Opened 13 years ago

Closed 11 years ago

Last modified 11 years ago

#23852 closed enhancement (worksforme)

Pam and pure-ftpd in SL

Reported by: zacdurham@… Owned by: pixilla (Bradley Giesbrecht)
Priority: Normal Milestone:
Component: ports Version: 1.8.2
Keywords: snowleopard Cc:
Port: pure-ftpd

Description

If I'm not mistaken, pam_securityserver.so is depricated in SL. Using pam_opendirectory.so2 got pam support working for me in the port supplied /etc/pam.d/pure-ftpd/ entry.

Thanks everyone. Keep up the great work

Change History (8)

comment:1 Changed 13 years ago by jmroot (Joshua Root)

Keywords: snowleopard added; snow leopard removed
Owner: changed from macports-tickets@… to scott@…
Type: requestenhancement

Please remember to cc the maintainer.

comment:2 Changed 13 years ago by scott@…

I will follow up with the developer, and make sure this is accurate. If it is the case, I will make the appropriate changes to the Portfille. Thank you.

comment:3 in reply to:  description Changed 13 years ago by scott@…

Replying to zacdurham@…:

If I'm not mistaken, pam_securityserver.so is depricated in SL. Using pam_opendirectory.so2 got pam support working for me in the port supplied /etc/pam.d/pure-ftpd/ entry.

Do you have reference for this deprecation? If I look in /etc/pam.d a the OS X built in ftp server PAM settings, I see:

$cat ftpd 
# login: auth account password session
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

I do not see any mention anywhere of pam_opendirectory.so2, and this trac ticket is the only entry in google for the term "pam_opendirectory.so2"

comment:4 Changed 13 years ago by zacdurham@…

Let me backtrack and rephrase my original submission.

The only OS X supplied shared object for opendirectory I can find is in fact "pam_opendirectory.so.2," not opendirectory.so2 as I mentioned previously. I am supposing that just using "pam_opendirectory.so" is sufficient for pam entries for using that object?

Maybe I should have chosen how I expressed this in the first place as I have no credible reference to back my suspicion of securityserver being "deprecated."

Thank you.

comment:5 in reply to:  4 Changed 13 years ago by scott@…

Replying to zacdurham@…:

Let me backtrack and rephrase my original submission.

The only OS X supplied shared object for opendirectory I can find is in fact "pam_opendirectory.so.2," not opendirectory.so2 as I mentioned previously. I am supposing that just using "pam_opendirectory.so" is sufficient for pam entries for using that object?

Maybe I should have chosen how I expressed this in the first place as I have no credible reference to back my suspicion of securityserver being "deprecated."

I do not think that is what you are supposed to use, I have tested this here locally on 10.6, an simply followed these docs: http://download.pureftpd.org/pub/pure-ftpd/doc/README.MacOS-X

Can you revers your install and follow those instructions? Is that works for you do, I will add a note to the Portfile to make people moe aware that if they are looking to just replace the OS X server that is built in, then those are the instruction to follow.

comment:6 Changed 12 years ago by jmroot (Joshua Root)

Owner: changed from scott@… to pixilla@…

comment:7 Changed 11 years ago by pixilla (Bradley Giesbrecht)

Resolution: worksforme
Status: newclosed

Copying the Apple provided /etc/pam.d/ftpd to /etc/pam.d/pure-ftpd worked for me.

$ sudo cp /etc/pam.d/{ftpd,pure-ftpd}
$ cat /etc/pam.d/pure-ftpd 
# login: auth account password session
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

comment:8 Changed 11 years ago by pixilla (Bradley Giesbrecht)

After looking further the pure-ftpd supplied sample works fine:

$ sudo cp -p /opt/local/share/doc/pure-ftpd/pure-ftpd.pam.10.6.sample /etc/pam.d/pure-ftpd
Note: See TracTickets for help on using tickets.