Correct. I have to apologize for my short and totally incoherent response. I received the question at near midnight and know better than to respond to a fairly technical question right before retiring for the evening.
My assumption is that your /etc/pam.d/vsftpd matches /etc/pam.d/sshd line for line except the line for session triggering the pam_exec.so module.
Does the user you are testing with have a valid shell directive within the /etc/passwd file? I.E. /bin/bash, /bin/sh etc?
And if so, does pam_shells.so exist anywhere within the common includes for the /etc/pam.d/vsftpd file? I ask these questions due to this particular configuration http://unix.stackexchange.com/questions/37539/vsftpd-fails-pam-authentication.
Can you add a debug directive to the line; i.e. 'session optional pam_exec.so debug'? According to the documentation for pam_exec.so at http://linux.die.net/man/8/pam_exec you can also add a log directive and monitor that during your tests.
Those should help you further diagnose the actual problem when it works for the sshd service.
From: pam-list-bounces@xxxxxxxxxx [pam-list-bounces@xxxxxxxxxx] on behalf of Jeffrey Starin [jeffschips@xxxxxxxxx]
Sent: Thursday, December 25, 2014 12:48 AM
To: Pluggable Authentication Modules
Subject: Re: PAM not playing nicely with vsftpd and pam_exec.so
Okay. I need a bit more explanation. Glad to hear there might be hope but don't completely understand "always that directive to common session" . I think you mean place the statement:
On Dec 25, 2014 2:24 AM, "Jason Gerfen" <jason.gerfen@xxxxxxxx> wrote:
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list