I have a machine with vsftd, which worked flawlessly for year with openSUSE13.1.
A couple of days ago I upgraded to Tumbleweed.
Since then it is not possible to log in in vsftpd, neither externally, nor locally.
vsftpd returns error 530, pam puts in /var/log/audit/audit.log a line with res=failed in stead of res=success.
My vsftpd is configured for virtual users, each with its own directory and permissions. Logging in uses pam and Berkeley password file.
The configuration of vsftpd (/etc/vsftpd.conf) or pam (/etc/pam.d/vsftpd) have not been changed .
Two things are somewhat out of the ordinary:
-in var/log/audit/audit.log ‘grantor=?’ is in each log line of failed log in. ssh logins have concrete values for grantor (and are successful);
-I used to work with db_load from package db-utils. In Tumbleweed that is now package db48-utils, with both db_load and db48_load. It doesn’t matter which I use to create te password database, neither makes logging in in vsftpd possible.
As a test, I installed vsftpd on another machine with Tumbleweed and virtual users configuration. Same result: error 530 from vsftpd.
For a short term ‘solution’ I have reverted the upgrade to Tumbleweed and am back at openSUSE13.1. I want all my machines to use the same O/S version, in this case Tumbleweed.
It took some time because of other obligations, but I did not succeed.
I installed vsftpd on another machine running on Tumbleweed, to be able to test and experiment.
I installed the pam_pwdfile package for Tumbleweed (BuHTOKPbIJI version0.99), followed the instructions in the links, but still get ‘error 530 Login incorrect’ on when using ftp localhost.
I used openssl passwd with various algoritms to produce a file with line(s) like username:hashedpassword; I also used mkpasswd once.
And I still have the question mark behind grantors= in /var/log/audit/audit.log:
type=USER_AUTH msg=audit(1489487208.856:173): pid=22001 uid=0 auid=4294967295 ses=4294967295 msg=‘op=PAM:authentication grantors=? acct=“pqr9” exe=“/usr/sbin/vsftpd” hostname=127.0.0.1 addr=127.0.0.1 terminal=ftp res=failed’
The contents of /etc/pam.d/vsftpd is:
auth required pam_pwdfile.so pwdfile /root/bin/pwd.db
account required pam_permit.so
Undoubtedly I have forgotten something, but I don’t know what.