I am receiving this error when authenticating users for vsftpd with pam_python on Ubuntu (13.04 development branch) in the auth.log file,
vsftpd[1]: PAM audit_log_acct_message() failed: Operation not permitted
and then vsftpd says the password is wrong when attempting to connect.
Here is the full section from the auth.log file:
vsftpd[1]: pam_auth.py(9): pam_sm_authenticate()
vsftpd[1]: pam_auth.py(9): get_user_base_dir()
vsftpd[1]: pam_auth.py(9): auth_user()
vsftpd[1]: pam_auth.py(9): get_user_base_dir()
vsftpd[1]: pam_auth.py(9): verify_password()
vsftpd[1]: pam_auth.py(5): LOGIN: dev
vsftpd[1]: PAM audit_log_acct_message() failed: Operation not permitted
Now, this is not normal at all, LOGIN: dev
is outputted when the account dev
is properly authenticated so it should authenticate me (or the python script should give out an error).. here is a healthy output from another server with the exact same configuration:
vsftpd[11037]: pam_auth.py(9): pam_sm_authenticate()
vsftpd[11037]: pam_auth.py(9): get_user_base_dir()
vsftpd[11037]: pam_auth.py(9): auth_user()
vsftpd[11037]: pam_auth.py(9): get_user_base_dir()
vsftpd[11037]: pam_auth.py(9): verify_password()
vsftpd[11037]: pam_auth.py(5): LOGIN: dev
vsftpd[11037]: pam_auth.py(9): pam_sm_acct_mgmt()
vsftpd[11037]: pam_auth.py(9): get_user_base_dir()
vsftpd[11037]: pam_auth.py(9): pam_sm_setcred()
vsftpd[11037]: pam_auth.py(9): get_user_base_dir()
vsftpd[11037]: pam_auth.py(5): /home/dev/downloads/
The only thing different about this server, is that it is running a different kernel (it is from a different datacenter than usual), the kernel normally is:
Linux sb16 3.2.13-grsec-xxxx-grs-ipv6-64 #1 SMP Thu Mar 29 09:48:59 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
Whereas the kernel on the server where I can't get pam to work is:
Linux sb17 3.8.0-12-generic #21-Ubuntu SMP Thu Mar 7 19:08:49 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
There is definitely something going wrong, but the only error that I can see anywhere is the audit_log_acct_message() failed
message.
When trying the python script directly it outputs success too:
$ pam_auth.py dev test
success
What could be causing this? And how can I fix it/get around it?