Closed
Bug 675163
Opened 13 years ago
Closed 12 years ago
Get a FTP server setup on mozqa.com
Categories
(Mozilla QA Graveyard :: Infrastructure, defect)
Mozilla QA Graveyard
Infrastructure
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: vladmaniac, Assigned: jsmith)
Details
We need a FTP server setup on mozqa.com We don't want to use external servers as much as possible in our Mozmill tests
Comment 1•13 years ago
|
||
You should assign these to me to do. I hadn't noticed this request.
Assignee: nobody → abillings
Reporter | ||
Comment 3•13 years ago
|
||
Hi Al, do we have a status of some kind for this request? It will really really help me check in bug 674874 :) Lots of thanks!
(In reply to Maniac Vlad Florin (:vladmaniac) from comment #3) > Hi Al, do we have a status of some kind for this request? It will really > really help me check in bug 674874 :) > > Lots of thanks! Al is on PTO until Sept 12.
Comment 5•13 years ago
|
||
Done. It works for non-ssl and ssl connections. Had to open up the Firewall too! lftp -u abillings mozqa.com -e "debug;set ftp:ssl-protect-data true;ls;exit" Password: ---- Connecting to mozqa.com (67.23.44.24) port 21 <--- 220 (vsFTPd 2.0.5) ---> FEAT <--- 211-Features: <--- AUTH SSL <--- AUTH TLS <--- EPRT <--- EPSV <--- MDTM <--- PASV <--- PBSZ <--- PROT <--- REST STREAM <--- SIZE <--- TVFS <--- 211 End ---> AUTH TLS <--- 234 Proceed with negotiation. ---> USER abillings Certificate: O=*.mozqa.com,OU=Domain Control Validated,CN=*.mozqa.com Issued by: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 Checking against: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 Trusted Certificate: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 Issued by: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority Checking against: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority Trusted Certificate: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority Issued by: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Checking against: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Trusted Certificate: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Issued by: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Trusted <--- 331 Please specify the password. ---> PASS XXXX <--- 230 Login successful. ---> PWD <--- 257 "/home/abillings" ---> PBSZ 0 <--- 200 PBSZ set to 0. ---> PROT P <--- 200 PROT now Private. ---> PROT P <--- 200 PROT now Private. ---> PASV <--- 227 Entering Passive Mode (67,23,44,24,169,191) ---- Connecting data socket to (67.23.44.24) port 43455 ---- Data connection established ---> LIST <--- 150 Here comes the directory listing. Certificate: O=*.mozqa.com,OU=Domain Control Validated,CN=*.mozqa.com Issued by: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 Checking against: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 Trusted Certificate: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure Certification Authority,serialNumber=07969287 Issued by: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority Checking against: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority Trusted Certificate: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 Certification Authority Issued by: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Checking against: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Trusted Certificate: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Issued by: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 2 Policy Validation Authority,CN=http://www.valicert.com/,EMAIL=info@valicert.com Trusted <--- 226 Directory send OK. ---- Got EOF on data connection ---- Closing data socket drwxr-xr-x 2 500 500 4096 Mar 11 2011 Desktop ---> QUIT ---- Closing control socket
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment 6•13 years ago
|
||
Al, thanks for setting it up. Can you please point the initial directory for anonymous access to the litmus folder, so that the path to the files are equivalent to the HTTP(S) access? Right now it uses the default top-level folder. ftp://ftp.mozqa.com/
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 7•13 years ago
|
||
Can you give me the specific path you want, just for clarity?
Comment 8•13 years ago
|
||
We should end up at the same folder, independent of if we are using HTTP or FTP. Which means the root should be the appropriate folder on the file system as where http://mozqa.com/data/ points to.
Status: REOPENED → ASSIGNED
Comment 9•13 years ago
|
||
Done. Anonymous FTP users go to /var/www/html/data
Status: ASSIGNED → RESOLVED
Closed: 13 years ago → 13 years ago
Resolution: --- → FIXED
Comment 10•13 years ago
|
||
Al, I'm sorry. Please blame me! But this was a wrong comment from me. I should have checked the HTTP configuration. Now we have different paths for the same content: ftp://mozqa.com/ http://mozqa.com/data/ I think that the default location for anonymous access was ok, but that we should have added a symlink to '/var/www/html/data' as subfolder instead. Only that way we can ensure that path fragments for both protocols are identical.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 11•13 years ago
|
||
I just changed the top level FTP to the same as top level for http: /var/www/html/ We don't keep anything on the webservers where we're worried about security, AFAIK, so this fixes the issue.
Status: REOPENED → RESOLVED
Closed: 13 years ago → 13 years ago
Resolution: --- → FIXED
Comment 12•13 years ago
|
||
We will. At least under mozmill-env we will have PHP scripts. So we should not open up the HTTP root this way. The best way is still to reset the FTP root folder to the default value and create a symlink at this location.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 13•13 years ago
|
||
This turns out to be a pain in the ass. vsftpd, which we use, disallows symlinks. I've made the symlink and you can see it but if you go to it, you get an error 550 and it refuses to change. See http://radu.cotescu.com/vsftpd-and-symbolic-links/. So, I have to explicitly mount the directory, etc. I'm not sure if that is really an ideal solution.
Status: REOPENED → ASSIGNED
Comment 14•13 years ago
|
||
Gah. I had to make a dir and mount it pointing at /var/www/html/data The commmand was: mount --bind /var/www/html/data /var/ftp/data Of course, the next time we reboot the server... :-)
Status: ASSIGNED → RESOLVED
Closed: 13 years ago → 13 years ago
Resolution: --- → FIXED
Comment 15•13 years ago
|
||
So are you saying that the mountpoint will not be re-set after a reboot currently? If that's the case we should create our own startup script. Also I don't think we should play ping-pong on closing and reopening the bug. Closing would be appropriate when everything is done. I will not reopen for now, but I still think more work has to be done. At least when reading your last comment.
Reporter | ||
Comment 16•13 years ago
|
||
(In reply to Henrik Skupin (:whimboo) from comment #15) > So are you saying that the mountpoint will not be re-set after a reboot > currently? If that's the case we should create our own startup script. > > Also I don't think we should play ping-pong on closing and reopening the > bug. Closing would be appropriate when everything is done. I will not reopen > for now, but I still think more work has to be done. At least when reading > your last comment. What is the status on this bug? Is it really fixed or not? Henrik - what can we do to de-block it?
Comment 17•13 years ago
|
||
Lets reopen for the final bits. Vlad, none of our tests are further blocked and you can go ahead. The only things are left on this bug are internals.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Reporter | ||
Comment 18•13 years ago
|
||
(In reply to Henrik Skupin (:whimboo) [away 11/25 - 12/03] from comment #17) > Lets reopen for the final bits. Vlad, none of our tests are further blocked > and you can go ahead. The only things are left on this bug are internals. Bug 674874 has now its initial patch. Thanks! Should we remove it from 'Blocks' or just leave it there for sanity?
Comment 19•12 years ago
|
||
Al, can you please clarify your comment 14? Is that permanent or not?
Comment 20•12 years ago
|
||
It was not set up to be done on reboot at the time.
Comment 21•12 years ago
|
||
Jason, would you mind finishing up this bug?
Assignee: abillings → nobody
Status: REOPENED → ASSIGNED
Assignee | ||
Comment 22•12 years ago
|
||
(In reply to Henrik Skupin (:whimboo) from comment #21) > Jason, would you mind finishing up this bug? Sure I'll take a shot at it. What is the priority on this getting done? Must have? Good to have? Nice to have?
Assignee | ||
Updated•12 years ago
|
Assignee: nobody → jsmith
Comment 23•12 years ago
|
||
It's a must have. We have Litmus/Mozmill tests which rely on examples via this FTP connection. So we have to make sure that the FTP server can get started immediately after a reboot of the machine.
Comment 24•12 years ago
|
||
Jason, can you please have a look at this as soon as possible? The FTP server is down right now and it could be because of the power outage we had lately. So as mentioned earlier we are probably not able to restore the necessary settings. This causes failures in our Mozmill tests so an immediate fix and start of the FTP server would be appreciated. Thanks.
Severity: normal → critical
Assignee | ||
Comment 25•12 years ago
|
||
(In reply to Henrik Skupin (:whimboo) from comment #24) > Jason, can you please have a look at this as soon as possible? The FTP > server is down right now and it could be because of the power outage we had > lately. So as mentioned earlier we are probably not able to restore the > necessary settings. > > This causes failures in our Mozmill tests so an immediate fix and start of > the FTP server would be appreciated. Thanks. I'm a bit stuck right now trying to understand what Al did and where's he at right now with this FTP setup.
Comment 26•12 years ago
|
||
As far as I know, the FTP server should start on boot but you could check. The mount command in comment 14 doesn't run automatically and is necessary for this to work. I don't recall a lot beyond this. It has been over six months.
Assignee | ||
Comment 27•12 years ago
|
||
(In reply to Al Billings [:abillings] from comment #26) > As far as I know, the FTP server should start on boot but you could check. > The mount command in comment 14 doesn't run automatically and is necessary > for this to work. > > I don't recall a lot beyond this. It has been over six months. Tried rebooting the server and remounting. No luck.
Assignee | ||
Comment 28•12 years ago
|
||
(In reply to Jason Smith [:jsmith] from comment #27) > (In reply to Al Billings [:abillings] from comment #26) > > As far as I know, the FTP server should start on boot but you could check. > > The mount command in comment 14 doesn't run automatically and is necessary > > for this to work. > > > > I don't recall a lot beyond this. It has been over six months. > > Tried rebooting the server and remounting. No luck. Wait, might not be right saying that. I was able to connect from one of my linux machines using sftp to mozqa.com. Maybe I need to get clarification here - Exactly what is the problem here?
Comment 29•12 years ago
|
||
If you don't mount /var/www/html/data to /var/ftp/data you won't be able to get to the checked in mozilla test repo tests via FTP.
Comment 30•12 years ago
|
||
Can you go to a /data subdirectory when you FTP to the box now?
Assignee | ||
Comment 31•12 years ago
|
||
SFTP through a different server, I was able to get to /var/ftp/data. I double checked and confirmed that I did run the mount command as root ( mount --bind /var/www/html/data /var/ftp/data). Connected to mozqa.com. sftp> cd /data Couldn't canonicalise: No such file or directory sftp> cd /var/www/html/data sftp> ls README.txt firefox thunderbird webapps sftp> cd /var/ftp/data sftp> ls README.txt firefox thunderbird webapps sftp> If I access ftp://ftp.mozqa.com/data, nothing comes up.
Assignee | ||
Comment 32•12 years ago
|
||
Fixed it with the help of Kevin. ftp://ftp.mozqa.com/data/ is back online.
Assignee | ||
Updated•12 years ago
|
Severity: critical → normal
Assignee | ||
Comment 33•12 years ago
|
||
Henrik - Trying to understand the comments here - What are the remaining bits summarized needed to be completed to close this bug out? I see a mention of a startup script, but what else?
Comment 34•12 years ago
|
||
When you restart the server no manual interaction should be necessary to get the FTP server setup and running. If that is done we can call this bug fixed.
Assignee | ||
Comment 35•12 years ago
|
||
(In reply to Henrik Skupin (:whimboo) from comment #34) > When you restart the server no manual interaction should be necessary to get > the FTP server setup and running. If that is done we can call this bug fixed. Done using chkconfig. Requesting review. Should I reboot to test or is inspection enough? Here's what I did: [root@mozqa sbin]# ./chkconfig vsftpd on [root@mozqa sbin]# ./chkconfig --list NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off avahi-dnsconfd 0:off 1:off 2:off 3:off 4:off 5:off 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off dc_client 0:off 1:off 2:off 3:off 4:off 5:off 6:off dc_server 0:off 1:off 2:off 3:off 4:off 5:off 6:off dnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off firstboot 0:off 1:off 2:off 3:on 4:off 5:on 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off httpd 0:off 1:off 2:on 3:on 4:off 5:on 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iscsi 0:off 1:off 2:off 3:on 4:on 5:on 6:off iscsid 0:off 1:off 2:off 3:on 4:on 5:on 6:off kdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off mcstrans 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off multipathd 0:off 1:off 2:off 3:off 4:off 5:off 6:off named 0:off 1:off 2:off 3:off 4:off 5:off 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off pcscd 0:off 1:off 2:on 3:on 4:on 5:on 6:off portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off smb 0:off 1:off 2:off 3:off 4:off 5:off 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off vncserver 0:off 1:off 2:on 3:on 4:on 5:on 6:off vsftpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off xinetd based services: chargen-dgram: off chargen-stream: off daytime-dgram: off daytime-stream: off discard-dgram: off discard-stream: off echo-dgram: off echo-stream: off tcpmux-server: off tftp: off time-dgram: off time-stream: off
No longer blocks: 674874
Comment 36•12 years ago
|
||
Does it also solve the problem with automatically bind to the right data folder?
Assignee | ||
Comment 37•12 years ago
|
||
(In reply to Henrik Skupin (:whimboo) from comment #36) > Does it also solve the problem with automatically bind to the right data > folder? Good catch (missed that one). I'll look into that.
Assignee | ||
Comment 38•12 years ago
|
||
(In reply to Jason Smith [:jsmith] from comment #37) > (In reply to Henrik Skupin (:whimboo) from comment #36) > > Does it also solve the problem with automatically bind to the right data > > folder? > > Good catch (missed that one). I'll look into that. Looked into it. I edited /etc/fstab to include the following: /var/www/html/data /var/ftp/data bind defaults,bind 0 0 Rebooting the server, I saw the ftp server come up with the directory mounted correctly to show mozqa's data.
Status: ASSIGNED → RESOLVED
Closed: 13 years ago → 12 years ago
Resolution: --- → FIXED
Comment 39•12 years ago
|
||
Thanks Jason!
Updated•6 years ago
|
Product: Mozilla QA → Mozilla QA Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•