[users] Re: [suggest] ProFTPD v1.3.1 stable released

Michael Mansour mic at npgx.com.au
Mon Oct 8 15:07:58 CEST 2007 

Hi Dag,

> > The SPEC file in subversion has been updated and the new packages are
> > finding their way to the mirrors.
> 
> Thanks Dag.

Today I removed my own built proftpd and proftpd-inetd RPM's and installed
your proftpd RPM.

All went well except for one thing. In my builds I had the:

/etc/pam.d/ftp

file which contains:

# cat /etc/pam.d/ftp
#%PAM-1.0
auth       required     /lib64/security/pam_listfile.so item=user sense=deny
file=/etc/ftpusers onerr=succeed
auth       required     /lib64/security/pam_pwdb.so shadow nullok

# If this is enabled, anonymous logins will fail because the 'ftp' user does
# not have a "valid" shell, as listed in /etc/shells.
#
# If you enable this, it is recommended that you do *not* give the 'ftp'
# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and
# add /bin/false to /etc/shells.
#auth       required    /lib/security/pam_shells.so

account    required     /lib64/security/pam_pwdb.so
session    required     /lib64/security/pam_pwdb.so

for 64bit systems and:

# cat ftp.orig
#%PAM-1.0
auth       required     /lib/security/pam_listfile.so item=user sense=deny
file=/etc/ftpusers onerr=succeed
auth       required     /lib/security/pam_pwdb.so shadow nullok

# If this is enabled, anonymous logins will fail because the 'ftp' user does
# not have a "valid" shell, as listed in /etc/shells.
#
# If you enable this, it is recommended that you do *not* give the 'ftp'
# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and
# add /bin/false to /etc/shells.
#auth       required    /lib/security/pam_shells.so

account    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_pwdb.so

for 32 bit systems.

I run proftpd from inetd not standalone (to allow me to block DoS attacks on
the ftp server using proftpd libwrap plugin).

When I didn't have the above "ftp" file in place (which existed in my build of
proftpd) then I found users couldn't login.

I haven't trouble-shooted this problem entirely yet, but putting the "ftp"
file in place fixed it for me.

I'd be interested to hear if anyone else had this problem? (which is why I've
copied this email to the users list).

Thanks.

Michael.

More information about the users mailing list