Problems with chroot in ProFTPd

[mklooss]

we are using mysql based login, and all customers are chrooted within the proftpd session. so mod_clamav could not find the files

Jun 19 16:34:41 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): Preparing to chroot to directory '/home/mklooss'
Jun 19 16:34:41 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): USER mklooss: Login successful.
Jun 19 16:34:42 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): mod_clamav/0.10: error: Can not stat file (9): Bad file descriptor
Jun 19 16:34:42 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): notice: error closing '/eicar.com': Bad file descriptor
Jun 19 16:34:45 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): mod_clamav/0.10: error: Can not stat file (9): Bad file descriptor
Jun 19 16:34:45 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): notice: error closing '/eicar.com': Bad file descriptor
Jun 19 16:34:46 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): mod_clamav/0.10: error: Can not stat file (9): Bad file descriptor
Jun 19 16:34:46 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): notice: error closing '/eicar.com': Bad file descriptor
Jun 19 16:34:59 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): mod_clamav/0.10: error: Can not stat file (9): Bad file descriptor
Jun 19 16:34:59 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): notice: error closing '/constants.ts': Bad file descriptor
Jun 19 16:34:59 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): notice: error closing '/constants.ts': Bad file descriptor
Jun 19 16:35:00 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): mod_clamav/0.10: error: Can not stat file (9): Bad file descriptor
Jun 19 16:35:00 server.addr proftpd[13471] xxx.xxx.xxx.xxx (::ffff:yyy.yyy.yyy.yyy[::ffff:yyy.yyy.yyy.yyy]): notice: error closing '/constants.ts': Bad file descriptor

[Castaglia]

Could you provide the mod_clamav configuration (and the rest of the proftpd.conf) that you are using, so that I can duplicate the issue you're seeing locally?

[mklooss]

i've added these to pastebin Config: http://pastebin.com/PYDvaHWH

AuthOrder is AuthOrder mod_auth_unix.c

proftpd -vv
ProFTPD Version: 1.3.3a (maint)
  Scoreboard Version: 01040003
  Built: Tue Jan 8 2013 14:41:26 UTC

Loaded modules:
  mod_ifsession/1.0
  mod_dynmasq/0.3
  mod_wrap2_file/1.2
  mod_wrap2/2.0.6
  mod_ban/0.5.5
  mod_load/1.0.1
  mod_rewrite/0.8
  mod_wrap/1.2.3
  mod_quotatab_radius.c
  mod_quotatab_sql.c
  mod_clamav/0.10
  mod_quotatab_file.c
  mod_quotatab/1.3.0
  mod_sql_mysql/4.0.8
  mod_sql/4.2.5
  mod_tls/2.4.2
  mod_ctrls_admin/0.9.6
  mod_lang/0.9
  mod_ctrls/0.9.4
  mod_cap/1.0
  mod_readme.c
  mod_auth_pam/1.1
  mod_ident/1.0
  mod_dso/0.5
  mod_facts/0.1
  mod_delay/0.6
  mod_site.c
  mod_log.c
  mod_ls.c
  mod_auth.c
  mod_auth_file/0.8.3
  mod_auth_unix.c
  mod_xfer.c
  mod_core.c

[Castaglia]

Hmm. If you were using the mod_clamav from this GitHub project, the mod_clamav version would be reported as "0.10b". One of the reasons for doing this fork was that the original mod_clamav (which this is NOT) was not being supported well.

That being the case, could you rebuild your proftpd using this forked mod_clamav, and see if the issue persists?

Last, I notice that you have "ClamAV off". This effectively disables the mod_clamav module functionality; is that what you intended?

[mklooss]

oh yeah... dooh ive compiled from the wrong directory. your version works perfectly