Date: Fri, 12 Nov 1999 08:57:11 +0100 (CET) From: Lemle Geza <lemleg@fw.opsys.hu> To: Dan Langille <dan@freebsddiary.org> Cc: Mitch Collinsworth <mkc@Graphics.Cornell.EDU>, freebsd-questions@FreeBSD.ORG Subject: Re: proftpd and authentication failure Message-ID: <Pine.BSF.4.20.9911120822060.747-100000@fw.opsys.hu> In-Reply-To: <199911102116.KAA20269@freebsddiary.yi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, I have the same problem in 3.3-STABLE. See answers below. And a quick question: when I make a virtual server with its own password database and directory, the user (which is only in this database, but not a UNIX user) can log in, but can not write, unless 777 permission is granted on the directory. My question: is there any way to have some more restrictive permisions on the directory? Here is the config of the virtual ftp server: #<VirtualHost somewhere.in.hungary.org> # # ServerName "Virtual FTP Server" # ServerIdent Off # TransferLog /var/log/asdfgh.ftp.access # User proftpd # Group proftpd # MaxLoginAttempts 3 # RequireValidShell off # DefaultRoot /usr/local/www/data/asdfgh # AllowOverwrite on # AuthPAMAuthoritative off # AuthUserFile /usr/local/etc/proftpd.user # AuthGroupFile /usr/local/etc/proftpd.group # DirFakeGroup On guest # DirFakeUser On root # DirFakeMode 755 # # <Directory /usr/local/www/data/asdfgh/*> # <Limit ALL> # AllowAll # </Limit> # </Directory> # # <Limit LOGIN> # Order deny,allow # AllowGroup test # </Limit> # #</VirtualHost> On Thu, 11 Nov 1999, Dan Langille wrote: > On 10 Nov 99, at 12:45, Mitch Collinsworth wrote: > > > >ProFTPD Version 1.2.0pre8 is giving me authentication problems. I've > > >been able to get anon ftp running, but if I log in as my regular user id, I > > >get invalid password. > > > > You didn't say what version of FBSD. It matters. A lot. > > I should not be posting messages after midnight. FreeBSD 3.1-stable. > > > >Here's the output from running with -d5 > > > > > >received: USER dan > > >received: USER dan > > >received: PASS (hidden) > > >PAM(dan): Permission denied > > >USER dan: incorrect password Use this directive in your config: AuthPAMAuthoritative off > > > > I've just been fighting the proftpd/pam/freebsd battle myself today > > and it is now working. More interesting than debug output would be > > to know what is in your log file. > > proftpd[18252]: unable to resolve symbol: pam_sm_acct_mgmt > proftpd[18253]: unable to resolve symbol: pam_sm_acct_mgmt > proftpd[18300]: unable to resolve symbol: pam_sm_acct_mgmt > proftpd[18300]: unable to resolve symbol: pam_sm_open_session > proftpd[18300]: unable to resolve symbol: pam_sm_close_session > proftpd[18335]: unable to resolve symbol: pam_sm_acct_mgmt > proftpd[18338]: unable to resolve symbol: pam_sm_acct_mgmt > proftpd[18338]: unable to resolve symbol: pam_sm_open_session > proftpd[18338]: unable to resolve symbol: pam_sm_close_session Please comment out this line: ftp session required pam_unix.so try_first_pass > > > >If I add these two lines to /etc/pam.conf > > > > > >ftp auth required pam_unix.so try_first_pass > > >ftp account required pam_unix.so try_first_pass > > > > This is exactly what I have. > > > > > [bad example snipped] > > > What error? > > Hmmm, that's the debug output. But not enough of it... See below > > received: USER dan > received: USER dan > received: PASS (hidden) > PAM(dan): Permission denied > USER dan: incorrect password from [snipped] > received: QUIT > FTP session closed. > > > >And the same again if I add this to pam.conf: > > > > > >ftp session required pam_unix.so try_first_pass > > > > No. You don't want this. Well... That may depend on what version > > of FreeBSD. You definitely don't want it with 3.2-R. > > > > > > >I have no idea how to get regular logins working. I'm ready to toss this > > >aside and go with ftpd. Anyone got proftpd running? > > > > me. > > -- > Dan Langille - DVL Software Limited > The FreeBSD Diary - http://www.freebsddiary.org/freebsd/ > NZ FreeBSD User Group - http://www.nzfug.nz.freebsd.org/ > The Racing System - http://www.racingsystem.com/racingsystem.htm > unix @ home - http://www.unixathome.org/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > Thanks for your help, Lemle Geza To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.20.9911120822060.747-100000>