From: Eugene Prokopiev <enp@itx.ru>
To: Sysadmins@lists.altlinux.org
Subject: [Sysadmins] pam и vsftpd virtual users
Date: Mon, 26 Mar 2012 11:32:30 +0400
Message-ID: <CANM4RuhuU30Vk6ZxNL4VnxqtPfCZaqmpDD2wtUvguKFpY0Q+rA@mail.gmail.com> (raw)
Здравствуйте!
Потребовалось завести виртуальных пользователей в vsftpd. Делаю в
соответствии с /usr/share/doc/vsftpd-2.3.5/EXAMPLE/VIRTUAL_USERS/README:
# db_load -T -t hash -f
/usr/share/doc/vsftpd-2.3.5/EXAMPLE/VIRTUAL_USERS/logins.txt
/etc/vsftpd_login.db
# chmod 600 /etc/vsftpd_login.db
# cat >/etc/pam.d/vsftpd << EOF
> auth required pam_userdb.so db=/etc/vsftpd_login
> account required pam_userdb.so db=/etc/vsftpd_login
> EOF
# useradd -d /home/ftpsite virtual
# cp /etc/hosts /home/ftpsite
# chown virtual.virtual /home/ftpsite/hosts
# cat >/etc/vsftpd/conf << EOF
> anonymous_enable=NO
> local_enable=YES
> write_enable=NO
> anon_upload_enable=NO
> anon_mkdir_write_enable=NO
> anon_other_write_enable=NO
> chroot_local_user=YES
> guest_enable=YES
> guest_username=virtual
> listen=YES
> listen_port=10021
> pasv_min_port=30000
> pasv_max_port=30999
> EOF
Запускаю (других средств отладки не нашел):
# strace -f vsftpd
Тестирую:
$ ftp localhost 10021
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.3.5)
Name (localhost:enp): tom
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp>
В выводе strace наблюдаю обращение к /lib64/security/pam_userdb.so и
/lib64/libdb-4.7.so, а затем вместо /etc/vsftpd_login.db сразу к
/etc/pam.d/other и /lib64/security/pam_deny.so. Соответственно,
подозреваю, что в /etc/pam.d/vsftpd я написал что-то не то. Что?
--
С уважением,
Прокопьев Евгений
next reply other threads:[~2012-03-26 7:32 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-26 7:32 Eugene Prokopiev [this message]
2012-03-26 7:51 ` Alexey Borisenkov
2012-03-26 7:54 ` Alexey Borisenkov
2012-03-26 8:32 ` Eugene Prokopiev
2012-03-27 7:14 ` Michael Shigorin
2012-03-27 7:34 ` Alexey Borisenkov
2012-03-27 11:07 ` Michael Shigorin
2012-03-27 7:47 ` Anton Gorlov
2012-03-27 8:08 ` Michael Shigorin
2012-03-27 8:16 ` Anton Gorlov
2012-03-28 4:12 ` Eugene Prokopiev
2012-03-28 5:28 ` Anton Gorlov
2012-03-26 9:20 ` Anton Gorlov
2012-03-29 23:11 ` Vitaly Lipatov
2012-03-30 5:24 ` Anton Gorlov
2012-04-10 12:51 ` Eugene Prokopiev
2012-03-27 7:09 ` Michael Shigorin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CANM4RuhuU30Vk6ZxNL4VnxqtPfCZaqmpDD2wtUvguKFpY0Q+rA@mail.gmail.com \
--to=enp@itx.ru \
--cc=Sysadmins@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git