Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 60708 - identd delays caused by xinetd config
identd delays caused by xinetd config
Product: Red Hat Linux
Classification: Retired
Component: wu-ftpd (Show other bugs)
All Linux
medium Severity low
: ---
: ---
Assigned To: wdovlrrw
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2002-03-05 00:08 EST by Ian Mortimer
Modified: 2007-04-18 12:40 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-03-05 00:08:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ian Mortimer 2002-03-05 00:08:19 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-21 i686)

Description of problem:
The default xinetd config /etc/xinetd.d/wu-ftpd add USERID as a log option for
success or failure.  This causes xinetd to attempt an identd (auth) connection
to the
connecting host.  This fails when the host isn't running an identd daemon or is
behind a
firewall blocking identd connections.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Make an ftp connection from a host without an identd daemon or one behind a
2.Start tcpdump or some other packet sniffer on the connection.

Actual Results:  There is a long delay before the ftp server responds.  tcpdump
shows attempts by the ftp server to connect to identd (tcp port 113).

Expected Results:  identd should not be invoked.  It's a security problem and
forcing clients 
to run it or suffer delays if they don't is a bad idea.

Additional info:

This was reported (by someone else) as a problem with xinetd (bug #55936).
However  the problem is not with xinetd itself but with the configuration of
various daemons which require it to initiate an identd connection.
Comment 1 Bernhard Rosenkraenzer 2002-03-12 05:20:23 EST
Agreed, turned off in 2.6.2-5

Note You need to log in before you can comment on or make changes to this bug.