vsftpd 421 Service not available, remote server has closed connection

操作系统CentOS从5.3升级到5.4后,vsftpd也从vsftpd-2.0.5-12.el5_3.1.x86_64升级到vsftpd-2.0.5-16.el5.x86_64,配置文件未变化,但是正常用户登录后提示:
 $ ftp quwenqing.com
Connected to quwenqing.com (x.x.x.x).
220 (vsFTPd 2.0.5)
Name (quwenqing.com:test):
530 Please login with USER and PASS.
SSL not available
331 Please specify the password.
Password:
230 Login successful.
421 Service not available, remote server has closed connection
ftp> quit


日志提示用户登录成功。
出现这个问题后一直没有找到解决方案,所以采用临时解决方案,将vsftpd文件更换为历史版本,登录正常。
近期将CentOS升级到5.5,又想起这问题,潜心google了一下,发现这个问题已经做为bug提交过,解决方案是配置   connect_from_port_20=YES ,一试,果然一切OK。


Description of problem:

When specific options are set in the configuration file, vsftpd prematurely
closes connection. This is caused by a parent process of process (child)
responsible for handling post-auth commands and a patch which influence
behaviour of the child.

The parent process (responsible for e.g. binding to port 20 in active mode)
tries to drop privileges, but due to specific config options (mentioned bellow)
it does terminate (calls exit()). The following patch:

vsftpd-2.0.5-stop_proc.patch

backports some new code from the upstream (one of changes between 2.0.7 and
2.1.0), which is responsible for sending termination signal to child when its
parent die, it means it also terminates the child (which handles post-auth
commands).

The bug occurs only when the following options have the exact values:

chown_uploads=NO
connect_from_port_20=NO
max_per_ip=0
max_clients=0


Version-Release number of selected component (if applicable):

RHEL5 (vsftpd-2_0_5-16_el5)

Additional info:

the attached patch solves the issue

This bug is time dependent, it depends on context switching, so that if parrent
calls exit() before child calls vsf_set_die_if_parent_dies(), it works.   

标签: vsftpd
评论: 1 | 引用: 0 | 阅读: 19662
  • 1 
daoyongyu [ 2014-09-29 18:49 ]
421 Service not available, remote server has closed connection
Login failed.
-------------------------------------------------------------------------
出现这个问题也有可能是用户名密码错误
  • 1