Bug#119454: general: proftpd
Package: general
Version: 20011113
Severity: important
proftpd does not respect the UserAlias tag inside Anonymous
definition blocks. Virtual host configured as follows:
<VirtualHost ftp.test.com>
ServerName "ftp.test.com"
ServerType standalone
DeferWelcome off
ShowSymlinks on
AllowOverwrite on
Port 21
Umask 022
User root
Group root
<Anonymous /home/ftp>
User ftp
Group ftp
UserAlias anonymous ftp
Umask 022
AllowOverwrite on
AnonRequirePassword on
RequireValidShell off
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
[clip remaining directory controls]
</Anonymous>
</VirtualHost>
debugging output as follows:
(addressing/host info changed)
Nov 13 11:42:09 darkstar proftpd[7791]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - no supplemental groups found for user 'anonymous'
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - connected - local : 10.10.10.2:21
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - connected - remote : 192.168.1.3:34442
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching PRE_CMD command 'USER anonymous' to mod_core
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching PRE_CMD command 'USER anonymous' to mod_auth
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching CMD command 'USER anonymous' to mod_ratio
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching CMD command 'USER anonymous' to mod_auth
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - no supplemental groups found for user 'anonymous'
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - no supplemental groups found for user 'anonymous'
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - dispatching CMD command 'PASS (hidden)' to mod_auth
Nov 13 11:42:40 darkstar proftpd[7804]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - no supplemental groups found for user 'anonymous'
auth.log info:
Nov 13 11:42:09 darkstar proftpd[7791]: ftp.test.com (zuul.stimpy.biz[192.168.1.3]) - USER anonymous: no such user found from zuul.stimpy.biz [192.168.1.3] to 10.10.10.2:21
ii proftpd 1.2.4-1
ii proftpd-common 1.2.4-1
the user ftp is properly defined in /etc/passwd and /etc/group. Logging into the
anonymous chroot as this user /w the appropriate passwd functions as expected.
System Information
Debian Release: testing/unstable
Kernel Version: Linux darkstar 2.4.9 #2 SMP Sun Sep 9 01:08:16 EDT 2001 i686 unknown
Reply to: