LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-22-2005, 05:16 AM   #1
quasidynamic
LQ Newbie
 
Registered: Sep 2005
Location: San Francisco, CA
Posts: 1

Rep: Reputation: 0
Question How to enable BOTH virtual & local vsftpd logins with PAM?


I am using vsftpd. I currently have a problem where I can use virtual logins OR local logins, but not BOTH concurrently. If i allow local logins to work, then i lose virtual login functionality, and vise versa. The reason for this is becuase of my PAM configs. I would love to know how to create a PAM config that would allow both types of logins...

Here is the PAM config which allows for LOCAL user logins:

#%PAM-1.0
auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd.ftpusers onerr=succeed
auth required pam_stack.so service=system-auth
auth required pam_shells.so
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
------------------------------------------------------------------------------

and here is the PAM config which allows for my virtual users logins:

#%PAM-1.0
auth required /lib/security/pam_userdb.so db=/etc/vsftpd_login
account required /lib/security/pam_userdb.so db=/etc/vsftpd_login
-------------------------------------------------------------------------------

I did try combining both configs into one, but then EVERY user fails authentication for the obvious reason that: A. if you are local user, you will not be listed in the database containing virtual users, and B. if you are a virtual user, you will not have a LOCAL login account on the system.

HOW DO I SOLVE THIS?!?!

Thanks!

Devin
 
Old 07-26-2006, 10:24 PM   #2
zoropio
LQ Newbie
 
Registered: Feb 2004
Location: Sydney
Distribution: FC4
Posts: 29

Rep: Reputation: 15
Did you find a solution to this problem? As I am having the same issues
 
Old 07-24-2008, 03:53 PM   #3
jamiebriant
LQ Newbie
 
Registered: Sep 2006
Posts: 3

Rep: Reputation: 0
I haven't actually tried it, but I imagine that changing the "required" to "sufficient" in each rule would be enough.

Jamie
 
Old 08-12-2010, 12:00 PM   #4
karmabyte
LQ Newbie
 
Registered: Aug 2010
Posts: 1

Rep: Reputation: 0
Cool This Worked

Can be done using the 'sufficient' keyword as jamie suggested. So in the OPs case the configuration would be

#%PAM-1.0
# Virtual Users
auth sufficient /lib/security/pam_userdb.so db=/etc/vsftpd_login
account sufficient /lib/security/pam_userdb.so db=/etc/vsftpd_login
# Local Users
auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd.ftpusers onerr=succeed
auth required pam_stack.so service=system-auth
auth required pam_shells.so
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 6 02-24-2020 11:49 PM
VSFTPD virtual users pam problem Cmdr_K00n Linux - Networking 2 10-19-2007 01:44 AM
vsftpd, web uploads, vsftpd virtual users, apache virtual hosts, home directories jerryasher Linux - Software 7 02-18-2007 06:29 AM
vsftpd + pam + virtual users - Pam cannot load database file. mdkelly069 Linux - Networking 3 09-22-2004 11:07 PM
VSFTPD virtual user login using pam.d problem exalik Linux - Networking 3 11-07-2003 04:29 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration