Am 09.05.2020 um 15:29 teilte votdev mit: Hi Volker,
> The proftpd daemon writes the pidfile with mode 0666 instead of 0644. > Because of that it is > not possible to stop or restart the daemon with "systemctl stop proftpd" or > "systemctl restart proftpd". The reason is the new security check of > start-stop-deamon > in conjunction with --pidfile. > I'm failing to reproduce all this. root@nas1:~# ls -ld /run/proftpd* drwxr-xr-x 2 root root 40 May 9 16:07 /run/proftpd -rw-r--r-- 1 root root 5 May 9 16:08 /run/proftpd.pid -rw-r--r-- 1 root root 32 May 9 16:08 /run/proftpd.scoreboard -rw-r--r-- 1 root root 0 May 9 16:08 /run/proftpd.scoreboard.lck And stopping / restarting works fine. Is this new w/ deb10u5? I'm not aware of any changes regarding this between deb10u5 & deb10u4. > The following error will be logged to syslog. > > Mai 09 14:42:30 titan proftpd[1296]: Stopping ftp server: > proftpdstart-stop-daemon: matching on world-writable pidfile > /run/proftpd.pid is insecure > Mai 09 14:42:30 titan proftpd[1296]: start-stop-daemon: matching on > world-writable pidfile /run/proftpd.pid is insecure > -- sigfault #206401 http://counter.li.org
signature.asc
Description: OpenPGP digital signature
