Bug 52930 - All passwords are denied
All passwords are denied
Status: CLOSED NOTABUG
Product: Red Hat Linux
Classification: Retired
Component: wu-ftpd (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
David Lawrence
ftp://mhorton.net
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-08-30 18:43 EDT by Mark Horton
Modified: 2007-04-18 12:36 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-08-31 07:58:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark Horton 2001-08-30 18:43:10 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.7 [en] (X11; I; SunOS 5.8 sun4u)

Description of problem:
When upgrading to 7.1, the included uw-ftpd package will
not accept any valid passwords.  It insists they are all
incorrect.  Worked fine in 6.0.



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Install wu-ftpd.
2.Configure firewall to permit FTP
3.Establish a known working user/password combination.
4.Verify /etc/ftpusers and /etc/shells OK.
5.FTP to the server.
6.Log in.

Actual Results:  Password is denied as incorrect.


Expected Results:  Password should be accepted.

Additional info:

Note: I had the same problem with my 6.0 imapd binary.
I got the latest source from UW and rebuilt it - that
solved my problem.  You probably need a rebuild of wu-ftpd
for 7.1 as well.

I'm using shadow passwords.
Comment 1 Bernhard Rosenkraenzer 2001-08-31 03:59:54 EDT
Works perfectly here...

What explanations do you get in syslog?

Comment 2 Mark Horton 2001-08-31 07:58:31 EDT
Thanks for the tip on the log file!  It says:

Aug 31 07:49:41 mhorton ftpd[5348]: FTP LOGIN REFUSED (username in denied-uid)
FROM mrhsun [204.210.244.47], mark

This led me to the ftpaccess file, which is apparently much more strict in
7.1 than in 6.0.  The 7.1 ftpaccess contains the line
	deny-gid %-99 %65534-
which denies practically everybody on my system.  Apparently you now
have a convention that the gid=uid.

Do you have release notes documenting the areas where 7.x isn't upward
compatible with 6.x and pointers to documentation to address them?
That would be very helpful.  This should be added to them, along with
firewall notes, kernel incompatibilities, aic7xxx problems, etc.

I've resolved this problem by deleting the deny-gid line from ftpaccess.
Go ahead and close this bug.
Comment 3 Bernhard Rosenkraenzer 2001-09-03 07:16:00 EDT
In normal use, UIDs < 99 and > 65534 are reserved for system users, so this is 
intentional.
As for release-notes, no, we don't keep a log of those changes at the moment.
Comment 4 Mark Horton 2001-09-04 10:43:10 EDT
This problem, however, was not about UIDs, but about GIDs.
GIDs have normally (historically) been in the 1-100 range.
If you're going to expect users, including admins, to be
only in groups larger than 100, this is a change.
If you're going to expect GID to match UID, this is also
a change.
Comment 5 Bernhard Rosenkraenzer 2001-09-04 10:47:21 EDT
It has been that way forever, at the very least since 5.0.

Note You need to log in before you can comment on or make changes to this bug.