[CentOS] vsftpd rejects users set to nologin

Kenneth Porter shiva at sewingwitch.com
Thu Jan 10 22:43:11 UTC 2019


I think the pam_shells test is really a lazy test for daemons. There's 
already a blacklist in /etc/vsftpd/user_list but it's incomplete. (It lacks 
a LOT of common system services such as named, sshd, and dbus.) I suggest 
replacing pam_shells with a test for UID < 1000:

auth        required     pam_succeed_if.so uid >= 1000 quiet_success



More information about the CentOS mailing list