Re: [Proftpd-user] Proftpd leaving wtmp open

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

> Darn was hoping to send this out before 1.4.3c was released (congrats to 
> all for hard work on that)
> 
> Anyway, we ran into a problem with 1.4.3b on centos 6.3 where we see 
> that every proftp session leaves the wtmp file open
>
> This results in a problem on high volume FTP servers when wtmp is 
> logrotated out (and is very large) and there are clients connected 
> (pretty much always have somebody)

Unfortunately there's not muh that can be done about this -- assuming 
that your client sessions are chrooted.

In order to properly write wtmp records, proftpd has to open a file 
descriptor to the file _before_ a chroot happens (after a chroot, that log 
file will be inaccessible), and then keep the file descriptor open until 
the session closes.  At which time, the proper record can then be written 
out.

The same problem occurs for TransferLog.

To work around the chroot restriction, proftpd would have to start sending 
its log events to some type of local logging daemon, which would be a 
separate process listening on the loopback interface only, which would 
then write to the appropriate destination.  But such a mechanism does not 
currently exist.

TJ

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Know thyself.

   	-Anonymous

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~