[24628] in Athena Bugs
linux 9.2.20: anonftpd fails
daemon@ATHENA.MIT.EDU (John Hawkinson)
Fri Oct 10 17:41:00 2003
Date: Fri, 10 Oct 2003 17:01:04 -0400 (EDT)
Message-Id: <200310102101.RAA26839@multics.mit.edu>
To: bugs@mit.edu
From: John Hawkinson <jhawk@MIT.EDU>
A user came into the SIPB office yesterday afternoon after having
struggled for a month (!) with OLC to get anonymous ftp working on his
Athena linux 9.2.20 machine.
As far as I can conclude, the Athena kerberized ftpd is broken
and cannot properly handle anonftp.
Most seriously, it appeared to fail very strangly (closing the
connection immediately) ~80% of the time when a client executed a
"DIR" command, giving ENC (an authenticated ftp subcommand)
errors. But about ~20% of the time it worked. It syslogged kernel
messages regarding SIGCHLD being SIG_IGN's and a wait(2) workaround
being applied. ftpd -d was not helpful. Running ftpd under strace made
the problems go away. It appeared that he followed the reasonable
instructions on setting up ftpd (including handling shared libraries),
and I could find nothing wrong with his installation, and wasn't about
to try running it under a debugger.
Instead, we installed the vsftpd rpm from /afs/athena/system and went
on our merry way.
(The instructions in the PWOG, by the way, are solaris-specific and
should be *shot* by someone).
As a minor issue, we also observed that /bin/ls, when copied to a
chrooted environment with the 3 shared objects ldd reports it depends
upon, as well as /etc/passwd, /etc/group, and /etc/nsswitch.conf,
failed to do numeric->string translation on uids or gids. An strace
showed that it did not attempt to read the password file.
We didn't investigate that problem very deeply since vsftpd uses a
builtin ls. Nonetheless, running "chroot /home/ftp /bin/ls" should
have done better than it did, and something is probably broke nthere,
as well.
--jhawk
