Jammy verification

1. Repro issue


root@j:~# apt install lftp vsftpd
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  ssl-cert
The following NEW packages will be installed:
  lftp ssl-cert vsftpd
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 860 kB of archives.
After this operation, 2349 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://archive.ubuntu.com/ubuntu jammy/main amd64 lftp amd64 4.9.2-1build1 [720 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/main amd64 ssl-cert all 1.1.2 [17.4 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy/main amd64 vsftpd amd64 3.0.5-0ubuntu1 [123 kB]
Fetched 860 kB in 1s (851 kB/s)
Preconfiguring packages ...
Selecting previously unselected package lftp.
(Reading database ... 33953 files and directories currently installed.)
Preparing to unpack .../lftp_4.9.2-1build1_amd64.deb ...
Unpacking lftp (4.9.2-1build1) ...
Selecting previously unselected package ssl-cert.
Preparing to unpack .../ssl-cert_1.1.2_all.deb ...
Unpacking ssl-cert (1.1.2) ...
Selecting previously unselected package vsftpd.
Preparing to unpack .../vsftpd_3.0.5-0ubuntu1_amd64.deb ...
Unpacking vsftpd (3.0.5-0ubuntu1) ...
Setting up lftp (4.9.2-1build1) ...
Setting up ssl-cert (1.1.2) ...
Setting up vsftpd (3.0.5-0ubuntu1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/vsftpd.service → /lib/systemd/system/vsftpd.service.
Processing triggers for man-db (2.10.2-1) ...
Scanning processes...                                                                                                                                                                          

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@j:~# sed -i.old '1 i\account optional pam_exec.so debug quiet /root/foo.sh\' /etc/pam.d/vsftpd
root@j:~# cat > /root/foo.sh << EOF
#!/bin/bash
/bin/true
touch /tmp/brooks-was-here
/bin/true
EOF
root@j:~# chmod +x /root/foo.sh
root@j:~# sed -i -s -e 's/ssl_enable=NO/ssl_enable=YES/' /etc/vsftpd.conf
root@j:~# systemctl restart vsftpd.service
root@j:~# echo foobar > /home/ubuntu/egal
root@j:~# echo 'ubuntu:ubuntu' | chpasswd
root@j:~# lftp 127.0.0.1
lftp 127.0.0.1:~>  set ftp:ssl-force true
lftp 127.0.0.1:~> set ssl:verify-certificate false
lftp 127.0.0.1:~> login ubuntu ubuntu
lftp ubuntu@127.0.0.1:~> dir
`ls' at 0 [Sending commands...]

=> hang

2. Install and verify fix

root@j:~# cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
# Enable Ubuntu proposed archive
deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs)-proposed restricted main multiverse universe
EOF
root@j:~# apt update
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:4 http://archive.ubuntu.com/ubuntu jammy-proposed InRelease [279 kB]
Hit:5 http://security.ubuntu.com/ubuntu jammy-security InRelease
Get:6 http://archive.ubuntu.com/ubuntu jammy-proposed/restricted amd64 Packages [436 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy-proposed/restricted Translation-en [81.3 kB]
Get:8 http://archive.ubuntu.com/ubuntu jammy-proposed/restricted amd64 c-n-f Metadata [420 B]
Get:9 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 Packages [293 kB]
Get:10 http://archive.ubuntu.com/ubuntu jammy-proposed/main Translation-en [64.7 kB]
Get:11 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 c-n-f Metadata [1940 B]
Get:12 http://archive.ubuntu.com/ubuntu jammy-proposed/multiverse amd64 Packages [26.3 kB]
Get:13 http://archive.ubuntu.com/ubuntu jammy-proposed/multiverse Translation-en [5556 B]
Get:14 http://archive.ubuntu.com/ubuntu jammy-proposed/multiverse amd64 c-n-f Metadata [352 B]
Get:15 http://archive.ubuntu.com/ubuntu jammy-proposed/universe amd64 Packages [54.9 kB]
Get:16 http://archive.ubuntu.com/ubuntu jammy-proposed/universe Translation-en [24.0 kB]
Get:17 http://archive.ubuntu.com/ubuntu jammy-proposed/universe amd64 c-n-f Metadata [1288 B]
Fetched 1269 kB in 1s (1207 kB/s)                               
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
27 packages can be upgraded. Run 'apt list --upgradable' to see them.
root@j:~# apt install lftp vsftpd
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
lftp is already the newest version (4.9.2-1build1).
The following packages will be upgraded:
  vsftpd
1 upgraded, 0 newly installed, 0 to remove and 26 not upgraded.
Need to get 123 kB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 vsftpd amd64 3.0.5-0ubuntu1.1 [123 kB]
Fetched 123 kB in 0s (863 kB/s)
Preconfiguring packages ...
(Reading database ... 34042 files and directories currently installed.)
Preparing to unpack .../vsftpd_3.0.5-0ubuntu1.1_amd64.deb ...
Unpacking vsftpd (3.0.5-0ubuntu1.1) over (3.0.5-0ubuntu1) ...
Setting up vsftpd (3.0.5-0ubuntu1.1) ...
vsftpd user (ftp) already exists, doing nothing.

vsftpd directory (/srv/ftp) already exists, doing nothing.
Processing triggers for man-db (2.10.2-1) ...
Scanning processes...                                                                                                                                                                          

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@j:~# systemctl status vsftpd
● vsftpd.service - vsftpd FTP server
     Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2024-08-05 05:58:56 UTC; 15s ago
    Process: 2304 ExecStartPre=/bin/mkdir -p /var/run/vsftpd/empty (code=exited, status=0/SUCCESS)
   Main PID: 2305 (vsftpd)
      Tasks: 1 (limit: 38263)
     Memory: 1.7M
        CPU: 9ms
     CGroup: /system.slice/vsftpd.service
             └─2305 /usr/sbin/vsftpd /etc/vsftpd.conf

Aug 05 05:58:56 j systemd[1]: Starting vsftpd FTP server...
Aug 05 05:58:56 j systemd[1]: Started vsftpd FTP server.
root@j:~# lftp 127.0.0.1
lftp 127.0.0.1:~> set ftp:ssl-force true
lftp 127.0.0.1:~> set ssl:verify-certificate false
lftp 127.0.0.1:~> login ubuntu ubuntu
lftp ubuntu@127.0.0.1:~> dir
-rw-r--r--    1 0        0               7 Aug 05 05:55 egal
lftp ubuntu@127.0.0.1:~> get egal
7 bytes transferred                    
lftp ubuntu@127.0.0.1:~> 
exit
root@j:~# ll egal
-rw-r--r-- 1 root root 7 Aug  5 05:55 egal