我正在尝试让 VSFTPD 使用 PAM 与 LDAP 一起工作。(因为它不能与 SASL 一起休眠)
如果我使用 Shell 凭据登录 FTP,它可以正常工作,但是当我尝试使用 LDAP 凭据通过 ftp 登录时,/var/log/auth.log
我看到:
Apr 11 12:50:30 localhost vsftpd:
PAM unable to dlopen(/lib/x86_64-linux-gnu/security/pam_ldap.so):
libgmp.so.10: failed to map segment from shared object:
Cannot allocate memory
我尝试查找线程,很多显示“无法分配内存”的线程都没有答案或没有结论。请帮忙。
我的配置是:
$ cat /etc/pam.d/vsftpd
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth sufficient pam_shells.so
# Additional LDAP configs. Providing absolute path coz PAM searches in /lib/security/..
auth required /lib/x86_64-linux-gnu/security/pam_ldap.so
ulimit -a
给出:
root@localhost:/etc/pam.d# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 3946
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 3946
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
答案1
我卸载了 libpam-ldap
sudo apt-get purge libpam-ldap
然后
sudo apt-get install libpam-ldapd
内存错误消失了。现在我得到了
pam_ldap(dovecot:auth): error reading from nslcd: Connection reset by peer
但这显然与鸽舍有关,是一个单独的问题。