On 10/23/2017 01:31 PM, Michael Biebl wrote: > Am 23.10.2017 um 12:21 schrieb Julien Cristau: >> Package: systemd >> Version: 232-25+deb9u1 >> User: [email protected] >> Usertag: needed-by-DSA-Team >> >> It looks like systemd has a race condition where instead of giving up >> gracefully when a client goes away, it enters a bogus failure mode. > > Please share the complete service file you are using and describe in > more detail what's happening. > Can you provide a minimal test case which would allow to reproduce the > error and explain what kind of behaviour you expect. > 1) service file
# /etc/systemd/system/[email protected] [Unit] Description=vsftpd security [Service] ExecStart=-/usr/sbin/vsftpd /etc/vsftpd-security.conf StandardInput=socket StandardError=journal CapabilityBoundingSet=CAP_SYS_CHROOT CAP_SETUID CAP_SETGID PrivateDevices=true ProtectHome=true ProtectSystem=full # /etc/systemd/system/vsftpd-security.socket [Unit] Description=vsftpd security (socket) [Socket] ListenStream=149.20.4.14:21 ListenStream=[2001:4f8:1:c::14]:21 Accept=true FreeBind=true MaxConnections=200 [Install] WantedBy=sockets.target 2) what I expect is for the service not to end up in a failed state for something which, as far as I can tell, is not an error condition. I expect that if a remote client goes away before systemd can exec vsftpd (which is what the error messages hint at; if that's not what's going on, then there's a separate bug that the errors are misleading), it should treat that as business as usual, and basically ignore it. Cheers, Julien
