https://community.hpe.com/t5/operating-system-hp-ux/ftpd-connection-aborts-by-server/m-p/2652068#M587995 This error messages about the PAM module not being found are actually correct. The problem is caused by the ftpd doing a "chroot" to the user's home directory. Apparently, PAM in HP-UX 11i (I don't know about 11.00) doesn't maintain its internal link with the module library (libpam_unix.1) between calls. So after the account is set up and chroot'd, the PAM calls to release to credentials and close the session fail.<BR /><BR />I should mention that although I work for HP, I have nothing to do with FTP or support. But you should be able to test this easily enough by creating the directory structure (usr/lib/security) in the user's account and copying the libpam_unix.1 library there. The error messages should stop for that user.<BR /><BR />There really is no other viable work-around, short of a fix to PAM itself that would maintain module opens between calls (at least optionally). Wed, 01 May 2002 20:38:04 GMT James Drenter 2002-05-01T20:38:04Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-connection-aborts-by-server/m-p/2652066#M587993 Hi network wizards,<BR /><BR />I set up a special ftp account with chroot() bound to a certain filesystem.<BR /><BR />This works all as desired for up and downloads to/from chroot's /pub.<BR /><BR />The problem is, this seems to work only favourable for me (or someone else) while establishing an ftp session from within our LAN or MAN.<BR />When our client, for whom the ftp account was meant, makes connections by notebook over GPRS mobile phone via GPRS backbone into MAN (IPSec tunneled) through several relays/firewalls he only can establish data transfers occasionally.<BR />Often he receives a "connection closed by remote host" message when issuing a DIR, GET, PUT.<BR />Sometimes though it works at extremely low transfer rates (&lt;= 2 Kbps).<BR /><BR />From the involved relaying over so many hops with the amount of "wrapping" etc. I would blame the connection for the poor performance.<BR /><BR />On the other hand the client claims (as always) it's the server side (the only part over which I can have some influence).<BR /><BR />What further deteriorates things is that there is a very heavy load on the server's machine which serves ftpd through inetd.<BR />So one could maybe also suspect that inetd has too many tcp servers to spawn for too many client requests.<BR /><BR />There are (I would say) too many servers spawned by inetd.<BR />I guess it was easier for the programmers who wrote the DBMS client software to have their servers started by inetd rather than bullet proofing stand alone servers.<BR />I cannot even say wether these are forking, threading, or multiplexing, blocking or non-blocking servers, because they never have provided us (the Unix admins) with information of what has been installed.<BR /><BR />When I parse inetd.conf for tcp services I get this, of which over 90% are servers of their DBMS:<BR /><BR />$ perl -ane '$s++ if (/^[^#]/ &amp;&amp; !/^\s+$/ &amp;&amp; $F[2] eq "tcp");END{printf "%4u tcp services\n",$s}' /etc/inetd.conf<BR /><BR />Always when an ftpd connection gets broken the daemon writes these strange lines into syslog.log:<BR /><BR /># grep _module /var/adm/syslog/syslog.log|tail -2<BR />Jan 24 15:13:48 saturn ftpd[20642]: open_module: stat(/usr/lib/security/libpam_u<BR />nix.1) failed: No such file or directory<BR />Jan 24 15:13:48 saturn ftpd[20642]: load_modules: can not open module /usr/lib/s<BR />ecurity/libpam_unix.1<BR /><BR />The stat() syscall is wrong since the "pluggable auth. module" file mentioned exists.<BR />(btw are perms for others too lenient, should it really be world readable?)<BR />I never deliberately tampered with any PAM stuff :-{<BR /><BR /># ll /usr/lib/security/libpam_unix.1 <BR />-r-xr-xr-x 1 root sys 184320 May 14 1998 /usr/lib/security/libp<BR />am_unix.1<BR /><BR />Regards<BR />Ralph Thu, 24 Jan 2002 15:07:35 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-connection-aborts-by-server/m-p/2652066#M587993 Ralph Grothe 2002-01-24T15:07:35Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-connection-aborts-by-server/m-p/2652067#M587994 Sorry for the horrible Perl line.<BR />Actually it has been a copy and paste misshap.<BR />This was what I meant to post :<BR /><BR /> 129 tcp services<BR /><BR />Things get too cluttered in the tiny texarea field ;-)<BR /><BR />ITRC maintainers, where is the possibility for interspersed markup (e.g. <PRE> tags)?</PRE> Thu, 24 Jan 2002 15:13:54 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-connection-aborts-by-server/m-p/2652067#M587994 Ralph Grothe 2002-01-24T15:13:54Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-connection-aborts-by-server/m-p/2652068#M587995 This error messages about the PAM module not being found are actually correct. The problem is caused by the ftpd doing a "chroot" to the user's home directory. Apparently, PAM in HP-UX 11i (I don't know about 11.00) doesn't maintain its internal link with the module library (libpam_unix.1) between calls. So after the account is set up and chroot'd, the PAM calls to release to credentials and close the session fail.<BR /><BR />I should mention that although I work for HP, I have nothing to do with FTP or support. But you should be able to test this easily enough by creating the directory structure (usr/lib/security) in the user's account and copying the libpam_unix.1 library there. The error messages should stop for that user.<BR /><BR />There really is no other viable work-around, short of a fix to PAM itself that would maintain module opens between calls (at least optionally). Wed, 01 May 2002 20:38:04 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-connection-aborts-by-server/m-p/2652068#M587995 James Drenter 2002-05-01T20:38:04Z