Author Topic: mod_exec only firing for USER events?  (Read 197 times)

Offline mintsoft

  • New user
  • *
  • Posts: 2
    • View Profile
mod_exec only firing for USER events?
« on: March 22, 2017, 09:32:41 am »
Hello,

I'm trying to setup an SFTP server with virtual users which when users upload files, a script is executed to do other stuff with the uploaded file. I'm running on Debian Jessie (meaning proftpd-basic                  1.3.5-1.1+deb8u1). The sftp.conf file is in the conf.d directory so is included by the proftpd.

To prove the idea, I was planning to have my script.sh just get executed on every command for now, so I can see it getting executed and that the arguments are working etc before I plough-on and flesh it out at all. So my "script" is :

Code: [Select]
$ cat ../sftp/script.sh
#!/bin/bash
echo `date --iso-8601=seconds`\:\'"$@"\' >> /tmp/log.log


However when I look at /tmp/log.log all I see is:
Code: [Select]
2017-03-22T09:16:02+0000:'BEFORE 'UNKNOWN' '192.168.1.16' '' '' '' '' '' 'desktop.home' 'USER' 'USER robtest' 'robtest' '' 'Debian' '-''
2017-03-22T09:16:02+0000:''UNKNOWN' '192.168.1.16' '' '' '' '' '' 'desktop.home' 'USER' 'USER robtest' 'robtest' '' 'Debian' '-''
2017-03-22T09:16:02+0000:'BEFORE 'UNKNOWN' '192.168.1.16' '' '' '' '' '' 'desktop.home' 'PASS' 'PASS (hidden)' 'robtest' '' 'Debian' '-''

So the script is executable and 'working' however when I upload a file, I see nothing in here at all. The ExecLog that I've defined is also not getting created (it's in /tmp while I'm playing around)

I've attached the configuration in its entirety, it's a stock Debian install. The custom config I've been doing is all in sftp.conf

I can't see what I've done wrong, I'm hoping I've missed something obvious?

Many Thanks
Rob

Offline mintsoft

  • New user
  • *
  • Posts: 2
    • View Profile
Re: mod_exec only firing for USER events?
« Reply #1 on: March 22, 2017, 02:16:09 pm »
Aha! I've just solved my own problem. In-case other people encounter the same problems:

The ExecLog isn't being populated because it won't be written to a directory that's world-readable (i.e. /tmp) switching that to /var/log/proftpd/execlog.log makes it actually populate.

Secondly that then shows that there's a permissions issue writing to the file in /tmp. The scripts are being executed as the SFTP user that's logged in, for my virtual users that's uid 10000, I was assuming it was run as the proftpd user!

 ;D