SystemLog/ServerLog setting ignored on Docker

[MariuszGajewski]

Hi, I am running proftpd (proftpd-1.3.5e) on Docker with Ubuntu 18.04.5 LTS (Bionic Beaver) and set SystemLog (ServerLog for VirtualHost) to /var/log/proftpd/proftpd.log in proftpd.conf, but this file remains empty - the file is created but no entry appears in logfile but I can see some proftpd logs such as:

• "USER userName: Login successful" or
• "FTP session opened"

in Docker logs/console. TransferLog (/var/log/proftpd/xferlog) and ExtendedLog is normally populated to proper files.

Moreover the same configuration works on standard, non Dockerized environment - logs are populated for SystemLog as well as for TransferLog and ExtendedLog. Version of Proftpd and Ubuntu are the same on Dockerized and non Dockerized environment. Am I configuring something wrong or for some reason ServerLog and SystemLog are ignored?

ProFTPD Version and Configuration

proftpd -V output:

Compile-time Settings:
  Version: 1.3.5e (maint)
  Platform: LINUX [Linux 5.10.25-linuxkit x86_64]
  Built: Mon Feb 5 2018 23:27:47 UTC
  Built With:
    configure  '--build=x86_64-linux-gnu' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--prefix=/usr' '--with-includes=/usr/include/postgresql:/usr/include/mysql' '--mandir=/usr/share/man' '--sysconfdir=/etc/proftpd' '--localstatedir=/run' '--libexecdir=/usr/lib/proftpd' '--enable-sendfile' '--enable-facl' '--enable-dso' '--enable-autoshadow' '--enable-ctrls' '--with-modules=mod_readme' '--enable-ipv6' '--enable-nls' '--enable-memcache' '--with-lastlog=/var/log/lastlog' '--enable-pcre' '--disable-strip' '--build' 'x86_64-linux-gnu' '--with-shared=mod_unique_id:mod_site_misc:mod_load:mod_ban:mod_quotatab:mod_sql:mod_sql_mysql:mod_sql_postgres:mod_sql_sqlite:mod_sql_odbc:mod_dynmasq:mod_quotatab_sql:mod_ldap:mod_quotatab_ldap:mod_ratio:mod_tls:mod_rewrite:mod_radius:mod_wrap:mod_wrap2:mod_wrap2_file:mod_wrap2_sql:mod_quotatab_file:mod_quotatab_radius:mod_facl:mod_ctrls_admin:mod_copy:mod_deflate:mod_ifversion:mod_tls_memcache:mod_geoip:mod_exec:mod_sftp:mod_sftp_pam:mod_sftp_sql:mod_shaper:mod_sql_passwd:mod_ifsession' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/proftpd-dfsg-IzaTCF/proftpd-dfsg-1.3.5e=. -fstack-protector-strong -Wformat -Werror=format-security' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/proftpd-dfsg-IzaTCF/proftpd-dfsg-1.3.5e=. -fstack-protector-strong -Wformat -Werror=format-security'

  CFLAGS: -g -O2 -fdebug-prefix-map=/build/proftpd-dfsg-IzaTCF/proftpd-dfsg-1.3.5e=. -fstack-protector-strong -Wformat -Werror=format-security -Wall
  LDFLAGS: -L$(top_srcdir)/lib -Wl,-Bsymbolic-functions -Wl,-z,relro  -L/usr/lib/x86_64-linux-gnu -L/usr/lib/x86_64-linux-gnu
  LIBS:  -lpcreposix -lpcre -lssl -lcrypto -lcap  -lmemcached -lmemcachedutil  -lpam -lsupp -lcrypt -ldl

  Files:
    Configuration File:
      /etc/proftpd/proftpd.conf
    Pid File:
      /run/proftpd.pid
    Scoreboard File:
      /run/proftpd.scoreboard
    Header Directory:
      /usr/include/proftpd
    Shared Module Directory:
      /usr/lib/proftpd

  Features:
    + Autoshadow support
    + Controls support
    + curses support
    - Developer support
    + DSO support
    + IPv6 support
    + Largefile support
    + Lastlog support
    + Memcache support
    + ncurses support
    + NLS support
    + OpenSSL support
    + PCRE support
    + POSIX ACL support
    + Shadow file support
    + Sendfile support
    + Trace support

  Tunable Options:
    PR_TUNABLE_BUFFER_SIZE = 1024
    PR_TUNABLE_DEFAULT_RCVBUFSZ = 8192
    PR_TUNABLE_DEFAULT_SNDBUFSZ = 8192
    PR_TUNABLE_GLOBBING_MAX_MATCHES = 100000
    PR_TUNABLE_GLOBBING_MAX_RECURSION = 8
    PR_TUNABLE_HASH_TABLE_SIZE = 40
    PR_TUNABLE_NEW_POOL_SIZE = 512
    PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80
    PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30
    PR_TUNABLE_SELECT_TIMEOUT = 30
    PR_TUNABLE_TIMEOUTIDENT = 10
    PR_TUNABLE_TIMEOUTIDLE = 600
    PR_TUNABLE_TIMEOUTLINGER = 30
    PR_TUNABLE_TIMEOUTLOGIN = 300
    PR_TUNABLE_TIMEOUTNOXFER = 300
    PR_TUNABLE_TIMEOUTSTALLED = 3600
    PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 10

**My proftpd.conf file: **

Include /etc/proftpd/modules.conf

UseIPv6                                on

IdentLookups                    off

ServerName                      "XXXX"
ServerType                      standalone
DeferWelcome                    off

MultilineRFC2228              on
DefaultServer                    on
ShowSymlinks                   on

<Global>
TimeoutNoTransfer           600
TimeoutStalled                  600
TimeoutIdle                     1200
DisplayLogin                    welcome.msg
DisplayChdir                    .message true
ListOptions                     "-l"
DenyFilter                      \*.*/
DefaultRoot                     ~
RequireValidShell             off

User                            proftpd
Group                           non
Umask                           022  022
AllowOverwrite                  on
AuthOrder mod_auth_file.c
AuthUserFile /etc/ftpd.passwd
AuthGroupFile /etc/ftpd.group

AllowLogSymlinks on
TransferLog /var/log/proftpd/xferlog
ExtendedLog /var/log/proftpd/extended.log ALL commonLogs
ServerLog /var/log/proftpd/serverLog.log
PassivePorts                  50001 50100
</Global>

Port                          21

<IfModule mod_dynmasq.c>
</IfModule>
MaxInstances                    30

AllowLogSymlinks on
SystemLog /var/log/proftpd/proLog.log
LogFormat commonLogs "{\"date\":\"%{%Y-%m-%d %H:%M:%S%z}t\", \"remoteIP\":\"%a\", \"host\":\"%V\", \"userName\":\"%u\", \"fileName\":\"%F\",\"bytesSent\":\"%b\", \"response\":\"%s: %S\", \"status\":\"%{transfer-status}\", \"failureReason\":\"%{transfer-failure}\", \"commandReceived\":\"%r\"}"


<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>

<IfModule mod_ratio.c>
Ratios off
</IfModule>

<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine        off
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>


<IfModule mod_tls.c>
<VirtualHost IP>
Port XXX
Include /etc/proftpd/tls.conf
MasqueradeAddress             XXX.XXX.XXX.XXX
</VirtualHost>

<VirtualHost IP>
Port YYY
Include /etc/proftpd/tls.conf
TLSOptions EnableDiags NoEmptyFragments NoSessionReuseRequired UseImplicitSSL
MasqueradeAddress              XXX.XXX.XXX.XXX
</VirtualHost>
</IfModule>

Include /etc/proftpd/conf.d/

[Castaglia]

What does the following command show, in your Docker container?

ls -al /var/log/proftpd/proLog.log /var/log/proftpd/serverLog.log

Also, how is ProFTPD being run in that Docker container?

[MariuszGajewski]

ls -al /var/log/proftpd/
drwxr-xr-x 1 root root 4096 Aug  6 20:12 .
drwxr-xr-x 1 root root 4096 Aug  6 10:34 ..
-rw-r----- 1 root root    0 Aug  6 10:34 controls.log
-rw-r--r-- 1 root root 5360 Aug  6 20:12 extended.log
-rw-r----- 1 root root    0 Aug  6 20:11 proLog.log
-rw-r----- 1 root root    0 Aug  6 10:34 proftpd.log
-rw-r----- 1 root root    0 Aug  6 20:12 serverLog.log
-rw-r----- 1 root root 1702 Aug  6 20:12 tls.log
-rw-r--r-- 1 root root  108 Aug  6 20:12 xferlog

ProFTPD is run as a root processes with command

CMD  mount -a && \
    proftpd -n & \
    apachectl -D FOREGROUND

On the same container alongside with ProFTPD also Apache Server process is running. We have such requirement for some technical reasons

[Castaglia]

OK. I have a suspicion that ProFTPD is logging that SystemLog/ServerLog data to stdout/stderr (hence why you see it in the console/container logs), rather than to the files, because of the -n/--nodaemon command-line option. I understand that this is probably a requirement for running ProFTPD in Docker.

Let me confirm this hypothesis locally, then we'll see what can do. For related reading, you might find this interesting: #724

[Castaglia]

To get ProFTPD to continue logging to those files when not daemonized (the -n option), you will also need to use the -q/--quiet command-line option. It's not obvious, but "quiet mode" means "don't log to stderr when not daemonized".

[MariuszGajewski]

-q option do the work, right now everything works perfectly. But to be honest this is not obvious at all :) Thanks a lot for the support