Red Hat Bugzilla – Bug 79118
vsftpd package not designed to run standalone
Last modified: 2014-03-16 22:32:48 EDT
From Bugzilla Helper: User-Agent: Mozilla/5.0 Galeon/1.2.6 (X11; Linux i686; U;) Gecko/20020830 Description of problem: The vsftpd package, as it is provided in the RH install kit, can be run only from xinetd. There is no init.d script to run vsftpd standalone. Running from xinetd is not that bad per se, but this way you loose one of the greatest features of vsftpd: security. Not to mention scalability, because i'm sure vsftpd can cope with much higher loads when running standalone, as opposed to be launched from xinetd. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.Try to configure vsftpd to run standalone 2. 3. Actual Results: There's no init.d script included with the package to run vsftpd standalone. Expected Results: The package should include a init.d script. Additional info: Please modify the package to provide standalone capability. It would be nice to provide both (xinetd and standalone). If i were to choose one, i'd choose standalone. It's better to give people solutions that are secure by default.
Here's are some quotes from e-mails from Chris Evans: ########################################## > Why do you recommend to run vsftpd from xinetd? > Isn't it better to run it standalone, both from a > security perspective > (less things to care about) and performance (less > fork()/exec() stuff)? I guess that recommendation has now expired! The reason was for some (often required) xinetd features such as "connections limit per IP" and "total connections limit" As of vsftpd-1.1.3, these vital features are implemented in the built-in listener. ########################################## No reason to run vsftpd from xinetd now. ;-)
Changed in 1.1.3-1.