On Mon, Sep 14, 2015 at 08:04:09PM -0400, j...@use.startmail.com wrote: > > Is there anything for /var/log/secure for vsftpd ? I would look for > > messages from pam_sss.so > > Sep 14 19:50:11 fds vsftpd[27097]: pam_unix(vsftpd:auth): authentication > failure; logname= uid=0 euid=0 tty=ftp ruser=admin rhost=::1 user=admin > (END) > > Nothing from pam_sss.so > > Found a temporary workaround - turn off selinux, pam_sss now shows up in log > files and admin login succeeds. > Seems like problem is not related to freeipa itself.
Posting the AVC might be helpful here -- chances are just some files are mislabaled. I tried a quick: # getsebool -a | grep ftp but didn't find anything relevant that would need toggling to make non-unix auth working. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project