LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices


Reply
  Search this Thread
Old 01-06-2010, 08:45 PM   #1
Subject16
Member
 
Registered: Nov 2009
Posts: 46

Rep: Reputation: 1
VSFTPD: Users Can't Log In After Updates


Hi all. Here's the background:

Linux version 2.6.18-164.9.1.el5 (mockbuild@x86-005.build.bos.redhat.com) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-46)) #1 SMP Wed Dec 9 03:27:37 EST 2009

This server runs vsftpd. Prior to running updates on Monday all was working as it should. After running updates (and I updated pretty much everything), it no longer works. Here are the symptoms and relevant log files.

/etc/vsftpd/vsftpd.conf
Quote:
anonymous_enable=NO
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
guest_enable=YES
guest_username=ftpuser
listen=YES
listen_port=21
#pasv_address=IP address here
pasv_min_port=50000
pasv_max_port=60000
pam_service_name=vsftpd
virtual_use_local_privs=YES
local_root=/company/ftp/$USER
user_sub_token=$USER
hide_ids=YES
ftpd_banner=Company FTP
pasv_promiscuous=YES
check_shell=NO
log_ftp_protocol=YES
xferlog_enable=YES
/etc/pam.d/vsftpd
Quote:
#%PAM-1.0
#session optional pam_keyinit.so force revoke
auth required pam_pwdfile.so pwdfile /etc/vsftpd/passwd
account required pam_permit.so
account required pam_lsass.so unknown_ok
account sufficient pam_lsass.so
#auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth required pam_shells.so
#auth include system-auth
#account include system-auth
#session include system-auth
#session required pam_loginuid.so
When I try to log in locally this is the response:

Quote:
Connected to 127.0.0.1.
220 Our FTP
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): igi
331 Please specify the password.
Password:
421 Service not available, remote server has closed connection
Login failed.
No control connection for command: No such file or directory
ftp>
I enabled verbose logging and this is the result of /var/log/vsftpd.log:

Quote:
Connected to 127.0.0.1.
220 Company FTP
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): igi
331 Please specify the password.
Password:
421 Service not available, remote server has closed connection
Login failed.
No control connection for command: No such file or directory
ftp>
I am not getting anything in /var/log/secure or /var/log/messages any more. I used to alternately get
Jan 6 19:51:19 server pam_pwdfile[16863]: user not found in password database

and

Jan 5 21:06:53 server vsftpd[22074]: PAM unable to resolve symbol: pam_sm_acct_mgmt

Lastly, on the user side when I try to log externally I get the following two errors:

If I enter a known good username and password
Quote:
421 Service not available, remote server has closed connection.
ftp: Login failed.
If I enter a bad password for a known user, or just make up a user
Quote:
530 Login incorrect.
ftp: Login failed.
I'm open to just about all suggestions at this point. I have tried many different variations on the vsftpd file in pam.d to no avail. I'm not even sure that I think it's a PAM issue any more because the vsftpd.log file seems to indicate that the authentication is going through. This is my first vsftpd experience; it was not originally configured by me so I'm picking up the details as I go.

Thanks in advance.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd and log files - can i up the log level to see login attempts? robr Linux - Newbie 3 04-04-2008 11:38 AM
Allow System Users and Virtual Users in VSFTPd Nickbrandson Linux - Software 0 01-24-2008 08:06 AM
vsftpd, web uploads, vsftpd virtual users, apache virtual hosts, home directories jerryasher Linux - Software 7 02-18-2007 06:29 AM
vsftpd not allowing users to log in Rokkun Linux - Software 6 11-14-2004 07:46 PM
NEWBIE: Why does my vsftpd hang when I log in using virtual users? mr_r Red Hat 0 11-18-2003 11:00 AM

LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 09:37 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration