I have installed proftpd on a new x86_64 server: [root@ftp ~]# uname -a Linux ftp.csdsinc.com 2.6.9-22.0.1.ELsmp #1 SMP Thu Oct 27 14:49:37 CDT 2005 x86_64 x86_64 x86_64 GNU/Linux
CentOS release 4.2 (Final)
Proftpd Ver: [root@ftp ~]# rpm -q proftpd proftpd-1.2.10-8.2.el4.rf
Selinux is disabled
Modified debug file excerpt: xxx.xxxxx.com - ProFTPD 1.2.10 (stable) (built Fri Feb 18 05:56:53 CET 2005) standalone mode STARTUP xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session requested from unknown class xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - connected - local : xx.xx.xx.xx:21 xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - connected - remote : xx.xx.xx.xx:2208 xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session opened. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD command 'USER wells' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - PAM(wells): Module is unknown. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - USER wells (Login failed): Incorrect password. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session closed.
This is a copy of a working server i386 running: [em@helpdesk em]$ uname -a Linux helpdesk.csdsinc.com 2.4.21-37.EL #1 Wed Sep 28 14:14:23 EDT 2005 i686 i686 i386 GNU/Linux CentOS 3.6, proftpd-1.2.10-8.1.el3.dag
The 3.6 box works and the 4.2 box will not authenticate any user. I'm concernesd with the "PAM(wells): Module is unknown." Any ideas?
centos-bounces@centos.org <> scribbled on Tuesday, December 13, 2005 6:23 PM:
I have installed proftpd on a new x86_64 server: [root@ftp ~]# uname -a Linux ftp.csdsinc.com 2.6.9-22.0.1.ELsmp #1 SMP Thu Oct 27 14:49:37 CDT 2005 x86_64 x86_64 x86_64 GNU/Linux
CentOS release 4.2 (Final)
Proftpd Ver: [root@ftp ~]# rpm -q proftpd proftpd-1.2.10-8.2.el4.rf
Selinux is disabled
Modified debug file excerpt: xxx.xxxxx.com - ProFTPD 1.2.10 (stable) (built Fri Feb 18 05:56:53 CET 2005) standalone mode STARTUP xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session requested from unknown class xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - connected - local : xx.xx.xx.xx:21 xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - connected - remote : xx.xx.xx.xx:2208 xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session opened. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD command 'USER wells' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - PAM(wells): Module is unknown. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - USER wells (Login failed): Incorrect password. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session closed.
This is a copy of a working server i386 running: [em@helpdesk em]$ uname -a Linux helpdesk.csdsinc.com 2.4.21-37.EL #1 Wed Sep 28 14:14:23 EDT 2005 i686 i686 i386 GNU/Linux CentOS 3.6, proftpd-1.2.10-8.1.el3.dag
The 3.6 box works and the 4.2 box will not authenticate any user. I'm concernesd with the "PAM(wells): Module is unknown." Any ideas?
Does the wells user have a valid shell as defined in /etc/shells? Also, make sure that wells wasn't added to /etc/ftpusers My wife's name is A(a)manda and this has bitten me a few times.
<snip>
Does the wells user have a valid shell as defined in /etc/shells? Also, make sure that wells wasn't added to /etc/ftpusers My wife's name is A(a)manda and this has bitten me a few times.
Yes the Wells users has a valid shell. The wells user was just an example. The error occurs on all users trying to authenticate via proftpd. Ftpusers does not include any names that are being denied.
Mike Kercher wrote:
centos-bounces@centos.org <> scribbled on Tuesday, December 13, 2005 6:23 PM:
I have installed proftpd on a new x86_64 server: [root@ftp ~]# uname -a Linux ftp.csdsinc.com 2.6.9-22.0.1.ELsmp #1 SMP Thu Oct 27 14:49:37 CDT 2005 x86_64 x86_64 x86_64 GNU/Linux
CentOS release 4.2 (Final)
Proftpd Ver: [root@ftp ~]# rpm -q proftpd proftpd-1.2.10-8.2.el4.rf
Selinux is disabled
Modified debug file excerpt: xxx.xxxxx.com - ProFTPD 1.2.10 (stable) (built Fri Feb 18 05:56:53 CET 2005) standalone mode STARTUP xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session requested from unknown class xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - connected - local : xx.xx.xx.xx:21 xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - connected - remote : xx.xx.xx.xx:2208 xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session opened. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD command 'USER wells' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - PAM(wells): Module is unknown. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - USER wells (Login failed): Incorrect password. xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'QUIT' to mod_log xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'QUIT' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - FTP session closed.
This is a copy of a working server i386 running: [em@helpdesk em]$ uname -a Linux helpdesk.csdsinc.com 2.4.21-37.EL #1 Wed Sep 28 14:14:23 EDT 2005 i686 i686 i386 GNU/Linux CentOS 3.6, proftpd-1.2.10-8.1.el3.dag
The 3.6 box works and the 4.2 box will not authenticate any user. I'm concernesd with the "PAM(wells): Module is unknown." Any ideas?
Does the wells user have a valid shell as defined in /etc/shells? Also, make sure that wells wasn't added to /etc/ftpusers My wife's name is A(a)manda and this has bitten me a few times.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
To fix this issue, I had to create a new /etc/pam.d/ftp file. The file now reads like this:
#%PAM-1.0 auth required pam_unix.so nullok account required pam_unix.so session required pam_unix.so
The original reads like this: #%PAM-1.0 auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required /lib/security/pam_pwdb.so shadow nullok
# If this is enabled, anonymous logins will fail because the 'ftp' user does # not have a "valid" shell, as listed in /etc/shells. # # If you enable this, it is recommended that you do *not* give the 'ftp' # user a real shell. Instead, give the 'ftp' user /bin/false for a shell and # add /bin/false to /etc/shells. #auth required /lib/security/pam_shells.so
account required /lib/security/pam_pwdb.so session required /lib/security/pam_pwdb.so
I'm not sure what "damage" I've done with mod but it has allowed my ftp server to start working. Anyone understand what is happening?
Thanks.
Hey Ed,
Given your debug output, it looks like mod_auth_* are not compiled in? Check your binary: /usr/sbin/proftpd -l
$ /usr/sbin/proftpd -l | sort | grep auth mod_auth.c mod_auth_file.c mod_auth_pam.c mod_auth_unix.c
Give it a check, see what you find...
-te
PS: ftp://ftp.falsehope.com/home/tengel/proftpd/ -- if you can get me shell access to your X86_64, I'll build a binary for that arch that *should* work 100% like the i386
Ed Morrison wrote:
xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_tls xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_core xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching PRE_CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching CMD command 'USER wells' to mod_auth xxx.xxxxx.com (xx.xx.xx.xx[xx.xx.xx.xx]) - dispatching LOG_CMD command 'USER wells' to mod_log
-
Barry Brimer -
Ed Morrison -
Mike Kercher -
Troy Engel