Your message dated Mon, 28 Apr 2014 15:22:35 +0200
with message-id <[email protected]>
and subject line Fixed upstream
has caused the Debian Bug report #672257,
regarding proftpd-basic: Causes 100% CPU usage, reading file stats very slowly
and using a lot of RAM, possible DoS
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
672257: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672257
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: proftpd-basic
Version: 1.3.1-17lenny9
Severity: normal
Tags: squeeze
I think this is the same problem as reported here
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=630091
But happens even without HideFiles pattern set in teh current stable version of
proftpd-basic when accessing a folder with a a lot of files in it (1000+).
The log gives this pattern:
FS: using system stat()
AllowOverride allows all .ftpaccess files
FS: using system stat()
FS: using system access()
FS: using system stat()
FS: using system lstat()
Endlessly repeating. Until a resource limit is hit (if one is set).
It looks like this has been fixed upstream (Fixed in 1.3.3d, released
17-Dec-2010) so wondering why this is not in Debian squeeze.
Sorry for marking this as critical but it renders FTP unusable and needs to be
fixed urgently.
Workaround: downgrade to lenny version.
Regards and keep up the good work,
Michael
-- System Information:
Debian Release: 6.0.4
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages proftpd-basic depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii debconf 1.5.36.1 Debian configuration management sy
ii debianutils 3.4 Miscellaneous utilities specific t
ii libacl1 2.2.49-4 Access control list shared library
ii libattr1 1:2.4.44-2 Extended attribute shared library
ii libc6 2.11.3-2 Embedded GNU C Library: Shared lib
ii libcap1 1:1.10-14 support for getting/setting POSIX.
ii libncurses5 5.7+20100313-5 shared libraries for terminal hand
ii libpam-runtime 1.1.1-6.1+squeeze1 Runtime support for the PAM librar
ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules l
ii libssl0.9.8 0.9.8o-4squeeze12 SSL shared libraries
ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra
ii netbase 4.45 Basic TCP/IP networking system
ii sed 4.2.1-7 The GNU sed stream editor
ii ucf 3.0025+nmu1 Update Configuration File: preserv
ii update-inetd 4.38+nmu1+squeeze1 inetd configuration file updater
proftpd-basic recommends no packages.
Versions of packages proftpd-basic suggests:
ii openssl 0.9.8o-4squeeze12 Secure Socket Layer (SSL) binary a
pn proftpd-doc <none> (no description available)
pn proftpd-mod-ldap <none> (no description available)
pn proftpd-mod-mysql <none> (no description available)
pn proftpd-mod-pgsql <none> (no description available)
-- Configuration Files:
/etc/cron.monthly/proftpd [Errno 2] No such file or directory:
u'/etc/cron.monthly/proftpd'
-- debconf information:
* shared/proftpd/inetd_or_standalone: standalone
--- End Message ---
--- Begin Message ---
Package: proftpd-dfsg
Version: 1.3.3d-1
This is fixed in upstream new versions due to #3526 fix.
--
Francesco P. Lovergine
--- End Message ---
