Bug#929020: SFTP ProFTPD session terminating after 'mkdir /' after upgrade to 1.3.5e+r1.3.5-2+deb8u1

Julian Schustereit schustereit at global-village.de
Wed May 15 12:36:31 BST 2019


Package: proftpd-basic
Version: 1.3.5e+r1.3.5-2+deb8u1

After the upgrade from version '1.3.5e-0+deb8u1' to '1.3.5e+r1.3.5-2+deb8u1' the sftp session is being terminated when using the command 'mkdir /'.

Before the upgrade following error message got displayed: 'Couldn't create directory: Failure' and the session stayed active.

After the upgrade we get the following message from our syslogd displayed in our terminal:
MKDIR / type=unknown;UNIX.mode=0777;: symbol lookup error: /usr/lib/proftpd/mod_sftp.so: undefined symbol: pr_gid2str

We are using the following sftp.conf:

<IfModule mod_sftp.c>
   <VirtualHost 172.31.XXX.XXX XXXX:XXXX::XXX>

     SFTPEngine on
     SFTPPAMEngine off
     SFTPLog /var/log/proftpd/sftp.log

     ServerName "XXXXXXXXXXXX"
     ShowSymlinks on
     AllowOverwrite on
     DefaultRoot ~
     ListOptions "-la"

     # Configure the server to listen on the normal SSH2 port, port 22
     Port 115

     # Configure both the RSA and DSA host keys, using the same host key
     # files that OpenSSH uses.
     SFTPHostKey /etc/ssh/ssh_host_rsa_key
     SFTPHostKey /etc/ssh/ssh_host_dsa_key

     # Configure the file used for comparing authorized public keys of users.
     SFTPAuthorizedUserKeys file:~/.ssh/authorized_keys

     # Enable compression
     SFTPCompression delayed

     # Allow the same number of authentication attempts as OpenSSH.
     #
     # It is recommended that you explicitly configure MaxLoginAttempts
     # for your SSH2/SFTP instance to be higher than the normal
     # MaxLoginAttempts value for FTP, as there are more ways to authenticate
     # using SSH2.
     MaxLoginAttempts 6

     # do not log ftp logins to wtmp
     WtmpLog off

     TransferLog /var/log/proftpd/xferlog
   </VirtualHost>
</IfModule>

The 'mkdir /' command is being used in our backup program and is hardcoded. We can't change the commands that are used.

The used version is Debian 8.11
Linux 3.16.0-8-amd64 #1 SMP Debian 3.16.64-2 (2019-04-01) x86_64 GNU/Linux



More information about the Pkg-proftpd-maintainers mailing list