proftpd auth failing via libpam-ldap

To: <debian-user@lists.debian.org>
Subject: proftpd auth failing via libpam-ldap
From: "Miro Dietiker, MD Systems" <miro.dietiker.maillist@md-systems.ch>
Date: Wed, 15 Mar 2006 13:43:51 +0100
Message-id: <[🔎] 000801c6482e$1d6e2110$2101a8c0@MDSYSPORT>

Hello People

I have a ProFTPD Version 1.2.10 on debian sarge (standard).

After some days of runtime, proftpd hangs in a manner accepting
connection and asking for user credentials, but always failing to
authenticate.
After a simple restart (/etc/init.d/proftpd restart), the application
works again.

In Background I use a standard /etc/pam.d/proftpd
#%PAM-1.0
auth       required     pam_listfile.so item=user sense=deny
file=/etc/ftpusers onerr=succeed
@include common-auth
@include common-account
@include common-session

Where commin-* uses libpam-ldap in a standard way.

And nss is configured to read full user properties except password.

This is the only service having such auth-locks and with ssh, login is
never a problem (even if I didn't restart it for months).

A short view in my logfiles:
First before restarting the login failures as user "admin.abc"

Feb 21 08:11:42 frankonia proftpd: (pam_unix) check pass; user unknown
Feb 21 08:11:42 frankonia proftpd: (pam_unix) authentication failure;
logname= uid=0 euid=0 tty= ruser= rhost=213.3.21.162
Feb 21 08:12:23 frankonia proftpd: (pam_unix) check pass; user unknown
Feb 21 08:12:23 frankonia proftpd: (pam_unix) authentication failure;
logname= uid=0 euid=0 tty= ruser= rhost=213.3.21.162

And right after the restart a successful login

Feb 21 08:12:23 frankonia proftpd: (pam_unix) session opened for user
admin.abc by (uid=0)
Feb 21 08:12:23 frankonia proftpd[24398]: frankonia (X.X.X.X[x.x.x.x]) -
USER admin.abc: Login successful.
Feb 21 08:12:25 frankonia proftpd: (pam_unix) session closed for user
admin.abc

I then began restarting proftpd daily, but some days ago this effect
already appeared 3 hours after restart.

Any input to me for that case?
Currently, proftpd is very unreliable for this production environment.

Thanks for any input!

+-------------------------------+  +-------------------------------+
| Miro Dietiker                 |  | MD Systems Miro Dietiker      |
| Dipl. Ing. FH Elektrotechnik  |  | Alte Zürcherstrasse 10        |
|                               |  | 8903 Birmensdorf              |
|                               |  |                               |
| Mobile:   +41 (0)78 707 30 10 |  | Geschäft: +41 (0)43 344 03 56 |
|                               |  | Fax:      +41 (0)43 344 03 57 |
| m.dietiker@md-systems.ch      |  | info@md-systems.ch            |
|                               |  |             www.md-systems.ch |
+-------------------------------+  +-------------------------------+

Reply to:

Follow-Ups:
- Re: proftpd auth failing via libpam-ldap
  - From: Jamie Thompson <debian-user@jamie-thompson.co.uk>

Prev by Date: km module doesn't create /dev/video
Next by Date: solved: exim4: local parts case sensitive
Previous by thread: km module doesn't create /dev/video
Next by thread: Re: proftpd auth failing via libpam-ldap
Index(es):
- Date
- Thread