WU-FTP 2.6: PAM can't open pam.conf?! HELP!!!!

WU-FTP 2.6: PAM can't open pam.conf?! HELP!!!!

Post by Odycell » Sun, 31 Dec 1899 09:00:00



My FTPD won't work. I installed wu-ftpd-2.6.0-1 and also anonftp-2.8-1
in RetHat 6.0.
It just won't work!

At every attempt to ftp into the box from anywhere (e.g. local box) and
for every user I get: (in /var/log/messages)

Mar  8 22:27:01 shynergy ftpd[5402]: cannot open pid file
/var/run/ftp.pids-all: No such file or directory
Mar  8 22:27:01 shynergy ftpd[5402]: cannot open pid file
/var/run/ftp.pids-all: No such file or directory
Mar  8 22:27:04 shynergy ftpd[5402]: PAM _pam_init_handlers: could not
open /etc/pam.conf
Mar  8 22:27:04 shynergy ftpd[5402]: PAM pam_start: failed to initialize
handlers
Mar  8 22:27:04 shynergy ftpd[5402]: PAM pam_set_item: NULL pam handle
passed
Mar  8 22:27:04 shynergy ftpd[5402]: PAM pam_end: NULL pam handle passed

Mar  8 22:27:04 shynergy ftpd[5402]: failed login from 208.251.80.60
[208.251.80.60]
Mar  8 22:27:04 shynergy ftpd[5402]: cannot open pid file
/var/run/ftp.pids-all: No such file or directory

That's a lot of errors.... I tried uninstalling, re-installing,  even
upgraded to pam-0.68-10, NO CHANGE!

This seems bizarre because everywhere I look it says that /etc/pam.conf
is not necessary with recent PAM's?! Also, the file
/var/run/ftp.pids-all didn't exist, I created it, even made it
world-read/writable (...): STILL no change!

Telnet, login etc. work just fine and do not generate any authentication
messages, so I assume PAM is working. So what on earth is going on?

More info:
#### /etc/pam.d/ftp:
#%PAM-1.0
auth       required     /lib/security/pam_listfile.so item=user
sense=deny file=/etc/ftpusers onerr=succeed
auth       required     /lib/security/pam_pwdb.so shadow nullok
auth       required     /lib/security/pam_shells.so
account    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_pwdb.so

#### ftpd in inetd.conf:
    ftp  stream   tcp   nowait   root  /usr/sbin/tcpd in.ftpd -l -a
-r/home/ftp

I guess that in Windows NT, I'd just have reinstalled the entire OS by
now, but....

 I'd love to play with the source but I just don't have the time. Thanks
for any pointers.

Ody.

BTW: Is it necessary to stop inetd before upgrading/installing daemons
started in inetd?

 
 
 

1. ftp chroot jail dir & pam 1.0 /etc/pam.d/ftp file

according to a published document in setting the ftp chroot jail dir,
i replaced the following lines in my /etc/pam.d/ftp file:

auth       required     /lib/security/pam_shells.so
account    required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth

with these lines

auth       required     /lib/security/pam_pwdb.so shadow nullok
account    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_pwdb.so

is there an *current* and *explicit* PAM document that can help me
verify that what i am doing is correct?  i have individual users under
/var/ftp, setup like /var/ftp/username/ with ~/bin, ~/etc, ~/lib, and
a ~/dev/null for the shell.

Reference: my /etc/pam.d/ftp file:

#%PAM-1.0
auth       required     /lib/security/pam_listfile.so item=user
sense=deny\
                        file=/etc/ftpusers onerr=succeed
auth       required     /lib/security/pam_stack.so service=system-auth
# --------added 2002-01-28-------------------------------
auth       required     /lib/security/pam_pwdb.so shadow nullok
account    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_pwdb.so
#--------------------------------------------------------
#auth       required     /lib/security/pam_shells.so
#account    required     /lib/security/pam_stack.so
service=system-auth
#session    required     /lib/security/pam_stack.so
service=system-auth

2. ntp with AIX 4.1 and cisco

3. PAM (/etc/pam.conf).....Is It Needed?

4. LINUX & FAT32

5. PAM and /etc/pam.conf

6. YP transferring of maps...

7. 2.6 /etc/pam.conf question

8. Solaris 2.5 keyboard mapping

9. PAM/RedHat: pop3 /etc/pam.d config

10. redhat 6.1, PAM, and having to alter /etc/pam.d/kppp

11. Need pam.conf config help for RSH/REMSH and SSH authentication

12. pam modules under Solaris 2.6

13. Solaris 2.6 PAM assistance - restricting direct login access