VSFTP local user works, but PAM users Permission Denied

I am attempting to configure vsftp to use PAM to authenticate virtual users on my Arch server. It seems so straight forward, I must be missing something simple. ### Configuration + local user virtualftp in group virtualftp + folders /srv/ftp and /srv/ftp/test1 owned by virtualftp:virtualftp + PAM user test1 with password test1p in /etc/vsftpd_login.db #### /etc/pam.d/vsftpd auth required pam_userdb.so db=/etc/vsftpd_login crypt=hash account required pam_userdb.so db=/etc/vsftpd_login crypt=hash session required pam_loginuid.so #### /etc/vsftp.conf anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES ftpd_banner=Welcome to MCID's FTP server. chroot_local_user=YES chroot_list_enable=YES chroot_list_file=/etc/vsftpd.chroot_list listen=YES # nopriv_user=virtualftp # SSL Configuration # ssl_enable=YES # allow_anon_ssl=NO # force_local_data_ssl=NO # force_local_logins_ssl=YES # ssl_tlsv1=YES # ssl_sslv2=YES # ssl_sslv3=YES # rsa_cert_file=/etc/ssl/certs/vsftpd.pem # rsa_private_key_file=/etc/ssl/certs/vsftpd.pem # Passive Port Range pasv_min_port=49152 pasv_max_port=65534 # Added settings for PAM virtualftp logins pam_service_name=vsftpd guest_enable=YES guest_username=virtualftp virtual_use_local_privs=YES # Private folders for virtual users local_root=/srv/ftp/$USER user_sub_token=$USER Currently I can login with sftp://theherk@sftp.example.com (my local user) just fine. However, if I attempt to login with test1, I get "permission denied". What am I missing or confused about?