Bug 79118

Summary: vsftpd package not designed to run standalone
Product: [Retired] Red Hat Linux Reporter: Florin Andrei <florin>
Component: vsftpdAssignee: Bill Nottingham <notting>
Status: CLOSED RAWHIDE QA Contact: Mike McLean <mikem>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: mitr, rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-12-14 00:28:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Florin Andrei 2002-12-05 23:03:29 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.6 (X11; Linux i686; U;) Gecko/20020830

Description of problem:
The vsftpd package, as it is provided in the RH install kit, can be run only
from xinetd. There is no init.d script to run vsftpd standalone.
Running from xinetd is not that bad per se, but this way you loose one of the
greatest features of vsftpd: security.
Not to mention scalability, because i'm sure vsftpd can cope with much higher
loads when running standalone, as opposed to be launched from xinetd.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Try to configure vsftpd to run standalone
2.
3.
	

Actual Results:  There's no init.d script included with the package to run
vsftpd standalone.

Expected Results:  The package should include a init.d script.

Additional info:

Please modify the package to provide standalone capability.
It would be nice to provide both (xinetd and standalone).
If i were to choose one, i'd choose standalone. It's better to give people
solutions that are secure by default.

Comment 1 Florin Andrei 2002-12-06 23:16:04 UTC
Here's are some quotes from e-mails from Chris Evans:

##########################################
> Why do you recommend to run vsftpd from xinetd?
> Isn't it better to run it standalone, both from a
> security perspective
> (less things to care about) and performance (less
> fork()/exec() stuff)?

I guess that recommendation has now expired! The
reason was for some (often required) xinetd features
such as "connections limit per IP" and
"total connections limit"
As of vsftpd-1.1.3, these vital features are
implemented in the built-in listener.
##########################################

No reason to run vsftpd from xinetd now. ;-)


Comment 2 Bill Nottingham 2002-12-14 00:28:34 UTC
Changed in 1.1.3-1.