From owner-freebsd-questions@FreeBSD.ORG Sat Aug 23 20:54:05 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7073116A4BF for ; Sat, 23 Aug 2003 20:54:05 -0700 (PDT) Received: from smtp4.adl2.internode.on.net (smtp4.adl2.internode.on.net [203.16.214.203]) by mx1.FreeBSD.org (Postfix) with ESMTP id 768FC43FE5 for ; Sat, 23 Aug 2003 20:54:04 -0700 (PDT) (envelope-from malcolm.kay@internode.on.net) Received: from beta.home (ppp54-162.lns1.adl2.internode.on.net [150.101.54.162])h7O3s2db078881; Sun, 24 Aug 2003 13:24:03 +0930 (CST) Content-Type: text/plain; charset="iso-8859-1" From: Malcolm Kay Organization: At home To: "H.Wade Minter" , questions@freebsd.org Date: Sun, 24 Aug 2003 13:24:01 +0930 User-Agent: KMail/1.4.3 References: In-Reply-To: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200308241324.01663.malcolm.kay@internode.on.net> Subject: Re: vsftpd port not honoring /etc/shells X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Aug 2003 03:54:05 -0000 On Sun, 24 Aug 2003 00:31, H.Wade Minter wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I installed the vsftpd port on my RELENG_4_8 system as a replacement > for the standard ftpd. However, it doesn't appear to be honoring > /etc/shells - a user listed in the passwd file with a shell > (/sbin/nologin) that does not appear in /etc/shells is still allowed to > FTP into the system. > > I'm guessing this may be a problem with PAM, as I have > "check_shell=3DYES" in /usr/local/etc/vsftpd.conf, and the manpage for > vsftpd.conf says that this setting is only valid for non-PAM builds. > But I'm stumped as to how to lock down users via /etc/shells in the > default port build. > Just a thought; Have you looked at sftp Malcolm Kay