vsftpd pam authentication issue

Hello all. New to the forum and looking for someone who has experience with PAM and vsftpd virtual users.

All appears to be setup okay and working. Can login and do what all I need to do. Problem is with user deletions.

I am using a text file and creating a db_load db that PAM is checking to see that the user is there. My problem is this. Once I remove a user from the text file (vi) and recompile the db (time stamps on file show that this happened) the user can still log in to the ftp server. I can delete the virtual users folder and then they can’t login. But I would rather have it so that they never clear authentication.

I have ended/restarted ftp server. Rebooted machine. All in an attempt to see if there was some kind of cache out there that it was reading. But to no avail.

Has anyone else run across this issue in their setups?


See. Said I was new to this forum. I placed this thread in the wrong place and am trying to figure out how to move it.


Thread can be closed. It appears it is all with how Berkeley DB compiles the database.

If you add new records to your text file it adds records to the db.
If you change records in your text file it updates the records in the db.
But if you delete records out of your text file it doesn’t remove them out of the db.

So to make sure db only has records currently in text file I am deleting the db file entirely then running db_load over the text file.

Indeed the wrong place. Will be moved soi other can find your question and your own solution in the correct place.

Closed for the moment.

Moved from Forums Feedback and open again.

now that the question is in the correct forum, please also add some
necessary information, like:

note! these question may seem like too much, but remember we can’t
look over your shoulder nor know any info you don’t tell us, and
there are a LOT of variables here which might play in the fix:

-you say you are new to the forum, please also tell a little about
your SUSE/openSUSE or Linux experience–that helps us frame questions
and answers at the right level…note, i’ve assumed you have less
than 20 years *nix experience :slight_smile:

-what operating system is in use, and its version–if not absolutely
100% sure, you could tell that by returning output from

cat /etc/SuSE-release

-if a desktop environment is involved please tell us which one, and
its version.

-if you are not sitting at the keyboard for the machine hosting the
vsftp instance, tell us via what method/means/software you access the
vsftp configuration files on the distant machine as well as tell use
the operating system/desktop environment (if used) and versions in
use on the machines at both ends…

-if there is a VM involved either on the machine where you type or
the vsftp end, specify its name and version…

-did you install vsftp with YaST or zypper and then set it up using
YaST2’s FTP Server module? (you may need to use YaST Software
Management to search for and install yast2-ftp-server)

-did you install PAM with YaST or zypper and then set it up using
YaST2’s PAM Agent module? (you may need to use YaST Software
Management to search for and install yast2-PAM)

-what version of vsftp and PAM are you running?

you mentioned that deleted vsftp users continue to be allowed to log
in even after a vsftp restart and a full system boot, so i ask:

-have you set your operating system to clean out /tmp during boot?

-have you, during the reboot process looked through the contents of
/var/tmp directory to see if you can spot any vsftp files/cache? be
careful in there, if not absolutely positively sure you know what is
safe to fiddle with: don’t delete anything, instead either move it to
another place or change the name of the file/directory.

two caveats, i have never setup vsftp (as well as i remember) and see
the one in my sig before changing much…)