Bug 1140078 - pure-ftpd: pam_listfile(pure-ftpd:auth): Couldn't open /etc/ftpusers
Summary: pure-ftpd: pam_listfile(pure-ftpd:auth): Couldn't open /etc/ftpusers
Keywords:
Status: NEW
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: pure-ftpd
Version: epel7
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Michal Ingeli
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-09-10 09:31 UTC by Robert Scheck
Modified: 2022-11-29 00:30 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Robert Scheck 2014-09-10 09:31:07 UTC
Description of problem:
Even /etc/pure-ftpd/pure-ftpd.conf has "UseFtpUsers no" set, the following
appears on every FTP connection in /var/log/secure:

Sep 10 11:24:02 tux pure-ftpd: pam_listfile(pure-ftpd:auth): Couldn't open /etc/ftpusers
Sep 10 11:24:02 tux pure-ftpd: pam_unix(pure-ftpd:session): session opened for user example by (uid=0)
Sep 10 11:24:02 tux pure-ftpd: pam_unix(pure-ftpd:session): session closed for user example

Digging more into this seems to come from /etc/pam.d/pure-ftpd which says:

auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed

But can't PAM fail quiet? Or should that file be shipped somehow?

Version-Release number of selected component (if applicable):
pure-ftpd-1.0.36-6.el7

How reproducible:
Everytime, see above.

Actual results:
Error message on each FTP connection.

Expected results:
No error message on each FTP connection.

Additional info:
Workaround: touch /etc/ftpusers

Comment 1 Greg Swift 2014-09-12 14:30:18 UTC
Currently the package proftpd provides /etc/ftpusers.  I don't think you should have to have both packages installed, but i'm not sure if we should start providing a conflicting package. they are simultaneously installable at the moment.

As for making pam fail quietly, you can append quiet to the pam.d/pure-ftpd line, and that should silence the error.

I don't know if that makes sense to be a default though.

Comment 2 Robert Scheck 2014-09-12 14:32:02 UTC
Do packages conflict each other if the file is marked as %config(noreplace)
in both packages?

Comment 3 Greg Swift 2014-09-13 03:06:06 UTC
I had never thought to test that.

Comment 4 Fedora Admin user for bugzilla script actions 2022-11-29 00:30:30 UTC
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.


Note You need to log in before you can comment on or make changes to this bug.