Bug 25108

Summary: the 'dir' command do not work on vsftpd server
Product: Mageia Reporter: eric gerbier <eric.gerbier>
Component: RPM PackagesAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: brtians1, bruno, herman.viaene, jani.valimaa, sysadmin-bugs, tmb
Version: 7Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7-64-OK
Source RPM: vsftpd-3.0.3-7.mga7.src.rpm CVE:
Status comment:

Description eric gerbier 2019-07-11 14:35:52 CEST 
Description of problem:
on mageia 7, with vsftpd, the dir|ls command fails and kill the connection to the server
other commands like put/get are still working

ps : the problem does not exists on mageia 6

Version-Release number of selected component (if applicable):
vsftpd-3.0.3-7.mga7.src.rpm

How reproducible:


Steps to Reproduce:
1. urpmi vsftpd
2. systemctl start vsftpd.service
3. ftp localhost 
4. try a 'dir' command

the result is 
ftp> dir
227 Entering Passive Mode (127,0,0,1,187,111).
150 Here comes the directory listing.
500 OOPS: 421 Service not available, remote server has closed connection

the problem seems to be general : I found it on archlinux : https://bugs.archlinux.org/task/62889
Comment 1 eric gerbier 2019-07-11 14:45:58 CEST 
the dir command works only if I add "seccomp_sandbox=NO" in /etc/vsftpd/vsftpd.conf
Comment 2 Jani Välimaa 2019-07-11 17:42:05 CEST 
I'll check this one.

Assignee: bugsquad => jani.valimaa
CC: (none) => jani.valimaa

Comment 3 Jani Välimaa 2019-07-11 18:38:05 CEST 
Added a patch to allow getdents64 syscalls.

Pushed vsftpd-3.0.3-7.1.mga7 to core/updates_testing for mga7. Please test.

Assignee: jani.valimaa => qa-bugs

Comment 4 eric gerbier 2019-07-12 09:12:07 CEST 
it is better but not enough :
if I try on anonymous ftp, it works
if I try on my account, I have still the same error

gerbier@lxcti1 ~ $ rpm -q vsftpd 
vsftpd-3.0.3-7.1.mga7

gerbier@lxcti1 ~ $ ftp localhost
Connected to localhost.
220 (vsFTPd 3.0.3)
530 Please login with USER and PASS.
Name (localhost:gerbier): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (127,0,0,1,95,122).
150 Here comes the directory listing.
dr-xr-sr-x    2 983      977          4096 Jul 11 16:28 pub
226 Directory send OK.
ftp> quit
221 Goodbye.

gerbier@lxcti1 ~ $ ftp localhost
Connected to localhost.
220 (vsFTPd 3.0.3)
530 Please login with USER and PASS.
Name (localhost:gerbier): 
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (127,0,0,1,49,10).
150 Here comes the directory listing.
500 OOPS: 421 Service not available, remote server has closed connection

if I run strace -ff on vsftpd process, I got an SIGSYS  error :

...
lstat("SPIP-v3.1.9.zip", {st_mode=S_IFREG|0644, st_size=10368268, ...}) = 0
lstat("vpnc.patch", {st_mode=S_IFREG|0644, st_size=423, ...}) = 0
lstat("projets", {st_mode=S_IFLNK|0777, st_size=28, ...}) = 0
readlink("projets", "/sauvegarde/gerbier/projets/", 4095) = 28
lstat("alert_search.json", {st_mode=S_IFREG|0644, st_size=722, ...}) = 0
lstat("menu_auto2.php.dmz2", {st_mode=S_IFREG|0755, st_size=4113, ...}) = 0
lstat("unison.log", {st_mode=S_IFREG|0600, st_size=10757, ...}) = 0
lstat("rpmreaper-0.2.0-19.mga7.x86_64.rpm", {st_mode=S_IFREG|0644, st_size=48764, ...}) = 0
lstat("config", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat("wab", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat("test_fs.sh", {st_mode=S_IFREG|0750, st_size=702, ...}) = 0
getdents64(4, /* 0 entries */, 32768)   = 0
sysinfo( <unfinished ...>)              = ?
+++ killed by SIGSYS +++
Comment 5 Jani Välimaa 2019-07-12 13:46:44 CEST 
OK, I'll check if there are other getdents calls to fix.
Comment 6 Jani Välimaa 2019-07-13 09:30:39 CEST 
Did some testing and I don't have issues with a local user after updating.

$ rpm -qa vsftpd
vsftpd-3.0.3-7.1.mga7

$ ftp localhost
Connected to localhost.
220 (vsFTPd 3.0.3)
530 Please login with USER and PASS.
Name (localhost:wally): 
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,88,92).
150 Here comes the directory listing.
drwxr-xr-x    2 1000     1000         4096 Jun 16 07:24 Desktop
drwxr-xr-x    2 1000     1000         4096 Jun 16 07:24 Documents
drwxr-xr-x    2 1000     1000         4096 Jun 16 07:24 Downloads
drwxr-xr-x    2 1000     1000         4096 Jun 16 07:24 Music
drwxr-xr-x    2 1000     1000         4096 Jun 16 07:24 Pictures
drwxr-xr-x    2 1000     1000         4096 Jun 16 07:24 Templates
drwxr-xr-x    2 1000     1000         4096 Jun 16 07:24 Videos
drwx------    2 1000     1000         4096 Sep 18  2018 tmp
226 Directory send OK.
Comment 7 eric gerbier 2019-07-15 15:25:37 CEST 
I had some more tests with vsftpd-3.0.3-7.1.mga7 on several computers.

I have still the same problem on main computer (without tomoyo/selinux/apparmor)
but it works on another computer : I will have to search what are the differences !
Comment 8 eric gerbier 2019-07-23 09:42:01 CEST 
it seems to be a problem with the number of files in the target directory


I have tested, by adding files, one by one, and the dir command works (for me) with 31 or less files; with 32 (or more) files, the dir command does not work.
Comment 9 Herman Viaene 2019-09-17 10:28:05 CEST 
MGA7-64 Plasma on Lenovo B50
No installation issues.
Hm, just installing the update, start it from MCC, check on CLI:
# systemctl -l status vsftpd
● vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2019-09-17 10:14:39 CEST; 10min ago
 Main PID: 5586 (vsftpd)
   Memory: 1.6M
   CGroup: /system.slice/vsftpd.service
           └─5586 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf

sep 17 10:14:39 mach5.hviaene.thuis systemd[1]: Starting Vsftpd ftp daemon...
sep 17 10:14:39 mach5.hviaene.thuis systemd[1]: Started Vsftpd ftp daemon.

Then
$ ftp localhost
Connected to localhost.
220 (vsFTPd 3.0.3)
530 Please login with USER and PASS.
Name (localhost:tester7): 
530 This FTP server is anonymous only.
Login failed.
ftp> 
I'll have to do some research on ftp, but I feel the defaults on localhost should work.

CC: (none) => herman.viaene

Comment 10 Herman Viaene 2019-09-17 11:03:39 CEST 
OK, I had to add
userlist_deny=NO 
to /etc/vsftpd/vsftpd.conf and put my username in /etc/vsftpd/user_list
then
$ ftp localhost
Connected to localhost.
220 (vsFTPd 3.0.3)
530 Please login with USER and PASS.
Name (localhost:tester7): 
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/home/tester7" is the current directory
ftp> dir
227 Entering Passive Mode (127,0,0,1,119,30).
150 Here comes the directory listing.
drwxr-xr-x    2 1000     1000         4096 Sep 01 19:44 Afbeeldingen
drwxrwxr-x    2 1000     1000         4096 Sep 14 09:22 Desktop
drwxr-xr-x    4 1000     1000         4096 Sep 15 09:31 Documenten
drwxr-xr-x    2 1000     1000         4096 Sep 15 08:07 Downloads
drwxr-xr-x    2 1000     1000         4096 Jul 13 10:12 Muziek
drwxr-xr-x    2 1000     1000         4096 Jul 13 10:12 Sjablonen
drwxr-xr-x    2 1000     1000         4096 Jul 13 10:12 Video's
drwxrwxr-x    2 1000     1000         4096 Sep 14 09:15 test
drwx------    2 1000     1000         4096 Sep 18  2018 tmp
226 Directory send OK.
ftp> cd cd Documenten
550 Failed to change directory.
ftp> cd Documenten
250 Directory successfully changed.
ftp> dir
227 Entering Passive Mode (127,0,0,1,244,78).
150 Here comes the directory listing.
500 OOPS: 421 Service not available, remote server has closed connection

There are 2 subfolders and 66 files in the Documenten folder.
Comment 11 Brian Rockwell 2019-09-19 18:03:41 CEST 
Connected to localhost.
220 (vsFTPd 3.0.3)


250 Directory successfully changed.
ftp> dir
227 Entering Passive Mode (127,0,0,1,176,118).
150 Here comes the directory listing.
500 OOPS: 421 Service not available, remote server has closed connection


--------
This failed

CC: (none) => brtians1

Brian Rockwell 2019-09-19 18:04:59 CEST

Keywords: (none) => feedback

Comment 12 Rémi Verschelde 2019-12-13 17:07:05 CET 
Reassigning to packagers as the update seems not ready for QA.
Comment 13 Rémi Verschelde 2019-12-13 17:07:41 CET 
Reassigning to packagers as the update seems not ready for QA.

CC: (none) => bruno
Assignee: qa-bugs => bugsquad

Comment 14 Lewis Smith 2019-12-18 22:10:59 CET 
@eric : thanks for your testing, esp comment 8.
@Jani : thanks for your input.
Also Herman & Brian for tests.

(In reply to Rémi Verschelde from comment #13)
> Reassigning to packagers as the update seems not ready for QA.
Assigning globally; but Jani is CC'd as he has already looked at this. Registered maintainer is Bruno, already CC'd above.

Assignee: bugsquad => pkg-bugs
Keywords: feedback => (none)

Comment 15 Jani Välimaa 2019-12-19 10:04:27 CET 
Added patch from Arch to fix the issue to list > 31 items in a dir. Added also a patch originally from Fedora to disable anonymous access by default.

Please test vsftpd-3.0.3-7.2.mga7 from core/updates_testing.

Assignee: pkg-bugs => qa-bugs

Comment 16 eric gerbier 2019-12-19 15:41:08 CET 
I can confirm : on my tests, the problem is fixed with vsftpd-3.0.3-7.2

thanks !!
Comment 17 Herman Viaene 2020-01-06 15:52:48 CET 
MGA7-64 Plasma on Lenovo B50
No installation issues
With default installation:
# systemctl -l start vsftpd 
# systemctl -l status vsftpd
● vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-01-06 15:36:55 CET; 3s ago
  Process: 9332 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
 Main PID: 9333 (vsftpd)
   Memory: 496.0K
   CGroup: /system.slice/vsftpd.service
           └─9333 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf

jan 06 15:36:55 mach5.hviaene.thuis systemd[1]: Starting Vsftpd ftp daemon...
jan 06 15:36:55 mach5.hviaene.thuis systemd[1]: Started Vsftpd ftp daemon.
and then
$ ftp localhost
Connected to localhost.
500 OOPS: vsftpd: both local and anonymous access disabled!
ftp> quit
So made the changes in /etc/vsftpd/ as described in Comment 10
and then
# systemctl -l restart vsftpd 
Job for vsftpd.service failed because the control process exited with error code.
See "systemctl status vsftpd.service" and "journalctl -xe" for details.
[root@mach5 ~]# systemctl -l status vsftpd 
● vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Mon 2020-01-06 15:40:09 CET; 13s ago
  Process: 15961 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=2)

jan 06 15:40:09 mach5.hviaene.thuis systemd[1]: vsftpd.service: Succeeded.
jan 06 15:40:09 mach5.hviaene.thuis systemd[1]: Stopped Vsftpd ftp daemon.
jan 06 15:40:09 mach5.hviaene.thuis systemd[1]: Starting Vsftpd ftp daemon...
jan 06 15:40:09 mach5.hviaene.thuis systemd[1]: vsftpd.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
jan 06 15:40:09 mach5.hviaene.thuis systemd[1]: vsftpd.service: Failed with result 'exit-code'.
jan 06 15:40:09 mach5.hviaene.thuis systemd[1]: Failed to start Vsftpd ftp daemon.
 journal -xe mentions INVALIDARGUMENT
Comment 18 Brian Rockwell 2020-01-09 05:02:35 CET 
I installed it on a fresh hardware build.



It worked for me.

Jan 08 21:32:02 linux.local [RPM][6409]: install vsftpd-3.0.3-7.2.mga7.x86_64: success

root      9759     1  0 21:50 ?        00:00:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf

I was able to move a few hundred files and query a directory with over a hundred through filezilla.

Seems to work for me now.

Herman - can I approve this from this test?
Comment 19 Herman Viaene 2020-01-09 09:47:05 CET 
@ Brian
Well, I'm a bit frustrated because you do not mention whether you made any changes in the conf files.
Anyway, I commented out the changes I made, and instead uncommented the line
local_enable=YES
in the /etc/vsftpd/vsftpd.conf file.
That allowed me to have the vsftpd to run OK and
$ ftp localhost
Connected to localhost.
220 (vsFTPd 3.0.3)
530 Please login with USER and PASS.
Name (localhost:tester7): 
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,160,170).
150 Here comes the directory listing.
drwxr-xr-x    3 1000     1000         4096 Jan 03 13:51 Afbeeldingen
drwxrwxr-x    2 1000     1000         4096 Jan 02 13:49 Desktop
drwxr-xr-x    3 1000     1000         4096 Jan 07 09:28 Documenten
drwxr-xr-x    3 1000     1000         4096 Jan 06 13:29 Downloads
drwxr-xr-x    2 1000     1000         4096 Dec 28 10:01 Muziek
drwxr-xr-x    2 1000     1000         4096 Dec 28 10:01 Sjablonen
drwxr-xr-x    2 1000     1000         4096 Dec 28 10:01 Video's
drwx------    2 1000     1000         4096 Sep 18  2018 tmp
226 Directory send OK.

So, OK for both of us.

Whiteboard: (none) => MGA7-64-OK

Comment 20 Brian Rockwell 2020-01-09 14:46:19 CET 
My apologies Herman - yes uncommented that line and also the allow-write line.

Again my apologies.
Thomas Backlund 2020-01-11 23:49:32 CET

Keywords: (none) => advisory, validated_update
CC: (none) => tmb, sysadmin-bugs

Comment 21 Mageia Robot 2020-01-12 00:53:18 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2020-0015.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED