Menu
▾
▴
[Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #57 - 2 msgs
|
From: <jo...@no...> - 2004-10-06 16:14:50
|
OK...just installed vsftpd to see if there was an issue with the install. Everything seems to be working fine for me...and here are the steps I used for the configuration: 1) for the /etc/pam.d/vsftpd I used: auth required pam_mysql.so user=root passwd=<pass> db=filexfer table=user usercolumn=username passwdcolumn=passwd account required pam_mysql.so user=root passwd=<pass> db=filexfer table=user usercolumn=username passwdcolumn=passwd 2) You have to add support for the virtual users for pam_mysql to be able to map these users, so you add to the /etc/vsftp/vsftpd.conf: chroot_local_user=YES guest_enable=YES guest_username=someguy 3) make sure that you add the mapped user to the machine with: useradd -s /sbin/nologin -d /path someguy 4) insert a username and pass into the mysql table. That worked for me, so i think that should be about it. Let me know if you have any other issues with this....unless I hear back vsftpd is coming off my machine and I am back to proftpd. - Joe > Send Pam-mysql-general mailing list submissions to > pam...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/pam-mysql-general > or, via email, send a message with subject or body 'help' to > pam...@li... > > You can reach the person managing the list at > pam...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Pam-mysql-general digest..." > > > Today's Topics: > > 1. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) > 2. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) > > --__--__-- > > Message: 1 > Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) > From: jo...@no... > To: pam...@li... > Cc: pam...@li... > Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 > msg > > Although I have no experience with vsftpd, I would like to add some > suggestions. > See what happens when you alter the /etc/pam.d/vsftp to something like > this: > > auth required pam_listfile.so item=user sense=deny > file=/etc/vsftpd.ftpusers onerr=succeed > > auth optional pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > account required pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > > I took out 4 of the auth lines since it could be that system-auth pam.d > file is causing a requirement to go unfulfilled. Let me know how it turns > out, if not I can attempt to duplicate the problem tomorrow. > > - Joe > > >> Send Pam-mysql-general mailing list submissions to >> pam...@li... >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> or, via email, send a message with subject or body 'help' to >> pam...@li... >> >> You can reach the person managing the list at >> pam...@li... >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Pam-mysql-general digest..." >> >> >> Today's Topics: >> >> 1. pam_mysql + vsftpd (Anoop Bhat) >> >> -- __--__-- >> >> Message: 1 >> Date: Mon, 04 Oct 2004 16:46:37 -0500 >> From: "Anoop Bhat" <ab...@in...> >> To: pam...@li... >> Subject: [Pam-mysql-general] pam_mysql + vsftpd >> >> Hi, >> >> I've sent this email to the vsftpd developer as well and wondering if i >> can get some ideas on what i'm doing wrong here. >> >> has anyone got vsftpd and mysql working together for auth on rhel 3? >> >> here is the mail i sent to chris evans, anyone have any idea where my >> configs are failing? >> >> ==================== >> Hi Chris, >> >> I'm trying to implement vsftpd with pam_mysql and the documentation out >> there for it is quite scarce. Perhaps you can help me identify the >> problem? >> >> I think you will find this info useful >> >> I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >> >> Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >> The db is filexfer and the table is user and the passwords are stored in >> clear text (not my implementation). >> >> my /etc/pam.d/vsftp contains >> >> auth required pam_listfile.so item=user sense=deny >> file=/etc/vsftpd.ftpusers onerr=succeed >> auth required pam_stack.so service=system-auth >> auth required pam_shells.so >> account required pam_stack.so service=system-auth >> session required pam_stack.so service=system-auth >> >> auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> account required pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> >> and I am able to log select statements as well >> >> mysqld.log shows >> >> 041004 13:09:41 4 Connect root@localhost on filexfer >> 4 Init DB filexfer >> 4 Query SELECT passwd FROM user WHERE >> username='jbayerdc' >> 4 Quit >> >> >> when jbayerdc tries to log in. Note that jbayerdc is not a system >> account at all. my personal account on the system however does have >> access. >> >> /var/log/messages shows >> >> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user >> unknown >> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication failure; >> logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >> Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >> Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >> Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >> Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >> Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >> username='jbayerdc' >> Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >> >> >> logging in shows >> >> Connected to localhost (127.0.0.1). >> 220 (vsFTPd 1.2.0) >> Name (localhost:anoop): jbayerdc >> 331 Please specify the password. >> Password: >> 530 Login incorrect. >> Login failed. >> ftp> bye >> 221 Goodbye. >> >> >> Any reason as to why its not logging in? Thanks in advance for any help >> you can provide. >> >> btw, are there any mailing lists regarding vsftpd? >> >> thanks >> >> Anoop >> ====================== >> >> any ideas? >> >> thanks >> >> anoop >> >> >> >> -- __--__-- >> >> _______________________________________________ >> Pam-mysql-general mailing list >> Pam...@li... >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> >> >> End of Pam-mysql-general Digest >> > > > > > --__--__-- > > Message: 2 > Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) > From: jo...@no... > To: pam...@li... > Cc: pam...@li... > Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 > msg > > Although I have no experience with vsftpd, I would like to add some > suggestions. > See what happens when you alter the /etc/pam.d/vsftp to something like > this: > > auth required pam_listfile.so item=user sense=deny > file=/etc/vsftpd.ftpusers onerr=succeed > > auth optional pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > account required pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > > I took out 4 of the auth lines since it could be that system-auth pam.d > file is causing a requirement to go unfulfilled. Let me know how it turns > out, if not I can attempt to duplicate the problem tomorrow. > > - Joe > > >> Send Pam-mysql-general mailing list submissions to >> pam...@li... >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> or, via email, send a message with subject or body 'help' to >> pam...@li... >> >> You can reach the person managing the list at >> pam...@li... >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Pam-mysql-general digest..." >> >> >> Today's Topics: >> >> 1. pam_mysql + vsftpd (Anoop Bhat) >> >> -- __--__-- >> >> Message: 1 >> Date: Mon, 04 Oct 2004 16:46:37 -0500 >> From: "Anoop Bhat" <ab...@in...> >> To: pam...@li... >> Subject: [Pam-mysql-general] pam_mysql + vsftpd >> >> Hi, >> >> I've sent this email to the vsftpd developer as well and wondering if i >> can get some ideas on what i'm doing wrong here. >> >> has anyone got vsftpd and mysql working together for auth on rhel 3? >> >> here is the mail i sent to chris evans, anyone have any idea where my >> configs are failing? >> >> ==================== >> Hi Chris, >> >> I'm trying to implement vsftpd with pam_mysql and the documentation out >> there for it is quite scarce. Perhaps you can help me identify the >> problem? >> >> I think you will find this info useful >> >> I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >> >> Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >> The db is filexfer and the table is user and the passwords are stored in >> clear text (not my implementation). >> >> my /etc/pam.d/vsftp contains >> >> auth required pam_listfile.so item=user sense=deny >> file=/etc/vsftpd.ftpusers onerr=succeed >> auth required pam_stack.so service=system-auth >> auth required pam_shells.so >> account required pam_stack.so service=system-auth >> session required pam_stack.so service=system-auth >> >> auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> account required pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> >> and I am able to log select statements as well >> >> mysqld.log shows >> >> 041004 13:09:41 4 Connect root@localhost on filexfer >> 4 Init DB filexfer >> 4 Query SELECT passwd FROM user WHERE >> username='jbayerdc' >> 4 Quit >> >> >> when jbayerdc tries to log in. Note that jbayerdc is not a system >> account at all. my personal account on the system however does have >> access. >> >> /var/log/messages shows >> >> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user >> unknown >> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication failure; >> logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >> Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >> Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >> Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >> Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >> Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >> Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >> username='jbayerdc' >> Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >> >> >> logging in shows >> >> Connected to localhost (127.0.0.1). >> 220 (vsFTPd 1.2.0) >> Name (localhost:anoop): jbayerdc >> 331 Please specify the password. >> Password: >> 530 Login incorrect. >> Login failed. >> ftp> bye >> 221 Goodbye. >> >> >> Any reason as to why its not logging in? Thanks in advance for any help >> you can provide. >> >> btw, are there any mailing lists regarding vsftpd? >> >> thanks >> >> Anoop >> ====================== >> >> any ideas? >> >> thanks >> >> anoop >> >> >> >> -- __--__-- >> >> _______________________________________________ >> Pam-mysql-general mailing list >> Pam...@li... >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> >> >> End of Pam-mysql-general Digest >> > > > > > > --__--__-- > > _______________________________________________ > Pam-mysql-general mailing list > Pam...@li... > https://lists.sourceforge.net/lists/listinfo/pam-mysql-general > > > End of Pam-mysql-general Digest > |
