This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 112975 - allowed vsftp session hangs when tcp wrappers spawn is used
allowed vsftp session hangs when tcp wrappers spawn is used
Status: CLOSED NEXTRELEASE
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: tcp_wrappers (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Janousek
David Lawrence
:
Depends On:
Blocks: 241356 241357
  Show dependency treegraph
 
Reported: 2004-01-06 16:56 EST by Need Real Name
Modified: 2007-11-30 17:06 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-25 12:01:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
patch (1.31 KB, patch)
2007-05-25 09:03 EDT, Tomas Janousek
no flags Details | Diff

  None (edit)
Description Need Real Name 2004-01-06 16:56:12 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4)
Gecko/20030624 Netscape/7.1 (ax)

Description of problem:
vsftpd is installed and configured and seems to work fine by itself. 
 
I would like to use tcp wrappers to allow all sessions, but make a
trivial log entry when a session starts. (This is a simplification,
but demonstrates the problem). 
 
/etc/hosts.deny is left empty. 
 
If /etc/hosts.allow contains only the line: 
  vsftpd : ALL : ALLOW        
ftp sessions are fine. A change from ALLOW to DENY properly denies the
ftp sessions. 
 
If I change the line to include a spawn:  
  vsftpd : ALL : spawn /bin/echo `/bin/date` >> /tmp/foo.log : ALLOW 
 
the log is appended, but the remote cygwin-on-windows ftp session
continues through interactively getting the password, then hangs until
timed out. The message on the remote machine is:  
 421 Timeout. 
 ftp: Login failed. 
 ftp: No control connection for command: No error 
 
If I change the ALLOW to a DENY, the log entry happens and the ftp
session is properly denied. 
 
What needs to happen to get spawn to work with ALLOW? 

(Tech support has looked at this problem as Service Request 278981)
 

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Add vsftpd entry with spawn and allow to /etc/hosts.allow
2. Start an ftp session to the host (I've only done it remotely)
3. Enter a valid username and password
    

Actual Results:  ftp session hangs until timed out. Log entry happens.

Expected Results:  useable ftp session and log entry

Additional info:
Comment 4 Tomas Janousek 2007-05-25 09:03:10 EDT
Created attachment 155450 [details]
patch

This patch fixes it. I hope it does not introduce any regression, since it
changes the behaviour with regard to signals a little bit. I commited it to
rawhide meanwhile.
Comment 5 Tomas Janousek 2007-05-25 12:01:37 EDT
We can't fix this one in RHEL 3. It will be fixed in 4.6 and 5.1 though.

Note You need to log in before you can comment on or make changes to this bug.