LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Enterprise (https://www.linuxquestions.org/questions/linux-enterprise-47/)
-   -   VSFTPD: Users Can't Log In After Updates (https://www.linuxquestions.org/questions/linux-enterprise-47/vsftpd-users-cant-log-in-after-updates-780411/)

Subject16 01-06-2010 08:45 PM

VSFTPD: Users Can't Log In After Updates
 
Hi all. Here's the background:

Linux version 2.6.18-164.9.1.el5 (mockbuild@x86-005.build.bos.redhat.com) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-46)) #1 SMP Wed Dec 9 03:27:37 EST 2009

This server runs vsftpd. Prior to running updates on Monday all was working as it should. After running updates (and I updated pretty much everything), it no longer works. Here are the symptoms and relevant log files.

/etc/vsftpd/vsftpd.conf
Quote:

anonymous_enable=NO
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
guest_enable=YES
guest_username=ftpuser
listen=YES
listen_port=21
#pasv_address=IP address here
pasv_min_port=50000
pasv_max_port=60000
pam_service_name=vsftpd
virtual_use_local_privs=YES
local_root=/company/ftp/$USER
user_sub_token=$USER
hide_ids=YES
ftpd_banner=Company FTP
pasv_promiscuous=YES
check_shell=NO
log_ftp_protocol=YES
xferlog_enable=YES
/etc/pam.d/vsftpd
Quote:

#%PAM-1.0
#session optional pam_keyinit.so force revoke
auth required pam_pwdfile.so pwdfile /etc/vsftpd/passwd
account required pam_permit.so
account required pam_lsass.so unknown_ok
account sufficient pam_lsass.so
#auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth required pam_shells.so
#auth include system-auth
#account include system-auth
#session include system-auth
#session required pam_loginuid.so
When I try to log in locally this is the response:

Quote:

Connected to 127.0.0.1.
220 Our FTP
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): igi
331 Please specify the password.
Password:
421 Service not available, remote server has closed connection
Login failed.
No control connection for command: No such file or directory
ftp>
I enabled verbose logging and this is the result of /var/log/vsftpd.log:

Quote:

Connected to 127.0.0.1.
220 Company FTP
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): igi
331 Please specify the password.
Password:
421 Service not available, remote server has closed connection
Login failed.
No control connection for command: No such file or directory
ftp>
I am not getting anything in /var/log/secure or /var/log/messages any more. I used to alternately get
Jan 6 19:51:19 server pam_pwdfile[16863]: user not found in password database

and

Jan 5 21:06:53 server vsftpd[22074]: PAM unable to resolve symbol: pam_sm_acct_mgmt

Lastly, on the user side when I try to log externally I get the following two errors:

If I enter a known good username and password
Quote:

421 Service not available, remote server has closed connection.
ftp: Login failed.
If I enter a bad password for a known user, or just make up a user
Quote:

530 Login incorrect.
ftp: Login failed.
I'm open to just about all suggestions at this point. I have tried many different variations on the vsftpd file in pam.d to no avail. I'm not even sure that I think it's a PAM issue any more because the vsftpd.log file seems to indicate that the authentication is going through. This is my first vsftpd experience; it was not originally configured by me so I'm picking up the details as I go.

Thanks in advance.


All times are GMT -5. The time now is 04:17 AM.