vsftpd - PAM - MySQL and pam_mkhomedir to create directories Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Come Celebrate our 10 Year Anniversary!vsftpd freezes after failed pam_script authenticationUsing PAM and vsftpd without root accessvsftpd virtual users home directories with pam-mysqlFTP not showing files or directoriesVsFTPd - pam_mkhomedirIssues with VSFTPD / FTP on Linux Ubuntu server - Steps for Troubleshooting?vsftpd not starting on EC2Vsftpd access over wanVSFTPD seems to ignore the configuration settingsIssues editing files using vsftpdConfiguring Lightsail bitnami vsftpd passive
porting install scripts : can rpm replace apt?
51k Euros annually for a family of 4 in Berlin: Is it enough?
Why do we bend a book to keep it straight?
Withdrew £2800, but only £2000 shows as withdrawn on online banking; what are my obligations?
How does debian/ubuntu knows a package has a updated version
Is there a (better) way to access $wpdb results?
Why was the term "discrete" used in discrete logarithm?
How to find all the available tools in mac terminal?
3 doors, three guards, one stone
How to align text above triangle figure
Why are Kinder Surprise Eggs illegal in the USA?
Why light coming from distant stars is not discreet?
How does the particle を relate to the verb 行く in the structure「A を + B に行く」?
What exactly is a "Meth" in Altered Carbon?
What is Arya's weapon design?
Identify plant with long narrow paired leaves and reddish stems
What's the meaning of 間時肆拾貳 at a car parking sign
How to deal with a team lead who never gives me credit?
Why did the IBM 650 use bi-quinary?
List *all* the tuples!
ListPlot join points by nearest neighbor rather than order
What does this icon in iOS Stardew Valley mean?
Resolving to minmaj7
Sci-Fi book where patients in a coma ward all live in a subconscious world linked together
vsftpd - PAM - MySQL and pam_mkhomedir to create directories
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Come Celebrate our 10 Year Anniversary!vsftpd freezes after failed pam_script authenticationUsing PAM and vsftpd without root accessvsftpd virtual users home directories with pam-mysqlFTP not showing files or directoriesVsFTPd - pam_mkhomedirIssues with VSFTPD / FTP on Linux Ubuntu server - Steps for Troubleshooting?vsftpd not starting on EC2Vsftpd access over wanVSFTPD seems to ignore the configuration settingsIssues editing files using vsftpdConfiguring Lightsail bitnami vsftpd passive
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.
Here is /etc/pam.d/vsftpd configuration:
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug
Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?
My /etc/vsftpd/vsftpd.conf:
# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES
# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES
# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
# PASV - passive ports for FTP
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100
I saw a post saying I need this in my vsftpd.conf so I tried this as well:
session_support=YES
But now it doesn't seem to authenticate anymore as the logs show:
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.
This is even if I've created the directory already. Now no one can get in.
Any ideas?
mysql permissions ftp pam vsftpd
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
asked Mar 24 '13 at 1:21
TomTom
8311
add a comment |
I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.
Here is /etc/pam.d/vsftpd configuration:
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug
Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?
My /etc/vsftpd/vsftpd.conf:
# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES
# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES
# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
# PASV - passive ports for FTP
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100
I saw a post saying I need this in my vsftpd.conf so I tried this as well:
session_support=YES
But now it doesn't seem to authenticate anymore as the logs show:
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.
This is even if I've created the directory already. Now no one can get in.
Any ideas?
mysql permissions ftp pam vsftpd
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
asked Mar 24 '13 at 1:21
TomTom
8311
Hi, were you ever able to resolve this issue?
– George
Jan 29 '15 at 19:21
@George Not at all.
– Tom
Feb 2 '15 at 17:36
I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.
– George
Feb 2 '15 at 17:38
is /home/vsftpd owned by vsftpd?
– Luca Gibelli
May 7 '18 at 8:22
add a comment |
I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.
Here is /etc/pam.d/vsftpd configuration:
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug
Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?
My /etc/vsftpd/vsftpd.conf:
# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES
# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES
# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
# PASV - passive ports for FTP
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100
I saw a post saying I need this in my vsftpd.conf so I tried this as well:
session_support=YES
But now it doesn't seem to authenticate anymore as the logs show:
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.
This is even if I've created the directory already. Now no one can get in.
Any ideas?
mysql permissions ftp pam vsftpd
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
asked Mar 24 '13 at 1:21
TomTom
8311
I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.
Here is /etc/pam.d/vsftpd configuration:
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug
Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?
My /etc/vsftpd/vsftpd.conf:
# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES
# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES
# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
# PASV - passive ports for FTP
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100
I saw a post saying I need this in my vsftpd.conf so I tried this as well:
session_support=YES
But now it doesn't seem to authenticate anymore as the logs show:
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.
This is even if I've created the directory already. Now no one can get in.
Any ideas?
mysql permissions ftp pam vsftpd
mysql permissions ftp pam vsftpd
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
asked Mar 24 '13 at 1:21
TomTom
8311
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
asked Mar 24 '13 at 1:21
TomTom
8311
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
edited Jan 31 '16 at 20:31
Castaglia
2,60431236
2,60431236
asked Mar 24 '13 at 1:21
TomTom
8311
asked Mar 24 '13 at 1:21
TomTom
8311
asked Mar 24 '13 at 1:21
TomTom
8311
8311
Hi, were you ever able to resolve this issue?
– George
Jan 29 '15 at 19:21
@George Not at all.
– Tom
Feb 2 '15 at 17:36
I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.
– George
Feb 2 '15 at 17:38
is /home/vsftpd owned by vsftpd?
– Luca Gibelli
May 7 '18 at 8:22
add a comment |
Hi, were you ever able to resolve this issue?
– George
Jan 29 '15 at 19:21
@George Not at all.
– Tom
Feb 2 '15 at 17:36
I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.
– George
Feb 2 '15 at 17:38
is /home/vsftpd owned by vsftpd?
– Luca Gibelli
May 7 '18 at 8:22
Hi, were you ever able to resolve this issue?
– George
Jan 29 '15 at 19:21
Hi, were you ever able to resolve this issue?
– George
Jan 29 '15 at 19:21
@George Not at all.
– Tom
Feb 2 '15 at 17:36
@George Not at all.
– Tom
Feb 2 '15 at 17:36
I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.
– George
Feb 2 '15 at 17:38
I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.
– George
Feb 2 '15 at 17:38
is /home/vsftpd owned by vsftpd?
– Luca Gibelli
May 7 '18 at 8:22
is /home/vsftpd owned by vsftpd?
– Luca Gibelli
May 7 '18 at 8:22
add a comment |
2 Answers
2
active
oldest
votes
For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.
answered Mar 24 '13 at 12:31
abbeabbe
346111
Any references you can provide on this? I can't seem to find anything about needingnss-mysqlin my context?
– Tom
Mar 24 '13 at 16:52
How ispam_mkhomedirgoing to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.
– abbe
Mar 24 '13 at 17:10
I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.
– Tom
Mar 24 '13 at 17:58
PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package fornss_mysql, e.g. Debian and derivatives provide it aslibnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to yournsswitch.conf(5), things will start working for you.
– abbe
Mar 24 '13 at 18:13
I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?
– Tom
Mar 24 '13 at 18:53
|
show 1 more comment
You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).
You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.
Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.
edited Apr 13 '17 at 12:14
Community♦
1
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f490840%2fvsftpd-pam-mysql-and-pam-mkhomedir-to-create-directories%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.
answered Mar 24 '13 at 12:31
abbeabbe
346111
Any references you can provide on this? I can't seem to find anything about needingnss-mysqlin my context?
– Tom
Mar 24 '13 at 16:52
How ispam_mkhomedirgoing to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.
– abbe
Mar 24 '13 at 17:10
I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.
– Tom
Mar 24 '13 at 17:58
PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package fornss_mysql, e.g. Debian and derivatives provide it aslibnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to yournsswitch.conf(5), things will start working for you.
– abbe
Mar 24 '13 at 18:13
I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?
– Tom
Mar 24 '13 at 18:53
|
show 1 more comment
For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.
answered Mar 24 '13 at 12:31
abbeabbe
346111
Any references you can provide on this? I can't seem to find anything about needingnss-mysqlin my context?
– Tom
Mar 24 '13 at 16:52
How ispam_mkhomedirgoing to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.
– abbe
Mar 24 '13 at 17:10
I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.
– Tom
Mar 24 '13 at 17:58
PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package fornss_mysql, e.g. Debian and derivatives provide it aslibnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to yournsswitch.conf(5), things will start working for you.
– abbe
Mar 24 '13 at 18:13
I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?
– Tom
Mar 24 '13 at 18:53
|
show 1 more comment
For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.
answered Mar 24 '13 at 12:31
abbeabbe
346111
For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.
answered Mar 24 '13 at 12:31
abbeabbe
346111
answered Mar 24 '13 at 12:31
abbeabbe
346111
answered Mar 24 '13 at 12:31
abbeabbe
346111
answered Mar 24 '13 at 12:31
abbeabbe
346111
346111
Any references you can provide on this? I can't seem to find anything about needingnss-mysqlin my context?
– Tom
Mar 24 '13 at 16:52
How ispam_mkhomedirgoing to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.
– abbe
Mar 24 '13 at 17:10
I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.
– Tom
Mar 24 '13 at 17:58
PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package fornss_mysql, e.g. Debian and derivatives provide it aslibnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to yournsswitch.conf(5), things will start working for you.
– abbe
Mar 24 '13 at 18:13
I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?
– Tom
Mar 24 '13 at 18:53
|
show 1 more comment
Any references you can provide on this? I can't seem to find anything about needingnss-mysqlin my context?
– Tom
Mar 24 '13 at 16:52
How ispam_mkhomedirgoing to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.
– abbe
Mar 24 '13 at 17:10
I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.
– Tom
Mar 24 '13 at 17:58
PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package fornss_mysql, e.g. Debian and derivatives provide it aslibnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to yournsswitch.conf(5), things will start working for you.
– abbe
Mar 24 '13 at 18:13
I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?
– Tom
Mar 24 '13 at 18:53
Any references you can provide on this? I can't seem to find anything about needing
nss-mysql in my context?– Tom
Mar 24 '13 at 16:52
Any references you can provide on this? I can't seem to find anything about needing
nss-mysql in my context?– Tom
Mar 24 '13 at 16:52
How is
pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.– abbe
Mar 24 '13 at 17:10
How is
pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.– abbe
Mar 24 '13 at 17:10
I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.
– Tom
Mar 24 '13 at 17:58
I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.
– Tom
Mar 24 '13 at 17:58
PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for
nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.– abbe
Mar 24 '13 at 18:13
PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for
nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.– abbe
Mar 24 '13 at 18:13
I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?
– Tom
Mar 24 '13 at 18:53
I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?
– Tom
Mar 24 '13 at 18:53
|
show 1 more comment
You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).
You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.
Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.
edited Apr 13 '17 at 12:14
Community♦
1
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
add a comment |
You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).
You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.
Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.
edited Apr 13 '17 at 12:14
Community♦
1
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
add a comment |
You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).
You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.
Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.
edited Apr 13 '17 at 12:14
Community♦
1
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).
You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.
Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.
edited Apr 13 '17 at 12:14
Community♦
1
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
edited Apr 13 '17 at 12:14
Community♦
1
edited Apr 13 '17 at 12:14
Community♦
1
edited Apr 13 '17 at 12:14
Community♦
1
1
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
answered Feb 21 '15 at 21:02
edziubudzikedziubudzik
112
112
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f490840%2fvsftpd-pam-mysql-and-pam-mkhomedir-to-create-directories%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Hi, were you ever able to resolve this issue?
– George
Jan 29 '15 at 19:21
@George Not at all.
– Tom
Feb 2 '15 at 17:36
I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.
– George
Feb 2 '15 at 17:38
is /home/vsftpd owned by vsftpd?
– Luca Gibelli
May 7 '18 at 8:22