Path: utzoo!utgpu!watmath!watvlsi!watale!daemon
From: daemon@watale.waterloo.edu (Watale's Little Helper)
Newsgroups: comp.unix.wizards
Subject: anonymous ftp, and chroot
Message-ID: <3024@watale.waterloo.edu>
Date: 27 Nov 88 15:53:45 GMT
Reply-To: mdadams@surya.waterloo.edu (Mike Adams)
Distribution: world
Organization: U. of Waterloo, Ontario
Lines: 35

I have been having trouble trying to get in.ftpd to record all anonymous
ftp activity.  I don't quite understand why, but the problem seems
to be caused by the chroot call.

A trace of in.ftpd shows the following:

[all writes to descriptor three (/dev/log) work fine above this point]
chdir ("/usr/ftp") = 0
open ("/usr/adm/wtmp", 011, 0) = 4
chroot ("/usr/ftp") = 0
write (1, "230 Guest login ok, access restr".., 48) = 48
gettimeofday (0xf7fff388, 0) = 0
getpid () = 6019
[crash, and burn time]
sendto (3, "<31>Nov 25 22:32:07 ftpd[6019]: ".., 42, 0, 0xd4e8, 16) = -1
ENOENT (No such file or directory)

It seems that altering the root directory somehow messes up access to
/dev/log.  I suppose the obvious answer is that /dev/log is no longer
accessible once the chroot("/usr/ftp") takes effect.  But there must
be more to it than that, because /dev/log is opened before the root
directory is changed*.

* It is my understanding that I can open any file, do a chroot, and
still have access to that file until I close it (even if it lies "above"
the new root directory).  Does this statement not hold true for UNIX
domain sockets like /dev/log?  And if so, why?

Assuming that there really is a problem, and I'm not just being
dense, how can I fix in.ftpd to properly log messages after calling chroot?

Thank you for your time.

Mike Adams
mdadams@surya.waterloo.edu