Bug#827550: vsftpd: when executing pam_exec on successfull login vsftp hangs and is not possible to transfer files
Package: vsftpd
Version: 3.0.2-17+deb8u1
Severity: normal
-- Package-specific info:
-- System Information:
Debian Release: 8.5
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.1.25 (SMP w/1 CPU core; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages vsftpd depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.56
ii dialog 1.2-20140911-1
ii init-system-helpers 1.22
ii libc6 2.19-18+deb8u4
ii libcap2 1:2.24-8
ii libpam-modules 1.1.8-3.1+deb8u1+b1
ii libpam0g 1.1.8-3.1+deb8u1+b1
ii libssl1.0.0 1.0.1t-1+deb8u2
ii libwrap0 7.6.q-25
ii netbase 5.3
Versions of packages vsftpd recommends:
ii logrotate 3.8.7-1+b1
ii ssl-cert 1.0.35
vsftpd suggests no packages.
-- Configuration Files:
/etc/pam.d/vsftpd changed:
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
account requisite pam_deny.so
account required pam_permit.so
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session required pam_unix.so
session optional pam_systemd.so
auth [success=2 default=ignore] pam_unix.so nullok_secure
auth optional pam_exec.so debug seteuid log=/tmp/pam_exec.log /tmp/test.sh
auth requisite pam_deny.so
auth required pam_permit.so
auth optional pam_exec.so debug seteuid log=/tmp/pam_exec.log /tmp/test.sh
auth optional pam_cap.so
/etc/vsftpd.conf changed:
listen=YES
listen_address=0.0.0.0
listen_port=21
ftpd_banner=Welcome to FTP server
seccomp_sandbox=NO
syslog_enable=YES
log_ftp_protocol=YES
xferlog_enable=YES
vsftpd_log_file= /var/log/vsftpd.log
secure_chroot_dir=/var/run/vsftpd/empty
session_support=YES
pam_service_name=vsftpd
lock_upload_files=NO
pasv_promiscuous=YES
port_promiscuous=YES
pasv_enable=YES
pasv_min_port=1024
pasv_max_port=2024
write_enable=NO
hide_ids=YES
force_dot_files=YES
local_enable=YES
guest_enable=YES
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd/ftpuser
chroot_local_user=YES
passwd_chroot_enable=YES
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd/ftpuser.conf
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
rsa_cert_file=/etc/vsftpd/vsftpd.pem
anonymous_enable=NO
-- debconf information excluded
Reply to: