Bug 52930

Summary: All passwords are denied
Product: [Retired] Red Hat Linux Reporter: Mark Horton <mark>
Component: wu-ftpdAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED NOTABUG QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
URL: ftp://mhorton.net
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-08-31 11:58:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mark Horton 2001-08-30 22:43:10 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.7 [en] (X11; I; SunOS 5.8 sun4u)

Description of problem:
When upgrading to 7.1, the included uw-ftpd package will
not accept any valid passwords.  It insists they are all
incorrect.  Worked fine in 6.0.



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Install wu-ftpd.
2.Configure firewall to permit FTP
3.Establish a known working user/password combination.
4.Verify /etc/ftpusers and /etc/shells OK.
5.FTP to the server.
6.Log in.

Actual Results:  Password is denied as incorrect.


Expected Results:  Password should be accepted.

Additional info:

Note: I had the same problem with my 6.0 imapd binary.
I got the latest source from UW and rebuilt it - that
solved my problem.  You probably need a rebuild of wu-ftpd
for 7.1 as well.

I'm using shadow passwords.
Comment 1 Bernhard Rosenkraenzer 2001-08-31 07:59:54 UTC 
Works perfectly here...

What explanations do you get in syslog?
Comment 2 Mark Horton 2001-08-31 11:58:31 UTC 
Thanks for the tip on the log file!  It says:

Aug 31 07:49:41 mhorton ftpd[5348]: FTP LOGIN REFUSED (username in denied-uid)
FROM mrhsun [204.210.244.47], mark

This led me to the ftpaccess file, which is apparently much more strict in
7.1 than in 6.0.  The 7.1 ftpaccess contains the line
	deny-gid %-99 %65534-
which denies practically everybody on my system.  Apparently you now
have a convention that the gid=uid.

Do you have release notes documenting the areas where 7.x isn't upward
compatible with 6.x and pointers to documentation to address them?
That would be very helpful.  This should be added to them, along with
firewall notes, kernel incompatibilities, aic7xxx problems, etc.

I've resolved this problem by deleting the deny-gid line from ftpaccess.
Go ahead and close this bug.
Comment 3 Bernhard Rosenkraenzer 2001-09-03 11:16:00 UTC 
In normal use, UIDs < 99 and > 65534 are reserved for system users, so this is 
intentional.
As for release-notes, no, we don't keep a log of those changes at the moment.
Comment 4 Mark Horton 2001-09-04 14:43:10 UTC 
This problem, however, was not about UIDs, but about GIDs.
GIDs have normally (historically) been in the 1-100 range.
If you're going to expect users, including admins, to be
only in groups larger than 100, this is a change.
If you're going to expect GID to match UID, this is also
a change.
Comment 5 Bernhard Rosenkraenzer 2001-09-04 14:47:21 UTC 
It has been that way forever, at the very least since 5.0.