vsftpd - PAM - MySQL and pam_mkhomedir to create directories Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Come Celebrate our 10 Year Anniversary!vsftpd freezes after failed pam_script authenticationUsing PAM and vsftpd without root accessvsftpd virtual users home directories with pam-mysqlFTP not showing files or directoriesVsFTPd - pam_mkhomedirIssues with VSFTPD / FTP on Linux Ubuntu server - Steps for Troubleshooting?vsftpd not starting on EC2Vsftpd access over wanVSFTPD seems to ignore the configuration settingsIssues editing files using vsftpdConfiguring Lightsail bitnami vsftpd passive

porting install scripts : can rpm replace apt?

51k Euros annually for a family of 4 in Berlin: Is it enough?

Why do we bend a book to keep it straight?

Withdrew £2800, but only £2000 shows as withdrawn on online banking; what are my obligations?

How does debian/ubuntu knows a package has a updated version

Is there a (better) way to access $wpdb results?

Why was the term "discrete" used in discrete logarithm?

How to find all the available tools in mac terminal?

3 doors, three guards, one stone

How to align text above triangle figure

Why are Kinder Surprise Eggs illegal in the USA?

Why light coming from distant stars is not discreet?

How does the particle を relate to the verb 行く in the structure「A を + B に行く」?

What exactly is a "Meth" in Altered Carbon?

What is Arya's weapon design?

Identify plant with long narrow paired leaves and reddish stems

What's the meaning of 間時肆拾貳 at a car parking sign

How to deal with a team lead who never gives me credit?

Why did the IBM 650 use bi-quinary?

List *all* the tuples!

ListPlot join points by nearest neighbor rather than order

What does this icon in iOS Stardew Valley mean?

Resolving to minmaj7

Sci-Fi book where patients in a coma ward all live in a subconscious world linked together



vsftpd - PAM - MySQL and pam_mkhomedir to create directories



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Come Celebrate our 10 Year Anniversary!vsftpd freezes after failed pam_script authenticationUsing PAM and vsftpd without root accessvsftpd virtual users home directories with pam-mysqlFTP not showing files or directoriesVsFTPd - pam_mkhomedirIssues with VSFTPD / FTP on Linux Ubuntu server - Steps for Troubleshooting?vsftpd not starting on EC2Vsftpd access over wanVSFTPD seems to ignore the configuration settingsIssues editing files using vsftpdConfiguring Lightsail bitnami vsftpd passive



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








11















I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.



Here is /etc/pam.d/vsftpd configuration:



#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug


Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?



My /etc/vsftpd/vsftpd.conf:



# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES

# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES

# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO

force_local_data_ssl=NO
force_local_logins_ssl=NO

# PASV - passive ports for FTP 
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100


I saw a post saying I need this in my vsftpd.conf so I tried this as well:



session_support=YES


But now it doesn't seem to authenticate anymore as the logs show:



Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.


This is even if I've created the directory already. Now no one can get in.



Any ideas?






mysql permissions ftp pam vsftpd







share|improve this question
























  • Hi, were you ever able to resolve this issue?

    – George
    Jan 29 '15 at 19:21











  • @George Not at all.

    – Tom
    Feb 2 '15 at 17:36











  • I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.

    – George
    Feb 2 '15 at 17:38











  • is /home/vsftpd owned by vsftpd?

    – Luca Gibelli
    May 7 '18 at 8:22

















11















I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.



Here is /etc/pam.d/vsftpd configuration:



#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug


Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?



My /etc/vsftpd/vsftpd.conf:



# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES

# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES

# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO

force_local_data_ssl=NO
force_local_logins_ssl=NO

# PASV - passive ports for FTP 
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100


I saw a post saying I need this in my vsftpd.conf so I tried this as well:



session_support=YES


But now it doesn't seem to authenticate anymore as the logs show:



Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.


This is even if I've created the directory already. Now no one can get in.



Any ideas?






mysql permissions ftp pam vsftpd







share|improve this question
























  • Hi, were you ever able to resolve this issue?

    – George
    Jan 29 '15 at 19:21











  • @George Not at all.

    – Tom
    Feb 2 '15 at 17:36











  • I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.

    – George
    Feb 2 '15 at 17:38











  • is /home/vsftpd owned by vsftpd?

    – Luca Gibelli
    May 7 '18 at 8:22













11












11








11


1






I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.



Here is /etc/pam.d/vsftpd configuration:



#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug


Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?



My /etc/vsftpd/vsftpd.conf:



# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES

# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES

# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO

force_local_data_ssl=NO
force_local_logins_ssl=NO

# PASV - passive ports for FTP 
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100


I saw a post saying I need this in my vsftpd.conf so I tried this as well:



session_support=YES


But now it doesn't seem to authenticate anymore as the logs show:



Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.


This is even if I've created the directory already. Now no one can get in.



Any ideas?






mysql permissions ftp pam vsftpd







share|improve this question
















I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection.



Here is /etc/pam.d/vsftpd configuration:



#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
account required pam_mysql.so verbose=1 user=root passwd=mypass host=localhost db=mydb table=mytable usercolumn=username passwdcolumn=password crypt=3
session required pam_mkhomedir.so skel=/home/skel/ umask=0022 debug


Adding pam_mkhomedir now just shows it can't create the directory with no other messages in any log. So it obviously is not applying. Is there anything else I need?



My /etc/vsftpd/vsftpd.conf:



# No ANONYMOUS users allowed
anonymous_enable=NO
# Allow 'local' users with WRITE permissions (0755)
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=NO
xferlog_enable=YES
connect_from_port_20=YES

# define a unique user on your system which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd
chroot_local_user=YES
listen=YES

# here we use the authentication module for vsftpd to check users name and passw
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
userlist_deny=YES
# here the vsftpd will allow the 'vsftpd' user to login into '/home/vsftpd/$USER directory
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
download_enable=NO

force_local_data_ssl=NO
force_local_logins_ssl=NO

# PASV - passive ports for FTP 
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14100


I saw a post saying I need this in my vsftpd.conf so I tried this as well:



session_support=YES


But now it doesn't seem to authenticate anymore as the logs show:



Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_keyinit(vsftpd:session): Unable to look up user "user1"
Mar 24 00:46:16 ip-10-212-239-40 vsftpd[1962]: pam_mkhomedir(vsftpd:session): User unknown.


This is even if I've created the directory already. Now no one can get in.



Any ideas?






mysql permissions ftp pam vsftpd




mysql permissions ftp pam vsftpd






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 31 '16 at 20:31









Castaglia

2,60431236




2,60431236










asked Mar 24 '13 at 1:21









TomTom

8311




8311












  • Hi, were you ever able to resolve this issue?

    – George
    Jan 29 '15 at 19:21











  • @George Not at all.

    – Tom
    Feb 2 '15 at 17:36











  • I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.

    – George
    Feb 2 '15 at 17:38











  • is /home/vsftpd owned by vsftpd?

    – Luca Gibelli
    May 7 '18 at 8:22

















  • Hi, were you ever able to resolve this issue?

    – George
    Jan 29 '15 at 19:21











  • @George Not at all.

    – Tom
    Feb 2 '15 at 17:36











  • I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.

    – George
    Feb 2 '15 at 17:38











  • is /home/vsftpd owned by vsftpd?

    – Luca Gibelli
    May 7 '18 at 8:22
















Hi, were you ever able to resolve this issue?

– George
Jan 29 '15 at 19:21





Hi, were you ever able to resolve this issue?

– George
Jan 29 '15 at 19:21













@George Not at all.

– Tom
Feb 2 '15 at 17:36





@George Not at all.

– Tom
Feb 2 '15 at 17:36













I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.

– George
Feb 2 '15 at 17:38





I resolved the issue in a very different way, I moved away from vsftpd and went with pureftp. Setup and running in a couple hours without all these issues. Works perfectly.

– George
Feb 2 '15 at 17:38













is /home/vsftpd owned by vsftpd?

– Luca Gibelli
May 7 '18 at 8:22





is /home/vsftpd owned by vsftpd?

– Luca Gibelli
May 7 '18 at 8:22










2 Answers
2






active

oldest

votes


















0














For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.






share|improve this answer























  • Any references you can provide on this? I can't seem to find anything about needing nss-mysql in my context?

    – Tom
    Mar 24 '13 at 16:52











  • How is pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.

    – abbe
    Mar 24 '13 at 17:10











  • I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.

    – Tom
    Mar 24 '13 at 17:58












  • PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.

    – abbe
    Mar 24 '13 at 18:13











  • I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?

    – Tom
    Mar 24 '13 at 18:53


















0














You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).



You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.



Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.






share|improve this answer

























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "2"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f490840%2fvsftpd-pam-mysql-and-pam-mkhomedir-to-create-directories%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.






    share|improve this answer























    • Any references you can provide on this? I can't seem to find anything about needing nss-mysql in my context?

      – Tom
      Mar 24 '13 at 16:52











    • How is pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.

      – abbe
      Mar 24 '13 at 17:10











    • I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.

      – Tom
      Mar 24 '13 at 17:58












    • PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.

      – abbe
      Mar 24 '13 at 18:13











    • I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?

      – Tom
      Mar 24 '13 at 18:53















    0














    For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.






    share|improve this answer























    • Any references you can provide on this? I can't seem to find anything about needing nss-mysql in my context?

      – Tom
      Mar 24 '13 at 16:52











    • How is pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.

      – abbe
      Mar 24 '13 at 17:10











    • I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.

      – Tom
      Mar 24 '13 at 17:58












    • PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.

      – abbe
      Mar 24 '13 at 18:13











    • I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?

      – Tom
      Mar 24 '13 at 18:53













    0












    0








    0







    For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.






    share|improve this answer













    For user lookups by PAM module to succeed, you need to enable NSS module for MySQL in nsswitch.conf(5). nss_mysql is your friend.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Mar 24 '13 at 12:31









    abbeabbe

    346111




    346111












    • Any references you can provide on this? I can't seem to find anything about needing nss-mysql in my context?

      – Tom
      Mar 24 '13 at 16:52











    • How is pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.

      – abbe
      Mar 24 '13 at 17:10











    • I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.

      – Tom
      Mar 24 '13 at 17:58












    • PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.

      – abbe
      Mar 24 '13 at 18:13











    • I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?

      – Tom
      Mar 24 '13 at 18:53

















    • Any references you can provide on this? I can't seem to find anything about needing nss-mysql in my context?

      – Tom
      Mar 24 '13 at 16:52











    • How is pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.

      – abbe
      Mar 24 '13 at 17:10











    • I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.

      – Tom
      Mar 24 '13 at 17:58












    • PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.

      – abbe
      Mar 24 '13 at 18:13











    • I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?

      – Tom
      Mar 24 '13 at 18:53
















    Any references you can provide on this? I can't seem to find anything about needing nss-mysql in my context?

    – Tom
    Mar 24 '13 at 16:52





    Any references you can provide on this? I can't seem to find anything about needing nss-mysql in my context?

    – Tom
    Mar 24 '13 at 16:52













    How is pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.

    – abbe
    Mar 24 '13 at 17:10





    How is pam_mkhomedir going to figure out the path to the home directory of the user it's supposed to create ? How does it know which database to use for resolving the user ? NSS provides it with that information. In your case, you'll be needing nss_mysql, assuming your user database is stored in a MySQL database.

    – abbe
    Mar 24 '13 at 17:10













    I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.

    – Tom
    Mar 24 '13 at 17:58






    I'm just trying to find out anything about this library. The link you provided is a very old project with no documentation. If I do install this it gives no indication on what to put in your nssswitch.conf. Only that it may contain 3 parameters. Can you provide any kind of guidance? It does sound like pam_mysql is the same thing as nss-mysql? I do have pam_mysql working where it uses the mysql db to authenticate with vsftpd virtual users.

    – Tom
    Mar 24 '13 at 17:58














    PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.

    – abbe
    Mar 24 '13 at 18:13





    PAM is not same as NSS. PAM is targeted towards authentication, whereas NSS' objective is to resolve names (hostnames, usernames, etc.). Most of the distros provide a package for nss_mysql, e.g. Debian and derivatives provide it as libnss-mysql. And, yes it's not updated for half-a-decade, but it works fine. Once you install the module, configure it, and add it to your nsswitch.conf(5), things will start working for you.

    – abbe
    Mar 24 '13 at 18:13













    I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?

    – Tom
    Mar 24 '13 at 18:53





    I added libnss-mysql from my distro. Tried out of the box and nothing is working. Any ideas on what I need to change in nsswitch.conf?

    – Tom
    Mar 24 '13 at 18:53













    0














    You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).



    You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.



    Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.






    share|improve this answer





























      0














      You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).



      You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.



      Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.






      share|improve this answer



























        0












        0








        0







        You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).



        You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.



        Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.






        share|improve this answer















        You could try using pam_script - it's a pam module that allows executing arbitrary shell scripts after a user session is opened (among others).



        You can find pam_script here: https://github.com/jeroennijhof/pam_script. It should also be installable via package managers, at least I've been able to install it through apt-get.



        Be careful, as vsftpd seems to have some problems with pam_script at least when it denies authentication, see my unresolved question: vsftpd freezes after failed pam_script authentication. However in your case it should not be a problem.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Apr 13 '17 at 12:14









        Community

        1




        1










        answered Feb 21 '15 at 21:02









        edziubudzikedziubudzik

        112




        112



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Server Fault!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f490840%2fvsftpd-pam-mysql-and-pam-mkhomedir-to-create-directories%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Wikipedia:Vital articles Мазмуну Biography - Өмүр баян Philosophy and psychology - Философия жана психология Religion - Дин Social sciences - Коомдук илимдер Language and literature - Тил жана адабият Science - Илим Technology - Технология Arts and recreation - Искусство жана эс алуу History and geography - Тарых жана география Навигация менюсу

            Image
            centralized watchlist Wikipedia:Vital articles Wikipedia дан Jump to navigation Jump to search This is a list of basic subjects for which Wikipedia should have a corresponding high-quality article, and ideally a featured article. It also serves as a centralized watchlist and tracks the status of some of Wikipedia's most essential articles. Ideally this page should list approximately 1,000 of the most vital Wikipedia articles. Мазмуну 1 Biography - Өмүр баян 1.1 Actors, dancers and models - Актёрлор, бийчилер жана моделдер 1.2 Artists and architects - Сүрөтчүлөр жана архитекторлор 1.3 Authors, playwrights and poets - Жазуучулар, драматургдар жана акындар 1.4 Composers and musicians - Композиторлор жана музыканттар 1.5 Explorers and travelers - Изилдөөчүлөр менен саякатчылар 1.6 Film directors and screenwriters - Режиссёрлор жана сценаристтер 1.7 Inventors, scientists and mathematicians - Ойлоп табуучулар, окумуштуулар жана математиктер
            Read more

            Bruxelas-Capital Índice Historia | Composición | Situación lingüística | Clima | Cidades irmandadas | Notas | Véxase tamén | Menú de navegacióneO uso das linguas en Bruxelas e a situación do neerlandés"Rexión de Bruxelas Capital"o orixinalSitio da rexiónPáxina de Bruselas no sitio da Oficina de Promoción Turística de Valonia e BruxelasMapa Interactivo da Rexión de Bruxelas-CapitaleeWorldCat332144929079854441105155190212ID28008674080552-90000 0001 0666 3698n94104302ID540940339365017018237

            Image
            AnderlechtCidade de BruxelasIxellesEtterbeekEvereGanshorenJetteKoekelbergAuderghemSchaerbeekBerchem-Sainte-AgatheSaint-GillesMolenbeek-Saint-JeanSaint-Josse-ten-NoodeWoluwe-Saint-LambertWoluwe-Saint-PierreUccleForestWatermaal-Bosvoorde Comunidade Francesa de Bélxica Comunidade Flamenga de Bélxica Comunidade Xermanófona de Bélxica Bruxelas-CapitalRexións de Bélxica francésneerlandésRexiónsBélxicacomunidade francesacomunidade flamengafrancófonaflamengaUnión EuropeaMagrebMarrocosTurquíaAméricaÁfricaRepública Democrática do CongoEuropa central18 de xuño1989FlandresRexión Valoaflamengaséculo XIXClasificación climática de Köppen Bruxelas-Capital Na Galipedia, a Wikipedia en galego. Saltar ata a navegación Saltar á procura Para outras páxinas con títulos homónimos véxase: Bruxelas . Région de Bruxelles-Capitale Brussels Hoofdstedelijk Gewest Bandeira Estado Bélxica Capital Cidade de Bruxelas  • Poboación n/d Lingua oficial As dúas Superficie  • Total 1
            Read more

            What should I write in an apology letter, since I have decided not to join a company after accepting an offer letterShould I keep looking after accepting a job offer?What should I do when I've been verbally told I would get an offer letter, but still haven't gotten one after 4 weeks?Do I accept an offer from a company that I am not likely to join?New job hasn't confirmed starting date and I want to give current employer as much notice as possibleHow should I address my manager in my resignation letter?HR delayed background verification, now jobless as resignedNo email communication after accepting a formal written offer. How should I phrase the call?What should I do if after receiving a verbal offer letter I am informed that my written job offer is put on hold due to some internal issues?Should I inform the current employer that I am about to resign within 1-2 weeks since I have signed the offer letter and waiting for visa?What company will do, if I send their offer letter to another company

            Image
            When is the original BFGS algorithm still better than the Limited-Memory version? How well known and how commonly used was Huffman coding in 1979? Inverse-quotes-quine Can the US president have someone sent to jail? Employer wants to use my work email account after I quit, is this legal under German law? Is this a GDPR waiver? Do French speakers not use the subjunctive informally? Low-gravity Bronze Age fortifications Does ultrasonic bath cleaning damage laboratory volumetric glassware calibration? Why do some games show lights shine through walls? Unusual mail headers, evidence of an attempted attack. Have I been pwned? Smooth Julia set for quadratic polynomials Require advice on power conservation for backpacking trip Dimensions of list used in test C-152 carb heat on before landing in hot weather? Is my Rep in Stack-Exchange Form? What happens when your group is victim of a surprise attack but you can't be surprised? How come I was asked by a CBP
            Read more