Anybody else notice an issue after the most recent yum update? A bunch of my ftp accounts would no longer log into my server.
It took me awhile to figure it out, but apparently there is some update that made vsftp pay more attention to the default shell in the user file and would just return with "LOGIN FAIL" for ftp connections without any additional info.
I had several automated systems that were pushing files to my server just suddenly stop, get failed logins, then get banned by f2b. When I changed the default shell in the user file, this was fixed, but these accounts have been working for years prior. So some update must have changed something. Anybody have any ideas?
recent update messed with vsftpd?
Re: recent update messed with vsftpd?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: recent update messed with vsftpd?
aha! That's what caused my issue:
Redhat have removed /sbin/nologin from /etc/shells in a 7.6 update and this will stop vsftpd from working in the default configuration supplied. Either remove pam_shell.so from /etc/pam.d/vsftpd or add /sbin/nologin back into /etc/shells. Other packages that depend on /sbin/nologin may also be affected by this change.
Any idea why this was done? It seems like a rather trivial change that could cause a lot of problems.
Redhat have removed /sbin/nologin from /etc/shells in a 7.6 update and this will stop vsftpd from working in the default configuration supplied. Either remove pam_shell.so from /etc/pam.d/vsftpd or add /sbin/nologin back into /etc/shells. Other packages that depend on /sbin/nologin may also be affected by this change.
Any idea why this was done? It seems like a rather trivial change that could cause a lot of problems.
Re: recent update messed with vsftpd?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: recent update messed with vsftpd?
Interesting but I think this was a poor choice. Red Hat choose to put a band-aid on a problem that is ultimately the sysadmin's incompetence by not turning off accounts properly.