vsftp log doesn't exist

jorgeraimundo · September 14, 2009, 5:36pm

Hello all!

I’m trying to configure vsftp with SSL but it gives me an error, so I want to see the logs.
Problem is that the file /var/log/vsftpd.log doesn’t exist.

In the config file I have the following:

Log to the syslog daemon instead of using an logfile.

#syslog_enable=NO

Is it correct?

Best regards,
Jorge

hcvv · September 14, 2009, 6:39pm

IMHO this says that that loging goes to syslog (so not very clear). When you remove the # before the last line it says NOT to use syslog. I hope it then goes to a logfile. If this is the file you suspect it is, I can not say out of the info given here.

Just try it, it will not fry your system

jorgeraimundo · September 14, 2009, 6:48pm

Hi!

I tried to do as you told but no effect.

I found an indication that probably I should have

# Set listen=YES if you want vsftpd to run standalone
#
listen=NO

So that it runs as a service.

But I have

# Set listen=YES if you want vsftpd to run standalone
#
listen=YES

And it is told that this might be related to the lack of log. But if I change it to listen=NO it gives me an error and it won’t start. And without log I can’t find out what’s going on… >:(

Best regards

hcvv · September 14, 2009, 7:56pm

IMHO LISTEN should be yes if you start the daemon as a service. It should be no if you start it from xinetd because then xinetd does the listening.

I do not know what method you use (because you did not tell). You could check if what you do is consistent which wht I tell you, but as it is functioning this does not matter to much.

I doubt if the method you use has anything to do with the logging. We suppose that the logging is going now to syslog, do we?. Did you check if there is somthing in syslog?

jorgeraimundo · September 15, 2009, 11:35am

IMHO LISTEN should be yes if you start the daemon as a service. It should be no if you start it from xinetd because then xinetd does the listening.

Ok. It’s working with LISTEN=YES. I don’t want to use xinetd, in fact it’s not even running, so that must be the reason why it doesn’t start with LISTEN=NO.

I doubt if the method you use has anything to do with the logging. We suppose that the logging is going now to syslog, do we?. Did you check if there is something in syslog?

Ok, so comming back to the syslog_enable question, I’ve set it to NO to see if there is any /var/log/vsftpd.log file created. There isn’t.
I’ve changed it to syslog_enable=YES and there is nothing appearing on dmesg or /var/log/messages.
Am I looking on the wrong place?

Best regards,
Jorge

user · September 15, 2009, 12:08pm

jorgeraimundo wrote:

> Ok, so comming back to the syslog_enable question, I’ve set it to NO to
> see if there is any /var/log/vsftpd.log file created. There isn’t.
> I’ve changed it to syslog_enable=YES and there is nothing appearing on
> dmesg or /var/log/messages.
> Am I looking on the wrong place?

Setting “syslog_enable=YES” should log messages to “syslog-ng”, so you’ll
have to configure that part, creating the appropriate filters and
facilities for vsftp before any file is created.

Anyway, these settings should be enough:

syslog_enable=NO
vsftpd_log_file=/var/log/vsftpd.log

The manual states:

vsftpd_log_file
This option is the name of the file to which we write the vsftpd style log
file. This log is only written if the option xferlog_enable is set, and
xferlog_std_format is NOT set. Alternatively, it is written if you have set
the option dual_log_enable. One further complication - if you have set
syslog_enable, then this file is not written and output is sent to the
system log instead.

Greetings,

–
Camaleón

jorgeraimundo · September 15, 2009, 12:36pm

Hello Camaleón!

Thank you for your reply!
I did as told. In fact I’m placing my config here:

write_enable=YES
dirmessage_enable=YES
nopriv_user=ftpsecure

local_enable=YES
local_umask=022

chroot_local_user=YES
local_root=/srv/ftp/
anon_root=/srv/ftp/pub/

anonymous_enable=YES
anon_world_readable_only=YES
anon_upload_enable=NO
anon_umask=022                                                               
anon_mkdir_write_enable=NO

syslog_enable=NO
log_ftp_protocol=NO
vsftpd_log_file=/var/log/vsftpd.log

connect_from_port_20=YES

idle_session_timeout=900

pasv_enable=YES

pam_service_name=vsftpd

listen=YES

ssl_enable=NO

pasv_min_port=40000
pasv_max_port=40500

max_clients=10
max_per_ip=3

ssl_sslv2=NO
ssl_sslv3=NO
ssl_tlsv1=YES

If I change log_ftp_protocol to YES the server won’t start.

Even with the explicit indication of syslog_enable=NO and vsftpd_log_file=/var/log/vsftpd.log the file isn’t created.

I’m getting puzzled. :\

user · September 15, 2009, 1:41pm

jorgeraimundo wrote:

> Hello Camaleón!
>
> Thank you for your reply!
> I did as told. In fact I’m placing my config here:
>
> Code:
> --------------------
> syslog_enable=NO
> log_ftp_protocol=NO
> vsftpd_log_file=/var/log/vsftpd.log
> --------------------
>
>
> If I change log_ftp_protocol to YES the server won’t start.

You don’t have to change “log_ftp_protocol” to YES unless you really need
it :-?

What man page says is “This log is only written if the option xferlog_enable
is set, and xferlog_std_format is NOT set.” so test with
xferlog_enable=YES and restart the daemon (rcvsftpd restart)

Greetings,

–
Camaleón

jorgeraimundo · September 15, 2009, 1:59pm

Here’s what happens with the xferlog_enable=YES:

Shutting down vsftpd                                                                            done
Starting vsftpd startproc:  exit status of parent of /usr/sbin/vsftpd: 1                        failed

And the worse is that there’s no log to see what’s going wrong…

user · September 15, 2009, 2:13pm

jorgeraimundo wrote:

> Here’s what happens with the xferlog_enable=YES:
>
>
> Code:
> --------------------
> Shutting down vsftpd
> done
> Starting vsftpd startproc: exit status of parent of /usr/sbin/vsftpd: 1
> failed
> --------------------

Ouch! Ok, ok… don’t panic

Here is what I have:

xferlog_enable=YES
xferlog_std_format=YES
dual_log_enable=YES

Try to set these 3 options.

> And the worse is that there’s no log to see what’s going wrong…

If a dameon does not start you can review the usual logs (/var/log/messages
and /var/log/warn).

Greetings,

–
Camaleón

jorgeraimundo · September 15, 2009, 2:33pm

Here is what I have:

xferlog_enable=YES
xferlog_std_format=YES
dual_log_enable=YES

Try to set these 3 options.

I did. The only one that allows the service to start successfully is the dual_log_enable=YES. If I use any of the other two, it won’t start.

If a dameon does not start you can review the usual logs (/var/log/messages
and /var/log/warn).

Problem is that they don’t even move. I’m following them with a tail -f and there’s nothing new.

Is there something that should be running and isn’t?

user · September 15, 2009, 3:18pm

jorgeraimundo wrote:

> I did. The only one that allows the service to start successfully is
> the dual_log_enable=YES. If I use any of the other two, it won’t start.

But, are you getting now the log file or is still missing? :-?

>> If a dameon does not start you can review the usual logs
>> (/var/log/messages
>> and /var/log/warn).
>
> Problem is that they don’t even move. I’m following them with a tail -f
> and there’s nothing new.
>
> Is there something that should be running and isn’t?

Running, dunno, I don’t think so.

But check the whole /etc/vsftpd.conf file for any duplicated value that may
prevent the service from initializing.

Or better yes, start from scratch. Get the original config file and start
over with the standard values set.

Greetings,

–
Camaleón

jorgeraimundo · September 15, 2009, 4:38pm

I hate this!!!

After all the struggle we had I found out that the file was filled with white spaces in most of the lines.
So instead of having

directive=value

I had

directive=value\w\w\w\w\w\w\w\w\w\w\w\w\w

(being \w a white space)
This made the startup end in error every time I uncommented one of those lines…

Now I have logs working on /var/log/vsftpd.log with the following options:

syslog_enable=NO
log_ftp_protocol=NO
xferlog_enable=YES
vsftpd_log_file=/var/log/vsftpd.log
xferlog_std_format=YES
dual_log_enable=YES

Sorry for taking your time with such a stupid thing.

Best regards,
Jorge

jorgeraimundo · September 15, 2009, 4:51pm

Ok… So it’s not the end yet.

Apparently the vsftpd.log file only registers the ftp activity itself and not the deamon activity.

Back to what started all this, I want to configure SSL on it, but it gives

Starting vsftpd startproc:  exit status of parent of /usr/sbin/vsftpd: 1                    failed

And vsftpd.log has nothing on what is the problem, nor /var/log/messages nor /var/log/localmessages nor /var/log/warn…

user · September 15, 2009, 5:11pm

jorgeraimundo wrote:

> Back to what started all this, I want to configure SSL on it, but it
> gives
>
> Code:
> --------------------
> Starting vsftpd startproc: exit status of parent of /usr/sbin/vsftpd:
> 1 failed
> --------------------
>
> And vsftpd.log has nothing on what is the problem, nor
> /var/log/messages nor /var/log/localmessages nor /var/log/warn…

Carefully read the docs for setting up ssl with vsftpd. Most surely a step
is missing:

http://wiki.vpslink.com/Configuring_vsftpd_for_secure_connections_(TLS/SSL/SFTP)

Greetings,

–
Camaleón

jorgeraimundo · September 15, 2009, 5:36pm

Thanks…

The server is starting now, but the client is unable to connect:

Status: Connection established, initializing TLS
Error:  Connection timed out

The server is still listening on port 21, right?

P.S: Since this is a bit off-topic I’ve started another thread here.