Bug 839257
| Summary: | vsftpd doesn't accept legacy ipv4 connections when set to listen on ipv6 | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Vadim Grinco <vgrinco> | ||||||
| Component: | vsftpd | Assignee: | Jiri Skala <jskala> | ||||||
| Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | ||||||
| Severity: | urgent | Docs Contact: | |||||||
| Priority: | high | ||||||||
| Version: | 6.5 | CC: | aglotov, cra, pwouters, rbiba | ||||||
| Target Milestone: | rc | Keywords: | Reopened | ||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2012-10-29 11:38:33 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 508685 | ||||||||
| Attachments: |
|
||||||||
|
Description
Vadim Grinco
2012-07-11 11:47:26 UTC
The issue was really introduced intentionally by BZ#592850. The vsftpd can be configured using two configure files. The first one will set listen=YES. The second on will set listen_ipv6=YES. So configured vsftpd will start two instances listening on different IP versions. With respect to intention of BZ#592850 and described solution I close the bug with the status 'wontfix'. there are more problems then just using two config files. Since vsftpd does not write pid files, there is no way you can have the two services running using the same daemon name. As a work around, I created a softlink to vsftpd6 and install an additional initscript that uses prog=vsftpd6. spec file and vsftpd6.init attached. This change allows me to properly run v4 and v6 with the current patched vsftpd code. Hoever, I concur with #592850 that it should just listen to both v4 and v6 using one daemon and one config file. But if you're unwilling to do so, at least apply the attached files to properly run 2 separate services. Created attachment 633003 [details]
vsftpd init script for ipv6
Created attachment 633004 [details]
vsftpd spec file with ipv6 update
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux. https://fedorahosted.org/fesco/ticket/693 Fesco seemed to have agreed for the fedora branches..... (In reply to comment #9) > there are more problems then just using two config files. Since vsftpd does > not write pid files, there is no way you can have the two services running > using the same daemon name. > > As a work around, I created a softlink to vsftpd6 and install an additional > initscript that uses prog=vsftpd6. > Hi Paul, there is no necessity to have more initscripts for particular instances of vsftpd. This is enough to create two or more config files in /etc/vsftpd directory that pass to mask *.conf. (e. g. vsftpd.conf, vsftpd1.conf). Using 'service vsftpd start' will start appropriate number of daemon instances to number of correct configuration files. You are able to have more running daemons and each of them is listening on different IP version, address or port. You can split configuration for listening to port 21 & 990 (ftp & ftps) and a lot of other variation. If you have a trouble with starting more vsftpd instances and you are convinced this is a bug, please, open new bug and put there your conf files and other details necessary for reproducing. I currently have no issue with running more instances. Best regards Jiri sigh The FESCO decision makes sense. We should not have multiple init scripts or multiple config files to support v4 and v6. If I enable vsftpd, it should be enabled for v4 and v6, using a single config file. I'm not sure why you excluded the RHEL branch from FESCO's advise. It seems petty Supporting multiple conf files is fine, requiring multiple config files for the simple case of running ftp on 4+6 is not. |