Chinaunix

标题: 问题依旧：vsftp虚拟用户无法通过验证 [打印本页]

作者: tearboy 时间: 2005-11-09 16:04
标题: 问题依旧：vsftp虚拟用户无法通过验证
系统 Redhat Fedora Core 1
内核 2.4.22
vsftpd 1.2.0-5
pam 0.77-15
pam_mysql 0.55 编译加了DEBUG宏
已经按照置顶的帖子里说的配置了，但是仍然有问题：

vsftpd.conf
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
ascii_upload_enable=YES
ascii_download_enable=YES
pam_service_name=vsftpd
userlist_enable=YES
listen=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=virtual
hide_ids=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
dual_log_enable=YES

/etc/pam.d/vsftpd
#%PAM-1.0
auth    required    pam_listfile.so item=user sense=deny file=/etc/vsftpd.ftpusers onerr=succeed
auth    required    pam_stack.so service=system-auth
auth    required    pam_shells.so
account required    pam_stack.so service=system-auth
session required    pam_stack.so service=system-auth
auth    required    pam_mysql.so user=virtual passwd=virtual db=vu table=users usercolumn=name passwdcolumn=passw
account required    pam_mysql.so user=virtual passwd=virtual db=vu table=users usercolumn=name passwdcolumn=passw
（保证没有回车，是写在一行的）

连接过程：
[root@china vsftpd]# ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 1.2.0)
Name (localhost:root): vss
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp> quit
221 Goodbye.
[root@china vsftpd]#

日志：
Nov  9 16:03:30 china vsftpd(pam_unix)[3611]: check pass; user unknown
Nov  9 16:03:30 china vsftpd(pam_unix)[3611]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1
Nov  9 16:03:30 china vsftpd[3611]: pam_sm_authenticate called.
Nov  9 16:03:30 china vsftpd[3611]: dbuser changed.
Nov  9 16:03:30 china vsftpd[3611]: dbpasswd changed.
Nov  9 16:03:30 china vsftpd[3611]: database changed.
Nov  9 16:03:30 china vsftpd[3611]: table changed.
Nov  9 16:03:30 china vsftpd[3611]: usercolumn changed.
Nov  9 16:03:30 china vsftpd[3611]: passwdcolumn changed.
Nov  9 16:03:30 china vsftpd[3611]: crypt changed.
Nov  9 16:03:30 china vsftpd[3611]: Unknown option: logname=log
Nov  9 16:03:30 china vsftpd[3611]: logtable changed.
Nov  9 16:03:30 china vsftpd[3611]: logmsgcolumn changed.
Nov  9 16:03:30 china vsftpd[3611]: logusercolumn changed.
Nov  9 16:03:30 china vsftpd[3611]: loghostcolumn changed.
Nov  9 16:03:30 china vsftpd[3611]: logtimecolumn changed.
Nov  9 16:03:30 china vsftpd[3611]: db_connect  called.
Nov  9 16:03:31 china vsftpd[3611]: returning 0 .
Nov  9 16:03:31 china vsftpd[3611]: db_checkpasswd called.
Nov  9 16:03:31 china vsftpd[3611]: pam_mysql: where clause =
Nov  9 16:03:31 china vsftpd[3611]: SELECT passwd FROM users WHERE name='vss'
Nov  9 16:03:31 china vsftpd[3611]: sqlLog called.
Nov  9 16:03:31 china vsftpd[3611]: insert into logtbl (msg, user, host, , time) values('AUTH SUCCESSFUL', 'vss', '127.0.0.1', '3611', NOW())
Nov  9 16:03:31 china vsftpd[3611]: pam_mysql: MySQL err You have an error in your SQL syntax near ' time) values('AUTH SUCCESSFUL', 'vss', '127.0.0.1', '3611', NOW())' at line 1
Nov  9 16:03:31 china vsftpd[3611]: Returning 7
Nov  9 16:03:31 china vsftpd[3611]: returning 0 .
Nov  9 16:03:31 china vsftpd[3611]: returning 0.

查看vsftpd是否加载pam：
[root@china vsftpd]# ldd /usr/sbin/vsftpd
      libwrap.so.0 => /usr/lib/libwrap.so.0 (0x00d35000)
      libnsl.so.1 => /lib/libnsl.so.1 (0x00a4d000)
      libpam.so.0 => /lib/libpam.so.0 (0x00d0e000)
      libcap.so.1 => /lib/libcap.so.1 (0x009bc000)
      libc.so.6 => /lib/tls/libc.so.6 (0x00111000)
      libdl.so.2 => /lib/libdl.so.2 (0x0024a000)
      /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x00869000)

请问如何解决，十分谢谢！

作者: wolfg 时间: 2005-11-09 21:25
pam文件只留这两行，其他的注释掉
auth required pam_mysql.so user=virtual passwd=virtual db=vu table=users usercolumn=name passwdcolumn=passw
account required pam_mysql.so user=virtual passwd=virtual db=vu table=users usercolumn=name passwdcolumn=passw

作者: binghuo168 时间: 2005-12-29 11:44
把“pam_mysql.so”的路径加上去

欢迎光临 Chinaunix (http://bbs.chinaunix.net/)