Package: vsftpd
Version: 2.0.3-1
Severity: normal
If allowed, vsftpd changes its process name to refrect the current
state. It is then correctly displayed by the `ps' command, but the
syslog messages get crippled in Linux, like this:
Jul 23 08:13:01 hostname .177.102.164: connected: (pam_unix) session
opened for user FTPUSER by (uid=0).
Whereas it should be:
Jul 23 08:13:01 hostname vsftpd: 80.177.102.164: connected: (pam_unix)
session opened for user FTPUSER by (uid=0).
The cut off part --"vsftpd: 80"-- is 10 characters in length, as is
"/usr/sbin/".
The original argv[0] was certainly "/usr/sbin/vsftpd" and GLIBC's
variable __progname was set one char after the last slash in argv[0] by
the initializing function __init_misc() in GLIBC.
First call of syslog() fixes the current pointer __progname into the
private pointer LogTag -- in case LogTag is not previously set by
syslog() indirectly or openlog() directly (using its first argument). At
any time, you could set what you want to be logged using the ident argument.
In vsftpd, pam_open_session() calls syslog() to create the message
above. I do not know, whether it would react in the good way for
previous openlog(argv[0], ...) too...
Therefore, in my opinion the safest way of the processtitle-changing
program under Linux is to:
1) Set __progname = argv[0]; as soon as possible in main() or
set_proc_title_init() at the latest,
2) Now it's up to whether we want to process name to be changed not only
in `ps', but also in the syslog:
- If so, then at the place up to (or inside) init_set_proc_title()
call openlog(__progname_full, ...),
- Otherwise, a fixing call openlog("myprog", ....) should be made as
soon as possible in main().
There should be chosen between these two variants for vsftpd. I'd
prefer not to change the process title in syslog, since, by the current
source, the process title would be also affected by the
(tunable_syslog_enable || tunable_tcp_wrappers) expression in
vsf_log_init(). That's because this expression calls/not calls
"log-title-fixing" openlog("vsftpd", ...).
(I sent this e-mail upstream to [EMAIL PROTECTED], but I got error
response (for another address), so I do not know whether the bugreport
reached him.)
-- System
Information:
Debian Release:
3.1
Architecture: i386
(i686)
Kernel: Linux
2.4.27-1-686
Locale: LANG=en_US, LC_CTYPE=en_US
(charmap=ISO-8859-1)
Versions of packages vsftpd depends
on:
ii adduser 3.63 Add and remove users and
groups
ii libc6 2.3.2.ds1-22 GNU C Library: Shared
libraries
an
ii libcap1 1:1.10-14 support for getting/setting
POSIX.
ii libpam-modules 0.76-22 Pluggable Authentication
Modules
f
ii libpam-runtime 0.76-22 Runtime support for the PAM
librar
ii libpam0g 0.76-22 Pluggable Authentication
Modules
l
ii libssl0.9.7 0.9.7e-3 SSL shared
libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP
wrappers
libra
-- no debconf
information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
