Menu
▾
▴
[Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #57 - 2 msgs
|
From: Anoop B. <ab...@in...> - 2004-10-06 20:17:55
|
joe, with the changes you suggested, this is what i have. Note that the reason the user 'anoop' succeeds is because anoop has a system account as well as an entry in the db. The passwords are different but both passwords seem to work. The user 'peggy' does not have a system account and only an entry in the db. In between sending my original email and you response, I was able to achieve this. This is where I am stuck. Any ideas? [root@testkick pam.d]# ftp localhost Connected to localhost (127.0.0.1). 220 Welcome to blah FTP service. Name (localhost:anoop): anoop 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> bye 221 Goodbye. [root@testkick pam.d]# ftp localhost Connected to localhost (127.0.0.1). 220 Welcome to blah FTP service. Name (localhost:anoop): peggy 331 Please specify the password. Password: 500 OOPS: cannot locate user entry:peggy Login failed. ftp> thanks Anoop pam...@li... wrote: > Send Pam-mysql-general mailing list submissions to > pam...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/pam-mysql-general > or, via email, send a message with subject or body 'help' to > pam...@li... > > You can reach the person managing the list at > pam...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Pam-mysql-general digest..." > > > Today's Topics: > > 1. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) > 2. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) > > --__--__-- > > Message: 1 > Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) > From: jo...@no... > To: pam...@li... > Cc: pam...@li... > Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg > > Although I have no experience with vsftpd, I would like to add some > suggestions. > See what happens when you alter the /etc/pam.d/vsftp to something like this: > > auth required pam_listfile.so item=user sense=deny > file=/etc/vsftpd.ftpusers onerr=succeed > > auth optional pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > account required pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > > I took out 4 of the auth lines since it could be that system-auth pam.d > file is causing a requirement to go unfulfilled. Let me know how it turns > out, if not I can attempt to duplicate the problem tomorrow. > > - Joe > > > >>Send Pam-mysql-general mailing list submissions to >> pam...@li... >> >>To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>or, via email, send a message with subject or body 'help' to >> pam...@li... >> >>You can reach the person managing the list at >> pam...@li... >> >>When replying, please edit your Subject line so it is more specific >>than "Re: Contents of Pam-mysql-general digest..." >> >> >>Today's Topics: >> >> 1. pam_mysql + vsftpd (Anoop Bhat) >> >>-- __--__-- >> >>Message: 1 >>Date: Mon, 04 Oct 2004 16:46:37 -0500 >>From: "Anoop Bhat" <ab...@in...> >>To: pam...@li... >>Subject: [Pam-mysql-general] pam_mysql + vsftpd >> >>Hi, >> >>I've sent this email to the vsftpd developer as well and wondering if i >>can get some ideas on what i'm doing wrong here. >> >>has anyone got vsftpd and mysql working together for auth on rhel 3? >> >>here is the mail i sent to chris evans, anyone have any idea where my >>configs are failing? >> >>==================== >>Hi Chris, >> >>I'm trying to implement vsftpd with pam_mysql and the documentation out >>there for it is quite scarce. Perhaps you can help me identify the >>problem? >> >>I think you will find this info useful >> >>I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >> >>Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >>The db is filexfer and the table is user and the passwords are stored in >>clear text (not my implementation). >> >>my /etc/pam.d/vsftp contains >> >>auth required pam_listfile.so item=user sense=deny >>file=/etc/vsftpd.ftpusers onerr=succeed >>auth required pam_stack.so service=system-auth >>auth required pam_shells.so >>account required pam_stack.so service=system-auth >>session required pam_stack.so service=system-auth >> >>auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>account required pam_mysql.so user=root passwd=<pass> db=filexfer >>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> >>and I am able to log select statements as well >> >>mysqld.log shows >> >>041004 13:09:41 4 Connect root@localhost on filexfer >> 4 Init DB filexfer >> 4 Query SELECT passwd FROM user WHERE >>username='jbayerdc' >> 4 Quit >> >> >>when jbayerdc tries to log in. Note that jbayerdc is not a system >>account at all. my personal account on the system however does have >>access. >> >>/var/log/messages shows >> >>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user unknown >>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication failure; >>logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >>Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >>Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >>Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >>Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >>username='jbayerdc' >>Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >> >> >>logging in shows >> >>Connected to localhost (127.0.0.1). >>220 (vsFTPd 1.2.0) >>Name (localhost:anoop): jbayerdc >>331 Please specify the password. >>Password: >>530 Login incorrect. >>Login failed. >>ftp> bye >>221 Goodbye. >> >> >>Any reason as to why its not logging in? Thanks in advance for any help >>you can provide. >> >>btw, are there any mailing lists regarding vsftpd? >> >>thanks >> >>Anoop >>====================== >> >>any ideas? >> >>thanks >> >>anoop >> >> >> >>-- __--__-- >> >>_______________________________________________ >>Pam-mysql-general mailing list >>Pam...@li... >>https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> >> >>End of Pam-mysql-general Digest >> > > > > > > --__--__-- > > Message: 2 > Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) > From: jo...@no... > To: pam...@li... > Cc: pam...@li... > Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg > > Although I have no experience with vsftpd, I would like to add some > suggestions. > See what happens when you alter the /etc/pam.d/vsftp to something like this: > > auth required pam_listfile.so item=user sense=deny > file=/etc/vsftpd.ftpusers onerr=succeed > > auth optional pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > account required pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 > > I took out 4 of the auth lines since it could be that system-auth pam.d > file is causing a requirement to go unfulfilled. Let me know how it turns > out, if not I can attempt to duplicate the problem tomorrow. > > - Joe > > > >>Send Pam-mysql-general mailing list submissions to >> pam...@li... >> >>To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>or, via email, send a message with subject or body 'help' to >> pam...@li... >> >>You can reach the person managing the list at >> pam...@li... >> >>When replying, please edit your Subject line so it is more specific >>than "Re: Contents of Pam-mysql-general digest..." >> >> >>Today's Topics: >> >> 1. pam_mysql + vsftpd (Anoop Bhat) >> >>-- __--__-- >> >>Message: 1 >>Date: Mon, 04 Oct 2004 16:46:37 -0500 >>From: "Anoop Bhat" <ab...@in...> >>To: pam...@li... >>Subject: [Pam-mysql-general] pam_mysql + vsftpd >> >>Hi, >> >>I've sent this email to the vsftpd developer as well and wondering if i >>can get some ideas on what i'm doing wrong here. >> >>has anyone got vsftpd and mysql working together for auth on rhel 3? >> >>here is the mail i sent to chris evans, anyone have any idea where my >>configs are failing? >> >>==================== >>Hi Chris, >> >>I'm trying to implement vsftpd with pam_mysql and the documentation out >>there for it is quite scarce. Perhaps you can help me identify the >>problem? >> >>I think you will find this info useful >> >>I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >> >>Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >>The db is filexfer and the table is user and the passwords are stored in >>clear text (not my implementation). >> >>my /etc/pam.d/vsftp contains >> >>auth required pam_listfile.so item=user sense=deny >>file=/etc/vsftpd.ftpusers onerr=succeed >>auth required pam_stack.so service=system-auth >>auth required pam_shells.so >>account required pam_stack.so service=system-auth >>session required pam_stack.so service=system-auth >> >>auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>account required pam_mysql.so user=root passwd=<pass> db=filexfer >>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> >>and I am able to log select statements as well >> >>mysqld.log shows >> >>041004 13:09:41 4 Connect root@localhost on filexfer >> 4 Init DB filexfer >> 4 Query SELECT passwd FROM user WHERE >>username='jbayerdc' >> 4 Quit >> >> >>when jbayerdc tries to log in. Note that jbayerdc is not a system >>account at all. my personal account on the system however does have >>access. >> >>/var/log/messages shows >> >>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user unknown >>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication failure; >>logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >>Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >>Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >>Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >>Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >>Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >>username='jbayerdc' >>Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >> >> >>logging in shows >> >>Connected to localhost (127.0.0.1). >>220 (vsFTPd 1.2.0) >>Name (localhost:anoop): jbayerdc >>331 Please specify the password. >>Password: >>530 Login incorrect. >>Login failed. >>ftp> bye >>221 Goodbye. >> >> >>Any reason as to why its not logging in? Thanks in advance for any help >>you can provide. >> >>btw, are there any mailing lists regarding vsftpd? >> >>thanks >> >>Anoop >>====================== >> >>any ideas? >> >>thanks >> >>anoop >> >> >> >>-- __--__-- >> >>_______________________________________________ >>Pam-mysql-general mailing list >>Pam...@li... >>https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> >> >>End of Pam-mysql-general Digest >> > > > > > > > --__--__-- > > _______________________________________________ > Pam-mysql-general mailing list > Pam...@li... > https://lists.sourceforge.net/lists/listinfo/pam-mysql-general > > > End of Pam-mysql-general Digest > |
