Operating System - Linux
1748288 Members
3530 Online
108761 Solutions
New Discussion юеВ

Re: ftp and sudo problem in redhat Linux server

 
prasadb
Super Advisor

ftp and sudo problem in redhat Linux server

Dear all,
my system is
$ uname -a
Linux DLidps01 2.4.21-4.ELsmp #1 SMP Fri Oct 3 17:52:56 EDT 2003 i686 i686 i386 GNU/Linux

1.Now, i my a/c has sudo to root access. i do $sudo bash and enter into the root. But nowadays i am not able to do so. here is the error message..

[ib_prasa@DLidps01 ib_prasa]$ sudo bash
Password:
sudo: pam_acct_mgmt: 7
Sorry, try again.
Password:


2. in the same server, i want to enable the FTP. i downloaded the rpm package and installed it.(But i have not reboot it yet being in production)

THis is the error message:


C:\Documents and Settings\Administrator>ftp 10.4.15.35
Connected to 10.4.15.35.
220 (vsFTPd 1.2.1)
User (10.4.15.35:(none)): ib_prasa
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp>


Help !!!!
9 REPLIES 9
Fredrik.eriksson
Valued Contributor

Re: ftp and sudo problem in redhat Linux server

Looks like you have a pam problem.
Have you changed anything in your pam.d configuration?
I'm no master at it, but there's loads of useful information on google.

Best regards
Fredrik Eriksson
prasadb
Super Advisor

Re: ftp and sudo problem in redhat Linux server

having not found any solution. i simply deleted the user and then added it again, and he is able to login. but that is not the proper solution, i suppose. where i can find the reason for it ?

any idea is welcome
Ivan Krastev
Honored Contributor

Re: ftp and sudo problem in redhat Linux server

Check for expired/locked account. Increase pam logging to see more details.

regards,
ivan
prasadb
Super Advisor

Re: ftp and sudo problem in redhat Linux server

>Increase pam logging to see more details

kindly let me know how to do it ?

Vitaly Karasik_1
Honored Contributor

Re: ftp and sudo problem in redhat Linux server

regarding ftp problem - check that default shell of "ib_prasa" user is into /etc/shells file.

are you able to login with ib_prasa via ssh?

In fact, both problems seem like you have some problem with PAM. I've checked right now on my Centos system - vsftpd works right out of the box.

what is the output of "rpm -qV pam"?
prasadb
Super Advisor

Re: ftp and sudo problem in redhat Linux server

hello Vitaly Karasik ,

>are you able to login with ib_prasa via ssh?
no.
>what is the output of "rpm -qV pam"?

[ib_prasa@DLidps01 ib_prasa]$ rpm -qV pam
S.5....T c /etc/pam.d/system-auth
S.?....T c /etc/security/opasswd
..?..... /lib/security/pam_filter/upperLOWER
..?..... /sbin/pam_timestamp_check

Vitaly Karasik_1
Honored Contributor

Re: ftp and sudo problem in redhat Linux server

1) Are you able to "su - ib_prasa"?
Can you try to add new user and test ssh and ftp login?

2) as for your PAM config - it seems that someone changed your PAM config.

You can either replace /etc/pam.d/system-auth with the vanilla one or use authconfig for checking/fixing your config.
prasadb
Super Advisor

Re: ftp and sudo problem in redhat Linux server

>Are you able to "su - ib_prasa"?

i am not.not even from root login

see the message i get..

[root@DLidps01 root]# su - ib_prasa
su: incorrect password
You have new mail in /var/spool/mail/root

>as for your PAM config - it seems that someone changed your PAM config.

?

well, please let me know hot to check it.

> /etc/pam.d/system-auth

plz check the file


[root@DLidps01 root]# more /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/security/$FILENAMEonerr=succeed
auth required /lib/security/pam_tally.so no_magic_root
account required /lib/security/pam_tally.so deny=3 reset no_magic_root
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3 minlen=8 dcredit=0 ucredit=0 lcredit=0 ocredit=0 type=
password required /lib/security/pam_unix.so remember=4 use_authtok md5 shadow
password sufficient /lib/security/pam_unix.so remember=4 use_authtok md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
Vitaly Karasik_1
Honored Contributor

Re: ftp and sudo problem in redhat Linux server

try backup & replace your etc/pam.d/system-auth with this - it is from my CENTOS5:

auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so

account required pam_unix.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so