http://localhost:8080/trac/ticket/845 <p> The BOA stack installs and runs a FTP server, which we don't need as we use SSH/SFTP and it therefore causes a unneeded load, see <a class="new ticket" href="http://localhost:8080/trac/ticket/692#comment:177" title="maintenance: Debian Updates (new)">ticket:692#comment:177</a> for an example. </p> en-us /trac/chrome/site/TransitionNetwork-Logo-Web-Small.jpg http://localhost:8080/trac/ticket/845 Trac 0.12.5 chris Mon, 13 Apr 2015 11:10:36 GMT http://localhost:8080/trac/ticket/845#comment:1 http://localhost:8080/trac/ticket/845#comment:1 <ul> <li><strong>hours</strong> changed from <em>0.0</em> to <em>0.25</em> </li> <li><strong>totalhours</strong> changed from <em>0.0</em> to <em>0.25</em> </li> </ul> <p> There is a firewall rule to allow FTP traffic: </p> <pre class="wiki">iptables -L | grep ftp target prot opt source destination ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp-data ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp </pre><p> For now I have blocked this: </p> <pre class="wiki">iptables -A INPUT -p tcp --destination-port ftp -j DROP iptables -A INPUT -p tcp --destination-port ftp-data -j DROP </pre><p> I can't a simple way to stop this service running, the config for for it is at <tt>/usr/local/etc/pure-ftpd.conf</tt> and it uses PAM and this is configured via <tt>/etc/pam.d/pure-ftpd</tt>. </p> <p> The <tt>iptables</tt> rules haven't changed the load it is adding however: </p> <pre class="wiki"> PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 18019 root 20 0 28904 444 52 R 27 0.0 0:00.83 pure-ftpd </pre><p> This might have to be followed up via a ticket with the BOA project -- it seems like a total waste of resources to be running a service we don't use. </p> Ticket chris Mon, 13 Apr 2015 11:37:35 GMT http://localhost:8080/trac/ticket/845#comment:2 http://localhost:8080/trac/ticket/845#comment:2 <ul> <li><strong>hours</strong> changed from <em>0.0</em> to <em>0.25</em> </li> <li><strong>totalhours</strong> changed from <em>0.25</em> to <em>0.5</em> </li> </ul> <p> There is <a class="ext-link" href="https://github.com/omega8cc/boa/issues/173"><span class="icon">​</span>a ticket from 2011</a> which says the way to stop it running is to comment out this line: </p> <pre class="wiki"> if ($COMMAND =~ /pure-ftpd/) {$ftplives = "YES"; $ftpsumar = $li_cnt{$COMMAND};} </pre><p> In <tt>/var/xdrago/proc_num_ctrl.cgi</tt>, so I have done that, all done <tt>killall pure-ftpd</tt> but it is still running: </p> <pre class="wiki"> PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 3017 root 20 0 28904 444 52 R 29 0.0 0:00.88 pure-ftpd </pre><p> So I have <a class="ext-link" href="https://github.com/omega8cc/boa/issues/684"><span class="icon">​</span>opened a ticket about it</a>. </p> Ticket chris Wed, 15 Apr 2015 14:26:28 GMT http://localhost:8080/trac/ticket/845#comment:3 http://localhost:8080/trac/ticket/845#comment:3 <ul> <li><strong>hours</strong> changed from <em>0.0</em> to <em>0.25</em> </li> <li><strong>status</strong> changed from <em>new</em> to <em>closed</em> </li> <li><strong>resolution</strong> set to <em>fixed</em> </li> <li><strong>totalhours</strong> changed from <em>0.5</em> to <em>0.75</em> </li> </ul> <p> The <a class="ext-link" href="https://github.com/omega8cc/boa/issues/684#issuecomment-93418427"><span class="icon">​</span>answer to the ticket</a>: </p> <blockquote class="citation"> <ol><li>rm -f /usr/local/sbin/pure-config.pl </li><li>killall -9 pure-ftpd </li><li>remove FTP from _XTRAS_LIST </li></ol></blockquote> <p> So I have done 1. and 2., the <tt>_XTRAS_LIST</tt> variable in <tt>/root/.barracuda.cnf</tt> didn't contain FTP: </p> <pre class="wiki">_XTRAS_LIST="PDS CSF CHV" </pre><p> I have updated the wiki page, see <a class="wiki" href="http://localhost:8080/trac/wiki/PuffinServer#pure-ftpd">wiki:PuffinServer#pure-ftpd</a> and this matter is now resolved so closing this ticket. </p> Ticket