From owner-freebsd-ports@FreeBSD.ORG  Mon Mar 30 13:53:19 2015
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id D779057C
 for <freebsd-ports@freebsd.org>; Mon, 30 Mar 2015 13:53:19 +0000 (UTC)
Received: from home.opsec.eu (home.opsec.eu [IPv6:2001:14f8:200::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 961693CF
 for <freebsd-ports@freebsd.org>; Mon, 30 Mar 2015 13:53:19 +0000 (UTC)
Received: from pi by home.opsec.eu with local (Exim 4.82 (FreeBSD))
 (envelope-from <lists@opsec.eu>)
 id 1Yca7y-000HFS-Dm; Mon, 30 Mar 2015 15:53:18 +0200
Date: Mon, 30 Mar 2015 15:53:18 +0200
From: Kurt Jaeger <lists@opsec.eu>
To: Paul Macdonald <paul@ifdnrg.com>
Subject: Re: Proftpd bug, chroot does not allow for access to or creation of
 folders named 'lib'
Message-ID: <20150330135318.GI62590@home.opsec.eu>
References: <551460C0.3060609@ifdnrg.com> <55195013.3090509@quip.cz>
 <551950EC.2030205@ifdnrg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <551950EC.2030205@ifdnrg.com>
Cc: freebsd-ports@freebsd.org
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Mar 2015 13:53:19 -0000

Hi!

> > I can confirm this problem on FreeBSD 8.4-RELEASE i386 with 
> > proftpd-1.3.5_2
> >
> > Is some patch available to fix this? (I cannot disable DefaultChroot)
> >
> a bug report has been filed.
> 
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198938

I've updated the PR with some short info what I found. Basically,
there's a special case in src/fsio.c which explicitly denies
writing to /etc and /lib in the chroot-case, refering to 3 year
old AUSCERT warnings for proftpd with FreeBSD.

Someone needs to check whether those warnings still apply to current-day
proftpd and freebsd.

-- 
pi@opsec.eu            +49 171 3101372                         5 years to go !