244686 – Uploaded files are created with wrong perms in vsftpd 1.2.1-3E.12

Bug 244686 - Uploaded files are created with wrong perms in vsftpd 1.2.1-3E.12

Summary: Uploaded files are created with wrong perms in vsftpd 1.2.1-3E.12

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	vsftpd
Sub Component:
Version:	3.9
Hardware:	i386
OS:	Linux
Priority:	high
Severity:	urgent
Target Milestone:	---
Assignee:	Maros Barabas
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	247786 248061 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-06-18 15:13 UTC by hellsing
Modified:	2018-11-29 19:48 UTC (History)
CC List:	11 users (show)
Fixed In Version:	RHBA-2007-0757
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-07-27 17:13:23 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Patch to correct upload permissions (655 bytes, patch) 2007-06-28 09:48 UTC, Maros Barabas	no flags	Details \| Diff
Replacement for rename patch to correct filehandle leak (1.55 KB, patch) 2007-06-28 11:25 UTC, Martin Poole	no flags	Details \| Diff
Replacement for upload_perms patch to correct permissions problem (2.66 KB, patch) 2007-06-28 11:26 UTC, Martin Poole	no flags	Details \| Diff
Better patch (529 bytes, text/x-patch) 2007-06-28 12:31 UTC, Maros Barabas	no flags	Details
Updated replacement for upload_perms patch (3.06 KB, patch) 2007-06-28 13:40 UTC, Martin Poole	no flags	Details \| Diff
Show Obsolete (3) View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2007:0757	0	normal	SHIPPED_LIVE	vsftpd bug fix update	2007-07-27 17:13:09 UTC

Description hellsing 2007-06-18 15:13:50 UTC

Description of problem:

With the last update of vsftpd service, uploaded files are created with 000
rights even if local_umask=002 for example (i refuse anonymous login).

Version-Release number of selected component (if applicable):

vsftpd 1.2.1-3E.12

How reproducible:

All the time i upload files.

Steps to Reproduce:
1. update vsftpd to version 1.2.1-3E.12
2. login to your ftp server
3. upload files and look at the perms
  
Actual results:

with local_umask=002
files created are with perms 000

Expected results:

with local_umask=002
files' rights have to be 664

Additional info:

Comment 1 Craig McElroy 2007-06-18 23:48:55 UTC

We are experiencing this as well and have downgraded back to 1.2.1-3E.6 for the
time being.

Comment 2 Marcelo Giles 2007-06-20 23:28:08 UTC

Same thing. Same package version (vsftpd-1.2.1-3E.12.i386.rpm), same behavior.

Comment 3 Richard Bullington-McGuire 2007-06-21 03:45:00 UTC

I have also experienced this issue.

The unexpected file permissions are not always 000, sometimes they are 065.
Changing local_umask seems to have no effect at all on what the file permissions
end up being.

Comment 4 Mathieu Legaré 2007-06-21 13:25:46 UTC

we're having the same problem. upload file permissions seems pretty random. we
had to downgrade vsftpd.(In reply to comment #0)

Comment 5 Ernie Joynt 2007-06-21 17:24:55 UTC

This problem caused a critical data delivery problem for us.  The severity needs
to be raised to urgent. We'll downgrade, but that is not an acceptable solution
for us.

Comment 7 James Page 2007-06-27 10:39:50 UTC

Ditto the above symptom - caused numerous issues with incoming ftp transfers
over the last few days - have backed out to .6 - please raise the priority of
the issue for resolution

Comment 8 Maros Barabas 2007-06-28 09:48:49 UTC

Created attachment 158105 [details]
Patch to correct upload permissions

Please try this patch. Thanks

Comment 10 Martin Poole 2007-06-28 11:25:36 UTC

Created attachment 158110 [details]
Replacement for rename patch to correct filehandle leak

Comment 11 Martin Poole 2007-06-28 11:26:49 UTC

Created attachment 158111 [details]
Replacement for upload_perms patch to correct permissions problem

Comment 13 Maros Barabas 2007-06-28 12:31:16 UTC

Created attachment 158117 [details]
Better patch

vsftpd-1.2.1-rename.patch and vsftpd-1.2.1-upload_perms.patch stay unchanged.

Comment 17 Martin Poole 2007-06-28 13:40:55 UTC

Created attachment 158123 [details]
Updated replacement for upload_perms patch

This fixes both the permission problem and the handle leak.

Comment 21 Michael Mayer 2007-07-06 16:19:44 UTC

Usage of the test packages in IT#125010 solved the problem for quite a few of my
customers.

Comment 22 Michael Mayer 2007-07-06 16:21:07 UTC

Usage of the test packages in IT#125010 solved the problem for all three of my
customers who had the problem. Any chances to get a supported update released ?

Comment 25 Maros Barabas 2007-07-12 08:03:30 UTC

*** Bug 247786 has been marked as a duplicate of this bug. ***

Comment 26 Chris Langlands 2007-07-12 08:20:52 UTC

New RPM today? :)

Comment 27 Maros Barabas 2007-07-13 07:14:20 UTC

*** Bug 248061 has been marked as a duplicate of this bug. ***

Comment 28 Gunther Schlegel 2007-07-17 09:02:08 UTC

this is urgent...

Comment 33 Chris Langlands 2007-07-21 14:08:50 UTC

isn't this dragging on a bit?  it's a pretty nasty bug, introduced with U9.

Comment 36 RHEL Program Management 2007-07-23 10:10:47 UTC

This bugzilla has Keywords: Regression.  

Since no regressions are allowed between releases, 
it is also being marked as a blocker for this release.  

Please resolve ASAP.

Comment 38 Kenny Ferguson 2007-07-24 17:47:38 UTC

I should note that rebuilding from 1.2.1-3E.12 src rpm with the patches kindly
provided, or just trying to build the src rpm period, fails:

[kf@joyce rpm]$ cat /etc/issue
Red Hat Enterprise Linux ES release 3 (Taroon Update 9)

[kf@joyce rpm]$ rpmbuild -ba SPECS/vsftpd.spec

...sysdeputil.c: In function `capset':
sysdeputil.c:152: can't find a register in class `BREG' while reloading `asm'
make: *** [sysdeputil.o] Error 1
make: *** Waiting for unfinished jobs....
error: Bad exit status from /var/tmp/rpm-tmp.52068 (%build)


RPM build errors:
    Bad exit status from /var/tmp/rpm-tmp.52068 (%build)...

Comment 39 Kenny Ferguson 2007-07-24 23:59:50 UTC

Nevermind...  was broken dependency.  Needed libcap-devel

(In reply to comment #38)
> I should note that rebuilding from 1.2.1-3E.12 src rpm with the patches kindly
> provided, or just trying to build the src rpm period, fails:
> 
> [kf@joyce rpm]$ cat /etc/issue
> Red Hat Enterprise Linux ES release 3 (Taroon Update 9)
> 
> [kf@joyce rpm]$ rpmbuild -ba SPECS/vsftpd.spec
> 
> ...sysdeputil.c: In function `capset':
> sysdeputil.c:152: can't find a register in class `BREG' while reloading `asm'
> make: *** [sysdeputil.o] Error 1
> make: *** Waiting for unfinished jobs....
> error: Bad exit status from /var/tmp/rpm-tmp.52068 (%build)
> 
> 
> RPM build errors:
>     Bad exit status from /var/tmp/rpm-tmp.52068 (%build)...

Comment 41 Red Hat Bugzilla 2007-07-27 17:13:24 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0757.html

Note You need to log in before you can comment on or make changes to this bug.