Ubuntu
vsftpd package

  1. Bug #869684
  2. Comment #22

Comment 22 for bug 869684

Revision history for this message
Anton Georg Mückl (amueckl) wrote :

Hello All,

as stated in bug #992578 I continue here to add my findings.

Uncommenting the line
#auth required pam_shells.so

in the file /etc/pam.d/vsftpd just made the error message lines in /var/log/auth.log disappear:
vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: cannot open shared object file: No such file or directory
vsftpd: PAM adding faulty module: pam_shells.so

but a local user could not login.

Also just installing vsftpd again like

# apt-get remove vsftpd
# rm /etc/pam.d/vsftpd
# apt-get install vsftpd

did NOT work.

On my fresh installation the state of the pam_shells.so is as follows:

/lib/security/pam_shells.so does not exist
/lib/x86_64-linux-gnu/security/pam_shells.so does exist

Only removing (i.e. renaming) /etc/pam.d/vsftpd worked for me, too (as mentioned in bug #992578)

The contents of the log files were:

root@develop:/etc/pam.d# tail /var/log/auth.log
Jul 22 00:50:12 develop useradd[5560]: new user: name=ftp, UID=108, GID=117, home=/srv/ftp, shell=/bin/false
Jul 22 00:50:12 develop usermod[5565]: change user 'ftp' password
Jul 22 00:50:13 develop chage[5570]: changed password expiry for ftp
Jul 22 00:50:13 develop chfn[5573]: changed user 'ftp' information
Jul 22 00:51:07 develop vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: cannot open shared object file: No such file or directory
Jul 22 00:51:07 develop vsftpd: PAM adding faulty module: pam_shells.so
Jul 22 00:51:07 develop vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
Jul 22 00:51:07 develop vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=amueckl rhost=127.0.0.1
Jul 22 00:51:07 develop vsftpd: pam_winbind(vsftpd:auth): getting password (0x00000388)
Jul 22 00:51:07 develop vsftpd: pam_winbind(vsftpd:auth): pam_get_item returned a password

root@develop:/etc/pam.d# tail /var/log/vsftpd.log
Sun Jul 22 00:09:57 2012 [pid 2] CONNECT: Client "127.0.0.1"
Sun Jul 22 00:10:04 2012 [pid 1] [amueckl] FAIL LOGIN: Client "127.0.0.1"
Sun Jul 22 00:15:50 2012 [pid 2] CONNECT: Client "127.0.0.1"
Sun Jul 22 00:15:57 2012 [pid 1] [amueckl] FAIL LOGIN: Client "127.0.0.1"
Sun Jul 22 00:36:22 2012 [pid 2] CONNECT: Client "127.0.0.1"
Sun Jul 22 00:36:27 2012 [pid 1] [amueckl] FAIL LOGIN: Client "127.0.0.1"
Sun Jul 22 00:51:03 2012 [pid 2] CONNECT: Client "127.0.0.1"
Sun Jul 22 00:51:10 2012 [pid 1] [amueckl] FAIL LOGIN: Client "127.0.0.1"
Sun Jul 22 01:01:55 2012 [pid 2] CONNECT: Client "127.0.0.1"
Sun Jul 22 01:02:00 2012 [pid 1] [amueckl] OK LOGIN: Client "127.0.0.1"

Note:
- At around 00:50:12 I installed vsftpd (again) and then tried to login as a local user -> 530 Login incorrect.
- At around 01:00:00 I renamed the file /etc/pam.d/vsftpd to vsftpd_invisible and tried again to login a local user -> 230 Login successful, but pam is not used anymore!

root@develop:/etc/pam.d# ftp localhost
Connected to localhost.
220 (vsFTPd 2.3.5)
Name (localhost:amueckl): amueckl
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x 3 1000 1000 4096 Jan 06 2012 Backup
...<skipped>...
226 Directory send OK.
ftp> bye
221 Goodbye.

If you need more info, just ask - I would be happy to be able to contribute as far as possible for me being just a "consumer" normally.