Ubuntu
vsftpd package

vsftpd does not start at boot time when some options require IP or DNS support

Bug #2107406 reported by Alexis Wilke

This bug report will be marked for expiration in 52 days if no further activity occurs. (find out why)

6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
vsftpd (Ubuntu)
Incomplete
Undecided
Unassigned

Bug Description

The current unit section looks like this:

    [Unit]
    Description=vsftpd FTP server
    After=network.target

So it means the network should exist, but after network.target, it may not be up and may not have been assigned IP addresses. What works much better is:

    [Unit]
    Description=vsftpd FTP server
    Wants=network-online.target
    After=network-online.target

This change means:

1. the network is up
2. at least one interface has an IP address (apparently we cannot force all interfaces to be ready)
3. the Wants= also ensures that the network-only.target is actually started (in case vsftp.service is the only service that needs the network)

In my case, I have a specific IP address because I want FTP only on my LAN:

    listen=YES
    listen_port=1234
    listen_address=192.168.203.1

The failure is the 192.168.203.1. The corresponding interface is not up yet so the bind() fails (at least I would imagine that's the point of failure--I did not confirm that).

There is another case on stackoverflow.com:

https://unix.stackexchange.com/a/729419/57773

That one uses an address for the passive setup:

    pasv_addr_resolve=YES
    pasv_address=xxx.yyy.org

which also fails at boot time because the DNS is not yet ready. In that case, though, maybe it is necessary to start After= the resolver. That would probably be this:

    After=network-online.target nss-lookup.target

So the final change would be:

    [Unit]
    Description=vsftpd FTP server
    Wants=network-online.target nss-lookup.target
    After=network-online.target nss-lookup.target

Version: vsftpd_3.0.5-0ubuntu3.1.debian.tar.xz

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 24.04.2 LTS
Release: 24.04
Codename: noble

Revision history for this message
Renan Rodrigo (renanrodrigo) wrote :

Hello, @alexis-m2osw, thanks for reporting this issue.

> The failure is the 192.168.203.1. The corresponding interface is not up yet so the bind() fails (at least I would imagine that's the point of failure--I did not confirm that).

Could you please attach relevant logs, so we could be assertive on what exactly is happening?
Which error do you get? Is it 2/INVALIDARGUMENT, as in the stackoverflow post? What is the output of running
/usr/sbin/vsftpd /etc/vsftpd.conf
in the machine?

Changed in vsftpd (Ubuntu):
status: New → Incomplete
Revision history for this message
Alexis Wilke (alexis-m2osw) wrote :

Yes. The INVALIDARGUMENT is the error I get.

Running the daemon on its own will work since everything is up at that point. Actually, if I just do:

    systemctl start vsftpd

it starts the FTP just fine. But when I reboot it fails unless I changed the Unit as shown above:

    [Unit]
    Description=vsftpd FTP server
    Wants=network-online.target
    After=network-online.target

I could try with a QEMU install to see if it is easy to reproduce that way. There could be some slowness on my main machine for other reasons (like the large HDD, two network cards, 512Gb of RAM... who knows what could delay one thing or another... although most of that should be checked before the network goes up.)

Revision history for this message
Alexis Wilke (alexis-m2osw) wrote :

Okay, I tested with a virsh domain, I even added a second network card to that domain (VM) and it works just fine. So that's not a good way to test. If you do not have a second network card, you may not be able to reproduce the issue on your computer system. It happens every time for me... and was also happening on Ubuntu 22.04 (and possibly older versions too).

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.