mysql & pam problem - was "vsftpd and mysql (pam problem?)"

qrwe gustaf.borgstrom at koltrast.se
Thu Dec 13 12:40:27 UTC 2007 


Luca Ferrari wrote:
> 
> I finally get it working: in the pam module I set crypt=1 and in the table
> I 
> use the function encrypt to store passwords. Could it be this line I found
> in 
> the configuration file that produces me the problem?
> 
> # For compatibility to other Debian packages that still use
> # libmysqlclient10 and libmysqlclient12.
> old_passwords   = 1
> 
> 
> Any idea?
> 
> Thanks,
> Luca
> 
> 
> On Tuesday 30 October 2007 Luca Ferrari's cat, walking on the keyboard,
> wrote:
>> I tried with different values of the crypt parameter (0,1,2,3) and
>> different functions in the mysql backend to store the password (plain,
>> md5,
>> password). I found that the only one that seems to work is the plain text
>> one with crypt=0, and in fact now all the pam_xxx methods are returning
>> zero. Of course this is not the solution I'd like, and moreover I don't
>> understand what is that SELECT 0, pass in the mysql command.
>> Any idea on how to make the password encryption working?
>>
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - option verbose is set to "1"
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - option user is set to "vsftpd"
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - option passwd is set
>> to "p0stgre1712SQL"
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - option host is set to "localhost"
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - option db is set to "vsftpd"
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - option table is set to "accounts"
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - option usercolumn is set to
>> "username" Oct 30 09:31:54 ftp vsftpd: pam_mysql - option passwdcolumn is
>> set to "pass" Oct 30 09:31:54 ftp vsftpd: pam_mysql - option crypt is set
>> to "0" Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_close_db()
>> called.
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_sm_acct_mgmt() called. Oct 30
>> 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_open_db() called. Oct 30
>> 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_open_db() returning 0. Oct 30
>> 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_query_user_stat() called. Oct
>> 30
>> 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_format_string() called Oct 30
>> 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_quick_escape() called. Oct 30
>> 09:31:54 ftp last message repeated 4 times
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - SELECT 0, pass FROM accounts
>> WHERE
>> username = 'test0'
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_sql_log() called.
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_sql_log() returning 0.
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_query_user_stat()
>> returning 0.
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_sm_acct_mgmt() returning 0.
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_release_ctx() called.
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_destroy_ctx() called.
>> Oct 30 09:31:54 ftp vsftpd: pam_mysql - pam_mysql_close_db() called.
>>
>> On Monday 29 October 2007 Luca Ferrari's cat, walking on the keyboard, 
> wrote:
>> > On Friday 26 October 2007 Luca Ferrari's cat, walking on the keyboard,
>>
>> wrote:
>> > > Hi all,
>> > > I've followed line by line the instruction to configure vsftpd for
>> > > using accounts coming up from a mysql database here:
>> > > http://www.howtoforge.com/vsftpd_mysql_debian_etch_p2
>> >
>> > After enabling the verbose mode of the pam I found in the logs the
>> > following: Oct 29 15:20:05 ftp vsftpd: pam_mysql - SELECT pass FROM
>> > accounts WHERE username = 'test'
>> > Oct 29 15:20:05 ftp vsftpd: pam_mysql - pam_mysql_sql_log() called.
>> > Oct 29 15:20:05 ftp vsftpd: pam_mysql - pam_mysql_sql_log() returning
>> 0.
>> > Oct 29 15:20:05 ftp vsftpd: pam_mysql - pam_mysql_check_passwd()
>> > returning 6. Oct 29 15:20:05 ftp vsftpd: pam_mysql -
>> > pam_sm_authenticate() returning 7. Oct 29 15:20:05 ftp vsftpd:
>> pam_mysql
>> > - pam_mysql_release_ctx() called. Oct 29 15:20:05 ftp vsftpd: pam_mysql
>> -
>> > pam_mysql_destroy_ctx() called. Oct 29 15:20:05 ftp vsftpd: pam_mysql -
>> > pam_mysql_close_db() called.
>> >
>> >
>> > now, since the ftp server is still responding with 530 error, I think
>> the
>> > problem is in the fact that pam_mysql_check_passwrd returns 6 and
>> > authenticate returns 7, but I'm not sure. Anyone has an idea?
>> >
>> > Thanks,
>> > Luca
> 
> 
> 
> -- 
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> 
> 

I realized that I had been a little clumpsy regarding this. Take a look at
the example where you specify where to look for user credentials (the
database) in that guide:


> auth required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost
> db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
> account required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost
> db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
> 

Even if the guide tells you to replace the password with you own, it doesn't
mention about the username. So the solution for me was just to replace
user=vsftpd
with
user=root

Regards,

/G

-- 
View this message in context: http://www.nabble.com/vsftpd-and-mysql-%28pam-problem-%29-tp13423624p14315244.html
Sent from the ubuntu-users mailing list archive at Nabble.com.

More information about the ubuntu-users mailing list