Red Hat Bugzilla – Bug 839257
vsftpd doesn't accept legacy ipv4 connections when set to listen on ipv6
Last modified: 2014-11-09 17:35:50 EST
Description of problem: vsftpd doesn't accept legacy ipv4 connections when set to listen on ipv6. Version-Release number of selected component (if applicable): vsftpd-2.2.2-11.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. change listen=YES to listen_ipv6=yes 2. restart vsftpd 3. telnet 127.0.0.1 21 Actual results: Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused telnet: Unable to connect to remote host: Connection refused Expected results: Trying ::1... Connected to chaos.brq.redhat.com (::1). Escape character is '^]'. 220 (vsFTPd 2.2.2) Additional info: This has been broken by bug 592850.
The issue was really introduced intentionally by BZ#592850. The vsftpd can be configured using two configure files. The first one will set listen=YES. The second on will set listen_ipv6=YES. So configured vsftpd will start two instances listening on different IP versions. With respect to intention of BZ#592850 and described solution I close the bug with the status 'wontfix'.
there are more problems then just using two config files. Since vsftpd does not write pid files, there is no way you can have the two services running using the same daemon name. As a work around, I created a softlink to vsftpd6 and install an additional initscript that uses prog=vsftpd6. spec file and vsftpd6.init attached. This change allows me to properly run v4 and v6 with the current patched vsftpd code. Hoever, I concur with #592850 that it should just listen to both v4 and v6 using one daemon and one config file. But if you're unwilling to do so, at least apply the attached files to properly run 2 separate services.
Created attachment 633003 [details] vsftpd init script for ipv6
Created attachment 633004 [details] vsftpd spec file with ipv6 update
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux.
https://fedorahosted.org/fesco/ticket/693 Fesco seemed to have agreed for the fedora branches.....
(In reply to comment #9) > there are more problems then just using two config files. Since vsftpd does > not write pid files, there is no way you can have the two services running > using the same daemon name. > > As a work around, I created a softlink to vsftpd6 and install an additional > initscript that uses prog=vsftpd6. > Hi Paul, there is no necessity to have more initscripts for particular instances of vsftpd. This is enough to create two or more config files in /etc/vsftpd directory that pass to mask *.conf. (e. g. vsftpd.conf, vsftpd1.conf). Using 'service vsftpd start' will start appropriate number of daemon instances to number of correct configuration files. You are able to have more running daemons and each of them is listening on different IP version, address or port. You can split configuration for listening to port 21 & 990 (ftp & ftps) and a lot of other variation. If you have a trouble with starting more vsftpd instances and you are convinced this is a bug, please, open new bug and put there your conf files and other details necessary for reproducing. I currently have no issue with running more instances. Best regards Jiri
sigh The FESCO decision makes sense. We should not have multiple init scripts or multiple config files to support v4 and v6. If I enable vsftpd, it should be enabled for v4 and v6, using a single config file. I'm not sure why you excluded the RHEL branch from FESCO's advise. It seems petty Supporting multiple conf files is fine, requiring multiple config files for the simple case of running ftp on 4+6 is not.