vsftpd pam accepts no one after upgrade from openSUSE 13.1

I have a machine with vsftd, which worked flawlessly for year with openSUSE13.1.
A couple of days ago I upgraded to Tumbleweed.
Since then it is not possible to log in in vsftpd, neither externally, nor locally.
vsftpd returns error 530, pam puts in /var/log/audit/audit.log a line with res=failed in stead of res=success.

My vsftpd is configured for virtual users, each with its own directory and permissions. Logging in uses pam and Berkeley password file.
The configuration of vsftpd (/etc/vsftpd.conf) or pam (/etc/pam.d/vsftpd) have not been changed .

Two things are somewhat out of the ordinary:
-in var/log/audit/audit.log ‘grantor=?’ is in each log line of failed log in. ssh logins have concrete values for grantor (and are successful);
-I used to work with db_load from package db-utils. In Tumbleweed that is now package db48-utils, with both db_load and db48_load. It doesn’t matter which I use to create te password database, neither makes logging in in vsftpd possible.

As a test, I installed vsftpd on another machine with Tumbleweed and virtual users configuration. Same result: error 530 from vsftpd.

For a short term ‘solution’ I have reverted the upgrade to Tumbleweed and am back at openSUSE13.1. I want all my machines to use the same O/S version, in this case Tumbleweed.

Any suggestions to solve this?

Am Tue, 07 Mar 2017 15:36:01 GMT
schrieb Dnk1287 <Dnk1287@no-mx.forums.microfocus.com>:


>
> Any suggestions to solve this?
>
>

https://forums.opensuse.org/showthread.php/522130-VSFTPD-and-virtual-users?highlight=vsftpd

AK


Never attribute to malice that which can be adequately explained by stupidity.
(R.J. Hanlon)

I searched for hours, but didn’t find this thread…

I will study that thread and see if I can solve my problem.

Thanks!

It took some time because of other obligations, but I did not succeed.

I installed vsftpd on another machine running on Tumbleweed, to be able to test and experiment.
I installed the pam_pwdfile package for Tumbleweed (BuHTOKPbIJI version0.99), followed the instructions in the links, but still get ‘error 530 Login incorrect’ on when using ftp localhost.
I used openssl passwd with various algoritms to produce a file with line(s) like username:hashedpassword; I also used mkpasswd once.
And I still have the question mark behind grantors= in /var/log/audit/audit.log:
type=USER_AUTH msg=audit(1489487208.856:173): pid=22001 uid=0 auid=4294967295 ses=4294967295 msg=‘op=PAM:authentication grantors=? acct=“pqr9” exe=“/usr/sbin/vsftpd” hostname=127.0.0.1 addr=127.0.0.1 terminal=ftp res=failed’

The contents of /etc/pam.d/vsftpd is:
auth required pam_pwdfile.so pwdfile /root/bin/pwd.db
account required pam_permit.so

Undoubtedly I have forgotten something, but I don’t know what.

Solved.
(The problem was caused by pam_pwdfile not being where it should be and troubles filling the password file.)

vsftpd now works fine on Tumbleweed-64.