vsftp PAM認證總是過不去
各位大俠,求指教一二:..
到底錯在哪了??
準備通過vsftpd+mysql+pam實現一個完善點的FTP
mysql資料庫:
database: vsftpdvirtual
tables: users ##保存虛擬用戶信息;用戶名為zhouzhong
logs ##保存日誌信息
PAM配置文件如下:
/etc/pam.d/vsftpd
....
auth required pam_mysql.so user=vsftpdvirtual passwd=123456 host=localhost db=vsftpdvirtual table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=yes logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
account required pam_mysql.so user=vsftpdvirtual passwd=123456 host=localhost db=vsftpdvirtual table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=yes logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
vsftpd.conf主配置文件如下:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
listen_port=21
guest_enable=YES
guest_username=vsftpdvirtual
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=30999
anon_world_readable_only=NO
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd/vsftpd_user_conf
以下是日誌 /var/log/secure
Dec 5 15:59:25 localhost vsftpd: PAM (vsftpd) illegal module type: 0
Dec 5 15:59:25 localhost vsftpd: PAM pam_parse: expecting return value; [...sqllog=yes]
Dec 5 15:59:25 localhost vsftpd: PAM unable to dlopen(/lib/security/logtable=logs)
Dec 5 15:59:25 localhost vsftpd: PAM
Dec 5 15:59:25 localhost vsftpd: PAM adding faulty module: /lib/security/logtable=logs
Dec 5 15:59:25 localhost vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
Dec 5 15:59:25 localhost vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=zhouzhong rhost=localhost.localdomain
Dec 5 15:59:25 localhost vsftpd: pam_succeed_if(vsftpd:auth): error retrieving information about user zhouzhong
《解決方案》
重新配置,重啟;查了下日誌;
發現其實可以往裡面logs表裡面寫日誌的;
+------------------+---------------+-------+-----------+-----------------+---------------------+
| msg | user | pid | host | rhost | logtime |
+------------------+---------------+-------+-----------+-----------------+---------------------+
| QUERYING FAILURE | vsftpdvirtual | 14919 | 127.0.0.1 | 219.***.***.*** | 2012-12-05 16:42:32 |
+------------------+---------------+-------+-----------+-----------------+---------------------+
但就是沒法登陸
Dec 5 16:45:22 localhost vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
Dec 5 16:45:22 localhost vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=zhouzhong rhost=localhost.localdomain
Dec 5 16:45:22 localhost vsftpd: pam_succeed_if(vsftpd:auth): error retrieving information about user zhouzhong
Dec 5 16:47:03 localhost vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
Dec 5 16:47:03 localhost vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=zhouzhong rhost=localhost.localdomain
Dec 5 16:47:03 localhost vsftpd: pam_succeed_if(vsftpd:auth): error retrieving information about user zhouzhong
《解決方案》
虛擬用戶、以及虛擬用戶映射的本地用戶,都無法登陸。
如果我開啟了vsftpd.conf中匿名用戶 anonymous_enable=YES,則可以匿名登錄。
真是糾結啊
《解決方案》
剛才又試了一下:如果把本地用戶vsftpdvirtual,插入到 虛擬用戶的user表中,就可以登錄了;
《解決方案》
打算把我的修改記錄下來,希望我能調通,其他人別再碰到這種問題了!
《解決方案》
還是不行!虛擬用戶登錄 總是提示:
Dec 5 20:55:30 localhost vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
Dec 5 20:55:30 localhost vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=zhouzhong rhost=219.224.168.117
Dec 5 20:55:30 localhost vsftpd: pam_succeed_if(vsftpd:auth): error retrieving information about user zhouzhong
《解決方案》
終於找到原因了,還是pam文件的問題:重新寫了一次;
1. /etc/pam.d/vsftpd原文件不變,再重新cp一份為vsftpd.mysql,並在該文件添加2行:auth 、accout; 我之前一直是在原vsftpd文件上追加的,不知道是不是這個原因。
2 vsftpd.conf文件中, pam_service_name=vsftpd.mysql local_enable=YES
《解決方案》
我也遇到同樣問題,煩請貼一下完整的我參考.
《解決方案》
回復 8# pklam
# cat /etc/pam.d/vsftpd.mysql
auth required /lib/security/pam_mysql.so user=**** passwd=****** host=localhost db=******* table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
account required /lib/security/pam_mysql.so user=***** passwd=******* host=localhost db=******* table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
是我機器現在的配置