On 05/24/18 05:59, ToddAndMargo wrote: > On 05/23/2018 03:53 AM, Ed Greshko wrote: >> On 05/23/18 13:53, Todd Chester wrote: >>> Hi All, >>> >>> After upgrading to FC 28 from FC 27, my customer's >>> vsftpd server stopped allowing ftp logins >>> from anywhere. >>> >>> # systemctl status vsftpd >>> >>> shows it running and happy (I tried stopping and >>> restarting several times) >>> >>> There is no complaining in >>> >>> # journalctl -f >>> >>> when I attempt to make a connection. >>> >>> I just get told something is wrong with the >>> username or password. >>> >>> SELinux alerts are quiet. >>> >>> What the heck ???? >> >> Well, I had an F27/Gnome VM to which I installed vsftp and tested it. >> >> I then upgraded to F28 and it continues to work just fine. >> >> I see this in the journal when I use a good un/pw. >> >> May 23 18:50:08 f27gq.greshko.com audit[1585]: USER_ACCT pid=1585 uid=0 >> auid=4294967295 ses=4294967295 subj=system_u:system_r:ftpd_t:s0-s0:c0.c1023 >> msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="egreshko" >> exe="/usr/sbin/vsftpd" hostname=::ffff:192.168.1.18 addr=::ffff:192.168.1.18 >> terminal=ftp res=success' >> May 23 18:50:08 f27gq.greshko.com audit[1585]: CRED_ACQ pid=1585 uid=0 >> auid=4294967295 ses=4294967295 subj=system_u:system_r:ftpd_t:s0-s0:c0.c1023 >> msg='op=PAM:setcred grantors=pam_listfile,pam_shells,pam_unix acct="egreshko" >> exe="/usr/sbin/vsftpd" hostname=::ffff:192.168.1.18 addr=::ffff:192.168.1.18 >> terminal=ftp res=success' >> >> And this when I give a bad un/pw. >> >> May 23 18:49:34 f27gq.greshko.com vsftpd[1580]: pam_unix(vsftpd:auth): authentication >> failure; logname= uid=0 euid=0 tty=ftp ruser=myang rhost=::ffff:192.168.1.18 >> May 23 18:50:08 f27gq.greshko.com audit[1585]: USER_AUTH pid=1585 uid=0 >> auid=4294967295 ses=4294967295 subj=system_u:system_r:ftpd_t:s0-s0:c0.c1023 >> msg='op=PAM:authentication grantors=pam_listfile,pam_shells,pam_unix acct="egreshko" >> exe="/usr/sbin/vsftpd" hostname=::ffff:192.168.1.18 addr=::ffff:192.168.1.18 >> terminal=ftp res=success' >> >> Are you saying you don't even see these sorts of messages? >> > > I don't see anything. I do see things like this when I su, > so I know journalctl is working correctly. > > Maybe the firewall is blocking it and vsftp never sees the traffic? You said you get a message about a bad username or password. What is the exact error? You can check the firewall quite easily with firewall-config. > > Are you running SELinux? Yes. -- Conjecture is just a conclusion based on incomplete information. It isn't a fact.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx/message/6W3B6LROVYO7WJ7M3ALBE4DZASD4KZAT/
