Menu
▾
▴
[Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #58 - 2 msgs
|
From: <jo...@no...> - 2004-10-07 17:26:04
|
Anoop: Sorry, misread the message from the 6th, the reason that it would be allowing both of the passwords is b/c you are allowing the system-auth pam module to authenticate the connection. So, what it is doing is actually checking for the same authentication that somehting like sshd would check for and then checking for the pam_mysql module. What we are looking to do now is to only ask for the pam_mysql module, and that is the only login that will act as valid. Now, the reason that it looks like it is requiring the local user is that you need to have the virtual user enabled (in vsftp), which is in the config that I sent yesterday as: > chroot_local_user=YES > guest_enable=YES > guest_username=someguy This is going to now make sure that you don't need that local user. Also, that vsftp pam setting that I sent shoudl do that trick for the login. The key to the new pam config for vsftp is that it is not asking for system-auth settings. If you would like to include more pam settings you would have to add them seperately but as for now I think this is all that you are going to need. Let me know how you are making out with this. - Joe > Send Pam-mysql-general mailing list submissions to > pam...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/pam-mysql-general > or, via email, send a message with subject or body 'help' to > pam...@li... > > You can reach the person managing the list at > pam...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Pam-mysql-general digest..." > > > Today's Topics: > > 1. Re: Pam-mysql-general digest, Vol 1 #57 - 2 msgs (jo...@no...) > 2. Re: Pam-mysql-general digest, Vol 1 #57 - 2 msgs (Anoop Bhat) > > --__--__-- > > Message: 1 > Date: Wed, 6 Oct 2004 09:31:47 -0700 (MST) > From: jo...@no... > To: pam...@li... > Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #57 - 2 > msgs > > OK...just installed vsftpd to see if there was an issue with the install. > Everything seems to be working fine for me...and here are the steps I used > for the configuration: > > 1) for the /etc/pam.d/vsftpd I used: > > auth required pam_mysql.so user=root passwd=<pass> db=filexfer table=user > usercolumn=username passwdcolumn=passwd > account required pam_mysql.so user=root passwd=<pass> db=filexfer > table=user usercolumn=username passwdcolumn=passwd > > 2) You have to add support for the virtual users for pam_mysql to be able > to map these users, so you add to the /etc/vsftp/vsftpd.conf: > > chroot_local_user=YES > guest_enable=YES > guest_username=someguy > > 3) make sure that you add the mapped user to the machine with: > useradd -s /sbin/nologin -d /path someguy > > 4) insert a username and pass into the mysql table. > > That worked for me, so i think that should be about it. Let me know if > you have any other issues with this....unless I hear back vsftpd is coming > off my machine and I am back to proftpd. > > - Joe > > > > >> Send Pam-mysql-general mailing list submissions to >> pam...@li... >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> or, via email, send a message with subject or body 'help' to >> pam...@li... >> >> You can reach the person managing the list at >> pam...@li... >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Pam-mysql-general digest..." >> >> >> Today's Topics: >> >> 1. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) >> 2. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) >> >> -- __--__-- >> >> Message: 1 >> Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) >> From: jo...@no... >> To: pam...@li... >> Cc: pam...@li... >> Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 >> msg >> >> Although I have no experience with vsftpd, I would like to add some >> suggestions. >> See what happens when you alter the /etc/pam.d/vsftp to something like >> this: >> >> auth required pam_listfile.so item=user sense=deny >> file=/etc/vsftpd.ftpusers onerr=succeed >> >> auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> account required pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> I took out 4 of the auth lines since it could be that system-auth pam.d >> file is causing a requirement to go unfulfilled. Let me know how it >> turns >> out, if not I can attempt to duplicate the problem tomorrow. >> >> - Joe >> >> >>> Send Pam-mysql-general mailing list submissions to >>> pam...@li... >>> >>> To subscribe or unsubscribe via the World Wide Web, visit >>> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>> or, via email, send a message with subject or body 'help' to >>> pam...@li... >>> >>> You can reach the person managing the list at >>> pam...@li... >>> >>> When replying, please edit your Subject line so it is more specific >>> than "Re: Contents of Pam-mysql-general digest..." >>> >>> >>> Today's Topics: >>> >>> 1. pam_mysql + vsftpd (Anoop Bhat) >>> >>> -- __--__-- >>> >>> Message: 1 >>> Date: Mon, 04 Oct 2004 16:46:37 -0500 >>> From: "Anoop Bhat" <ab...@in...> >>> To: pam...@li... >>> Subject: [Pam-mysql-general] pam_mysql + vsftpd >>> >>> Hi, >>> >>> I've sent this email to the vsftpd developer as well and wondering if i >>> can get some ideas on what i'm doing wrong here. >>> >>> has anyone got vsftpd and mysql working together for auth on rhel 3? >>> >>> here is the mail i sent to chris evans, anyone have any idea where my >>> configs are failing? >>> >>> ==================== >>> Hi Chris, >>> >>> I'm trying to implement vsftpd with pam_mysql and the documentation out >>> there for it is quite scarce. Perhaps you can help me identify the >>> problem? >>> >>> I think you will find this info useful >>> >>> I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >>> >>> Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >>> The db is filexfer and the table is user and the passwords are stored >>> in >>> clear text (not my implementation). >>> >>> my /etc/pam.d/vsftp contains >>> >>> auth required pam_listfile.so item=user sense=deny >>> file=/etc/vsftpd.ftpusers onerr=succeed >>> auth required pam_stack.so service=system-auth >>> auth required pam_shells.so >>> account required pam_stack.so service=system-auth >>> session required pam_stack.so service=system-auth >>> >>> auth optional pam_mysql.so user=root passwd=<pass> >>> db=filexfer >>> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>> account required pam_mysql.so user=root passwd=<pass> >>> db=filexfer >>> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>> >>> >>> and I am able to log select statements as well >>> >>> mysqld.log shows >>> >>> 041004 13:09:41 4 Connect root@localhost on filexfer >>> 4 Init DB filexfer >>> 4 Query SELECT passwd FROM user WHERE >>> username='jbayerdc' >>> 4 Quit >>> >>> >>> when jbayerdc tries to log in. Note that jbayerdc is not a system >>> account at all. my personal account on the system however does have >>> access. >>> >>> /var/log/messages shows >>> >>> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user >>> unknown >>> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication >>> failure; >>> logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >>> Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>> Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >>> Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >>> username='jbayerdc' >>> Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >>> >>> >>> logging in shows >>> >>> Connected to localhost (127.0.0.1). >>> 220 (vsFTPd 1.2.0) >>> Name (localhost:anoop): jbayerdc >>> 331 Please specify the password. >>> Password: >>> 530 Login incorrect. >>> Login failed. >>> ftp> bye >>> 221 Goodbye. >>> >>> >>> Any reason as to why its not logging in? Thanks in advance for any help >>> you can provide. >>> >>> btw, are there any mailing lists regarding vsftpd? >>> >>> thanks >>> >>> Anoop >>> ====================== >>> >>> any ideas? >>> >>> thanks >>> >>> anoop >>> >>> >>> >>> -- __--__-- >>> >>> _______________________________________________ >>> Pam-mysql-general mailing list >>> Pam...@li... >>> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>> >>> >>> End of Pam-mysql-general Digest >>> >> >> >> >> >> -- __--__-- >> >> Message: 2 >> Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) >> From: jo...@no... >> To: pam...@li... >> Cc: pam...@li... >> Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 >> msg >> >> Although I have no experience with vsftpd, I would like to add some >> suggestions. >> See what happens when you alter the /etc/pam.d/vsftp to something like >> this: >> >> auth required pam_listfile.so item=user sense=deny >> file=/etc/vsftpd.ftpusers onerr=succeed >> >> auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> account required pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> I took out 4 of the auth lines since it could be that system-auth pam.d >> file is causing a requirement to go unfulfilled. Let me know how it >> turns >> out, if not I can attempt to duplicate the problem tomorrow. >> >> - Joe >> >> >>> Send Pam-mysql-general mailing list submissions to >>> pam...@li... >>> >>> To subscribe or unsubscribe via the World Wide Web, visit >>> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>> or, via email, send a message with subject or body 'help' to >>> pam...@li... >>> >>> You can reach the person managing the list at >>> pam...@li... >>> >>> When replying, please edit your Subject line so it is more specific >>> than "Re: Contents of Pam-mysql-general digest..." >>> >>> >>> Today's Topics: >>> >>> 1. pam_mysql + vsftpd (Anoop Bhat) >>> >>> -- __--__-- >>> >>> Message: 1 >>> Date: Mon, 04 Oct 2004 16:46:37 -0500 >>> From: "Anoop Bhat" <ab...@in...> >>> To: pam...@li... >>> Subject: [Pam-mysql-general] pam_mysql + vsftpd >>> >>> Hi, >>> >>> I've sent this email to the vsftpd developer as well and wondering if i >>> can get some ideas on what i'm doing wrong here. >>> >>> has anyone got vsftpd and mysql working together for auth on rhel 3? >>> >>> here is the mail i sent to chris evans, anyone have any idea where my >>> configs are failing? >>> >>> ==================== >>> Hi Chris, >>> >>> I'm trying to implement vsftpd with pam_mysql and the documentation out >>> there for it is quite scarce. Perhaps you can help me identify the >>> problem? >>> >>> I think you will find this info useful >>> >>> I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >>> >>> Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >>> The db is filexfer and the table is user and the passwords are stored >>> in >>> clear text (not my implementation). >>> >>> my /etc/pam.d/vsftp contains >>> >>> auth required pam_listfile.so item=user sense=deny >>> file=/etc/vsftpd.ftpusers onerr=succeed >>> auth required pam_stack.so service=system-auth >>> auth required pam_shells.so >>> account required pam_stack.so service=system-auth >>> session required pam_stack.so service=system-auth >>> >>> auth optional pam_mysql.so user=root passwd=<pass> >>> db=filexfer >>> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>> account required pam_mysql.so user=root passwd=<pass> >>> db=filexfer >>> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>> >>> >>> and I am able to log select statements as well >>> >>> mysqld.log shows >>> >>> 041004 13:09:41 4 Connect root@localhost on filexfer >>> 4 Init DB filexfer >>> 4 Query SELECT passwd FROM user WHERE >>> username='jbayerdc' >>> 4 Quit >>> >>> >>> when jbayerdc tries to log in. Note that jbayerdc is not a system >>> account at all. my personal account on the system however does have >>> access. >>> >>> /var/log/messages shows >>> >>> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user >>> unknown >>> Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication >>> failure; >>> logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >>> Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >>> Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>> Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >>> Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >>> username='jbayerdc' >>> Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >>> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>> Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >>> >>> >>> logging in shows >>> >>> Connected to localhost (127.0.0.1). >>> 220 (vsFTPd 1.2.0) >>> Name (localhost:anoop): jbayerdc >>> 331 Please specify the password. >>> Password: >>> 530 Login incorrect. >>> Login failed. >>> ftp> bye >>> 221 Goodbye. >>> >>> >>> Any reason as to why its not logging in? Thanks in advance for any help >>> you can provide. >>> >>> btw, are there any mailing lists regarding vsftpd? >>> >>> thanks >>> >>> Anoop >>> ====================== >>> >>> any ideas? >>> >>> thanks >>> >>> anoop >>> >>> >>> >>> -- __--__-- >>> >>> _______________________________________________ >>> Pam-mysql-general mailing list >>> Pam...@li... >>> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>> >>> >>> End of Pam-mysql-general Digest >>> >> >> >> >> >> >> -- __--__-- >> >> _______________________________________________ >> Pam-mysql-general mailing list >> Pam...@li... >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> >> >> End of Pam-mysql-general Digest >> > > > > > --__--__-- > > Message: 2 > Date: Wed, 06 Oct 2004 15:17:21 -0500 > From: "Anoop Bhat" <ab...@in...> > To: pam...@li... > Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #57 - 2 > msgs > > joe, > > with the changes you suggested, this is what i have. > > Note that the reason the user 'anoop' succeeds is because anoop has a > system account as well as an entry in the db. The passwords are > different but both passwords seem to work. The user 'peggy' does not > have a system account and only an entry in the db. In between sending my > original email and you response, I was able to achieve this. This is > where I am stuck. > > Any ideas? > > [root@testkick pam.d]# ftp localhost > Connected to localhost (127.0.0.1). > 220 Welcome to blah FTP service. > Name (localhost:anoop): anoop > 331 Please specify the password. > Password: > 230 Login successful. > Remote system type is UNIX. > Using binary mode to transfer files. > ftp> bye > 221 Goodbye. > [root@testkick pam.d]# ftp localhost > Connected to localhost (127.0.0.1). > 220 Welcome to blah FTP service. > Name (localhost:anoop): peggy > 331 Please specify the password. > Password: > 500 OOPS: cannot locate user entry:peggy > Login failed. > ftp> > > thanks > > Anoop > > > > pam...@li... wrote: >> Send Pam-mysql-general mailing list submissions to >> pam...@li... >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> or, via email, send a message with subject or body 'help' to >> pam...@li... >> >> You can reach the person managing the list at >> pam...@li... >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Pam-mysql-general digest..." >> >> >> Today's Topics: >> >> 1. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) >> 2. Re: Pam-mysql-general digest, Vol 1 #56 - 1 msg (jo...@no...) >> >> -- __--__-- >> >> Message: 1 >> Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) >> From: jo...@no... >> To: pam...@li... >> Cc: pam...@li... >> Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 >> msg >> >> Although I have no experience with vsftpd, I would like to add some >> suggestions. >> See what happens when you alter the /etc/pam.d/vsftp to something like >> this: >> >> auth required pam_listfile.so item=user sense=deny >> file=/etc/vsftpd.ftpusers onerr=succeed >> >> auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> account required pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> I took out 4 of the auth lines since it could be that system-auth pam.d >> file is causing a requirement to go unfulfilled. Let me know how it >> turns >> out, if not I can attempt to duplicate the problem tomorrow. >> >> - Joe >> >> >> >>>Send Pam-mysql-general mailing list submissions to >>> pam...@li... >>> >>>To subscribe or unsubscribe via the World Wide Web, visit >>> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>>or, via email, send a message with subject or body 'help' to >>> pam...@li... >>> >>>You can reach the person managing the list at >>> pam...@li... >>> >>>When replying, please edit your Subject line so it is more specific >>>than "Re: Contents of Pam-mysql-general digest..." >>> >>> >>>Today's Topics: >>> >>> 1. pam_mysql + vsftpd (Anoop Bhat) >>> >>>-- __--__-- >>> >>>Message: 1 >>>Date: Mon, 04 Oct 2004 16:46:37 -0500 >>>From: "Anoop Bhat" <ab...@in...> >>>To: pam...@li... >>>Subject: [Pam-mysql-general] pam_mysql + vsftpd >>> >>>Hi, >>> >>>I've sent this email to the vsftpd developer as well and wondering if i >>>can get some ideas on what i'm doing wrong here. >>> >>>has anyone got vsftpd and mysql working together for auth on rhel 3? >>> >>>here is the mail i sent to chris evans, anyone have any idea where my >>>configs are failing? >>> >>>==================== >>>Hi Chris, >>> >>>I'm trying to implement vsftpd with pam_mysql and the documentation out >>>there for it is quite scarce. Perhaps you can help me identify the >>>problem? >>> >>>I think you will find this info useful >>> >>>I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >>> >>>Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >>>The db is filexfer and the table is user and the passwords are stored in >>>clear text (not my implementation). >>> >>>my /etc/pam.d/vsftp contains >>> >>>auth required pam_listfile.so item=user sense=deny >>>file=/etc/vsftpd.ftpusers onerr=succeed >>>auth required pam_stack.so service=system-auth >>>auth required pam_shells.so >>>account required pam_stack.so service=system-auth >>>session required pam_stack.so service=system-auth >>> >>>auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >>>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>>account required pam_mysql.so user=root passwd=<pass> db=filexfer >>>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>> >>> >>>and I am able to log select statements as well >>> >>>mysqld.log shows >>> >>>041004 13:09:41 4 Connect root@localhost on filexfer >>> 4 Init DB filexfer >>> 4 Query SELECT passwd FROM user WHERE >>>username='jbayerdc' >>> 4 Quit >>> >>> >>>when jbayerdc tries to log in. Note that jbayerdc is not a system >>>account at all. my personal account on the system however does have >>>access. >>> >>>/var/log/messages shows >>> >>>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user >>> unknown >>>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication failure; >>>logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >>>Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>>Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >>>Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >>>username='jbayerdc' >>>Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >>> >>> >>>logging in shows >>> >>>Connected to localhost (127.0.0.1). >>>220 (vsFTPd 1.2.0) >>>Name (localhost:anoop): jbayerdc >>>331 Please specify the password. >>>Password: >>>530 Login incorrect. >>>Login failed. >>>ftp> bye >>>221 Goodbye. >>> >>> >>>Any reason as to why its not logging in? Thanks in advance for any help >>>you can provide. >>> >>>btw, are there any mailing lists regarding vsftpd? >>> >>>thanks >>> >>>Anoop >>>====================== >>> >>>any ideas? >>> >>>thanks >>> >>>anoop >>> >>> >>> >>>-- __--__-- >>> >>>_______________________________________________ >>>Pam-mysql-general mailing list >>>Pam...@li... >>>https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>> >>> >>>End of Pam-mysql-general Digest >>> >> >> >> >> >> >> -- __--__-- >> >> Message: 2 >> Date: Tue, 5 Oct 2004 10:24:48 -0700 (MST) >> From: jo...@no... >> To: pam...@li... >> Cc: pam...@li... >> Subject: [Pam-mysql-general] Re: Pam-mysql-general digest, Vol 1 #56 - 1 >> msg >> >> Although I have no experience with vsftpd, I would like to add some >> suggestions. >> See what happens when you alter the /etc/pam.d/vsftp to something like >> this: >> >> auth required pam_listfile.so item=user sense=deny >> file=/etc/vsftpd.ftpusers onerr=succeed >> >> auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> account required pam_mysql.so user=root passwd=<pass> db=filexfer >> table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >> >> I took out 4 of the auth lines since it could be that system-auth pam.d >> file is causing a requirement to go unfulfilled. Let me know how it >> turns >> out, if not I can attempt to duplicate the problem tomorrow. >> >> - Joe >> >> >> >>>Send Pam-mysql-general mailing list submissions to >>> pam...@li... >>> >>>To subscribe or unsubscribe via the World Wide Web, visit >>> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>>or, via email, send a message with subject or body 'help' to >>> pam...@li... >>> >>>You can reach the person managing the list at >>> pam...@li... >>> >>>When replying, please edit your Subject line so it is more specific >>>than "Re: Contents of Pam-mysql-general digest..." >>> >>> >>>Today's Topics: >>> >>> 1. pam_mysql + vsftpd (Anoop Bhat) >>> >>>-- __--__-- >>> >>>Message: 1 >>>Date: Mon, 04 Oct 2004 16:46:37 -0500 >>>From: "Anoop Bhat" <ab...@in...> >>>To: pam...@li... >>>Subject: [Pam-mysql-general] pam_mysql + vsftpd >>> >>>Hi, >>> >>>I've sent this email to the vsftpd developer as well and wondering if i >>>can get some ideas on what i'm doing wrong here. >>> >>>has anyone got vsftpd and mysql working together for auth on rhel 3? >>> >>>here is the mail i sent to chris evans, anyone have any idea where my >>>configs are failing? >>> >>>==================== >>>Hi Chris, >>> >>>I'm trying to implement vsftpd with pam_mysql and the documentation out >>>there for it is quite scarce. Perhaps you can help me identify the >>>problem? >>> >>>I think you will find this info useful >>> >>>I'm running Redhat Enterprise 3.0 on an HP Proliant DL360 G2. >>> >>>Mysql and VSFTPD are installed and so is pam_mysql.so in /lib/security. >>>The db is filexfer and the table is user and the passwords are stored in >>>clear text (not my implementation). >>> >>>my /etc/pam.d/vsftp contains >>> >>>auth required pam_listfile.so item=user sense=deny >>>file=/etc/vsftpd.ftpusers onerr=succeed >>>auth required pam_stack.so service=system-auth >>>auth required pam_shells.so >>>account required pam_stack.so service=system-auth >>>session required pam_stack.so service=system-auth >>> >>>auth optional pam_mysql.so user=root passwd=<pass> db=filexfer >>>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>>account required pam_mysql.so user=root passwd=<pass> db=filexfer >>>table=user usercolumn=username passwdcolumn=passwd crypt=0 sqllog=0 >>> >>> >>>and I am able to log select statements as well >>> >>>mysqld.log shows >>> >>>041004 13:09:41 4 Connect root@localhost on filexfer >>> 4 Init DB filexfer >>> 4 Query SELECT passwd FROM user WHERE >>>username='jbayerdc' >>> 4 Quit >>> >>> >>>when jbayerdc tries to log in. Note that jbayerdc is not a system >>>account at all. my personal account on the system however does have >>>access. >>> >>>/var/log/messages shows >>> >>>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: check pass; user >>> unknown >>>Oct 4 13:09:41 testkick vsftpd(pam_unix)[1684]: authentication failure; >>>logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 >>>Oct 4 13:09:41 testkick vsftpd[1684]: pam_sm_authenticate called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: dbuser changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: dbpasswd changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: database changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: table changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: usercolumn changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: passwdcolumn changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: crypt changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: sqllog changed. >>>Oct 4 13:09:41 testkick vsftpd[1684]: db_connect called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>>Oct 4 13:09:41 testkick vsftpd[1684]: db_checkpasswd called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: pam_mysql: where clause = >>>Oct 4 13:09:41 testkick vsftpd[1684]: SELECT passwd FROM user WHERE >>>username='jbayerdc' >>>Oct 4 13:09:41 testkick vsftpd[1684]: sqlLog called. >>>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0 . >>>Oct 4 13:09:41 testkick vsftpd[1684]: returning 0. >>> >>> >>>logging in shows >>> >>>Connected to localhost (127.0.0.1). >>>220 (vsFTPd 1.2.0) >>>Name (localhost:anoop): jbayerdc >>>331 Please specify the password. >>>Password: >>>530 Login incorrect. >>>Login failed. >>>ftp> bye >>>221 Goodbye. >>> >>> >>>Any reason as to why its not logging in? Thanks in advance for any help >>>you can provide. >>> >>>btw, are there any mailing lists regarding vsftpd? >>> >>>thanks >>> >>>Anoop >>>====================== >>> >>>any ideas? >>> >>>thanks >>> >>>anoop >>> >>> >>> >>>-- __--__-- >>> >>>_______________________________________________ >>>Pam-mysql-general mailing list >>>Pam...@li... >>>https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >>> >>> >>>End of Pam-mysql-general Digest >>> >> >> >> >> >> >> >> -- __--__-- >> >> _______________________________________________ >> Pam-mysql-general mailing list >> Pam...@li... >> https://lists.sourceforge.net/lists/listinfo/pam-mysql-general >> >> >> End of Pam-mysql-general Digest >> > > > > --__--__-- > > _______________________________________________ > Pam-mysql-general mailing list > Pam...@li... > https://lists.sourceforge.net/lists/listinfo/pam-mysql-general > > > End of Pam-mysql-general Digest > |
