FTP fails after Security Update 2004-09-07

Discussion in 'Apple' started by Steve Lidie, Sep 9, 2004.

  1. Steve Lidie

    Steve Lidie Guest

    After applying the update I can no longer FTP to my Mac:

    Sep 9 08:51:56 Ray xinetd[338]: START: ftp pid=25774 from=192.168.1.123
    Sep 9 08:52:01 Ray xinetd[338]: service ftp, IPV6_ADDRFORM setsockopt() failed: Protocol not available (errno = 42)


    So far I have found no patches via Google, anyone know how to fix this?

    Thanks,

    Steve
     
    Steve Lidie, Sep 9, 2004
    #1
    1. Advertisements

  2. Steve Lidie

    Tom Stiller Guest

    Use sftp.
     
    Tom Stiller, Sep 9, 2004
    #2
    1. Advertisements

  3. Steve Lidie

    Steve Lidie Guest

    Not an option: the client is an Axis network camera beaming images to my Mac
    on my local/private/home network (192.168.1.1) ... it understands only FTP.
     
    Steve Lidie, Sep 9, 2004
    #3
  4. Steve Lidie

    Steve Lidie Guest


    Oh, disabled on purpose. Sigh, now I have to scrounge around for a new FTP server ;)

    Thanks, for the pointer ...
     
    Steve Lidie, Sep 9, 2004
    #4
  5. See today's macfixit.com.

    Cathy
     
    Cathy Stevenson, Sep 9, 2004
    #5
  6. Who said that?
     
    Matthew Russotto, Sep 9, 2004
    #6
  7. What's the big deal? The service has only been disabled in
    /etc/inetd.conf. All you need to do is uncomment out the line

    #ftp stream tcp nowait root /usr/libexec/tcpd ftpd -l

    and reboot. On most UNIX systems, a reboot isn't needed, but MacOS X
    has the network stuff spread across multiple processes. Rebooting is
    easier than figuring out what processes to restart.
     
    Michael Vilain, Sep 9, 2004
    #7
  8. Steve Lidie

    Acid Pooh Guest

    If you have the developer tools installed, I suggest using vsftpd.
    Easy to install and configure and very secure. It's what
    ftp.kernel.org runs.

    'cid 'ooh
     
    Acid Pooh, Sep 9, 2004
    #8
  9. Why was the ftpd line commented out in the first place? For security I
    assume.

    But if Mac OS X doesn't support FTP anymore why does the FTP option
    still show up in the SystemPreference->Sharing->Services menu>?

    I called Mac support (I have an AppleSupport plan) and they said they
    couldn't support this problem because it involves another computer.
    What a copout. I pointed out the problem occurs even if I ftp from my
    Mac looping back to my Mac. The problem is currently awaiting escalation.

    Ben in DC
    Reality is merely an illusion, albeit a very persistent one.
    Albert Einstein
     
    Benjamin Slade, Sep 9, 2004
    #9
  10. Steve Lidie

    soothsayer Guest

    You don't need to reboot. Just HUP xinetd:

    sudo kill -HUP `cat /var/run/xinetd.pid`

    OSX uses completely generic xinetd, identical to what typically runs
    in linux et al.
     
    soothsayer, Sep 10, 2004
    #10
  11. Steve Lidie

    Steve Lidie Guest

    No, that's not correct. Mac OS X uses xinetd, not inetd, so you want to
    examine files in /etc/xinetd.d: you'll notice that FTp is still enabled.
    It's the actuall executable that has changed.

    Simply replacing /usr/libexec/ftpd with the version prior to the security
    updates "fixes my problem".
     
    Steve Lidie, Sep 10, 2004
    #11
  12. Steve Lidie

    Steve Lidie Guest

    Reboot not required, a simple HUP signal to xinetd causes xinetd to re-read it's
    config files.
     
    Steve Lidie, Sep 10, 2004
    #12
  13. xinetd isn't running on my MacOS X 10.3.5 system. That's why I said to
    reboot. I couldn't find any sort of 'inetd' running on the system.
    netinfod is running but that's the only thing that comes to mind. It's
    man page didn't say anything about inetd.conf.
     
    Michael Vilain, Sep 10, 2004
    #13
  14. Steve Lidie

    Steve Lidie Guest

    It is on all standard 10.3.5 systems:

    [[email protected]:~/Desktop] ps aux|grep inet
    root 338 0.0 0.1 27484 704 ?? Ss Wed12AM 0:50.20 xinetd -inetd_compat -pidfile /var/run/xinetd.pid
    lusol 27671 0.0 0.0 18172 340 std S+ 9:28PM 0:00.00 grep inet
     
    Steve Lidie, Sep 10, 2004
    #14
  15. Steve Lidie

    soothsayer Guest

    The IPServices Startup Item runs xinetd. You don't have this? That
    doesn't make much sense to me. Did you go out of your way to avoid
    installing it?


    inetd was replaced by xinetd (in osx and elsewhere) some time ago.




    NetInfo is unrelated to inetd/xinetd, and for that matter to ftpd as
    well. It's not involved in any way with the running of 'wrapped' tcp
    services.

    In theory xinetd in osx runs with inetd compatibility but that doesn't
    seem to work. The inetd.conf file is therefore vestigial. The
    service entries for xinetd are files in the directory /etc/xinetd.d/



    Given that neither inetd nor xinetd was the cause of the ftpd problem,
    I"m not sure it's worth continuing this little subthread any further.
    The xinetd man page has all the info you should need about xinetd in
    general.
     
    soothsayer, Sep 10, 2004
    #15
  16. Steve Lidie

    soothsayer Guest

    The (standard) IPServices startup item starts the xinetd process on
    every osx 10.3 system I've ever seen:

    /System/Library/StartupItems/IPServices

    Do you have this directory? If you don't, your system is, in a word,
    incomplete. If you have it, the script inside should start xinetd.

    What version of osx was originally installed on your powerbook? Did
    you ever, at any time, reinstall from cd and disable parts part of it?



    Sorry, xinetd doesn't work like that.
     
    soothsayer, Sep 10, 2004
    #16
  17. Steve Lidie

    soothsayer Guest

    I'm wrong, apparently it does work like that without the -stayalive
    option, and that option is not included in the startup-item script.
    This is a weird default if you ask me, but there it is.

    Of course if xinetd configuration had been the source of the ftpd
    problem, then none of this would be relevant, since at least one
    service would have been enabled (i.e., ftp). But we already knew it
    wasn't related to the ftpd failure.
     
    soothsayer, Sep 10, 2004
    #17
  18. Yes, this directory and the files are there. Personal Web Sharing is
    turned on, but everything else is turned off. Scanning system.log shows
    xinetd exited because there were 'no services'; and indeed, all lines in
    the /etc/inetd.conf are commented out on my system. So, mystery solved.
    Some other may have similar inetd.conf files.
    This was installed on a Dual 1GHz G4 as MacOS X 10.3, then upgraded
    using Software Update to 10.3.5.
    I have web sharing turned on, but that's not a service 'forked' by the
    xinetd process (see /etc/inetd.conf for the list).
     
    Michael Vilain, Sep 10, 2004
    #18
  19. Steve Lidie

    noman Guest

    Right, the Startup Item script runs xinetd without specifying
    -stayalive, so the process will quit immediately if there are no
    enabled services.

    inetd.conf doesn't matter (much). The important files are the ones in
    /etc/xinetd.d/.

    Again, inetd.conf isn't relevant. But it is true that http isn't
    handled through xinetd.
     
    noman, Sep 10, 2004
    #19
  20. And the response from Apple is:
    I enabled "Windows Sharing" in SystemPreferences->Sharing->Services and,
    after dicking around with MS-Windows on the other box, was able to
    transfer files.

    Ben in DC
    Everything should be made as simple as possible, but not simpler.
    Albert Einstein
     
    Benjamin Slade, Sep 10, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.