Ubuntu – vsftpd: 500 OOPS: prctl PR_SET_SECCOMP failed

ftpUbuntuvsftpd

I have an issue with vsftpd. When I connect to my FTP server via FileZilla I get the error:

500 OOPS: prctl PR_SET_SECCOMP failed
Error: Critical error
Error: Could not connect to server

I've tried to connect via my file manager as well and it doesn't seem to function. I can connect to all my other servers with no issue so I'm certain that it's a server related issue.

I run Ubuntu 14.04 on a VPSDime VPS. vsftpd version 3.0.2. The error didn't occur after an update or change in configuration but the error started to occur when I was working on a website; it was working fine before I got the error.

I've rebooted, restarted vsftpd and updated my system. Any ideas?

Best Answer

The message indicates that the prctl(PR_SET_SECCOMP, ...) call failed.

ret = prctl(PR_SET_SECCOMP, 2, &prog, 0, 0);
if (ret != 0)
{
  die("prctl PR_SET_SECCOMP failed");
}

It can happen when your kernel does not have the CONFIG_SECCOMP_FILTER enabled. But that can hardly change while you "work on website".

Quote from prctl man page:

PR_SET_SECCOMP (since Linux 2.6.23)

Set the secure computing (seccomp) mode for the calling thread, to limit the available system calls. The seccomp mode is selected via arg2. (The seccomp constants are defined in <linux/seccomp.h>

...

With arg2 set to SECCOMP_MODE_FILTER (since Linux 3.5) the system calls allowed are defined by a pointer to a Berkeley Packet Filter passed in arg3. This argument is a pointer to struct sock_fprog; it can be designed to filter arbitrary system calls and system call arguments. This mode is available only if the kernel is configured with CONFIG_SECCOMP_FILTER enabled.

As a poor workaround, you can configure vsftpd not to enable the the seccomp mode.

Use the seccomp_sandbox=no option in the vsftpd.conf.

The option does not seem to be documented.

Best Answer

Related Solutions

Ubuntu – 227 Entering Passive Mode (0,0,0,0,…) when connecting to vsftpd FTP server

Related Question