Connection to vsFTPd running in SLES 9 or 10 container fails with the following error:
~# ftp 172.18.11.64 Connected to 172.18.11.64. 220 (vsFTPd 2.0.4) Name (172.18.11.64:root): 331 Please specify the password. Password: 500 OOPS: cap_set_proc ftp: Login failed. ftp> ^D 230 Login successful.
vsFTPd first does privilege drop to the user
nobody and then tries to set capability for the process to bind to ports as the service - this is in order to use the port 20 for data connection. However in kernels 2.6.32 and later, this does not work due to more strict security checks.
Change the option
connect_from_port_20 to value NO from the default value
YES and restart the service:
~# sed '/^connect_from_port_20/ s~=YES~=NO~' -i /etc/vsftpd.conf ~# service vsftpd restart
If there is custom template installed on the node then check the technologies for the OS template, it should contain
sysfs. Correct the custom template if it is missing:
~# vzpkg info sles-10-x86_64 technologies technologies: x86_64 nptl sysfs