proftpd: Deprecated pam_stack module called from service "proftpd"
last message repeated 2 times
proftpd: pam_unix(proftpd:session): session opened for user ~username~ by (uid=0)
proftpd: Deprecated pam_stack module called from service "proftpd"
proftpd[6106]: ~servername~ (1.2.3.4[1.2.3.4]) - USER ~username~: Login successful.
proftpd[6106]: ~servername~ (1.2.3.4[1.2.3.4]) - Preparing to chroot to directory '/var/www/vhosts/~domainname~'
proftpd: Deprecated pam_stack module called from service "proftpd"
proftpd: pam_env(proftpd:setcred): Unable to open config file: /etc/security/pam_env.conf: No such file or directory
proftpd[6106]: ~servername~ (1.2.3.4[1.2.3.4]) - PAM(setcred): System error
proftpd: Deprecated pam_stack module called from service "proftpd"
proftpd: pam_succeed_if(proftpd:session): error retrieving information about user 0
proftpd: pam_unix(proftpd:session): session closed for user ~username~
proftpd[6106]: ~servername~ (1.2.3.4[1.2.3.4]) - PAM(close_session): System error
proftpd[6106]: ~servername~ (1.2.3.4[1.2.3.4]) - FTP session closed.
It's not adversely affecting anything but I wanted to make sure it wasn't anything serious. These errors shows up whether the connection was successful or not.
I can get rid of the "deprecated pam stack" stuff:
These lines in /etc/pam.d/proftpd need to change:
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
To:
auth include system-auth
account include system-auth
session include system-auth
But the 000's of var/log/secure error messages such as this remain and are stubborn:
Jul 15 14:11:55 domain.com proftpd: pam_env(proftpd:setcred): Unable to open config file: /etc/security/pam_env.conf: No such file or directory
Jul 15 14:11:55 domain.com proftpd: pam_succeed_if(proftpd:session): error retrieving information about user 0
The file /etc/security/pam_env.conf certainly DOES exist (but is not configured to do anything).
You can turn the message off though. I think I read it either on this forum or another. Been through sooo many thanks to google at the early hours of this morning.
I had the "Deprecated pam_stack" error too in mine. I wounder if it's a common issue with Plesk servers. I read on another server that it's a ProFTPD known bug, and other linux users (non plesk) have simply changed ftp app. I guess though that's not possible with Plesk.
I made the changes you noted here to my proftpd config, so I'll have to wait and see if that gets rid of the error.
The messages being sent to me on email I found were related to my own stupid fault. It turned out to be a process run on a radio studio playout system, that ftps up a file containing the current and previous tracks playing. I forgot about that and that I set it up. It only connects for between 0-1 seconds and the program used to do it is not an ftp app, but something built using VB.
I will also have check to see if it the emails are reporting all ftp connections. If it is I'm just going to turn off the message in the config.
The issue is from incorrect /etc/pam.d/proftpd calling up depreciated function.
Change it to this:
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required pam_shells.so
auth include system-auth
account include system-auth
# Comment the following line if you are having PAM issues with chrooted users
#session include system-auth
session required pam_loginuid.so
I'm getting the "/etc/security/pam_env.conf" issue now on EL6 but I don't have the appropriate line in /etc/pam.d/proftpd to comment out
Very annoying. I don't suppose anybody else has encountered this?
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
