Bug#929020: SFTP ProFTPD session terminating after 'mkdir /' after upgrade to 1.3.5e+r1.3.5-2+deb8u1
Julian Schustereit
schustereit at global-village.de
Wed May 15 12:36:31 BST 2019
Package: proftpd-basic
Version: 1.3.5e+r1.3.5-2+deb8u1
After the upgrade from version '1.3.5e-0+deb8u1' to '1.3.5e+r1.3.5-2+deb8u1' the sftp session is being terminated when using the command 'mkdir /'.
Before the upgrade following error message got displayed: 'Couldn't create directory: Failure' and the session stayed active.
After the upgrade we get the following message from our syslogd displayed in our terminal:
MKDIR / type=unknown;UNIX.mode=0777;: symbol lookup error: /usr/lib/proftpd/mod_sftp.so: undefined symbol: pr_gid2str
We are using the following sftp.conf:
<IfModule mod_sftp.c>
<VirtualHost 172.31.XXX.XXX XXXX:XXXX::XXX>
SFTPEngine on
SFTPPAMEngine off
SFTPLog /var/log/proftpd/sftp.log
ServerName "XXXXXXXXXXXX"
ShowSymlinks on
AllowOverwrite on
DefaultRoot ~
ListOptions "-la"
# Configure the server to listen on the normal SSH2 port, port 22
Port 115
# Configure both the RSA and DSA host keys, using the same host key
# files that OpenSSH uses.
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
# Configure the file used for comparing authorized public keys of users.
SFTPAuthorizedUserKeys file:~/.ssh/authorized_keys
# Enable compression
SFTPCompression delayed
# Allow the same number of authentication attempts as OpenSSH.
#
# It is recommended that you explicitly configure MaxLoginAttempts
# for your SSH2/SFTP instance to be higher than the normal
# MaxLoginAttempts value for FTP, as there are more ways to authenticate
# using SSH2.
MaxLoginAttempts 6
# do not log ftp logins to wtmp
WtmpLog off
TransferLog /var/log/proftpd/xferlog
</VirtualHost>
</IfModule>
The 'mkdir /' command is being used in our backup program and is hardcoded. We can't change the commands that are used.
The used version is Debian 8.11
Linux 3.16.0-8-amd64 #1 SMP Debian 3.16.64-2 (2019-04-01) x86_64 GNU/Linux
More information about the Pkg-proftpd-maintainers
mailing list