Comment 21 for bug 2069324

Thanks Markus

#1 trying with this now:
in /etc/pam.d/vsftpd:
account optional pam_exec.so debug quiet /root/foo.sh

And
$ chmod +x /root/foo.sh
$ cat /root/foo.sh
#!/bin/bash
/bin/true
touch /tmp/brooks-was-here
/bin/true

By default vsftp is configured for the snakeoil certificate to get started easily, but with ssl disabled. So enable it and restart.

$ sed -i -s -e 's/ssl_enable=NO/ssl_enable=YES/' /etc/vsftpd.conf
$ sudo systemctl restart vsftpd.service

# Using it with ftps (and ignore cert verification as it is the snakeoil cert)

root@o:~# lftp 127.0.0.1
lftp 127.0.0.1:~> set ftp:ssl-force true
lftp 127.0.0.1:~> set ssl:verify-certificate false
lftp 127.0.0.1:~> login ubuntu ubuntu
lftp ubuntu@127.0.0.1:~> dir
-rw-r--r-- 1 0 0 7 Jul 12 06:59 egal
lftp ubuntu@127.0.0.1:~> get egal
7 bytes transferred
lftp ubuntu@127.0.0.1:~>
exit
root@o:~# cat egal
foobar
root@o:~# ll /tmp/brooks-was-here
-rw------- 1 root root 0 Jul 15 12:04 /tmp/brooks-was-here
root@o:~# date
Mon Jul 15 12:04:32 UTC 2024

I checked ftps was enabled e.g. a dir without it was not working:
  530 Non-anonymous sessions must use encryption.

Sadly that means it still works fine.
We still need more from you about what is needed to trigger this hang :-/