• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Please beaware of a breaking change in the REST API on the next Plesk release (18.0.62).
    Starting from Plesk Obsidian 18.0.62, requests to REST API containing the Content-Type header with a media-type directive other than “application/json” will result in the HTTP “415 Unsupported Media Type” client error response code. Read more here

proftpd binary shipped with 10.4.4 MU4 and 10.3.1 MU16 is missing DSO support

burnleyvic

Regular Pleskian
CentOS 5.7 and 6.2, x86_64, Plesk 10.4.4 MU20

It all started one day when we decided to offer sftp support to our customers. We knew for a fact that proftpd packages shipped by Atomic do offer out-of-the-box sftp support after installing psa-proftpd-mod_sftp package, so we thought we'll be safe with this repo. All good, but all of a sudden the sftp support dissapeared, the reason for this being Plesk's microupdates system, which is overwriting files as part of so-called security updates.
Plesk's microupdate 4 is patching a 1.3.4a installation with a 1.3.3e file. What's worse is that Plesk's proftpd binary is buit without DSO support! Please check the behaviour of your own binary, as opposed to Atomic's one:

--- Plesk binaries ---

md5sum /root/parallels/PSA_10.3.1/microupdates/MU16/dist-rpm-CentOS-5-x86_64/proftpd /root/parallels/PSA_10.4.4/microupdates/MU4/dist-rpm-CentOS-5-x86_64/proftpd
e614b004db1991eedd4b136549756a9c /root/parallels/PSA_10.3.1/microupdates/MU16/dist-rpm-CentOS-5-x86_64/proftpd
e614b004db1991eedd4b136549756a9c /root/parallels/PSA_10.4.4/microupdates/MU4/dist-rpm-CentOS-5-x86_64/proftpd

ls -l /root/parallels/PSA_10.3.1/microupdates/MU16/dist-rpm-CentOS-5-x86_64/proftpd /root/parallels/PSA_10.4.4/microupdates/MU4/dist-rpm-CentOS-5-x86_64/proftpd
-rwxr-xr-x 1 root root 2157543 Dec 7 16:14 /root/parallels/PSA_10.3.1/microupdates/MU16/dist-rpm-CentOS-5-x86_64/proftpd
-rwxr-xr-x 1 root root 2157543 Mar 5 21:22 /root/parallels/PSA_10.4.4/microupdates/MU4/dist-rpm-CentOS-5-x86_64/proftpd

So, we've got the same binary for 10.3.1 MU16 and 10.4.4 MU4. Now:

/root/parallels/PSA_10.3.1/microupdates/MU16/dist-rpm-CentOS-5-x86_64/proftpd -v
ProFTPD Version 1.3.3e

/root/parallels/PSA_10.3.1/microupdates/MU16/dist-rpm-CentOS-5-x86_64/proftpd -vv
- Fatal: unknown configuration directive 'LoadModule' on line 2 of '/etc/proftpd-sftp.conf'

/root/parallels/PSA_10.3.1/microupdates/MU16/dist-rpm-CentOS-5-x86_64/proftpd -l
Compiled-in modules:
mod_core.c
mod_xfer.c
mod_auth_unix.c
mod_auth_file.c
mod_auth.c
mod_ls.c
mod_log.c
mod_site.c
mod_delay.c
mod_facts.c
mod_ident.c
mod_auth_pam.c
mod_ratio.c
mod_readme.c
mod_quotatab.c
mod_quotatab_file.c
mod_tls.c
mod_cap.c
mod_lang.c

No DSO support here.

--- Atomic binary on a repaired proftpd installation ---

/usr/sbin/proftpd -v
ProFTPD Version 1.3.4a

/usr/sbin/proftpd -vv
ProFTPD Version: 1.3.4a (maint)
Scoreboard Version: 01040003
Built: Mon Nov 14 2011 09:46:01 EST

Loaded modules:
mod_sftp/0.9.8
mod_ctrls/0.9.4
mod_ifsession/1.1
mod_cap/1.1
mod_dnsbl/0.1.3
mod_auth_pam/1.1
mod_readme/1.0
mod_tls/2.4.3
mod_quotatab_file.c
mod_quotatab/1.3.0
mod_clamav.c
mod_ident/1.0
mod_dso/0.5
mod_facts/0.3
mod_delay/0.7
mod_site.c
mod_log.c
mod_ls.c
mod_auth.c
mod_auth_file/0.9
mod_auth_unix.c
mod_xfer.c
mod_core.c

/usr/sbin/proftpd -l
Compiled-in modules:
mod_core.c
mod_xfer.c
mod_auth_unix.c
mod_auth_file.c
mod_auth.c
mod_ls.c
mod_log.c
mod_site.c
mod_delay.c
mod_facts.c
mod_dso.c
mod_ident.c
mod_clamav.c
mod_quotatab.c
mod_quotatab_file.c
mod_tls.c
mod_readme.c
mod_auth_pam.c
mod_dnsbl.c
mod_cap.c
mod_ifsession.c
mod_ctrls.c
 
Just for general information, Parallels technical support acknowledged the issue but can't give any ETA. Citing, they "have no answer, because the decision is made by managers. They will consider the request."
What better way to bury an issue than handballing it into managers half?
 
Back
Top