# vsftpd virtual users -> pam problems after update

## leson

Hi all!

I just did an emere sync; emerge -u world which updated my pam from 0.75-r11 to 0.77 and pam-login from 3.11 to 3.14. Although updates are nice this one made vsftpd (v1.2.0-r1) authentication fail with the syslog message:

```
Feb  9 15:05:02 [vsftpd] PAM unable to dlopen(/lib/security/pam_userdb.so)

Feb  9 15:05:02 [vsftpd] PAM [dlerror: /lib/security/pam_userdb.so: undefined symbol: dbm_firstkey]

Feb  9 15:05:02 [vsftpd] PAM adding faulty module: /lib/security/pam_userdb.so
```

Any suggestions?

Regards, 

Secano

----------

## UberLord

Have you tried revdep-rebuild?

IIRC pam included a new berkdb which may require linked apps against berkdb to be recompiled. vsftpd is one of them

----------

## leson

 *UberLord wrote:*   

> Have you tried revdep-rebuild?
> 
> IIRC pam included a new berkdb which may require linked apps against berkdb to be recompiled. vsftpd is one of them

 

I did the revdep-rebuild but it only re-emerged a couple of java packages. I also re-emerged vsftpd manually and pam + pam-login but to no avail.   :Sad: 

----------

## UberLord

What version of berkdb (db) do you have?

AFAIK the latest PAM requires 4.1.xxxxx

You may need to recreate the user database file.

Aside from that, I'm out of ideas  :Sad: 

----------

## leson

 *UberLord wrote:*   

> What version of berkdb (db) do you have?
> 
> AFAIK the latest PAM requires 4.1.xxxxx
> 
> You may need to recreate the user database file.
> ...

 

Actually I recreated the user database with the last post. My berkdb is version > 4.1 so then I'm stuck I guess..   :Sad: 

Perhaps I should roll back the pam packages to previous versions?

This bug seems to be the culprit https://bugs.gentoo.org/show_bug.cgi?id=32631#c11

----------

## starbecks

I have the exact same problem. 

I upgraded PAM and PAM-LOGIN and now users can not authenticate when logging into my vsftp server.  This is a big problem.

So, leson, have you had any luck fixing this?  I read the bugzilla link, but it does not look to be solved.

Does anybody have any insight?

----------

## leson

 *starbecks wrote:*   

> I have the exact same problem. 
> 
> I upgraded PAM and PAM-LOGIN and now users can not authenticate when logging into my vsftp server.  This is a big problem.
> 
> So, leson, have you had any luck fixing this?  I read the bugzilla link, but it does not look to be solved.
> ...

 

No I haven't found any way to fix it. I tried to downgrade pam but with no luck. I suppose if you can't fix the bug by yourself one just have to wait for someone else to do it.   :Crying or Very sad: 

----------

## sleepless.knight

I have a similar tale of woe  :Confused: . See  https://forums.gentoo.org/viewtopic.php?t=135243&highlight=

My pam is now 0.77 (was 0.75-r11) and my pam-login is now 3.14 (was 3.11) after I did an emerge -uk world. Now only root can login to my system. Non-root users do not even appear to get to a shell. They login, and get bounced back to the login prompt immediately. I created a shell script and made it one users shell instead of /bin/bash, then attempted to login as that user, expecting to see output if we were getting as far as a shell - nothing - which makes me think it is an authentication problem.

I can login as root, and then su to any user, and that works fine.

Will try to revdep-rebuild pam and pam-login and post the results. If anyone has any better advice to offer, I'm all ears.   :Smile: 

----------

## Steffen

Any news about the PAM & vsftpd issue?

----------

## egolf

Hi

I have the same problem: 

```
vsftpd: PAM unable to dlopen(/lib/security/pam_userdb.so)

vsftpd: PAM [dlerror: /lib/security/pam_userdb.so: undefined symbol: dbm_firstkey]

vsftpd: PAM adding faulty module: /lib/security/pam_userdb.so

```

tried to:

1) revdep-rebuild (did'n change nothing)

2) reemerged db pam pam-login vsftp (did'n work)

```
[ebuild   R   ] sys-libs/db-4.1.25_p1-r3  -doc +java +tcltk  0 kB

[ebuild   R   ] sys-libs/pam-0.77  +berkdb +pwdb -(selinux)  0 kB

[ebuild   R   ] sys-apps/pam-login-3.14  +nls -(selinux)  0 kB

[ebuild   R   ] net-ftp/vsftpd-1.2.0-r1  +ipv6 +pam +tcpd  0 kB

```

3) revdep-rebuild -X db pam pam_login vsftpd (nothing new  :Sad: )

----------

## sleepless.knight

Sorry this is a bit off topic - my problem ultimately proved to be a broken Berkley DB, which was fixed by remerging PAM and PAM-login - neither of which appears to have helped anyone here.

 :Embarassed: 

----------

## joyeux

pam_userdb.so is compiled wrong way, ./configure setups it to use libndbm instead of db4. The easiest way is 

$ emerge unmerge db 

to unmerge all dbX. Then 

$ emerge pam 

pam now compiles with db4 (which is bundled with pam). 

Then 

$ emerge db 

and create userdb database using db4.1_load 

in /etc/pam.d/vsftpd don't use extension .db in path; 

try ftp login and then look at syslog output. 

after three days it works!!!

----------

