On Fri, Dec 30, 2005 at 08:16:49PM +0100, vincent wrote: > Package: proftpd > Version: 1.2.10-15sarge1 > Severity: normal > > Proftpd ignore settings from /etc/pam.d/proftpd if they aren't standard. > > Example. > > Standard situation and You are trying to login with user listed in > /etc/ftpusers > ------------ > /etc/pam.d/profptd: > auth required pam_listfile.so item=user sense=deny > file=/etc/ftpusers > > /var/log/auth.log > PAM-listfile: Refused user vincent for service proftpd > knr.foo.com (aaxf48.adsl.foo.com[183.64.31.68]) - USER vincent (Login > failed): User in /etc/ftpusers. > ------------ > > > Not standard situation (just different file name: not "ftpusers" but > "ftpusers.deny") > /etc/ftpusers does not exist. > ------------ > /etc/pam.d/profptd: > auth required pam_listfile.so item=user sense=deny > file=/etc/ftpusers.deny > > /var/log/auth.log > PAM-listfile: Refused user vincent for service proftpd > knr.foo.com (aaxf48.adsl.foo.com[183.64.31.68]) - USER vincent: Login > successful. > ------------ > > > And the most weired case. Different name but /etc/ftpusers exist and user is > listed there. > But there is no words abut it in /etc/pam.d/profptd > ------------ > /etc/pam.d/profptd: > auth required pam_listfile.so item=user sense=deny > file=/etc/ftpusers.deny > > /var/log/auth.log > PAM-listfile: Refused user vincent for service proftpd > knr.foo.com (aaxf48.adsl.foo.com[183.64.31.68]) - USER vincent (Login > failed): User in /etc/ftpusers. > ------------ > > In all cases proftpd.conf is exacly the same. No changes. >
Would you please see if http://bugs.proftpd.org/show_bug.cgi?id=2729 applies in this case? I suspect this bug is also present in my 1.2.10 release... You should use both AuthPAMAuthoritative yes AND AuthOrder mod_auth_pam.c* to have PAM really authoritative! -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
