https://bugzilla.novell.com/show_bug.cgi?id=786024 https://bugzilla.novell.com/show_bug.cgi?id=786024#c38 Tony Jones <tonyj@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|tonyj@suse.com | --- Comment #38 from Tony Jones <tonyj@suse.com> 2013-03-29 04:56:45 UTC --- Ubuntu bug on this also: https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1160372 The issue is occurring because it seems vsftp has changed it's pid namespace. Probably from sysdeputil.c::vsf_sysutil_fork_isolate_failok() "syscall(__NR_clone, CLONE_NEWPID)" There is a specific prohibition in the kernel on this: ----------------------------------------------------------------------------- commit 34e36d8ecbd958bc15f8e63deade1227de337eb1 Author: Eric W. Biederman <ebiederm@xmission.com> Date: Mon Sep 10 23:20:20 2012 -0700 audit: Limit audit requests to processes in the initial pid and user namespaces. This allows the code to safely make the assumption that all of the uids gids and pids that need to be send in audit messages are in the initial namespaces. If someone cares we may lift this restriction someday but start with limiting access so at least the code is always correct. ----------------------------------------------------------------------------- Regarding audit=0. I imagine it would solve the issue, rather extreme. Also if I boot with audit=0 then client side ftp fails with "500 OOPS: priv_sock_get_cmd" (seccomp_sandbox=NO in /etc/vsftpd.conf). Can you verify if the above vsftp codepath is indeed being executed and see what happens if VSF_SYSDEP_HAVE_LINUX_CLONE is disabled. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.