xinetd problem

By on 05-Jan-2012 in Encounter

xinetd problem

In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon which runs on many Unix-like systems and manages Internet-based connectivity. It offers a more secure extension to or version of inetd, the Internet daemon, thus most modern Linux distributions have switched to it.

xinetd listens for incoming requests over a network and launches the appropriate service for that request. Requests are made using port numbers as identifiers and xinetd usually launches another daemon to handle the request. It can be used to start services with both privileged and non-privileged port numbers.

Configuration of xinetd resides in the default configuration file /etc/xinetd.conf and configuration of the services it supports reside in configuration files stored in the /etc/xinetd.d directory. The configuration for each service usually includes a switch to control whether xinetd should enable or disable the service.

xinetd features access control mechanisms such as TCP Wrapper ACLs, extensive logging capabilities, and the ability to make services available based on time. It can place limits on the number of servers that the system can start, and has deployable defense mechanisms to protect against port scanners, among other things.

Problem

[root@server ~]# cat /var/log/secure | grep proftpd

Jan 5 13:33:09 s15779273 proftpd: Deprecated pam_stack module called from service “proftpd”
Jan 5 13:33:09 s15779273 proftpd: pam_unix(proftpd:session): session opened for user raul by (uid=0)
Jan 5 13:33:09 s15779273 proftpd: Deprecated pam_stack module called from service “proftpd”
Jan 5 13:33:09 s15779273 proftpd[20730]: server.ip (my.ip[my.ip]) – USER raul: Login successful.
Jan 5 13:34:14 s15779273 proftpd: Deprecated pam_stack module called from service “proftpd”
Jan 5 13:34:14 s15779273 proftpd: pam_env(proftpd:setcred): Unable to open config file: /etc/security/pam_env.conf: No such file or directory

Solution

Remove the /etc/pam.d/proftd and make a new one

[root@server ~]# rm -rf /etc/pam.d/proftd
[root@server ~]# vi /etc/pam.d/ftp

#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
session required /lib/security/pam_pwdb.so

[root@server ~]# service xinetd restart

 

Submit a Comment