1 |
commit: 700bc79d57035b3eb2448c2892ebe00cb73ee0da |
2 |
Author: Dane Smith <c1pher <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Mar 1 18:27:34 2011 +0000 |
4 |
Commit: Dane Smith <c1pher <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Mar 1 18:27:34 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/c1pher.git;a=commit;h=700bc79d |
7 |
|
8 |
vsftp testing. |
9 |
|
10 |
--- |
11 |
net-ftp/vsftpd/Manifest | 12 + |
12 |
net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch | 15 ++ |
13 |
.../vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch | 21 ++ |
14 |
net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch | 264 ++++++++++++++++++++ |
15 |
net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch | 13 + |
16 |
net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch | 20 ++ |
17 |
net-ftp/vsftpd/files/vsftpd.conf | 105 ++++++++ |
18 |
net-ftp/vsftpd/files/vsftpd.init | 69 +++++ |
19 |
net-ftp/vsftpd/files/vsftpd.logrotate | 4 + |
20 |
net-ftp/vsftpd/files/vsftpd.xinetd | 15 ++ |
21 |
net-ftp/vsftpd/metadata.xml | 26 ++ |
22 |
net-ftp/vsftpd/vsftpd-2.3.4.ebuild | 110 ++++++++ |
23 |
12 files changed, 674 insertions(+), 0 deletions(-) |
24 |
|
25 |
diff --git a/net-ftp/vsftpd/Manifest b/net-ftp/vsftpd/Manifest |
26 |
new file mode 100644 |
27 |
index 0000000..cf958e2 |
28 |
--- /dev/null |
29 |
+++ b/net-ftp/vsftpd/Manifest |
30 |
@@ -0,0 +1,12 @@ |
31 |
+AUX vsftpd-2.1.0-caps.patch 575 RMD160 a7b27df472ccbb5068d5f9961fe6bb010063e98c SHA1 f98d3cfbc1eb68f6e852cf9cbf5ad80407be5557 SHA256 4888021a25625041746b91025af0c2a2cb1fde758eda1d6c94098d4de0c1e370 |
32 |
+AUX vsftpd-2.2.0-dont-link-caps.patch 806 RMD160 670bfa8433ea5c9769d238aaebb9fce1d43e9e40 SHA1 d28260190d4613dae798d0f09d267be1ffcbc0a7 SHA256 fd164d4702ae866cb06ad245653b4f25c73d1d701a211b1f972b45b98ab55dd2 |
33 |
+AUX vsftpd-2.2.0-gentoo.patch 11049 RMD160 ef4fafea61a4ecf37d771f2da75bb10570dec898 SHA1 8846603f85f9515a154cfd8c1823c3e2e4e7e0e9 SHA256 e1737c941837aaf8e060a649903934174528704feffd100f86180a7ec68f3760 |
34 |
+AUX vsftpd-2.3.2-as-needed.patch 423 RMD160 36b79388cd7f7c6e7e9f8b4903622f4a1fa48762 SHA1 5e33ee6613715f84fa67e6bd09aec1be13aac95c SHA256 ad393655b30887294dfcf46fe63ea24e3339f027a84fe7de03364500829496d9 |
35 |
+AUX vsftpd-2.3.2-kerberos.patch 842 RMD160 01a77e587615e4367f2740ea52631fd115c8ea0a SHA1 ff1ef2088b960a77051b4cf83491f1c4ce70c621 SHA256 d86bed62c0fd22372f4704a12d7f75ce42fc15765ceec802b4b0c5680bc9c200 |
36 |
+AUX vsftpd.conf 3842 RMD160 2b0971c60f2ae2f9d3136849dff4dcf8ce117d41 SHA1 ebd5847bb328d8df188d85ffc5ccd7fcd5983525 SHA256 08b680a8531ecc8ccd9bf7cd91dc2de0a49105803a6d8fdcbe0f0dd47de8f6e0 |
37 |
+AUX vsftpd.init 1922 RMD160 50925ca15a4f94662790244546454c523b6e4f95 SHA1 ef453f4925e941e21075be678387076e57246b3d SHA256 78941ea7744d65d4674b4df8ecee6df91e6ed601c47d64ce1f489af56ea250e2 |
38 |
+AUX vsftpd.logrotate 53 RMD160 0fba0639da0d827fc0decfcf9ccd34fc7ad23c68 SHA1 cf18de9f84ad9a44974a7ae0f29562e9a516d5f9 SHA256 b31f4db8e2f8640f83bc38d83444ab784f8fc9a6492f654bb4149e1f566da2f3 |
39 |
+AUX vsftpd.xinetd 432 RMD160 6e2b2d0517d0bf8a2a9d7ce42ca2ea4ce73fbca2 SHA1 5325ecbf0755ebd5778d69039393af075c1a9b40 SHA256 4e68c12108509823c74cd66f833299def48f497a4d660624362d3b4990af828f |
40 |
+DIST vsftpd-2.3.4.tar.gz 187043 RMD160 4097b495b5b03833e18b1639931939c3176e498b SHA1 b774cc6b4c50e20f4fe9ca7f6aa74169ce7fe5ea SHA256 b466edf96437afa2b2bea6981d4ab8b0204b83ca0a2ac94bef6b62b42cc71a5a |
41 |
+EBUILD vsftpd-2.3.4.ebuild 3301 RMD160 b250c7b1457ec217a54029c4db4cd38d080843c3 SHA1 9d8b37db29bc8f3207e1fc8e9e3f0bc2dda84493 SHA256 f7839872a5e942eefaa01eec4189e7f8af17e2181b17b734b9ade05c9fd08a00 |
42 |
+MISC metadata.xml 724 RMD160 e0592272500a06dbd5bfa5d6f7e379a5390a2d02 SHA1 0292de42362025b58ea73c06513f35ff0a4eb56d SHA256 a718c41114032e6e27f6168b40e3ab324b9b17e3436e32a50caecb45ef7f59b4 |
43 |
|
44 |
diff --git a/net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch b/net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch |
45 |
new file mode 100644 |
46 |
index 0000000..bd29762 |
47 |
--- /dev/null |
48 |
+++ b/net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch |
49 |
@@ -0,0 +1,15 @@ |
50 |
+diff -ur vsftpd-2.1.0.orig/sysdeputil.c vsftpd-2.1.0/sysdeputil.c |
51 |
+--- vsftpd-2.1.0.orig/sysdeputil.c 2009-02-23 18:23:26.000000000 +0100 |
52 |
++++ vsftpd-2.1.0/sysdeputil.c 2009-02-23 18:23:51.000000000 +0100 |
53 |
+@@ -160,10 +160,8 @@ |
54 |
+ #include <sys/capability.h> |
55 |
+ |
56 |
+ #if defined(VSF_SYSDEP_HAVE_CAPABILITIES) && !defined(VSF_SYSDEP_HAVE_LIBCAP) |
57 |
+-#include <linux/unistd.h> |
58 |
+ #include <linux/capability.h> |
59 |
+-#include <errno.h> |
60 |
+-#include <syscall.h> |
61 |
++#include <sys/syscall.h> |
62 |
+ int capset(cap_user_header_t header, const cap_user_data_t data) |
63 |
+ { |
64 |
+ return syscall(__NR_capset, header, data); |
65 |
|
66 |
diff --git a/net-ftp/vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch b/net-ftp/vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch |
67 |
new file mode 100644 |
68 |
index 0000000..debcf06 |
69 |
--- /dev/null |
70 |
+++ b/net-ftp/vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch |
71 |
@@ -0,0 +1,21 @@ |
72 |
+diff -ur vsftpd-2.2.0.orig/vsf_findlibs.sh vsftpd-2.2.0/vsf_findlibs.sh |
73 |
+--- vsftpd-2.2.0.orig/vsf_findlibs.sh 2009-08-23 22:15:39.000000000 -0700 |
74 |
++++ vsftpd-2.2.0/vsf_findlibs.sh 2009-08-23 22:16:31.000000000 -0700 |
75 |
+@@ -44,17 +44,6 @@ |
76 |
+ # For older HP-UX... |
77 |
+ locate_library /usr/lib/libsec.sl && echo "-lsec"; |
78 |
+ |
79 |
+-# Look for libcap (capabilities) |
80 |
+-if locate_library /lib/libcap.so.1; then |
81 |
+- echo "/lib/libcap.so.1"; |
82 |
+-elif locate_library /lib/libcap.so.2; then |
83 |
+- echo "/lib/libcap.so.2"; |
84 |
+-else |
85 |
+- locate_library /usr/lib/libcap.so && echo "-lcap"; |
86 |
+- locate_library /lib/libcap.so && echo "-lcap"; |
87 |
+- locate_library /lib64/libcap.so && echo "-lcap"; |
88 |
+-fi |
89 |
+- |
90 |
+ # Solaris needs this for nanosleep().. |
91 |
+ locate_library /lib/libposix4.so && echo "-lposix4"; |
92 |
+ locate_library /usr/lib/libposix4.so && echo "-lposix4"; |
93 |
|
94 |
diff --git a/net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch b/net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch |
95 |
new file mode 100644 |
96 |
index 0000000..353dff3 |
97 |
--- /dev/null |
98 |
+++ b/net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch |
99 |
@@ -0,0 +1,264 @@ |
100 |
+diff -NrU5 vsftpd-2.2.0.original/defs.h vsftpd-2.2.0/defs.h |
101 |
+--- vsftpd-2.2.0.original/defs.h 2009-08-23 15:23:00.000000000 -0600 |
102 |
++++ vsftpd-2.2.0/defs.h 2009-08-23 16:01:20.000000000 -0600 |
103 |
+@@ -1,9 +1,9 @@ |
104 |
+ #ifndef VSF_DEFS_H |
105 |
+ #define VSF_DEFS_H |
106 |
+ |
107 |
+-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf" |
108 |
++#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf" |
109 |
+ |
110 |
+ #define VSFTP_COMMAND_FD 0 |
111 |
+ |
112 |
+ #define VSFTP_PASSWORD_MAX 128 |
113 |
+ #define VSFTP_USERNAME_MAX 128 |
114 |
+diff -NrU5 vsftpd-2.2.0.original/tunables.c vsftpd-2.2.0/tunables.c |
115 |
+--- vsftpd-2.2.0.original/tunables.c 2009-08-23 15:23:00.000000000 -0600 |
116 |
++++ vsftpd-2.2.0/tunables.c 2009-08-23 16:00:14.000000000 -0600 |
117 |
+@@ -244,23 +244,23 @@ |
118 |
+ tunable_delay_successful_login = 0; |
119 |
+ tunable_max_login_fails = 3; |
120 |
+ /* -rw------- */ |
121 |
+ tunable_chown_upload_mode = 0600; |
122 |
+ |
123 |
+- install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir); |
124 |
++ install_str_setting("/usr/share/vsftpd/empty", &tunable_secure_chroot_dir); |
125 |
+ install_str_setting("ftp", &tunable_ftp_username); |
126 |
+ install_str_setting("root", &tunable_chown_username); |
127 |
+ install_str_setting("/var/log/xferlog", &tunable_xferlog_file); |
128 |
+ install_str_setting("/var/log/vsftpd.log", &tunable_vsftpd_log_file); |
129 |
+ install_str_setting(".message", &tunable_message_file); |
130 |
+ install_str_setting("nobody", &tunable_nopriv_user); |
131 |
+ install_str_setting(0, &tunable_ftpd_banner); |
132 |
+- install_str_setting("/etc/vsftpd.banned_emails", &tunable_banned_email_file); |
133 |
+- install_str_setting("/etc/vsftpd.chroot_list", &tunable_chroot_list_file); |
134 |
++ install_str_setting("/etc/vsftpd/banned_emails", &tunable_banned_email_file); |
135 |
++ install_str_setting("/etc/vsftpd/chroot_list", &tunable_chroot_list_file); |
136 |
+ install_str_setting("ftp", &tunable_pam_service_name); |
137 |
+ install_str_setting("ftp", &tunable_guest_username); |
138 |
+- install_str_setting("/etc/vsftpd.user_list", &tunable_userlist_file); |
139 |
++ install_str_setting("/etc/vsftpd/user_list", &tunable_userlist_file); |
140 |
+ install_str_setting(0, &tunable_anon_root); |
141 |
+ install_str_setting(0, &tunable_local_root); |
142 |
+ install_str_setting(0, &tunable_banner_file); |
143 |
+ install_str_setting(0, &tunable_pasv_address); |
144 |
+ install_str_setting(0, &tunable_listen_address); |
145 |
+@@ -269,11 +269,11 @@ |
146 |
+ install_str_setting(0, &tunable_cmds_allowed); |
147 |
+ install_str_setting(0, &tunable_cmds_denied); |
148 |
+ install_str_setting(0, &tunable_hide_file); |
149 |
+ install_str_setting(0, &tunable_deny_file); |
150 |
+ install_str_setting(0, &tunable_user_sub_token); |
151 |
+- install_str_setting("/etc/vsftpd.email_passwords", |
152 |
++ install_str_setting("/etc/vsftpd/email_passwords", |
153 |
+ &tunable_email_password_file); |
154 |
+ install_str_setting("/usr/share/ssl/certs/vsftpd.pem", |
155 |
+ &tunable_rsa_cert_file); |
156 |
+ install_str_setting(0, &tunable_dsa_cert_file); |
157 |
+ install_str_setting("DES-CBC3-SHA", &tunable_ssl_ciphers); |
158 |
+diff -NrU5 vsftpd-2.2.0.original/vsftpd.8 vsftpd-2.2.0/vsftpd.8 |
159 |
+--- vsftpd-2.2.0.original/vsftpd.8 2009-08-23 15:23:00.000000000 -0600 |
160 |
++++ vsftpd-2.2.0/vsftpd.8 2009-08-23 16:10:03.000000000 -0600 |
161 |
+@@ -19,11 +19,11 @@ |
162 |
+ Alternatively, vsftpd can be launched in standalone mode, in which case vsftpd |
163 |
+ itself will listen on the network. This latter mode is easier to use, and |
164 |
+ recommended. It is activated by setting |
165 |
+ .Pa listen=YES |
166 |
+ in |
167 |
+-.Pa /etc/vsftpd.conf . |
168 |
++.Pa /etc/vsftpd/vsftpd.conf . |
169 |
+ Direct execution of the |
170 |
+ .Nm vsftpd |
171 |
+ binary will then launch the FTP service ready for immediate client connections. |
172 |
+ .Sh OPTIONS |
173 |
+ An optional |
174 |
+@@ -31,11 +31,11 @@ |
175 |
+ may be given on the command line. These files must be owned as root if running |
176 |
+ as root. Any command line option not starting with a "-" character is treated |
177 |
+ as a config file that will be loaded. Note that config files are loaded in the |
178 |
+ strict order that they are encountered on the command line. |
179 |
+ If no config files are specified, the default configuration file of |
180 |
+-.Pa /etc/vsftpd.conf |
181 |
++.Pa /etc/vsftpd/vsftpd.conf |
182 |
+ will be loaded, after all other command line options are processed. |
183 |
+ .Pp |
184 |
+ Supported options are: |
185 |
+ .Bl -tag -width Ds |
186 |
+ .It Fl v |
187 |
+@@ -45,16 +45,16 @@ |
188 |
+ -o options are supported, and they are applied in strict order relative to |
189 |
+ their appearance on the command line, including intermingling with loading of |
190 |
+ config files. |
191 |
+ .El |
192 |
+ .Sh EXAMPLES |
193 |
+-vsftpd -olisten=NO /etc/vsftpd.conf -oftpd_banner=blah |
194 |
++vsftpd -olisten=NO /etc/vsftpd/vsftpd.conf -oftpd_banner=blah |
195 |
+ .Pp |
196 |
+ That example overrides vsftpd's built-in default for the "listen" option to be |
197 |
+-NO, but then loads /etc/vsftpd.conf which may override that setting. Finally, |
198 |
++NO, but then loads /etc/vsftpd/vsftpd.conf which may override that setting. Finally, |
199 |
+ the "ftpd_banner" setting is set to "blah", which overrides any default vsftpd |
200 |
+ setting and any identical setting that was in the config file. |
201 |
+ .Sh FILES |
202 |
+-.Pa /etc/vsftpd.conf |
203 |
++.Pa /etc/vsftpd/vsftpd.conf |
204 |
+ .Sh SEE ALSO |
205 |
+ .Xr vsftpd.conf 5 |
206 |
+ .end |
207 |
+diff -NrU5 vsftpd-2.2.0.original/vsftpd.conf vsftpd-2.2.0/vsftpd.conf |
208 |
+--- vsftpd-2.2.0.original/vsftpd.conf 2009-08-23 15:23:00.000000000 -0600 |
209 |
++++ vsftpd-2.2.0/vsftpd.conf 2009-08-23 15:35:03.000000000 -0600 |
210 |
+@@ -1,6 +1,6 @@ |
211 |
+-# Example config file /etc/vsftpd.conf |
212 |
++# Example config file /etc/vsftpd/vsftpd.conf |
213 |
+ # |
214 |
+ # The default compiled in settings are fairly paranoid. This sample file |
215 |
+ # loosens things up a bit, to make the ftp daemon more usable. |
216 |
+ # Please see vsftpd.conf.5 for all compiled in defaults. |
217 |
+ # |
218 |
+@@ -85,19 +85,19 @@ |
219 |
+ # |
220 |
+ # You may specify a file of disallowed anonymous e-mail addresses. Apparently |
221 |
+ # useful for combatting certain DoS attacks. |
222 |
+ #deny_email_enable=YES |
223 |
+ # (default follows) |
224 |
+-#banned_email_file=/etc/vsftpd.banned_emails |
225 |
++#banned_email_file=/etc/vsftpd/banned_emails |
226 |
+ # |
227 |
+ # You may specify an explicit list of local users to chroot() to their home |
228 |
+ # directory. If chroot_local_user is YES, then this list becomes a list of |
229 |
+ # users to NOT chroot(). |
230 |
+ #chroot_local_user=YES |
231 |
+ #chroot_list_enable=YES |
232 |
+ # (default follows) |
233 |
+-#chroot_list_file=/etc/vsftpd.chroot_list |
234 |
++#chroot_list_file=/etc/vsftpd/chroot_list |
235 |
+ # |
236 |
+ # You may activate the "-R" option to the builtin ls. This is disabled by |
237 |
+ # default to avoid remote users being able to cause excessive I/O on large |
238 |
+ # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume |
239 |
+ # the presence of the "-R" option, so there is a strong case for enabling it. |
240 |
+diff -NrU5 vsftpd-2.2.0.original/vsftpd.conf.5 vsftpd-2.2.0/vsftpd.conf.5 |
241 |
+--- vsftpd-2.2.0.original/vsftpd.conf.5 2009-08-23 15:23:00.000000000 -0600 |
242 |
++++ vsftpd-2.2.0/vsftpd.conf.5 2009-08-23 15:49:59.000000000 -0600 |
243 |
+@@ -2,11 +2,11 @@ |
244 |
+ .SH NAME |
245 |
+ vsftpd.conf \- config file for vsftpd |
246 |
+ .SH DESCRIPTION |
247 |
+ vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By |
248 |
+ default, vsftpd looks for this file at the location |
249 |
+-.BR /etc/vsftpd.conf . |
250 |
++.BR /etc/vsftpd/vsftpd.conf . |
251 |
+ However, you may override this by specifying a command line argument to |
252 |
+ vsftpd. The command line argument is the pathname of the configuration file |
253 |
+ for vsftpd. This behaviour is useful because you may wish to use an advanced |
254 |
+ inetd such as |
255 |
+ .BR xinetd |
256 |
+@@ -136,11 +136,11 @@ |
257 |
+ If activated, you may provide a list of local users who are placed in a |
258 |
+ chroot() jail in their home directory upon login. The meaning is slightly |
259 |
+ different if chroot_local_user is set to YES. In this case, the list becomes |
260 |
+ a list of users which are NOT to be placed in a chroot() jail. |
261 |
+ By default, the file containing this list is |
262 |
+-/etc/vsftpd.chroot_list, but you may override this with the |
263 |
++/etc/vsftpd/chroot_list, but you may override this with the |
264 |
+ .BR chroot_list_file |
265 |
+ setting. |
266 |
+ |
267 |
+ Default: NO |
268 |
+ .TP |
269 |
+@@ -175,11 +175,11 @@ |
270 |
+ Default: NO |
271 |
+ .TP |
272 |
+ .B deny_email_enable |
273 |
+ If activated, you may provide a list of anonymous password e-mail responses |
274 |
+ which cause login to be denied. By default, the file containing this list is |
275 |
+-/etc/vsftpd.banned_emails, but you may override this with the |
276 |
++/etc/vsftpd/banned_emails, but you may override this with the |
277 |
+ .BR banned_email_file |
278 |
+ setting. |
279 |
+ |
280 |
+ Default: NO |
281 |
+ .TP |
282 |
+@@ -431,11 +431,11 @@ |
283 |
+ access to low-security content without needing virtual users. When enabled, |
284 |
+ anonymous logins are prevented unless the password provided is listed in the |
285 |
+ file specified by the |
286 |
+ .BR email_password_file |
287 |
+ setting. The file format is one password per line, no extra whitespace. The |
288 |
+-default filename is /etc/vsftpd.email_passwords. |
289 |
++default filename is /etc/vsftpd/email_passwords. |
290 |
+ |
291 |
+ Default: NO |
292 |
+ .TP |
293 |
+ .B session_support |
294 |
+ This controls whether vsftpd attempts to maintain sessions for logins. If |
295 |
+@@ -762,11 +762,11 @@ |
296 |
+ This option is the name of a file containing a list of anonymous e-mail |
297 |
+ passwords which are not permitted. This file is consulted if the option |
298 |
+ .BR deny_email_enable |
299 |
+ is enabled. |
300 |
+ |
301 |
+-Default: /etc/vsftpd.banned_emails |
302 |
++Default: /etc/vsftpd/banned_emails |
303 |
+ .TP |
304 |
+ .B banner_file |
305 |
+ This option is the name of a file containing text to display when someone |
306 |
+ connects to the server. If set, it overrides the banner string provided by |
307 |
+ the |
308 |
+@@ -799,11 +799,11 @@ |
309 |
+ is enabled. If the option |
310 |
+ .BR chroot_local_user |
311 |
+ is enabled, then the list file becomes a list of users to NOT place in a |
312 |
+ chroot() jail. |
313 |
+ |
314 |
+-Default: /etc/vsftpd.chroot_list |
315 |
++Default: /etc/vsftpd/chroot_list |
316 |
+ .TP |
317 |
+ .B cmds_allowed |
318 |
+ This options specifies a comma separated list of allowed FTP commands (post |
319 |
+ login. USER, PASS and QUIT and others are always allowed pre-login). Other |
320 |
+ commands are rejected. This is a powerful method of really locking down an |
321 |
+@@ -860,11 +860,11 @@ |
322 |
+ .B email_password_file |
323 |
+ This option can be used to provide an alternate file for usage by the |
324 |
+ .BR secure_email_list_enable |
325 |
+ setting. |
326 |
+ |
327 |
+-Default: /etc/vsftpd.email_passwords |
328 |
++Default: /etc/vsftpd/email_passwords |
329 |
+ .TP |
330 |
+ .B ftp_username |
331 |
+ This is the name of the user we use for handling anonymous FTP. The home |
332 |
+ directory of this user is the root of the anonymous FTP area. |
333 |
+ |
334 |
+@@ -983,14 +983,14 @@ |
335 |
+ This powerful option allows the override of any config option specified in |
336 |
+ the manual page, on a per-user basis. Usage is simple, and is best illustrated |
337 |
+ with an example. If you set |
338 |
+ .BR user_config_dir |
339 |
+ to be |
340 |
+-.BR /etc/vsftpd_user_conf |
341 |
++.BR /etc/vsftpd/user_conf |
342 |
+ and then log on as the user "chris", then vsftpd will apply the settings in |
343 |
+ the file |
344 |
+-.BR /etc/vsftpd_user_conf/chris |
345 |
++.BR /etc/vsftpd/user_conf/chris |
346 |
+ for the duration of the session. The format of this file is as detailed in |
347 |
+ this manual page! PLEASE NOTE that not all settings are effective on a |
348 |
+ per-user basis. For example, many settings only prior to the user's session |
349 |
+ being started. Examples of settings which will not affect any behviour on |
350 |
+ a per-user basis include listen_address, banner_file, max_per_ip, max_clients, |
351 |
+@@ -1022,11 +1022,11 @@ |
352 |
+ .B userlist_file |
353 |
+ This option is the name of the file loaded when the |
354 |
+ .BR userlist_enable |
355 |
+ option is active. |
356 |
+ |
357 |
+-Default: /etc/vsftpd.user_list |
358 |
++Default: /etc/vsftpd/user_list |
359 |
+ .TP |
360 |
+ .B vsftpd_log_file |
361 |
+ This option is the name of the file to which we write the vsftpd style |
362 |
+ log file. This log is only written if the option |
363 |
+ .BR xferlog_enable |
364 |
|
365 |
diff --git a/net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch b/net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch |
366 |
new file mode 100644 |
367 |
index 0000000..330026e |
368 |
--- /dev/null |
369 |
+++ b/net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch |
370 |
@@ -0,0 +1,13 @@ |
371 |
+Index: vsftpd-2.3.2/Makefile |
372 |
+=================================================================== |
373 |
+--- vsftpd-2.3.2.orig/Makefile |
374 |
++++ vsftpd-2.3.2/Makefile |
375 |
+@@ -21,7 +21,7 @@ OBJS = main.o utility.o prelogin.o ftpcm |
376 |
+ $(CC) -c $*.c $(CFLAGS) $(IFLAGS) |
377 |
+ |
378 |
+ vsftpd: $(OBJS) |
379 |
+- $(CC) -o vsftpd $(OBJS) $(LINK) $(LIBS) $(LDFLAGS) |
380 |
++ $(CC) -o vsftpd $(LDFLAGS) $(OBJS) $(LINK) $(LIBS) |
381 |
+ |
382 |
+ install: |
383 |
+ if [ -x /usr/local/sbin ]; then \ |
384 |
|
385 |
diff --git a/net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch b/net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch |
386 |
new file mode 100644 |
387 |
index 0000000..702363e |
388 |
--- /dev/null |
389 |
+++ b/net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch |
390 |
@@ -0,0 +1,20 @@ |
391 |
+Index: vsftpd-2.3.2/twoprocess.c |
392 |
+=================================================================== |
393 |
+--- vsftpd-2.3.2.orig/twoprocess.c |
394 |
++++ vsftpd-2.3.2/twoprocess.c |
395 |
+@@ -284,6 +284,7 @@ process_login_req(struct vsf_session* p_ |
396 |
+ { |
397 |
+ enum EVSFPrivopLoginResult e_login_result = kVSFLoginNull; |
398 |
+ char cmd; |
399 |
++ vsf_sysutil_install_null_sighandler(kVSFSysUtilSigCHLD); |
400 |
+ /* Blocks */ |
401 |
+ cmd = priv_sock_get_cmd(p_sess->parent_fd); |
402 |
+ if (cmd != PRIV_SOCK_LOGIN) |
403 |
+@@ -363,7 +364,6 @@ common_do_login(struct vsf_session* p_se |
404 |
+ int was_anon = anon; |
405 |
+ const struct mystr* p_orig_user_str = p_user_str; |
406 |
+ int newpid; |
407 |
+- vsf_sysutil_install_null_sighandler(kVSFSysUtilSigCHLD); |
408 |
+ /* Tells the pre-login child all is OK (it may exit in response) */ |
409 |
+ priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK); |
410 |
+ if (!p_sess->control_use_ssl) |
411 |
|
412 |
diff --git a/net-ftp/vsftpd/files/vsftpd.conf b/net-ftp/vsftpd/files/vsftpd.conf |
413 |
new file mode 100644 |
414 |
index 0000000..2ed7008 |
415 |
--- /dev/null |
416 |
+++ b/net-ftp/vsftpd/files/vsftpd.conf |
417 |
@@ -0,0 +1,105 @@ |
418 |
+# |
419 |
+# Example vsftpd config file |
420 |
+# |
421 |
+# See man 5 vsftpd.conf for more information. |
422 |
+# |
423 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.conf,v 1.6 2005/08/03 09:38:31 uberlord Exp $ |
424 |
+ |
425 |
+# Enable vsftpd to run as a standalone daemon |
426 |
+# Comment these two out to run under inetd or xinetd |
427 |
+background=YES |
428 |
+listen=YES |
429 |
+ |
430 |
+# Allow anonymous FTP? |
431 |
+anonymous_enable=YES |
432 |
+ |
433 |
+# Uncomment this to allow local users to log in. |
434 |
+#local_enable=YES |
435 |
+ |
436 |
+# Uncomment this to enable any form of FTP write command. |
437 |
+#write_enable=YES |
438 |
+ |
439 |
+# Default umask for local users is 077. You may wish to change this to 022, |
440 |
+# if your users expect that (022 is used by most other ftpd's) |
441 |
+#local_umask=022 |
442 |
+ |
443 |
+# Uncomment this to allow the anonymous FTP user to upload files. This only |
444 |
+# has an effect if the above global write enable is activated. Also, you will |
445 |
+# obviously need to create a directory writable by the FTP user. |
446 |
+#anon_upload_enable=YES |
447 |
+ |
448 |
+# Uncomment this if you want the anonymous FTP user to be able to create |
449 |
+# new directories. |
450 |
+#anon_mkdir_write_enable=YES |
451 |
+ |
452 |
+# Activate directory messages - messages given to remote users when they |
453 |
+# go into a certain directory. |
454 |
+dirmessage_enable=YES |
455 |
+ |
456 |
+# Make sure PORT transfer connections originate from port 20 (ftp-data). |
457 |
+connect_from_port_20=YES |
458 |
+ |
459 |
+# If you want, you can arrange for uploaded anonymous files to be owned by |
460 |
+# a different user. Note! Using "root" for uploaded files is not |
461 |
+# recommended! |
462 |
+#chown_uploads=YES |
463 |
+#chown_username=whoever |
464 |
+ |
465 |
+# Activate logging of uploads/downloads. |
466 |
+xferlog_enable=YES |
467 |
+ |
468 |
+# If you want, you can have your log file in standard ftpd xferlog format |
469 |
+#xferlog_std_format=YES |
470 |
+ |
471 |
+# You may override where the log file goes if you like. |
472 |
+xferlog_file=/var/log/vsftpd.log |
473 |
+ |
474 |
+# You may change the default value for timing out an idle session. |
475 |
+#idle_session_timeout=600 |
476 |
+ |
477 |
+# You may change the default value for timing out a data connection. |
478 |
+#data_connection_timeout=120 |
479 |
+ |
480 |
+# It is recommended that you define on your system a unique user which the |
481 |
+# ftp server can use as a totally isolated and unprivileged user. |
482 |
+nopriv_user=nobody |
483 |
+ |
484 |
+# Enable this and the server will recognise asynchronous ABOR requests. Not |
485 |
+# recommended for security (the code is non-trivial). Not enabling it, |
486 |
+# however, may confuse older FTP clients. |
487 |
+#async_abor_enable=YES |
488 |
+ |
489 |
+# By default the server will pretend to allow ASCII mode but in fact ignore |
490 |
+# the request. Turn on the below options to have the server actually do ASCII |
491 |
+# mangling on files when in ASCII mode. |
492 |
+# Beware that turning on ascii_download_enable enables malicious remote parties |
493 |
+# to consume your I/O resources, by issuing the command "SIZE /big/file" in |
494 |
+# ASCII mode. |
495 |
+# These ASCII options are split into upload and download because you may wish |
496 |
+# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking), |
497 |
+# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be |
498 |
+# on the client anyway.. |
499 |
+#ascii_upload_enable=YES |
500 |
+#ascii_download_enable=YES |
501 |
+ |
502 |
+# You may fully customise the login banner string: |
503 |
+#ftpd_banner=Welcome to blah FTP service. |
504 |
+ |
505 |
+# You may specify a file of disallowed anonymous e-mail addresses. Apparently |
506 |
+# useful for combatting certain DoS attacks. |
507 |
+#deny_email_enable=YES |
508 |
+# (default follows) |
509 |
+#banned_email_file=/etc/vsftpd/banned_emails |
510 |
+ |
511 |
+# You may specify an explicit list of local users to chroot() to their home |
512 |
+# directory. If chroot_local_user is YES, then this list becomes a list of |
513 |
+# users to NOT chroot(). |
514 |
+#chroot_list_enable=YES |
515 |
+# (default follows) |
516 |
+#chroot_list_file=/etc/vsftpd/chroot_list |
517 |
+ |
518 |
+# You may activate the "-R" option to the builtin ls. This is disabled by |
519 |
+# default to avoid remote users being able to cause excessive I/O on large |
520 |
+# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume |
521 |
+# the presence of the "-R" option, so there is a strong case for enabling it. |
522 |
+#ls_recurse_enable=YES |
523 |
|
524 |
diff --git a/net-ftp/vsftpd/files/vsftpd.init b/net-ftp/vsftpd/files/vsftpd.init |
525 |
new file mode 100644 |
526 |
index 0000000..e486e1f |
527 |
--- /dev/null |
528 |
+++ b/net-ftp/vsftpd/files/vsftpd.init |
529 |
@@ -0,0 +1,69 @@ |
530 |
+#!/sbin/runscript |
531 |
+# Copyright 2003-2004 Gentoo Foundation |
532 |
+# Distributed under the terms of the GNU General Public License, v2 |
533 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.init,v 1.7 2008/12/26 16:50:15 armin76 Exp $ |
534 |
+ |
535 |
+VSFTPD_NAME=${SVCNAME##*.} |
536 |
+if [ -n "${VSFTPD_NAME}" -a "${SVCNAME}" != "vsftpd" ]; then |
537 |
+ VSFTPD_PID="/var/run/vsftpd.${VSFTPD_NAME}.pid" |
538 |
+ VSFTPD_CONF_DEFAULT="/etc/vsftpd/${VSFTPD_NAME}.conf" |
539 |
+else |
540 |
+ VSFTPD_PID="/var/run/vsftpd.pid" |
541 |
+ VSFTPD_CONF_DEFAULT="/etc/vsftpd/vsftpd.conf" |
542 |
+fi |
543 |
+VSFTPD_CONF=${VSFTPD_CONF:-${VSFTPD_CONF_DEFAULT}} |
544 |
+VSFTPD_EXEC=${VSFTPD_EXEC:-/usr/sbin/vsftpd} |
545 |
+ |
546 |
+depend() { |
547 |
+ need net |
548 |
+ use dns logger |
549 |
+} |
550 |
+ |
551 |
+checkconfig() { |
552 |
+ if [ ! -e ${VSFTPD_CONF} ] ; then |
553 |
+ eerror "Please setup ${VSFTPD_CONF} before starting vsftpd" |
554 |
+ eerror "There are sample configurations in /usr/share/doc/vsftpd" |
555 |
+ return 1 |
556 |
+ fi |
557 |
+ |
558 |
+ if egrep -iq "^ *background *= *yes" "${VSFTPD_CONF}" ; then |
559 |
+ eerror "${VSFTPD_CONF} must not set background=YES" |
560 |
+ return 1 |
561 |
+ fi |
562 |
+ |
563 |
+ local has_ip=false has_ipv6=false ip_error=true |
564 |
+ egrep -iq "^ *listen *= *yes" "${VSFTPD_CONF}" && has_ip=true |
565 |
+ egrep -iq "^ *listen_ipv6 *= *yes" "${VSFTPD_CONF}" && has_ipv6=true |
566 |
+ if ${has_ip} && ! ${has_ipv6} ; then |
567 |
+ ip_error=false |
568 |
+ elif ! ${has_ip} && ${has_ipv6} ; then |
569 |
+ ip_error=false |
570 |
+ fi |
571 |
+ if ${ip_error} ; then |
572 |
+ eerror "${VSFTPD_CONF} must contain listen=YES or listen_ipv6=YES" |
573 |
+ eerror "but not both" |
574 |
+ return 1 |
575 |
+ fi |
576 |
+} |
577 |
+ |
578 |
+start() { |
579 |
+ checkconfig || return 1 |
580 |
+ ebegin "Starting ${SVCNAME}" |
581 |
+ start-stop-daemon --start --exec ${VSFTPD_EXEC} \ |
582 |
+ --background --make-pidfile --pidfile "${VSFTPD_PID}" \ |
583 |
+ -- "${VSFTPD_CONF}" |
584 |
+ eend $? |
585 |
+} |
586 |
+ |
587 |
+stop() { |
588 |
+ ebegin "Stopping ${SVCNAME}" |
589 |
+ if [ -f ${VSFTPD_PID} ]; then |
590 |
+ start-stop-daemon --stop --pidfile ${VSFTPD_PID} |
591 |
+ else |
592 |
+ ewarn "Couldn't found ${VSFTPD_PID} trying to stop over the process name ${SVCNAME}" |
593 |
+ start-stop-daemon --stop --name ${SVCNAME} |
594 |
+ fi |
595 |
+ eend $? |
596 |
+} |
597 |
+ |
598 |
+# vim: ts=4 |
599 |
|
600 |
diff --git a/net-ftp/vsftpd/files/vsftpd.logrotate b/net-ftp/vsftpd/files/vsftpd.logrotate |
601 |
new file mode 100644 |
602 |
index 0000000..f443e2e |
603 |
--- /dev/null |
604 |
+++ b/net-ftp/vsftpd/files/vsftpd.logrotate |
605 |
@@ -0,0 +1,4 @@ |
606 |
+/var/log/vsftpd.log { |
607 |
+ missingok |
608 |
+ notifempty |
609 |
+} |
610 |
|
611 |
diff --git a/net-ftp/vsftpd/files/vsftpd.xinetd b/net-ftp/vsftpd/files/vsftpd.xinetd |
612 |
new file mode 100644 |
613 |
index 0000000..d1d88e9 |
614 |
--- /dev/null |
615 |
+++ b/net-ftp/vsftpd/files/vsftpd.xinetd |
616 |
@@ -0,0 +1,15 @@ |
617 |
+# default: off |
618 |
+# description: Vsftpd is an FTP server, designed to be secure. |
619 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.xinetd,v 1.4 2005/06/07 18:34:17 uberlord Exp $ |
620 |
+ |
621 |
+service ftp |
622 |
+{ |
623 |
+ socket_type = stream |
624 |
+ wait = no |
625 |
+ user = root |
626 |
+ server = /usr/sbin/vsftpd |
627 |
+ server_args = /etc/vsftpd/vsftpd.conf |
628 |
+ log_on_success += DURATION |
629 |
+ nice = 10 |
630 |
+ disable = yes |
631 |
+} |
632 |
|
633 |
diff --git a/net-ftp/vsftpd/metadata.xml b/net-ftp/vsftpd/metadata.xml |
634 |
new file mode 100644 |
635 |
index 0000000..12e7f5b |
636 |
--- /dev/null |
637 |
+++ b/net-ftp/vsftpd/metadata.xml |
638 |
@@ -0,0 +1,26 @@ |
639 |
+<?xml version="1.0" encoding="UTF-8"?> |
640 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
641 |
+<pkgmetadata> |
642 |
+ <herd>net-ftp</herd> |
643 |
+ <maintainer> |
644 |
+ <email>hwoarang@g.o</email> |
645 |
+ <name>Markos Chandras</name> |
646 |
+ </maintainer> |
647 |
+ <maintainer> |
648 |
+ <email>wired@g.o</email> |
649 |
+ <name>Alex Alexander</name> |
650 |
+ </maintainer> |
651 |
+ <maintainer> |
652 |
+ <email>c1pher@g.o</email> |
653 |
+ <name>Dane Smith</name> |
654 |
+ </maintainer> |
655 |
+ <maintainer> |
656 |
+ <email>bugs@××××××××××.nu</email> |
657 |
+ <name>Johan Bergström</name> |
658 |
+ <description>Proxy Maintainer. CC him on bugs</description> |
659 |
+ </maintainer> |
660 |
+ <longdescription lang="en"> |
661 |
+ Very Secure FTP Daemon written with speed, size and security |
662 |
+ in mind |
663 |
+ </longdescription> |
664 |
+</pkgmetadata> |
665 |
|
666 |
diff --git a/net-ftp/vsftpd/vsftpd-2.3.4.ebuild b/net-ftp/vsftpd/vsftpd-2.3.4.ebuild |
667 |
new file mode 100644 |
668 |
index 0000000..9bc6137 |
669 |
--- /dev/null |
670 |
+++ b/net-ftp/vsftpd/vsftpd-2.3.4.ebuild |
671 |
@@ -0,0 +1,110 @@ |
672 |
+# Copyright 1999-2011 Gentoo Foundation |
673 |
+# Distributed under the terms of the GNU General Public License v2 |
674 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/vsftpd-2.3.2-r1.ebuild,v 1.7 2011/01/21 17:17:45 xarthisius Exp $ |
675 |
+ |
676 |
+inherit eutils toolchain-funcs |
677 |
+ |
678 |
+DESCRIPTION="Very Secure FTP Daemon written with speed, size and security in mind" |
679 |
+HOMEPAGE="http://vsftpd.beasts.org/" |
680 |
+SRC_URI="ftp://vsftpd.beasts.org/users/cevans/${P}.tar.gz" |
681 |
+ |
682 |
+LICENSE="GPL-2" |
683 |
+SLOT="0" |
684 |
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" |
685 |
+IUSE="caps pam tcpd ssl selinux xinetd" |
686 |
+ |
687 |
+DEPEND="caps? ( >=sys-libs/libcap-2 ) |
688 |
+ pam? ( virtual/pam ) |
689 |
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) |
690 |
+ ssl? ( >=dev-libs/openssl-0.9.7d )" |
691 |
+RDEPEND="${DEPEND} |
692 |
+ net-ftp/ftpbase |
693 |
+ selinux? ( sec-policy/selinux-ftpd ) |
694 |
+ xinetd? ( sys-apps/xinetd )" |
695 |
+ |
696 |
+src_unpack() { |
697 |
+ unpack ${A} |
698 |
+ cd "${S}" |
699 |
+ |
700 |
+ # as-needed patch. Bug #335977 |
701 |
+ epatch "${FILESDIR}/${PN}-2.3.2-as-needed.patch" |
702 |
+ |
703 |
+ # kerberos patch. bug #335980 |
704 |
+ epatch "${FILESDIR}/${PN}-2.3.2-kerberos.patch" |
705 |
+ |
706 |
+ # Patch the source, config and the manpage to use /etc/vsftpd/ |
707 |
+ epatch "${FILESDIR}/${PN}-2.2.0-gentoo.patch" |
708 |
+ |
709 |
+ # Fix building without the libcap |
710 |
+ epatch "${FILESDIR}/${PN}-2.1.0-caps.patch" |
711 |
+ |
712 |
+ # Configure vsftpd build defaults |
713 |
+ use tcpd && echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h |
714 |
+ use ssl && echo "#define VSF_BUILD_SSL" >> builddefs.h |
715 |
+ use pam || echo "#undef VSF_BUILD_PAM" >> builddefs.h |
716 |
+ |
717 |
+ # Ensure that we don't link against libcap unless asked |
718 |
+ if ! use caps ; then |
719 |
+ sed -i '/^#define VSF_SYSDEP_HAVE_LIBCAP$/ d' sysdeputil.c |
720 |
+ epatch "${FILESDIR}"/${PN}-2.2.0-dont-link-caps.patch |
721 |
+ fi |
722 |
+ |
723 |
+ # Let portage control stripping |
724 |
+ sed -i '/^LINK[[:space:]]*=[[:space:]]*/ s/-Wl,-s//' Makefile |
725 |
+} |
726 |
+ |
727 |
+src_compile() { |
728 |
+ emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" || die |
729 |
+} |
730 |
+ |
731 |
+src_install() { |
732 |
+ into /usr |
733 |
+ doman vsftpd.conf.5 vsftpd.8 || die "doman failed" |
734 |
+ dosbin vsftpd || die "disbin failed" |
735 |
+ |
736 |
+ dodoc AUDIT BENCHMARKS BUGS Changelog FAQ \ |
737 |
+ README README.security REWARD SIZE \ |
738 |
+ SPEED TODO TUNING || die "dodoc failed" |
739 |
+ newdoc vsftpd.conf vsftpd.conf.example || die "newdoc failed" |
740 |
+ |
741 |
+ docinto security |
742 |
+ dodoc SECURITY/* || die "dodoc failed" |
743 |
+ |
744 |
+ insinto "/usr/share/doc/${PF}/examples" |
745 |
+ doins -r EXAMPLE/* || die "doins faileD" |
746 |
+ |
747 |
+ insinto /etc/vsftpd |
748 |
+ newins vsftpd.conf vsftpd.conf.example || die "newins failed" |
749 |
+ |
750 |
+ insinto /etc/logrotate.d |
751 |
+ newins "${FILESDIR}/vsftpd.logrotate" vsftpd || die "newins failed" |
752 |
+ |
753 |
+ if use xinetd ; then |
754 |
+ insinto /etc/xinetd.d |
755 |
+ newins "${FILESDIR}/vsftpd.xinetd" vsftpd || die "newins failed" |
756 |
+ fi |
757 |
+ |
758 |
+ newinitd "${FILESDIR}/vsftpd.init" vsftpd || die "newinitd failed" |
759 |
+ |
760 |
+ keepdir /usr/share/vsftpd/empty |
761 |
+} |
762 |
+ |
763 |
+pkg_preinst() { |
764 |
+ # If we use xinetd, then we set listen=NO |
765 |
+ # so that our default config works under xinetd - fixes #78347 |
766 |
+ if use xinetd ; then |
767 |
+ sed -i 's/listen=YES/listen=NO/g' "${D}"/etc/vsftpd/vsftpd.conf.example |
768 |
+ fi |
769 |
+} |
770 |
+ |
771 |
+pkg_postinst() { |
772 |
+ einfo "vsftpd init script can now be multiplexed." |
773 |
+ einfo "The default init script forces /etc/vsftpd/vsftpd.conf to exist." |
774 |
+ einfo "If you symlink the init script to another one, say vsftpd.foo" |
775 |
+ einfo "then that uses /etc/vsftpd/foo.conf instead." |
776 |
+ einfo |
777 |
+ einfo "Example:" |
778 |
+ einfo " cd /etc/init.d" |
779 |
+ einfo " ln -s vsftpd vsftpd.foo" |
780 |
+ einfo "You can now treat vsftpd.foo like any other service" |
781 |
+} |