vsftpd backport from Jessie to Wheezy

To: debian-backports@lists.debian.org
Subject: vsftpd backport from Jessie to Wheezy
From: Torbjørn Thorsen <torbjorn@trollweb.no>
Date: Tue, 25 Mar 2014 14:15:11 +0100
Message-id: <[🔎] CAD2iGhUXzdG1g46EUyrdMP49DwAVkx=q1E5oanUXKU5HXm1VwA@mail.gmail.com>

Hello.

I'm running a configuration of vsftpd which uses chroot() and a
writable root directory.
This configuration was fully supported on Squeeze, which has vsftpd at
2.3.2+squeeze2.

Looking at the changelog[1] for 2.3.4, one sees the following changes:
"Add stronger checks for the configuration error of running with a writeable
root directory inside a chroot(). This may bite people who carelessly turned
on chroot_local_user but such is life"

This breaks the configuration I'm running, maybe rightly so, and
doesn't leave one with a way to enable it again.
>From the same changelog[1], we can see that 2.3.5 brings an option to
allow the previously denied configuration: "
Add new config setting "allow_writeable_chroot" to help people in a bit of
a spot with the v2.3.5 defensive change".

Debian Wheezy ships 2.3.5-3, which should support the
"allow_writable_chroot" directive. Using the directive, however, seems
to crash[2] vsftpd on user login.

As far as I can see, this leaves Debian Wheezy with a vsftpd package
that can not support my intended configuration, which in my opinion
represents a regression.
Although the configuration isn't exactly recommended by vsftpd, I
believe the configuration is pretty common.
Searching around for a solution unveiled that Ubuntu 12.03 LTS seems
to have the same problem, with PPA and patches being seemingly popular
solutions.

I tried backporting vsftpd 3.0.2-20deb8u1 from Jessie to Wheezy, and
that seemed to work very nicely.
I followed the wiki article on making a simple backport[3], no problems there.
I installed the package on a few boxes, and they seem to be working as intended.

Is there any interest in bringing this backported package into the
official backports ?
I would love to not maintain it outside the official repos, and it
would mean that Debian Wheezy would support that configuration using
the official channels.

[1]: https://security.appspot.com/vsftpd/Changelog.txt
[2]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735191
[3]: https://wiki.debian.org/SimpleBackportCreation

-- 
Vennlig hilsen
Torbjørn Thorsen
Utvikler / driftstekniker

Trollweb Solutions AS
- Professional Magento Partner
www.trollweb.no

Telefon dagtid: +47 51215300
Telefon kveld/helg: For kunder med Serviceavtale

Besøksadresse: Luramyrveien 40, 4313 Sandnes
Postadresse: Maurholen 57, 4316 Sandnes

Husk at alle våre standard-vilkår alltid er gjeldende

Reply to:

Follow-Ups:
- Re: vsftpd backport from Jessie to Wheezy
  - From: Vincent Cheng <vcheng@debian.org>
- Re: vsftpd backport from Jessie to Wheezy
  - From: Gerfried Fuchs <rhonda@deb.at>

Prev by Date: Re: Crash with XBMC from backports
Next by Date: emacs24 for wheezy-backports
Previous by thread: ipvsadm backport for wheezy
Next by thread: Re: vsftpd backport from Jessie to Wheezy
Index(es):
- Date
- Thread