Bug#717235: proftpd requests the whole passwd database at each login
Hilmar Preusse
hille42 at web.de
Fri Sep 16 14:04:50 UTC 2016
tags 717235 + fixed-upstream
# in 1.3.6rc2
stop
On 08.01.16 Marco d'Itri (md at linux.it) wrote:
> On Sep 17, Marco d'Itri <md at linux.it> wrote:
Hi all,
> > > After I switched from libnss-ldap to libnss-ldapd I noticed that at
> > > every login proftpd requests the whole content of the passwd database
> > > (i.e. like running "getent passwd).
> > > This is evident from the nslcd debugging log ("passwd(all)").
> > Are there any news about fixing this?
> > This bug prevents using proftpd on systems with a large users database.
>
> Since there has been no reaction from the maintainer in 2.5 years
> I intend to NMU proftpd in the next future and apply the patch in this
> bug. (And also fix #804322).
>
Current implementation in 1.3.6rc2 looks like this:
static void ensure_open_passwd(pool *p) {
/* Make sure pass/group is open. */
pr_auth_setpwent(p);
pr_auth_setgrent(p);
/* On some unices the following is necessary to ensure the files
* are open (BSDI 3.1)
*/
pr_auth_getpwent(p);
pr_auth_getgrent(p);
/* Per Debian bug report:
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717235
* we might want to do another set{pw,gr}ent(), to play better with
* some NSS modules.
*/
pr_auth_setpwent(p);
pr_auth_setgrent(p);
}
I guess I can simply replace the ensure_open_passwd() function in
1.3.5 by than one, right? Please confirm, patch will be in next
upload then.
H.
--
sigmentation fault
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-proftpd-maintainers/attachments/20160916/bccb60db/attachment.sig>
More information about the Pkg-proftpd-maintainers
mailing list