiro.noisebleed.pt: ProFTPD 1.3.1rc2 (devel) (built Ter Jan 15 14:41:25 WET 2008) standalone mode STARTUP

Jan 17 12:35:18 porteiro proftpd[20240] porteiro.noisebleed.pt (10.17.1.19[10.17.1.19]): FTP session opened.

Jan 17 12:35:18 porteiro proftpd[20240] porteiro.noisebleed.pt (10.17.1.19[10.17.1.19]): ftp: Directory /var/www/tech/ is not accessible.

Jan 17 12:35:19 porteiro proftpd[20240] porteiro.noisebleed.pt (10.17.1.19[10.17.1.19]): FTP session closed.

```

I have /var/www/tech and it is the home of the ftp user. 

The password for ftp user was defined through passwd in a root shell. Is this ok?

The ftp also has the shell /bin/ftp = /bin/false defined in /etc/shells.

The Proftpd version installed is 1.3.1_rc2-rc3 and was compiled with the following flags.

```
USE="acl mysql ncurses nls opensslcrypt pam radius ssl tcpd -authfile -clamav -hardened -ifsession -ipv6 -ldap -noauthunix -postgres -rewrite (-selinux) -shaper -sitemisc -softquota -vroot -xinetd"
```

Is it ok to have proftpd compiled with acl?

When i try 

```
AuthPAM                 on
```

 the 503 error still occurs.

Then i edited /etc/pam.d/ftp

```
auth     required  pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed

auth     include   system-auth

# If this is enabled, anonymous logins will fail because the 'ftp' user does

# not have a "valid" shell, as listed in /etc/shells.

#

# If you enable this, it is recommended that you do *not* give the 'ftp'

# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and

# add /bin/false to /etc/shells.

# auth     required  pam_shells.so

account  include   system-auth

session  include   system-auth

```

 and uncommented 

```
auth     required  pam_shells.so
```

 and tryed with again with 

```
AuthPAM                 on
```

 but i didn't get any improvement.

Also when i start the proftpd service i get:

```
* Starting proftpd ...

 - warning: the DisplayFirstChdir directive is deprecated and will be removed in

 a future release.  Please use the DisplayChdir directive.                [ ok ]
```

Can anyone help me on this configuration? Thanks.Last edited by noisebleed on Thu Jan 17, 2008 5:40 pm; edited 2 times in total

----------

## noisebleed

I found the solution. Recompiled the package with USE="-acl" and now i can connect to server. Still having problems (Error 550) but error 530 is solved.

----------

## microtechno

 *Quote:*   

> * Starting proftpd ...
> 
>  - warning: the DisplayFirstChdir directive is deprecated and will be removed in
> 
>  a future release.  Please use the DisplayChdir directive.                [ ok ]

 

to fix this change the line

```
  DisplayFirstChdir     .message
```

to

```
DisplayChdir     .message
```

that is all that i know.. i am having my own problems with proftpd.. user access and the like.. so i shall keep an eye on this thread

have u checked the gentoo wiki though. I followed that.. and have a usable login.. just not what i want (no anonymous)

----------

## noisebleed

Hi.

Thanks for replying. My ftp server is running ok now. At the time I had the user "tech" alias of ftp authenticating with no problems.

The only issued that remained was that i wanted to chowned all files to apache as the ftp folder is used to hold web pages but I couldn't get the UserOwner/GroupOwner directives working.

Right now my co-worker changed the ftp config to move towards a mysql based config to add/del users so I'm not using the original config anymore.

If you are going for a mysql config I can send you our config. Good luck.

----------

## microtechno

yeh that would be good thanks

just pm it.

i shall give it a try with mysql. thanks

----------

