Hello,

I followed the vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS/README document verbatim but I'm getting authentication errors when trying to log in. I think part of my problem is that I can't get pam to log anything. Here is the output of my files:

/etc/vsftpd.conf
==================
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
pam_service_name=vsftpd
userlist_deny=NO
listen=YES
chroot_local_user=YES
guest_enable=YES
guest_username=ftpuser
virtual_use_local_privs=YES

/etc/pam.d/vsftpd
====================
auth required /lib/security/pam_userdb.so db=/etc/vsftpd_login.db
account required /lib/security/pam_userdb.so db=/etc/vsftpd_login.db

/etc/vsftpd_login.db
$>db3_dump -p /etc/vsftpd_login.db
VERSION=3
format=print
type=hash
h_nelem=2
HEADER=END
tom
foo
fred
bar
DATA=END

$>uname -a
Linux matt-desktop 2.6.22-14-generic #1 SMP Tue Dec 18 08:02:57 UTC 2007 i686 GNU/Linux
(Ubuntu 7.10)

Local users that exist in /etc/passwd login just fine - for some reason I think it's a problem with pam . . . but I don't have enough experience with pam to make a more educated guess. Any help is greatly appreciated.

p.s.

Don't know if this makes a difference but I did compile with SSL support.

Mine is working fine:
Here's my config:

1. Remark or erase the default line in /etc/pam.d/vsftpd
#%PAM-1.0
#auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd.ftpusers onerr=succeed
#auth required pam_stack.so service=system-auth
#auth required pam_shells.so
#account required pam_stack.so service=system-auth
#session required pam_stack.so service=system-auth

2. there is no ext name for the db file
auth required /lib/security/pam_userdb.so db=/etc/vsftpd_login
account required /lib/security/pam_userdb.so db=/etc/vsftpd_login

Try to take a look at the /var/log/messages to see if there's authentication error. You should able to see "User access granted" in the log

#tail -f /var/log/messages

Okay, I tried my pam.d/vsftpd conf file without the extension - same problem. I thought maybe it was a problem with Ubuntu (if I did an ldd /usr/local/sbin/vsftpd it didn't show the pam library). So I tried with openSuse 10.3 and I get the same problem (although this time ldd does show the pam lib). I am getting an error in the log file now - but again, I'm not clear on what these pam errors mean:

vsftpd: pam_warn(vsftpd:auth): function=[pam_sm_authenticate] service=[vsftpd] terminal=[ftp] user=[tom] ruser=[tom] rhost=[127.0.0.1]

These options contradict. I know it's not exactly what mjtice asked, but here's something I just found out myself:

The line in the pam config file should mirror what you already selected in vsftpd.conf, otherwise you might still be unable to login. You will be greeted with a 530 error when you have the userlist represent a list of users allowed access in the vsftp.conf, but state the opposite in the pam config file.