[Bug 786024] New: vsftpd broken - OOPS: priv_sock_get_cmd
https://bugzilla.novell.com/show_bug.cgi?id=786024 https://bugzilla.novell.com/show_bug.cgi?id=786024#c0 Summary: vsftpd broken - OOPS: priv_sock_get_cmd Classification: openSUSE Product: openSUSE Factory Version: 12.3 Milestone 0 Platform: Other OS/Version: openSUSE 12.2 Status: NEW Severity: Major Priority: P5 - None Component: Network AssignedTo: mvyskocil@suse.com ReportedBy: suse-beta@cboltz.de QAContact: qa-bugs@suse.de Found By: Beta-Customer Blocker: --- vsftpd is running, but... # ncftp -u demo localhost NcFTP 3.2.4 (May 16, 2010) by Mike Gleason (http://www.NcFTP.com/contact/). Server hungup immediately after connect. OOPS: priv_sock_get_cmd Workaround: add seccomp_sandbox=NO to vsftpd.conf See also https://bbs.archlinux.org/viewtopic.php?id=147074 - the page says this is fixed in vsftpd 3.0.2, so updating vsftpd to this version should be enough. I did not test if this bug is only in Factory (I'm using factory-tested from 2012-10-03) or also in 12.2. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c1
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c2
Benjamin Brunner
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c3
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c4
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c5
--- Comment #5 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c6
--- Comment #6 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c7
Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c8
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c9
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c
Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c10
--- Comment #10 from Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c11
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c12
Thorsten Kukuk
Well, I suspect the pam subsystem try to open a /dev/log.
PAM calls syslog(), which I assumes opens /dev/log.
2013-02-21T14:20:17.693042+01:00 linux-xtv2 vsftpd[1]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=mvyskocil rhost=::1 user=mvyskocil 2013-02-21T14:20:18.407159+01:00 linux-xtv2 vsftpd[1]: pam_sss(vsftpd:auth): authentication success; logname= uid=0 euid=0 tty=ftp ruser=mvyskocil rhost=::1 user=mvyskocil 2013-02-21T14:20:18.409089+01:00 linux-xtv2 vsftpd[1]: PAM audit_log_acct_message() failed: Operation not permitted 2013-02-21T14:20:18.411338+01:00 linux-xtv2 vsftpd[1]: [mvyskocil] FAIL LOGIN: Client "::1"
@thorsen: I would say both CAP_AUDIT_* are needed for vsftpd. I'm right?
I have no idea about CAP_AUDIT_*, but PAM is using the audit subsystem for logging. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c13
--- Comment #13 from Christian Boltz
@thorsen: I would say both CAP_AUDIT_* are needed for vsftpd. I'm right?
Just ask AppArmor, your friendly permission inventory software (and, side effect, it secures your server ;-) This is what I have in my AppArmor profile for vsftpd: capability audit_write, capability setgid, capability setuid, capability sys_admin, capability sys_chroot, Note: sys_admin might be a leftover from older versions and might no longer be needed - IIRC in the past audit_write was a part of sys_admin. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c14
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c15
--- Comment #15 from Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c16
--- Comment #16 from Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c17
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c18
--- Comment #18 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c19
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c20
Tony Jones
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c21
--- Comment #21 from Tony Jones
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c22
--- Comment #22 from Tony Jones
@tonyj: can you check the strace output and find why the pam returns such error? The Linux-PAM-1.1.6/lib/pam_audit.c does this
rc = audit_log_acct_message (audit_fd, type, NULL, buf, (retval != PAM_USER_UNKNOWN && pamh->user) ? pamh->user : "?", -1, pamh->rhost, NULL, pamh->tty, retval == PAM_SUCCESS );
/* libaudit sets errno to his own negative error code. This can be an official errno number, but must not. It can also be a audit internal error code. Which makes errno useless :-((. Try the best to fix it. */ errno = -rc;
pamh->audit_state |= PAMAUDIT_LOGGED;
if (rc < 0) { if (rc == -EPERM && getuid() != 0) return 0; if (errno != old_errno) { old_errno = errno; pam_syslog (pamh, LOG_CRIT, "audit_log_acct_message() failed: %m"); } } return rc;
so audit_log_acct_message returned negative value, but if I have no idea why.
The code in audit (lib/netlink.c::check_ack()) /* NLMSG_ERROR can indicate success, only report nonzero */ if (rep.error->error) { errno = -rep.error->error; return rep.error->error; Based on the strace log, rep.error->error is -1 which should be what is returned back to PAM. Is there anything informative in the kernel or audit logs? Otherwise can you give me a quick tutorial on how to setup to reproduce as I'll have to debug the library. Thanks! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c23
Olivier Nicolas
I need to get this string data in a format that's easier to understand. The \230 part is a netlink header but "strace -xx" format would be much easier for me to decipher.
strace -xx output [pid 6654] close(6) = 0 [pid 6654] close(5) = 0 [pid 6654] readlink("\x2f\x70\x72\x6f\x63\x2f\x73\x65\x6c\x66\x2f\x65\x78\x65", "\x2f\x75\x73\x72\x2f\x73\x62\x69\x6e\x2f\x76\x73\x66\x74\x70\x64", 4096) = 16 [pid 6654] sendto(4, "\x78\x00\x00\x00\x4c\x04\x05\x00\x01\x00\x00\x00\x00\x00\x00\x00\x6f\x70\x3d\x50\x41\x4d\x3a\x61\x75\x74\x68\x65\x6e\x74\x69\x63\x61\x74\x69\x6f\x6e\x20\x61\x63\x63\x74\x3d\x22\x64\x65\x6d\x6f\x22\x20\x65\x78\x65\x3d\x22\x2f\x75\x73\x72\x2f\x73\x62\x69\x6e\x2f\x76\x73\x66\x74\x70\x64\x22\x20\x68\x6f\x73\x74\x6e\x61\x6d\x65\x3d\x3a\x3a\x31\x20\x61\x64\x64\x72\x3d\x3a\x3a\x31\x20\x74\x65\x72\x6d\x69\x6e\x61\x6c\x3d\x66\x74\x70\x20\x72\x65\x73\x3d\x73\x75\x63\x63\x65\x73\x73\x00", 120, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 120 [pid 6654] poll([{fd=4, events=POLLIN}], 1, 500) = 1 ([{fd=4, revents=POLLIN}]) [pid 6654] recvfrom(4, "\x8c\x00\x00\x00\x02\x00\x00\x00\x01\x00\x00\x00\xd7\xee\xff\xff\xff\xff\xff\xff\x78\x00\x00\x00\x4c\x04\x05\x00\x01\x00\x00\x00\x00\x00\x00\x00\x6f\x70\x3d\x50\x41\x4d\x3a\x61\x75\x74\x68\x65\x6e\x74\x69\x63\x61\x74\x69\x6f\x6e\x20\x61\x63\x63\x74\x3d\x22\x64\x65\x6d\x6f\x22\x20\x65\x78\x65\x3d\x22\x2f\x75\x73\x72\x2f\x73\x62\x69\x6e\x2f\x76\x73\x66\x74\x70\x64\x22\x20\x68\x6f\x73\x74\x6e\x61\x6d\x65\x3d\x3a\x3a\x31\x20\x61\x64\x64\x72\x3d\x3a\x3a\x31\x20\x74\x65\x72\x6d\x69\x6e\x61\x6c\x3d\x66\x74\x70\x20\x72\x65\x73\x3d\x73\x75\x63\x63\x65\x73\x73\x00", 8988, MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 140 [pid 6654] recvfrom(4, "\x8c\x00\x00\x00\x02\x00\x00\x00\x01\x00\x00\x00\xd7\xee\xff\xff\xff\xff\xff\xff\x78\x00\x00\x00\x4c\x04\x05\x00\x01\x00\x00\x00\x00\x00\x00\x00\x6f\x70\x3d\x50\x41\x4d\x3a\x61\x75\x74\x68\x65\x6e\x74\x69\x63\x61\x74\x69\x6f\x6e\x20\x61\x63\x63\x74\x3d\x22\x64\x65\x6d\x6f\x22\x20\x65\x78\x65\x3d\x22\x2f\x75\x73\x72\x2f\x73\x62\x69\x6e\x2f\x76\x73\x66\x74\x70\x64\x22\x20\x68\x6f\x73\x74\x6e\x61\x6d\x65\x3d\x3a\x3a\x31\x20\x61\x64\x64\x72\x3d\x3a\x3a\x31\x20\x74\x65\x72\x6d\x69\x6e\x61\x6c\x3d\x66\x74\x70\x20\x72\x65\x73\x3d\x73\x75\x63\x63\x65\x73\x73\x00", 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 140 [pid 6654] getuid() = 0 [pid 6654] getuid() = 0 [pid 6654] socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 [pid 6654] connect(5, {sa_family=AF_FILE, sun_path="\x2f\x64\x65\x76\x2f\x6c\x6f\x67"}, 110) = 0 [pid 6654] sendto(5, "\x3c\x38\x32\x3e\x4d\x61\x72\x20\x20\x32\x20\x32\x32\x3a\x34\x36\x3a\x31\x39\x20\x76\x73\x66\x74\x70\x64\x3a\x20\x50\x41\x4d\x20\x61\x75\x64\x69\x74\x5f\x6c\x6f\x67\x5f\x61\x63\x63\x74\x5f\x6d\x65\x73\x73\x61\x67\x65\x28\x29\x20\x66\x61\x69\x6c\x65\x64\x3a\x20\x4f\x70\x65\x72\x61\x74\x69\x6f\x6e\x20\x6e\x6f\x74\x20\x70\x65\x72\x6d\x69\x74\x74\x65\x64", 88, MSG_NOSIGNAL, NULL, 0) = 88 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c24
--- Comment #24 from Michal Vyskocil
Is there anything informative in the kernel or audit logs? Otherwise can you give me a quick tutorial on how to setup to reproduce as I'll have to debug the library.
Hi, I don't see anything useful in system log 2013-03-04T14:27:45.535028+01:00 linux-xtv2 systemd[1]: Started Vsftpd ftp daemon. 2013-03-04T14:28:01.953454+01:00 linux-xtv2 vsftpd[1]: PAM audit_log_acct_message() failed: Operation not permitted 2013-03-04T14:28:01.954845+01:00 linux-xtv2 vsftpd[1]: [test] FAIL LOGIN: Client "127.0.0.1" 2013-03-04T14:28:14.316061+01:00 linux-xtv2 systemd[1]: Started Vsftpd ftp daemon. 2013-03-04T14:28:39.682743+01:00 linux-xtv2 vsftpd[1]: PAM audit_log_acct_message() failed: Operation not permitted 2013-03-04T14:28:39.684083+01:00 linux-xtv2 vsftpd[1]: [test] FAIL LOGIN: Client "127.0.0.1" and dmesg seems to be full of wlan0 related things only. Steps to reproduce 1.) install 12.3 RC2 2.) zypper install vsftpd 3.) useradd test 4.) echo "test" | passwd test 5.) systemctl start vsftpd.service 6.) ftp ftp://test:test@localhost BTW: you might get a OOPS: priv_sock_get_cmd, in this case please add Workaround: add seccomp_sandbox=NO to vsftpd.conf It has been fixed, just I am not sure if it appear in RC2 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c25
--- Comment #25 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c26
--- Comment #26 from Tony Jones
Steps to reproduce 1.) install 12.3 RC2 2.) zypper install vsftpd 3.) useradd test 4.) echo "test" | passwd test 5.) systemctl start vsftpd.service 6.) ftp ftp://test:test@localhost
BTW: you might get a OOPS: priv_sock_get_cmd, in this case please add
Workaround: add seccomp_sandbox=NO to vsftpd.conf
It has been fixed, just I am not sure if it appear in RC2
Thanks, I can reproduce, but I don't have an answer yet. It's odd as - 'auditctl -m' is working fine, this calls audit_send_user_message() and succeeds. - su succeeds, here PAM is calling audit_log_acct_message() which is calling audit_send_user_message() su: in audit_log_acct_message audit_fd=3, type=1104, pgname='(null)', op='PAM:setcred', name='root', id=4294967295, host='(null)', addr='(null)', tty='pts/3', result=1 return is 6 vsftp: in audit_log_acct_message audit_fd=4, type=1100, pgname='(null)', op='PAM:authentication', name='test', id=4294967295, host='127.0.0.1', addr='(null)', tty='ftp', result=1 return is -1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c27
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c28
--- Comment #28 from Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c29
Cristian Rodríguez
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c30
Chuck Davis
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c31
--- Comment #31 from Chuck Davis
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c32
--- Comment #32 from Johan Persson
A Linux server with no working FTP server is a real black eye!
Until this is fixed an easy workaround for this "black-eye" is to use pure-ftpd instead which works just fine and is functional equivalent in (almost) all practical sense to vsftpd -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c34
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c35
Ioannis Theodoridis
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c36
--- Comment #36 from Johan Persson
Pure-ftpd is reported (OpenSuSE forums) to work only if pam athentication is disabled (and local authentication enabled) in the pure-ftpd configuration.
Strange, I'm using pure-ftpd (SuSE 12.3) with configuration PAMAuthentication yes and this works just fine (but vsftpd does not). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c37
--- Comment #37 from Ioannis Theodoridis
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c38
Tony Jones
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c39
--- Comment #39 from Michal Vyskocil
Also if I boot with audit=0 then client side ftp fails with "500 OOPS: priv_sock_get_cmd" (seccomp_sandbox=NO in /etc/vsftpd.conf).
This does not makes any sense to me. This bug is related to enabled seccomp sanbox, but it was fixed before 12.3 release. I'll test that. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c40
Michal Vyskocil
Can you verify if the above vsftp codepath is indeed being executed and see what happens if VSF_SYSDEP_HAVE_LINUX_CLONE is disabled.
With a traditional fork pam session can be opened, however next test - an attempt to download the file dies on a seccomp sanbox. The same apply for a clone w/o NEW_PID, where an audit error is different. I will track this in an another bug to not pollute this one with third issue. lowering a priority of this issue, patch is in home:mvyskocil:branches:network/vsftpd https://build.opensuse.org/project/show?project=home%3Amvyskocil%3Abranches%... https://build.opensuse.org/package/view_file?expand=1&file=vsftpd-drop-newpid-from-clone.patch&package=vsftpd&project=home%3Amvyskocil%3Abranches%3Anetwork -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c41
--- Comment #41 from Eduardo Rayas
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c42
--- Comment #42 from Michal Vyskocil
Well, I have a question now.
Will the system be updated to run VSFTPD correctly or I have to apply the patch manually?
There will be a maintenance update, once all issues will be resolved. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024 https://bugzilla.novell.com/show_bug.cgi?id=786024#c Bug 786024 depends on bug 812406, which changed state. Bug 812406 Summary: vsftpd dies on attemt to download file http://bugzilla.novell.com/show_bug.cgi?id=812406 What |Old Value |New Value ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c43
--- Comment #43 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c44
--- Comment #44 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c45
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c46
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c47
Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c48
--- Comment #48 from Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c49
--- Comment #49 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c50
--- Comment #50 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c51
--- Comment #51 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c52
--- Comment #52 from Angelos Tzotsos
When I tried it personally, it refused to start. I will check one more time and repost.
Hi Ioannis, Any updates on that? Did you manage to make it work with pure-ftp? I am having the same problem: pure-ftp refuses to start. I upgraded from 12.2. Did you upgrade too or was it a clean install? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c53
--- Comment #53 from Ioannis Theodoridis
(In reply to comment #37)
When I tried it personally, it refused to start. I will check one more time and repost.
Hi Ioannis,
Any updates on that? Did you manage to make it work with pure-ftp? I am having the same problem: pure-ftp refuses to start. I upgraded from 12.2. Did you upgrade too or was it a clean install?
Hello Angelos :) Yes I tried again, it needs to start through xinetd or it will not start on its own (standalone). I can't say I like it, but I will live until we get the official update for vsftpd through official repos, which I am waiting for very patiantly... Let's hope it doesn't take forever.. Guys the limitations of open source are showing in this case.. I know it's unfair, but the reaction I am gettinig in my enterprise is surprise and dissappointment. We are definately not winning over any business people like that. Personally, I am keeping a low profile till this is resolved. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c54
--- Comment #54 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c55
--- Comment #55 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c56
--- Comment #56 from Michal Vyskocil
Unfortunately the update did not work for me. I still get the "500 OOPS: priv_sock_get_cmd" error. Disabling seccomp sandbox is not working for me either...
Well, without a providing any more information I cannot help you much. Would you be so kind to open a new bug? I would need to explain what are you try to do - do you see that with (non)-anonymous download? How your vsftpd.conf look like? Does grep 'vsftpd' /var/log/messages says anything usefull? BTW: the output of strace -tt -s 512 of vsftpd daemon. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c57
--- Comment #57 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c58
--- Comment #58 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c59
--- Comment #59 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c60
--- Comment #60 from Arjen de Korte
Hi Michal,
Thanks for the reply. I have switched to sftp to bypass this issue. Here is the info you asked:
# ftp ftp://ueser:*****.@localhost Trying ::1... ftp: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. 220 Welcome message 331 Please specify the password. 500 OOPS: vsftpd: refusing to run with writable root inside chroot() ftp: Login failed. ftp: Can't connect or login to host `localhost' 500 OOPS: priv_sock_get_cmd
Add allow_writeable_chroot=YES to the bottom of your /etc/vsftpd.conf file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c61
--- Comment #61 from Angelos Tzotsos
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c62
--- Comment #62 from Chuck Davis
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c63
Ralph Moenchmeyer
From some OS 12.3 remote systems I cannot connect in case the following option is not set to NO:
require_ssl_reuse=NO So all in all vsftp still shows major deficiencies on Opensuse 12.3 which were not present in OS 12.2. Any ideas what I could do ? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c64
--- Comment #64 from Ralph Moenchmeyer
From some OS 12.3 remote systems I cannot connect in case the following option is not set to NO:
require_ssl_reuse=NO
I have seen that the OS 12.3-systems for which the setting "require_ssl_reuse=NO" is required all had the original Filezilla version 3.5.3 form the OS 12.3 OSS repository installed. After installing Filezilla version 3.7.0.1 from the network repository http://download.opensuse.org/repositories/network/openSUSE_12.3/ this problem, which is obviously client related, disappears and the setting require_ssl_reuse=YES works. The other problems described in comment #63, however, remain. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c65
Alejandro Bonilla
https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c66
--- Comment #66 from Michal Vyskocil
http://bugzilla.novell.com/show_bug.cgi?id=786024
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=786024
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=786024
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=786024
http://bugzilla.novell.com/show_bug.cgi?id=786024#c70
--- Comment #70 from Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=786024
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=786024
http://bugzilla.novell.com/show_bug.cgi?id=786024#c71
--- Comment #71 from Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com