Project

General

Profile

Bug #8039

proftp logs pam errors

Added by Paul de Reus almost 6 years ago. Updated over 3 years ago.

Status:
Closed: Cannot reproduce
Priority:
Nice to have
Assignee:
William Grzybowski
Category:
OS
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

NOTE: This bug is similar to solved bug #7392[[https://bugs.freenas.org/issues/7392]]

proftp logs the following error for every successful authentication:
Jan 15 02:41:02 xxx proftpd: authentication failure; logname=root uid=0 euid=0 tty=/dev/ftpd55968 ruser=cam rhost=xx.xx.x.xx user=cam
Jan 15 02:41:02 xxx proftpd: received for user cam: 13 (unknown user)
Jan 15 02:41:02 xxx proftpd: Access denied for user cam: 13 (unknown user)

at the same time when:
proftpd5313: 127.0.0.1 (192.168.2.24[192.168.2.24]) - FTP session opened.
nas proftpd5313: 127.0.0.1 (192.168.2.24[192.168.2.24]) - USER xxxxx: Login successful.
nas proftpd5313: 127.0.0.1 (192.168.2.24[192.168.2.24]) - FTP session closed.

I'm using openldap for authentication, however this error is logged for ldap as well as /etc/passwd users.

ftp (641 Bytes) ftp /etc/pam.d/ftp Paul de Reus, 02/15/2015 07:42 AM

History

#1 Updated by Jordan Hubbard almost 6 years ago

  • Category set to OS
  • Assignee set to Suraj Ravichandran
  • Target version set to Unspecified
  • Seen in changed from to

#2 Updated by Suraj Ravichandran almost 6 years ago

  • Status changed from Unscreened to Screened

#3 Updated by Suraj Ravichandran almost 6 years ago

  • Status changed from Screened to Unscreened
  • Assignee changed from Suraj Ravichandran to William Grzybowski

William I assign this to you per jkh's request to clear myself of any impending 9.3 bugs that I decide should be included in TN-release on the 12th.

I have been asked to shift all and every resource of mine to freenas10.

Thanks.
(this message may be repeated in other bug comments).

#4 Updated by William Grzybowski almost 6 years ago

  • Status changed from Unscreened to Screened

#5 Updated by William Grzybowski almost 6 years ago

It seems like it is first trying the local users, spitting out the error and then retrying with pam_sss.

#6 Updated by William Grzybowski almost 6 years ago

  • Status changed from Screened to Closed: Cannot reproduce

I cannot reproduce your issue.

My openldap login works successfully and does not report any failed attempt:

Mar 5 11:39:36 freenas sshd14350: authentication success; logname=root uid=0 euid=0 tty= ruser= rhost=192.168.3.5 user=vi
Mar 5 11:39:36 freenas sshd14350: Accepted password for vi from 192.168.3.5 port 35722 ssh2
Mar 5 11:40:21 freenas proftpd: authentication success; logname=root uid=0 euid=0 tty=/dev/ftpd14361 ruser=vi rhost=192.168.3.5 user=vi
Mar 5 11:40:47 freenas sshd14352: Received disconnect from 192.168.3.5: 11: disconnected by user
Mar 5 11:40:54 freenas proftpd: authentication success; logname=root uid=0 euid=0 tty=/dev/ftpd14371 ruser=vi rhost=192.168.3.5 user=vi

#7 Updated by Paul de Reus almost 6 years ago

Thank for looking into this William. I have checked as well in the last update
FreeBSD 9.3-RELEASE-p10 #0 r275790+a21079f

I still get the error, but they are nowhere in the logs. Instead the nightly 'Security Run output' emails contain the
Mar 6 00:26:02 xxx proftpd: authentication failure; logname=root uid=0 euid=0 tty=/dev/ftpd79969 ruser=securitycam rhost=rhost user=cam

Hope this helps,

Paul

#8 Updated by Paul de Reus almost 6 years ago

William, can you look at this one again?
The errors are logged in the highly 'Security Run output' emails

#9 Avatar?id=14398&size=24x24 Updated by Kris Moore over 3 years ago

  • Target version changed from Unspecified to N/A

Also available in: Atom PDF