Hi! I'm running a strictly potato+security - box with proftpd on it. So far, everything works fine, even chroot()ing users, using a special password-file and such. But as soon as I enable quotas proftpd stops working completely, it grants login and commands as "passive" et al, but even a simple LIST causes it to die immediately. >From the client side this looks like: ftp> ls 200 PORT command successful. 421 Service not available, remote server has closed connection If I run proftpd in full debug mode this is what I get (FQDNs and IPs omitted to protect the guilty ;) ): ka (dump[x.x.x.x]) - USER waldner: Login successful. ka (dump[x.x.x.x]) - mysql: close [0] for mod_sqlpw/2.0 ka (dump[x.x.x.x]) - received: SYST ka (dump[x.x.x.x]) - received: PORT x,x,x,x,8,131 ka (dump[x.x.x.x]) - received: LIST ka (dump[x.x.x.x]) - ProFTPD terminating (signal 11) The configuration seems to parse quite fine: ka (dump[x.x.x.x]) - Config for ka.graffl.net: ka (dump[x.x.x.x]) - Quotas ka (dump[x.x.x.x]) - DefaultQuota ka (dump[x.x.x.x]) - QuotaCalc ka (dump[x.x.x.x]) - QuotaType ka (dump[x.x.x.x]) - QuotaBlockSize ka (dump[x.x.x.x]) - AuthUserFile ka (dump[x.x.x.x]) - AuthGroupFile ka (dump[x.x.x.x]) - RequireValidShell ka (dump[x.x.x.x]) - User ka (dump[x.x.x.x]) - UserName ka (dump[x.x.x.x]) - Group ka (dump[x.x.x.x]) - GroupName ka (dump[x.x.x.x]) - DefaultRoot ka (dump[x.x.x.x]) - AllowOverwrite ka (dump[x.x.x.x]) - Umask ka (dump[x.x.x.x]) - DenyFilter ka (dump[x.x.x.x]) - PathDenyFilter ka (dump[x.x.x.x]) - USER ka (dump[x.x.x.x]) - CURRENT-CLIENTS Also an strace on the child process doesn't reveal anything useful (to me): read(0, "LIST\r\n", 1022) = 6 alarm(0) = 284 alarm(284) = 0 write(2, "ka (dump[6"..., 63) = 63 geteuid() = 1000 --- SIGSEGV (Segmentation fault) --- So, has anyone any idea on what's happening? I can run w/o quotas for some time but I don't really trust my users to behave... cheers+TIA, &rw -- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <rw@coretec.at> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 /
Attachment:
pgphA0EJzlZux.pgp
Description: PGP signature