Mike Kercher wrote: >centos-bounces at centos.org <> scribbled on Tuesday, December 13, 2005 6:23 >PM: > > > >>I have installed proftpd on a new x86_64 server: >>[root at ftp ~]# uname -a >>Linux ftp.csdsinc.com 2.6.9-22.0.1.ELsmp #1 SMP Thu Oct 27 >>14:49:37 CDT >>2005 x86_64 x86_64 x86_64 GNU/Linux >> >>CentOS release 4.2 (Final) >> >>Proftpd Ver: >>[root at ftp ~]# rpm -q proftpd >>proftpd-1.2.10-8.2.el4.rf >> >>Selinux is disabled >> >>Modified debug file excerpt: >>xxx.xxxxx.com - ProFTPD 1.2.10 (stable) (built Fri Feb 18 05:56:53 CET >>2005) standalone mode STARTUP >>xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session >>requested from unknown class xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - connected - local : >>xx.xx.xx.xx:21 >>xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - connected - remote : >>xx.xx.xx.xx:2208 >>xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session opened. >>xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching >>PRE_CMD command 'USER wells' to mod_tls xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'USER wells' to mod_core xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'USER wells' to mod_core xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'USER wells' to mod_auth xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'USER >>wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - >>dispatching LOG_CMD command 'USER wells' to mod_log >>xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching >>PRE_CMD command 'PASS (hidden)' to mod_tls xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'PASS (hidden)' to mod_core xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'PASS (hidden)' to mod_core xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'PASS (hidden)' to mod_auth xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'PASS >>(hidden)' to mod_auth xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - PAM(wells): Module is unknown. >>xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - USER wells (Login failed): >>Incorrect password. >>xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching >>LOG_CMD_ERR command 'PASS (hidden)' to mod_log xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD_ERR command >>'PASS (hidden)' to mod_auth xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'QUIT' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - >>dispatching PRE_CMD command 'QUIT' to mod_core xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command >>'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - >>dispatching PRE_CMD command 'QUIT' to mod_log xxx.xxxxx.com >>(xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'QUIT' >>to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP >>session closed. >> >> >>This is a copy of a working server i386 running: >>[em at helpdesk em]$ uname -a >>Linux helpdesk.csdsinc.com 2.4.21-37.EL #1 Wed Sep 28 >>14:14:23 EDT 2005 >>i686 i686 i386 GNU/Linux >>CentOS 3.6, proftpd-1.2.10-8.1.el3.dag >> >>The 3.6 box works and the 4.2 box will not authenticate any >>user. I'm >>concernesd with the "PAM(wells): Module is unknown." Any ideas? >> >> >> >> > >Does the wells user have a valid shell as defined in /etc/shells? Also, >make sure that wells wasn't added to /etc/ftpusers My wife's name is >A(a)manda and this has bitten me a few times. > > > > >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos > > > To fix this issue, I had to create a new /etc/pam.d/ftp file. The file now reads like this: #%PAM-1.0 auth required pam_unix.so nullok account required pam_unix.so session required pam_unix.so The original reads like this: #%PAM-1.0 auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required /lib/security/pam_pwdb.so shadow nullok # If this is enabled, anonymous logins will fail because the 'ftp' user does # not have a "valid" shell, as listed in /etc/shells. # # If you enable this, it is recommended that you do *not* give the 'ftp' # user a real shell. Instead, give the 'ftp' user /bin/false for a shell and # add /bin/false to /etc/shells. #auth required /lib/security/pam_shells.so account required /lib/security/pam_pwdb.so session required /lib/security/pam_pwdb.so I'm not sure what "damage" I've done with mod but it has allowed my ftp server to start working. Anyone understand what is happening? Thanks.