vsftpd: 500 OOPS: prctl PR_SET_SECCOMP failed
The message indicates that the prctl(PR_SET_SECCOMP, ...)
call failed.
ret = prctl(PR_SET_SECCOMP, 2, &prog, 0, 0);
if (ret != 0)
{
die("prctl PR_SET_SECCOMP failed");
}
It can happen when your kernel does not have the CONFIG_SECCOMP_FILTER
enabled. But that can hardly change while you "work on website".
Quote from prctl
man page:
PR_SET_SECCOMP (since Linux 2.6.23)
Set the secure computing (seccomp) mode for the calling thread, to limit the available system calls. The seccomp mode is selected via
arg2
. (The seccomp constants are defined in<linux/seccomp.h>
...
With
arg2
set toSECCOMP_MODE_FILTER
(since Linux 3.5) the system calls allowed are defined by a pointer to a Berkeley Packet Filter passed in arg3. This argument is a pointer tostruct sock_fprog
; it can be designed to filter arbitrary system calls and system call arguments. This mode is available only if the kernel is configured withCONFIG_SECCOMP_FILTER
enabled.
As a poor workaround, you can configure vsftpd not to enable the the seccomp mode.
Use the seccomp_sandbox=no
option in the vsftpd.conf
.
The option does not seem to be documented.