dhottinger at harrisonburg.k12.va.us dhottinger at harrisonburg.k12.va.us
Tue Jan 16 12:04:13 UTC 2007

Nsswitch.conf has:
passwd:     files ldap
shadow:     files ldap
group:      files ldap

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap

netgroup:   files ldap
publickey:  nisplus

automount:  files ldap
aliases:    files

vsftpd from pam

auth       required     pam_listfile.so item=user sense=deny  
file=/etc/vsftpd.ftpusers onerr=succeed
auth       required     pam_stack.so service=system-auth
auth       sufficient   pam_ldap.so use_first_pass
auth       required     pam_shells.so
account    required     pam_stack.so service=system-auth
account    sufficient   pam_ldap.so use_first_pass
session    required     pam_stack.so service=system-auth
session    sufficient   pam_ldap.so use_first_pass

Pretty normal.  My other servers with vsftpd work fine with this setup  
and authenticate against my ldap server.
Error message in secure.log:

Jan 16 06:53:46 newproxy vsftpd: pam_unix(vsftpd.pam:auth):  
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=someuser  
rhost=someip  user=someuser

As far as the pam module and a problem, I'll have to google.  Any help  
is greatly appreciated.



Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools

More information about the users mailing list