Bug 246392

Summary: Cron reports logrotate postrotate failure if proftpd service stopped
Product: [Fedora] Fedora Reporter: Tony Nelson <tonynelson>
Component: proftpdAssignee: Matthias Saou <matthias>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 6   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 1.3.0a-8.fc7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-20 16:02:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tony Nelson 2007-07-01 17:41:46 UTC 
Description of problem:
Cron reports "error: error running postrotate script for /var/log/xferlog" if
the proftpd service is stopped.  This is caused by:

    test -f /var/lock/subsys/proftpd && /usr/bin/killall -HUP proftpd

which produces a non-zero exit status from the failure of the test.  I think
changing both postrotate scripts to this form will keep cron happy:

    if [ -f /var/lock/subsys/proftpd ] ; then
        /usr/bin/killall -HUP proftpd
    fi

Having proftpd stopped would no longer trigger an error, while failure to
signal a running proftpd will still be an error. I've tried similar code by
hand but I haven't waited a week to see if the script really works.

Version-Release number of selected component (if applicable):
proftpd-1.3.0a-3.fc6.src.rpm

How reproducible:
proftpd service stopped, weekly at logrotate time

Steps to Reproduce:
1.stop proftpd service
2.logrotate runs postrotate script weekly
3.
  
Actual results:
Email from cron

Expected results:
No output or email from cron

Additional info:
I use proftpd instead of vsftpd because proftpd is the only ftp server I found
that limits login attempts.  I use iptables rules with the ipt_recent module to
throttle cracking attempts for ftp and ssh (3/minute, 6/10 minute), along with
pam_recent to remove successful logins.

Proftpd is actually installed on CentOS (4.5 and 5), built on CentOS from the
FE6 srpm, but this minor bug appears to be unrelated to the OS version.
Comment 1 Matthias Saou 2007-08-12 14:39:28 UTC 
I've just pushed proftpd-1.3.0a-8.fc7 to testing-updates, could you try the
package and see if it fixes the problem for you? (If there are lib problems, I
might consider rebuilding an FC-6 package now, but I'd prefer to get positive
feedback first).
Comment 2 Tony Nelson 2007-08-12 18:14:02 UTC 
It doesn't seem to be there just yet, in
<http://download.fedora.redhat.com/pub/fedora/linux/updates/testing/7/>.  I'll
look again tomorrow.
Comment 3 Fedora Update System 2007-08-13 17:02:29 UTC 
proftpd-1.3.0a-8.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
Comment 4 Tony Nelson 2007-08-13 21:30:24 UTC 
OK, I got it.  I built and installed it where I'm using it (which is on CentOS 5
and on CentOS 4.5, where I needed to tweak /etc/pam.d/proftpd) and it seems to
work.  I'll know next week if it rotates happlily, but the logrotate script
looks OK to me.
Comment 5 Fedora Update System 2007-08-20 16:02:20 UTC 
proftpd-1.3.0a-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.