Ubuntu
vsftpd package

vsftpd 2.2.2-3ubuntu4 fails to upgrade because no ftp group

Bug #530832 reported by John Edwards
30
This bug affects 4 people
Affects Status Importance Assigned to Milestone
vsftpd (Ubuntu)
Fix Released
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned

Bug Description

Binary package hint: vsftpd

During an upgrade from Ubuntu 8.04 to Ubuntu 10.04 the vsftpd failed to upgrade cleanly:
--------
Installing new version of config file /etc/pam.d/vsftpd ...
vsftpd user (ftp) already exists, doing nothing.
chown: invalid group: `root:ftp'
dpkg: error processing vsftpd (--configure):
 subprocess installed post-installation script returned error exit status 1
--------

The ftp group does not exist on Ubuntu 8.04 and is not created during or after the upgrade to Ubuntu 10.04. The primary group of the ftp user is exactly the nobody group.

I think the problem is cause by the /var/lib/dpkg/info/vsftpd.postinst script assuming that the ftp user has an ftp group:
--------
                db_get vsftpd/username
                _USERNAME="${RET:-ftp}"
--------

And later in the same script:
--------
                        mkdir -p "${_DIRECTORY}"
                        chown root:${_USERNAME} ${_DIRECTORY} -R
--------

I think the most obvious fix is to create a new _GROUP variable which would default to an existing group and use this in the chown command. I'm not sure if the nobody group is the best group for this.

Related branches

lp:ubuntu/lucid/vsftpd
Mathias Gug (mathiaz)
Changed in vsftpd (Ubuntu):
importance: Undecided → Medium
Chuck Short (zulcss)
Changed in vsftpd (Ubuntu Lucid):
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vsftpd - 2.2.2-3ubuntu5

---------------
vsftpd (2.2.2-3ubuntu5) lucid; urgency=low

  [Chuck Short]
  * debian/vsftpd.postinst: Add a group from the username selected by the user. (LP: #530832)
  * debian/patches/09-disable-anonymous.patch: Disable anonymous login by default. (LP: #528860)

  [Andres Rodriguez]
  * Add apport hook (LP: #531978):
    - debian/vsftpd.apport: Added.
    - debian/control: Build-depends on dh-apport.
    - debian/rules: Add --with apport.
 -- Chuck Short <email address hidden> Mon, 15 Mar 2010 15:16:32 -0400

Changed in vsftpd (Ubuntu Lucid):
status: Fix Committed → Fix Released
Revision history for this message
Jean-Baptiste Lallement (jibel) wrote :

According to recent duplicate report #606630 this is still an issue with vsftpd 2.2.2-3ubuntu6 when upgrading from 8.04 to 10.04

Revision history for this message
John Edwards (john-cornerstonelinux) wrote :

Jean-Baptiste Lallement , can you explain why you think bug #606630 is caused by this problem?

There are many reasons why the post installation script will error. You need to look at it's output to find out what is causing this.

I am removing the duplicate flags until the error is shown to be the same.

Revision history for this message
Jean-Baptiste Lallement (jibel) wrote :

John, this is the same error because the fix for this bug doesn't correctly check if the default user/group 'ftp' exits.

To reproduce :
$ sudo adduser --system --group ftpd
$ sudo apt-get install vsftpd

In postinst the following line is wrong
if ! getent passwd | grep -q "^${_USERNAME}"
and should be at least
if ! getent passwd | grep -qw "^${_USERNAME}"
or simply:
if ! getent passwd "${_USERNAME}"

Same thing for checking the existence of the group. BTW the problem still exists in 10.10.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.