Bug#1119295: erases all (user) data from /srv/ftp when purged

Evgeni Golov evgeni at debian.org
Tue Oct 28 19:16:01 GMT 2025 

Package: proftpd-core
Version: 1.3.9~dfsg-3
Severity: grave
X-Debbugs-Cc: evgeni at debian.org
Control: found -1 1.3.8.c+dfsg-4

Ohai,

proftpd-core.postrm contains (since [1]) the following snippet:

if [ "$1" = "purge" ]
then
    …
    rm -rf /etc/proftpd 
    rm -rf /var/log/proftpd
    rm -rf /srv/ftp
    rm -f /etc/logrotate.d/proftpd-core
    userdel --remove --force proftpd || true
    userdel ftp || true
fi

The `rm -rf /srv/ftp` part results in *all* data from /srv/ftp being
purged, not only the one related to the package itself. This can lead to
serious data loss if people decide to use /srv/ftp as the root of their
FTP server (e.g. as suggested by the Anonymous example in proftpd.conf).

I think purging proftpd-core should only remove files that were placed
in /srv/ftp by proftpd-core (welcome.msg) and remove the directory only
if it is empty afterwards (rm -f /srv/ftp/welcome.msg; rmdir
--ignore-fail-on-non-empty /srv/ftp).

For historical reference: this was reported once in the past already as
[2], got fixed [3], but now regressed again.

Thanks for maintaining ProFTPD!

Evgeni


[1] https://salsa.debian.org/debian-proftpd-team/proftpd/-/commit/9dbf3b40750465e3680601ee55df9e49624de072
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655514
[3] https://salsa.debian.org/debian-proftpd-team/proftpd/-/commit/99fbc334eace80d1e99302b8b9ecc987d45d73a5


-- System Information:
Debian Release: forky/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.12.38+deb13-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Permissive - Policy name: default

Versions of packages proftpd-core depends on:
ii  adduser               3.152
ii  init-system-helpers   1.68
ii  libacl1               2.3.2-2+b1
ii  libc6                 2.41-12
ii  libcap2               1:2.75-10+b1
ii  libcrypt1             1:4.4.38-1
ii  libhiredis1.1.0       1.2.0-6+b3
ii  libidn2-0             2.3.8-2
ii  libmemcached11t64     1.1.4-1.1+b2
ii  libmemcachedutil2t64  1.1.4-1.1+b2
ii  libncursesw6          6.5+20250216-2
ii  libpam-runtime        1.7.0-5
ii  libpam0g              1.7.0-5
ii  libpcre2-8-0          10.45-1
ii  libpcre2-posix3       10.45-1
ii  libssl3t64            3.5.2-1
ii  libtinfo6             6.5+20250216-2
ii  netbase               6.5
ii  ucf                   3.0052
ii  zlib1g                1:1.3.dfsg+really1.3.1-1+b1

Versions of packages proftpd-core recommends:
pn  proftpd-doc  <none>

Versions of packages proftpd-core suggests:
pn  openbsd-inetd | inet-superserver  <none>
ii  openssl                           3.5.2-1
pn  proftpd-mod-crypto                <none>
pn  proftpd-mod-geoip                 <none>
pn  proftpd-mod-ldap                  <none>
pn  proftpd-mod-mysql                 <none>
pn  proftpd-mod-odbc                  <none>
pn  proftpd-mod-pgsql                 <none>
pn  proftpd-mod-snmp                  <none>
pn  proftpd-mod-sqlite                <none>
pn  proftpd-mod-wrap                  <none>

-- no debconf information

More information about the Pkg-proftpd-maintainers mailing list