VSFTP問題,虛擬用戶mysql驗證通過,但始終無法登陸(問題已解決)
系統:AS4 update3, (32bit)
mysql-4.1.12-3.RHEL4.1
pam_mysql-0.7RC1
vsftpd-2.0.1-5.EL4.3
vsftpd配置文件如下:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
pam_service_name=vsftpd
userlist_enable=YES
listen=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=vsftpdguest (用命令 useradd vsftpdguest添加)
/etc/pam.d/vsftpd 配置文件如下
#%PAM-1.0
auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd.ftpusers onerr=succeed
auth required pam_stack.so service=system-auth
auth required pam_shells.so
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_loginuid.so
auth required /usr/lib/security/pam_mysql.so user=root passwd=baiyqmqy2988070 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
account required /usr/lib/security/pam_mysql.so user=root passwd=baiyqmqy2988070 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
/var/log/secure 日誌文件顯示:
Mar 2 11:56:42 localhost vsftpd: pam_mysql - pam_mysql_sql_log() called.
Mar 2 11:56:42 localhost vsftpd: pam_mysql - pam_mysql_format_string() called
Mar 2 11:56:42 localhost vsftpd: pam_mysql - pam_mysql_quick_escape() called.
Mar 2 11:56:42 localhost last message repeated 3 times
Mar 2 11:56:42 localhost vsftpd: pam_mysql - INSERT INTO logs (msg, user, host, rhost, pid, logtime) VALUES ('AUTHENTICATION SUCCESS (FIRST_PASS)', 'francis', '127.0.0.1', '192.168.1.99', '25852', NOW())
Mar 2 11:56:42 localhost vsftpd: pam_mysql - pam_mysql_sql_log() returning 0.
Mar 2 11:56:42 localhost vsftpd: pam_mysql - pam_sm_authenticate() returning 0.
Mar 2 11:56:45 localhost vsftpd: pam_mysql - pam_mysql_release_ctx() called.
Mar 2 11:56:45 localhost vsftpd: pam_mysql - pam_mysql_destroy_ctx() called.
Mar 2 11:56:45 localhost vsftpd: pam_mysql - pam_mysql_close_db() called.
/var/log/messages日誌文件顯示:
Mar 2 11:56:42 localhost vsftpd(pam_unix): check pass; user unknown
Mar 2 11:56:42 localhost vsftpd(pam_unix): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=francis rhost=192.168.1.99
小弟愚以為'AUTHENTICATION SUCCESS (FIRST_PASS)', 'francis'此處應該表示了 資料庫檢驗用戶已經通過,但是為什麼到
Mar 2 11:56:42 localhost vsftpd(pam_unix): check pass; user unknown
Mar 2 11:56:42 localhost vsftpd(pam_unix): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=francis rhost=192.168.1.99 確始終通不過, pam-mysql 換了0.62版的, vsftp也換過用源碼安裝的,但是最後的結果都一樣,希望能有高人指點指點,小弟在此先謝謝了.
[ 本帖最後由 Exaybachay 於 2007-3-2 15:19 編輯 ]
《解決方案》
auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd.ftpusers onerr=succeed
auth required pam_stack.so service=system-auth
auth required pam_shells.so
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_loginuid.so
auth required /usr/lib/security/pam_mysql.so user=root passwd=baiyqmqy2988070 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
account required /usr/lib/security/pam_mysql.so user=root passwd=baiyqmqy2988070 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
改成
auth required /usr/lib/security/pam_mysql.so user=root passwd=baiyqmqy2988070 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
account required /usr/lib/security/pam_mysql.so user=root passwd=baiyqmqy2988070 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
困惑了兩天...鬱悶,就因為不仔細....
不知道有高人能解釋解釋在被我刪除的那幾行都什麼意思嗎?小弟感激涕淋.
[ 本帖最後由 Exaybachay 於 2007-3-2 15:23 編輯 ]
《解決方案》
你刪除的那些行是PAM的其他認證模塊,用來認證FTP的實用戶的!你當前的配置只支持虛用戶的認證!linux的系統用戶將無法訪問FTP。
《解決方案》
謝謝指點,呵呵,那我就只用虛擬用戶登陸了.