alexus at gmail.com
Wed May 20 14:18:08 UTC 2009
On Wed, May 20, 2009 at 10:13 AM, alexus <alexus at gmail.com> wrote:
> On Wed, May 20, 2009 at 7:46 AM, Mel Flynn
> <mel.flynn+fbsd.questions at mailing.thruhere.net> wrote:
>> On Tuesday 19 May 2009 21:18:48 alexus wrote:
>>> On Tue, May 19, 2009 at 2:26 PM, Mehul Ved <mehul.n.ved at gmail.com> wrote:
>>> > On Tue, May 19, 2009 at 11:14 PM, alexus <alexus at gmail.com> wrote:
>>> >> i start it as a root, but it switchs to non-root
>>> >> nobody 52346 0.0 0.1 11820 4208 ?? SsJ Sun06PM 0:00.66
>>> >> proftpd: (accepting connections) (proftpd)
>>> > Check the value for 'user' in proftpd.conf. It will be nobody. Change
>>> > it to root.
>>> > --
>>> > Dyslexics have more fnu. - http://kingsly.net/tmp/fortune.php/1242364116
>>> wouldn't it sort of make it more risky in terms of security to run
>>> ftpd as root vs nobody?
>>> in general daemon do not run as root and thats for a reason..
>> Yes, don't do it. Is proftpd started as root? Then this shouldn't occur,
>> although a forum post suggests that mod_cap can fiddle with this.
>>  http://forums.proftpd.org/smf/index.php?topic=1315.0
> if i set User in proftpd.conf to root, then it runs as a root
> the other thing is mod_cap has something to do with Linux compatibility w/ POSIX
> I run FreeBSD...
for test purposes i set it to root, but even with that i'm unable to
connect to ftp and my tls.log says following
May 20 10:16:58 mod_tls/2.2.1: error locking passphrase into
memory: Operation not permitted
May 20 10:16:58 mod_tls/2.2.1: using default OpenSSL
verification locations (see $SSL_CERT_DIR environment variable)
May 20 10:16:58 mod_tls/2.2.1: TLS/TLS-C requested, starting
May 20 10:17:01 mod_tls/2.2.1: TLSv1/SSLv3 connection accepted,
using cipher DHE-RSA-AES256-SHA (256 bits)
May 20 10:17:01 mod_tls/2.2.1: Protection set to Private
and it hangs...
More information about the freebsd-questions