diff options
Diffstat (limited to 'meta-networking/recipes-daemons/tftp-hpa/files/tftp-0.42-tftpboot.patch')
-rw-r--r-- | meta-networking/recipes-daemons/tftp-hpa/files/tftp-0.42-tftpboot.patch | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/tftp-hpa/files/tftp-0.42-tftpboot.patch b/meta-networking/recipes-daemons/tftp-hpa/files/tftp-0.42-tftpboot.patch new file mode 100644 index 000000000..98a86b78b --- /dev/null +++ b/meta-networking/recipes-daemons/tftp-hpa/files/tftp-0.42-tftpboot.patch | |||
@@ -0,0 +1,60 @@ | |||
1 | Patch originally from Fedora | ||
2 | |||
3 | http://pkgs.fedoraproject.org/cgit/tftp.git/ | ||
4 | |||
5 | Upstream-Status: Pending | ||
6 | |||
7 | diff -up tftp-hpa-0.48/tftp-xinetd.tftpboot tftp-hpa-0.48/tftp-xinetd | ||
8 | --- tftp-hpa-0.48/tftp-xinetd.tftpboot 2007-01-31 00:51:05.000000000 +0100 | ||
9 | +++ tftp-hpa-0.48/tftp-xinetd 2008-05-20 12:05:53.000000000 +0200 | ||
10 | @@ -10,7 +10,7 @@ service tftp | ||
11 | wait = yes | ||
12 | user = root | ||
13 | server = /usr/sbin/in.tftpd | ||
14 | - server_args = -s /tftpboot | ||
15 | + server_args = -s /var/lib/tftpboot | ||
16 | disable = yes | ||
17 | per_source = 11 | ||
18 | cps = 100 2 | ||
19 | diff -up tftp-hpa-0.48/README.security.tftpboot tftp-hpa-0.48/README.security | ||
20 | --- tftp-hpa-0.48/README.security.tftpboot 2008-05-29 17:36:32.000000000 +0200 | ||
21 | +++ tftp-hpa-0.48/README.security 2008-05-29 17:37:21.000000000 +0200 | ||
22 | @@ -17,10 +17,10 @@ probably the following: | ||
23 | |||
24 | 1. Create a separate "tftpd" user and group only used for tftpd; | ||
25 | 2. Have all your boot files in a single directory tree (usually called | ||
26 | - /tftpboot). | ||
27 | -3. Specify "-p -u tftpd -s /tftpboot" on the tftpd command line; if | ||
28 | + /var/lib/tftpboot). | ||
29 | +3. Specify "-p -u tftpd -s /var/lib/tftpboot" on the tftpd command line; if | ||
30 | you want clients to be able to create files use | ||
31 | - "-p -c -U 002 -u tftpd -s /tftpboot" (replace 002 with whatever | ||
32 | + "-p -c -U 002 -u tftpd -s /var/lib/tftpboot" (replace 002 with whatever | ||
33 | umask is appropriate for your setup.) | ||
34 | |||
35 | ======================================= | ||
36 | @@ -40,12 +40,12 @@ directly. Thus, if your /etc/inetd.conf | ||
37 | line): | ||
38 | |||
39 | tftp dgram udp wait root /usr/sbin/tcpd | ||
40 | -/usr/sbin/in.tftpd -s /tftpboot -r blksize | ||
41 | +/usr/sbin/in.tftpd -s /var/lib/tftpboot -r blksize | ||
42 | |||
43 | ... it's better to change to ... | ||
44 | |||
45 | tftp dgram udp wait root /usr/sbin/in.tftpd | ||
46 | -in.tftpd -s /tftpboot -r blksize | ||
47 | +in.tftpd -s /var/lib/tftpboot -r blksize | ||
48 | |||
49 | You should make sure that you are using "wait" option in tftpd; you | ||
50 | also need to have tftpd spawned as root in order for chroot (-s) to | ||
51 | diff -up tftp-hpa-0.48/tftpd/sample.rules.tftpboot tftp-hpa-0.48/tftpd/sample.rules | ||
52 | --- tftp-hpa-0.48/tftpd/sample.rules.tftpboot 2008-05-29 17:38:46.000000000 +0200 | ||
53 | +++ tftp-hpa-0.48/tftpd/sample.rules 2008-05-29 17:38:05.000000000 +0200 | ||
54 | @@ -30,5 +30,5 @@ rg \\ / # Convert backslashes to slash | ||
55 | rg \# @ # Convert hash marks to @ signs | ||
56 | rg /../ /..no../ # Convert /../ to /..no../ | ||
57 | e ^ok/ # These are always ok | ||
58 | -r ^[^/] /tftpboot/\0 # Convert non-absolute files | ||
59 | +r ^[^/] /var/lib/tftpboot/\0 # Convert non-absolute files | ||
60 | a \.pvt$ # Reject requests for private files | ||