diff options
Diffstat (limited to 'meta-networking/recipes-daemons/vsftpd')
14 files changed, 526 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch new file mode 100644 index 000000000..5f2860e84 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch | |||
@@ -0,0 +1,55 @@ | |||
1 | vsftpd: change default value of secure_chroot_dir | ||
2 | |||
3 | Upstream-Status: Pending | ||
4 | |||
5 | Change secure_chroot_dir pointing to a volatile directory. | ||
6 | |||
7 | Signed-off-by: Ming Liu <ming.liu@windriver.com> | ||
8 | --- | ||
9 | INSTALL | 6 +++--- | ||
10 | tunables.c | 2 +- | ||
11 | vsftpd.conf.5 | 2 +- | ||
12 | 3 files changed, 5 insertions(+), 5 deletions(-) | ||
13 | |||
14 | diff -urpN a/INSTALL b/INSTALL | ||
15 | --- a/INSTALL 2013-09-13 10:23:57.504972397 +0800 | ||
16 | +++ b/INSTALL 2013-09-13 10:25:25.664971779 +0800 | ||
17 | @@ -27,11 +27,11 @@ user in case it does not already exist. | ||
18 | [root@localhost root]# useradd nobody | ||
19 | useradd: user nobody exists | ||
20 | |||
21 | -2b) vsftpd needs the (empty) directory /usr/share/empty in the default | ||
22 | +2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default | ||
23 | configuration. Add this directory in case it does not already exist. e.g.: | ||
24 | |||
25 | -[root@localhost root]# mkdir /usr/share/empty/ | ||
26 | -mkdir: cannot create directory `/usr/share/empty': File exists | ||
27 | +[root@localhost root]# mkdir /var/run/vsftpd/empty/ | ||
28 | +mkdir: cannot create directory `/var/run/vsftpd/empty': File exists | ||
29 | |||
30 | 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a | ||
31 | valid home directory (which is NOT owned or writable by the user "ftp"). | ||
32 | diff -urpN a/tunables.c b/tunables.c | ||
33 | --- a/tunables.c 2013-09-13 10:26:29.554972817 +0800 | ||
34 | +++ b/tunables.c 2013-09-13 10:27:18.104972210 +0800 | ||
35 | @@ -254,7 +254,7 @@ tunables_load_defaults() | ||
36 | /* -rw------- */ | ||
37 | tunable_chown_upload_mode = 0600; | ||
38 | |||
39 | - install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir); | ||
40 | + install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir); | ||
41 | install_str_setting("ftp", &tunable_ftp_username); | ||
42 | install_str_setting("root", &tunable_chown_username); | ||
43 | install_str_setting("/var/log/xferlog", &tunable_xferlog_file); | ||
44 | diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5 | ||
45 | --- a/vsftpd.conf.5 2013-09-13 10:09:33.774972462 +0800 | ||
46 | +++ b/vsftpd.conf.5 2013-09-13 10:10:41.914971989 +0800 | ||
47 | @@ -969,7 +969,7 @@ This option should be the name of a dire | ||
48 | directory should not be writable by the ftp user. This directory is used | ||
49 | as a secure chroot() jail at times vsftpd does not require filesystem access. | ||
50 | |||
51 | -Default: /usr/share/empty | ||
52 | +Default: /var/run/vsftpd/empty | ||
53 | .TP | ||
54 | .B ssl_ciphers | ||
55 | This option can be used to select which SSL ciphers vsftpd will allow for | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/files/init b/meta-networking/recipes-daemons/vsftpd/files/init new file mode 100755 index 000000000..d0ec010dc --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/files/init | |||
@@ -0,0 +1,41 @@ | |||
1 | #!/bin/sh | ||
2 | DAEMON=/usr/sbin/vsftpd | ||
3 | NAME=vsftpd | ||
4 | DESC="FTP Server" | ||
5 | ARGS="" | ||
6 | FTPDIR=/var/lib/ftp | ||
7 | |||
8 | test -f $DAEMON || exit 0 | ||
9 | |||
10 | set -e | ||
11 | |||
12 | case "$1" in | ||
13 | start) | ||
14 | echo -n "* starting $DESC: $NAME... " | ||
15 | if ! test -d $FTPDIR; then | ||
16 | mkdir -p $FTPDIR/in | ||
17 | chown ftp $FTPDIR -R | ||
18 | chmod a-w $FTPDIR | ||
19 | chmod u+w $FTPDIR/in | ||
20 | fi | ||
21 | start-stop-daemon -S -b -x $DAEMON -- $ARGS | ||
22 | echo "done." | ||
23 | ;; | ||
24 | stop) | ||
25 | echo -n "* stopping $DESC: $NAME... " | ||
26 | start-stop-daemon -K -x $DAEMON | ||
27 | echo "done." | ||
28 | ;; | ||
29 | restart) | ||
30 | echo "* restarting $DESC: $NAME... " | ||
31 | $0 stop | ||
32 | $0 start | ||
33 | echo "done." | ||
34 | ;; | ||
35 | *) | ||
36 | echo "Usage: $0 {start|stop|restart}" | ||
37 | exit 1 | ||
38 | ;; | ||
39 | esac | ||
40 | |||
41 | exit 0 | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd new file mode 100644 index 000000000..8a602ba37 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd | |||
@@ -0,0 +1 @@ | |||
d root root 0755 /var/run/vsftpd/empty none | |||
diff --git a/meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf new file mode 100644 index 000000000..bb1929480 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf | |||
@@ -0,0 +1,139 @@ | |||
1 | # Example config file /etc/vsftpd.conf | ||
2 | # | ||
3 | # The default compiled in settings are fairly paranoid. This sample file | ||
4 | # loosens things up a bit, to make the ftp daemon more usable. | ||
5 | # Please see vsftpd.conf.5 for all compiled in defaults. | ||
6 | # | ||
7 | # READ THIS: This example file is NOT an exhaustive list of vsftpd options. | ||
8 | # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's | ||
9 | # capabilities. | ||
10 | |||
11 | # run standalone | ||
12 | listen=YES | ||
13 | |||
14 | # Allow anonymous FTP? (Beware - allowed by default if you comment this out). | ||
15 | anonymous_enable=NO | ||
16 | # | ||
17 | # Uncomment this to allow local users to log in. | ||
18 | local_enable=YES | ||
19 | # | ||
20 | # Uncomment this to enable any form of FTP write command. | ||
21 | write_enable=YES | ||
22 | # | ||
23 | # Default umask for local users is 077. You may wish to change this to 022, | ||
24 | # if your users expect that (022 is used by most other ftpd's) | ||
25 | local_umask=022 | ||
26 | # | ||
27 | # Uncomment this to allow the anonymous FTP user to upload files. This only | ||
28 | # has an effect if the above global write enable is activated. Also, you will | ||
29 | # obviously need to create a directory writable by the FTP user. | ||
30 | #anon_upload_enable=YES | ||
31 | # | ||
32 | # Uncomment this if you want the anonymous FTP user to be able to create | ||
33 | # new directories. | ||
34 | #anon_mkdir_write_enable=YES | ||
35 | # | ||
36 | # Activate directory messages - messages given to remote users when they | ||
37 | # go into a certain directory. | ||
38 | dirmessage_enable=YES | ||
39 | # | ||
40 | # Activate logging of uploads/downloads. | ||
41 | xferlog_enable=YES | ||
42 | # | ||
43 | # Make sure PORT transfer connections originate from port 20 (ftp-data). | ||
44 | connect_from_port_20=YES | ||
45 | # | ||
46 | # If you want, you can arrange for uploaded anonymous files to be owned by | ||
47 | # a different user. Note! Using "root" for uploaded files is not | ||
48 | # recommended! | ||
49 | #chown_uploads=YES | ||
50 | #chown_username=whoever | ||
51 | # | ||
52 | # You may override where the log file goes if you like. The default is shown | ||
53 | # below. | ||
54 | #xferlog_file=/var/log/vsftpd.log | ||
55 | # | ||
56 | # If you want, you can have your log file in standard ftpd xferlog format | ||
57 | xferlog_std_format=YES | ||
58 | # | ||
59 | # You may change the default value for timing out an idle session. | ||
60 | #idle_session_timeout=600 | ||
61 | # | ||
62 | # You may change the default value for timing out a data connection. | ||
63 | #data_connection_timeout=120 | ||
64 | # | ||
65 | # It is recommended that you define on your system a unique user which the | ||
66 | # ftp server can use as a totally isolated and unprivileged user. | ||
67 | #nopriv_user=ftp | ||
68 | # | ||
69 | # Enable this and the server will recognise asynchronous ABOR requests. Not | ||
70 | # recommended for security (the code is non-trivial). Not enabling it, | ||
71 | # however, may confuse older FTP clients. | ||
72 | #async_abor_enable=YES | ||
73 | # | ||
74 | # By default the server will pretend to allow ASCII mode but in fact ignore | ||
75 | # the request. Turn on the below options to have the server actually do ASCII | ||
76 | # mangling on files when in ASCII mode. | ||
77 | # Beware that turning on ascii_download_enable enables malicious remote parties | ||
78 | # to consume your I/O resources, by issuing the command "SIZE /big/file" in | ||
79 | # ASCII mode. | ||
80 | # These ASCII options are split into upload and download because you may wish | ||
81 | # to enable ASCII uploads (to prevent uploaded scripts etc. from breaking), | ||
82 | # without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be | ||
83 | # on the client anyway.. | ||
84 | #ascii_upload_enable=YES | ||
85 | #ascii_download_enable=YES | ||
86 | # | ||
87 | # You may fully customise the login banner string: | ||
88 | #ftpd_banner=Welcome to blah FTP service. | ||
89 | # | ||
90 | # You may specify a file of disallowed anonymous e-mail addresses. Apparently | ||
91 | # useful for combatting certain DoS attacks. | ||
92 | #deny_email_enable=YES | ||
93 | # (default follows) | ||
94 | #banned_email_file=/etc/vsftpd.banned_emails | ||
95 | # | ||
96 | # You may specify an explicit list of local users to chroot() to their home | ||
97 | # directory. If chroot_local_user is YES, then this list becomes a list of | ||
98 | # users to NOT chroot(). | ||
99 | #chroot_list_enable=YES | ||
100 | # (default follows) | ||
101 | #chroot_list_file=/etc/vsftpd.chroot_list | ||
102 | # | ||
103 | # You may activate the "-R" option to the builtin ls. This is disabled by | ||
104 | # default to avoid remote users being able to cause excessive I/O on large | ||
105 | # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume | ||
106 | # the presence of the "-R" option, so there is a strong case for enabling it. | ||
107 | #ls_recurse_enable=YES | ||
108 | # | ||
109 | # This string is the name of the PAM service vsftpd will use. | ||
110 | pam_service_name=vsftpd | ||
111 | # | ||
112 | # This option is examined if userlist_enable is activated. If you set this | ||
113 | # setting to NO, then users will be denied login unless they are explicitly | ||
114 | # listed in the file specified by userlist_file. When login is denied, the | ||
115 | # denial is issued before the user is asked for a password. | ||
116 | userlist_deny=YES | ||
117 | # | ||
118 | # If enabled, vsftpd will load a list of usernames, from the filename given by | ||
119 | # userlist_file. If a user tries to log in using a name in this file, they | ||
120 | # will be denied before they are asked for a password. This may be useful in | ||
121 | # preventing cleartext passwords being transmitted. See also userlist_deny. | ||
122 | userlist_enable=YES | ||
123 | # | ||
124 | # If enabled, vsftpd will display directory listings with the time in your | ||
125 | # local time zone. The default is to display GMT. The times returned by the | ||
126 | # MDTM FTP command are also affected by this option. | ||
127 | use_localtime=YES | ||
128 | # | ||
129 | # If set to YES, local users will be (by default) placed in a chroot() jail in | ||
130 | # their home directory after login. Warning: This option has security | ||
131 | # implications, especially if the users have upload permission, or shell access. | ||
132 | # Only enable if you know what you are doing. Note that these security implications | ||
133 | # are not vsftpd specific. They apply to all FTP daemons which offer to put | ||
134 | # local users in chroot() jails. | ||
135 | chroot_local_user=YES | ||
136 | # | ||
137 | allow_writeable_chroot=YES | ||
138 | # | ||
139 | tcp_wrappers=YES | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/files/vsftpd.ftpusers b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.ftpusers new file mode 100644 index 000000000..096142f5d --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.ftpusers | |||
@@ -0,0 +1,15 @@ | |||
1 | # Users that are not allowed to login via ftp | ||
2 | root | ||
3 | bin | ||
4 | daemon | ||
5 | adm | ||
6 | lp | ||
7 | sync | ||
8 | shutdown | ||
9 | halt | ||
10 | |||
11 | news | ||
12 | uucp | ||
13 | operator | ||
14 | games | ||
15 | nobody | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/files/vsftpd.service b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.service new file mode 100644 index 000000000..e27102026 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.service | |||
@@ -0,0 +1,9 @@ | |||
1 | [Unit] | ||
2 | Description=Vsftpd ftp daemon | ||
3 | After=network.target | ||
4 | |||
5 | [Service] | ||
6 | ExecStart=@SBINDIR@/vsftpd | ||
7 | |||
8 | [Install] | ||
9 | WantedBy=multi-user.target | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/files/vsftpd.user_list b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.user_list new file mode 100644 index 000000000..d283e3d26 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.user_list | |||
@@ -0,0 +1,20 @@ | |||
1 | # vsftpd userlist | ||
2 | # If userlist_deny=NO, only allow users in this file | ||
3 | # If userlist_deny=YES (default), never allow users in this file, and | ||
4 | # do not even prompt for a password. | ||
5 | # Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers | ||
6 | # for users that are denied. | ||
7 | root | ||
8 | bin | ||
9 | daemon | ||
10 | adm | ||
11 | lp | ||
12 | sync | ||
13 | shutdown | ||
14 | halt | ||
15 | |||
16 | news | ||
17 | uucp | ||
18 | operator | ||
19 | games | ||
20 | nobody | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-destdir.patch b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-destdir.patch new file mode 100644 index 000000000..1980d09fd --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-destdir.patch | |||
@@ -0,0 +1,44 @@ | |||
1 | Use DESTDIR within install to allow installing under a prefix | ||
2 | |||
3 | Upstream-Status: Pending | ||
4 | |||
5 | Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
6 | |||
7 | diff --git a/Makefile b/Makefile | ||
8 | --- a/Makefile | ||
9 | +++ b/Makefile | ||
10 | @@ -24,21 +24,21 @@ | ||
11 | $(CC) -o vsftpd $(OBJS) $(LINK) $(LIBS) | ||
12 | |||
13 | install: | ||
14 | - if [ -x /usr/local/sbin ]; then \ | ||
15 | - $(INSTALL) -m 755 vsftpd /usr/local/sbin/vsftpd; \ | ||
16 | + if [ -x ${DESTDIR}/usr/local/sbin ]; then \ | ||
17 | + $(INSTALL) -m 755 vsftpd ${DESTDIR}/usr/local/sbin/vsftpd; \ | ||
18 | else \ | ||
19 | - $(INSTALL) -m 755 vsftpd /usr/sbin/vsftpd; fi | ||
20 | - if [ -x /usr/local/man ]; then \ | ||
21 | - $(INSTALL) -m 644 vsftpd.8 /usr/local/man/man8/vsftpd.8; \ | ||
22 | - $(INSTALL) -m 644 vsftpd.conf.5 /usr/local/man/man5/vsftpd.conf.5; \ | ||
23 | - elif [ -x /usr/share/man ]; then \ | ||
24 | - $(INSTALL) -m 644 vsftpd.8 /usr/share/man/man8/vsftpd.8; \ | ||
25 | - $(INSTALL) -m 644 vsftpd.conf.5 /usr/share/man/man5/vsftpd.conf.5; \ | ||
26 | + $(INSTALL) -m 755 vsftpd ${DESTDIR}/usr/sbin/vsftpd; fi | ||
27 | + if [ -x ${DESTDIR}/usr/local/man ]; then \ | ||
28 | + $(INSTALL) -m 644 vsftpd.8 ${DESTDIR}/usr/local/man/man8/vsftpd.8; \ | ||
29 | + $(INSTALL) -m 644 vsftpd.conf.5 ${DESTDIR}/usr/local/man/man5/vsftpd.conf.5; \ | ||
30 | + elif [ -x ${DESTDIR}/usr/share/man ]; then \ | ||
31 | + $(INSTALL) -m 644 vsftpd.8 ${DESTDIR}/usr/share/man/man8/vsftpd.8; \ | ||
32 | + $(INSTALL) -m 644 vsftpd.conf.5 ${DESTDIR}/usr/share/man/man5/vsftpd.conf.5; \ | ||
33 | else \ | ||
34 | - $(INSTALL) -m 644 vsftpd.8 /usr/man/man8/vsftpd.8; \ | ||
35 | - $(INSTALL) -m 644 vsftpd.conf.5 /usr/man/man5/vsftpd.conf.5; fi | ||
36 | - if [ -x /etc/xinetd.d ]; then \ | ||
37 | - $(INSTALL) -m 644 xinetd.d/vsftpd /etc/xinetd.d/vsftpd; fi | ||
38 | + $(INSTALL) -m 644 vsftpd.8 ${DESTDIR}/usr/man/man8/vsftpd.8; \ | ||
39 | + $(INSTALL) -m 644 vsftpd.conf.5 ${DESTDIR}/usr/man/man5/vsftpd.conf.5; fi | ||
40 | + if [ -x ${DESTDIR}/etc/xinetd.d ]; then \ | ||
41 | + $(INSTALL) -m 644 xinetd.d/vsftpd ${DESTDIR}/etc/xinetd.d/vsftpd; fi | ||
42 | |||
43 | clean: | ||
44 | rm -f *.o *.swp vsftpd | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-libs.patch b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-libs.patch new file mode 100644 index 000000000..9a10f722f --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-libs.patch | |||
@@ -0,0 +1,21 @@ | |||
1 | Hardcode LIBS instead of using a script to determine available libs | ||
2 | |||
3 | We want to avoid this dynamic detection so we have a deterministic | ||
4 | build. | ||
5 | |||
6 | Upstream-Status: Inappropriate [config] | ||
7 | |||
8 | Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
9 | |||
10 | diff --git a/Makefile b/Makefile | ||
11 | --- a/Makefile | ||
12 | +++ b/Makefile | ||
13 | @@ -5,7 +5,7 @@ | ||
14 | #CFLAGS = -g | ||
15 | CFLAGS = -O2 -Wall -W -Wshadow #-pedantic -Werror -Wconversion | ||
16 | |||
17 | -LIBS = `./vsf_findlibs.sh` | ||
18 | +LIBS = -lssl -lcrypto -lnsl -lresolv | ||
19 | LINK = -Wl,-s | ||
20 | |||
21 | OBJS = main.o utility.o prelogin.o ftpcmdio.o postlogin.o privsock.o \ | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-strip.patch b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-strip.patch new file mode 100644 index 000000000..fd3160037 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/makefile-strip.patch | |||
@@ -0,0 +1,17 @@ | |||
1 | Disable stripping at link time | ||
2 | |||
3 | Upstream-Status: Inappropriate [config] | ||
4 | |||
5 | Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
6 | |||
7 | diff --git a/Makefile b/Makefile | ||
8 | --- a/Makefile | ||
9 | +++ b/Makefile | ||
10 | @@ -9,7 +9,6 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \ | ||
11 | #-pedantic -Wconversion | ||
12 | |||
13 | LIBS = -lssl -lcrypto -lnsl -lresolv | ||
14 | -LINK = -Wl,-s | ||
15 | LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now | ||
16 | |||
17 | OBJS = main.o utility.o prelogin.o ftpcmdio.o postlogin.o privsock.o \ | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/nopam-with-tcp_wrappers.patch b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/nopam-with-tcp_wrappers.patch new file mode 100644 index 000000000..fdcf3a02b --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/nopam-with-tcp_wrappers.patch | |||
@@ -0,0 +1,17 @@ | |||
1 | Disable PAM | ||
2 | |||
3 | Upstream-Status: Inappropriate [config] | ||
4 | |||
5 | Signed-off-by: Roy.Li <rongqing.li@windriver.com> | ||
6 | diff -ur vsftpd-2.0.1_org/builddefs.h vsftpd-2.0.1_patch/builddefs.h | ||
7 | --- vsftpd-2.0.1_org/builddefs.h 2004-07-02 16:36:59.000000000 +0200 | ||
8 | +++ vsftpd-2.0.1_patch/builddefs.h 2004-07-21 09:34:49.044900488 +0200 | ||
9 | @@ -2,7 +2,7 @@ | ||
10 | #define VSF_BUILDDEFS_H | ||
11 | |||
12 | #define VSF_BUILD_TCPWRAPPERS | ||
13 | -#define VSF_BUILD_PAM | ||
14 | +#undef VSF_BUILD_PAM | ||
15 | #undef VSF_BUILD_SSL | ||
16 | |||
17 | #endif /* VSF_BUILDDEFS_H */ | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/nopam.patch b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/nopam.patch new file mode 100644 index 000000000..cf0d68e27 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/nopam.patch | |||
@@ -0,0 +1,16 @@ | |||
1 | Disable PAM | ||
2 | |||
3 | Upstream-Status: Inappropriate [config] | ||
4 | |||
5 | diff -ur vsftpd-2.0.1_org/builddefs.h vsftpd-2.0.1_patch/builddefs.h | ||
6 | --- vsftpd-2.0.1_org/builddefs.h 2004-07-02 16:36:59.000000000 +0200 | ||
7 | +++ vsftpd-2.0.1_patch/builddefs.h 2004-07-21 09:34:49.044900488 +0200 | ||
8 | @@ -2,7 +2,7 @@ | ||
9 | #define VSF_BUILDDEFS_H | ||
10 | |||
11 | #undef VSF_BUILD_TCPWRAPPERS | ||
12 | -#define VSF_BUILD_PAM | ||
13 | +#undef VSF_BUILD_PAM | ||
14 | #undef VSF_BUILD_SSL | ||
15 | |||
16 | #endif /* VSF_BUILDDEFS_H */ | ||
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/vsftpd-tcp_wrappers-support.patch b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/vsftpd-tcp_wrappers-support.patch new file mode 100644 index 000000000..69745b3a1 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.2/vsftpd-tcp_wrappers-support.patch | |||
@@ -0,0 +1,25 @@ | |||
1 | Enable tcp_wrapper. | ||
2 | |||
3 | Upstream-Status: Inappropriate [configuration] | ||
4 | |||
5 | Signed-off-by: Roy.Li <rongqing.li@windriver.com> | ||
6 | --- | ||
7 | builddefs.h | 2 +- | ||
8 | 1 files changed, 1 insertions(+), 1 deletions(-) | ||
9 | |||
10 | diff --git a/builddefs.h b/builddefs.h | ||
11 | index e908352..0106d1a 100644 | ||
12 | --- a/builddefs.h | ||
13 | +++ b/builddefs.h | ||
14 | @@ -1,7 +1,7 @@ | ||
15 | #ifndef VSF_BUILDDEFS_H | ||
16 | #define VSF_BUILDDEFS_H | ||
17 | |||
18 | -#undef VSF_BUILD_TCPWRAPPERS | ||
19 | +#define VSF_BUILD_TCPWRAPPERS | ||
20 | #define VSF_BUILD_PAM | ||
21 | #undef VSF_BUILD_SSL | ||
22 | |||
23 | -- | ||
24 | 1.7.1 | ||
25 | |||
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.2.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.2.bb new file mode 100644 index 000000000..e4d65eea6 --- /dev/null +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.2.bb | |||
@@ -0,0 +1,106 @@ | |||
1 | SUMMARY = "Very Secure FTP server" | ||
2 | HOMEPAGE = "https://security.appspot.com/vsftpd.html" | ||
3 | SECTION = "network" | ||
4 | LICENSE = "GPLv2" | ||
5 | LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271" | ||
6 | |||
7 | DEPENDS = "libcap openssl" | ||
8 | |||
9 | SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \ | ||
10 | file://makefile-destdir.patch \ | ||
11 | file://makefile-libs.patch \ | ||
12 | file://makefile-strip.patch \ | ||
13 | file://init \ | ||
14 | file://vsftpd.conf \ | ||
15 | file://vsftpd.user_list \ | ||
16 | file://vsftpd.ftpusers \ | ||
17 | file://change-secure_chroot_dir.patch \ | ||
18 | file://volatiles.99_vsftpd \ | ||
19 | file://vsftpd.service \ | ||
20 | " | ||
21 | |||
22 | LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271 \ | ||
23 | file://COPYRIGHT;md5=04251b2eb0f298dae376d92454f6f72e \ | ||
24 | file://LICENSE;md5=654df2042d44b8cac8a5654fc5be63eb" | ||
25 | SRC_URI[md5sum] = "8b00c749719089401315bd3c44dddbb2" | ||
26 | SRC_URI[sha256sum] = "be46f0e2c5528fe021fafc8dab1ecfea0c1f183063a06977f8537fcd0b195e56" | ||
27 | |||
28 | |||
29 | PACKAGECONFIG ??= "tcp-wrappers" | ||
30 | PACKAGECONFIG[tcp-wrappers] = ",,tcp-wrappers" | ||
31 | SRC_URI +="${@base_contains('PACKAGECONFIG', 'tcp-wrappers', 'file://vsftpd-tcp_wrappers-support.patch', '', d)}" | ||
32 | |||
33 | DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" | ||
34 | RDEPENDS_${PN} += "${@base_contains('DISTRO_FEATURES', 'pam', 'pam-plugin-listfile', '', d)}" | ||
35 | PAMLIB = "${@base_contains('DISTRO_FEATURES', 'pam', '-L${STAGING_BASELIBDIR} -lpam', '', d)}" | ||
36 | NOPAM_SRC ="${@base_contains('PACKAGECONFIG', 'tcp-wrappers', 'file://nopam-with-tcp_wrappers.patch', 'file://nopam.patch', d)}" | ||
37 | SRC_URI += "${@base_contains('DISTRO_FEATURES', 'pam', '', '${NOPAM_SRC}', d)}" | ||
38 | |||
39 | inherit update-rc.d useradd systemd | ||
40 | |||
41 | CONFFILES_${PN} = "${sysconfdir}/vsftpd.conf" | ||
42 | LDFLAGS_append =" -lcrypt -lcap" | ||
43 | |||
44 | do_configure() { | ||
45 | # Fix hardcoded /usr, /etc, /var mess. | ||
46 | cat tunables.c|sed s:\"/usr:\"${prefix}:g|sed s:\"/var:\"${localstatedir}:g \ | ||
47 | |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new | ||
48 | mv tunables.c.new tunables.c | ||
49 | } | ||
50 | |||
51 | do_compile() { | ||
52 | oe_runmake "LIBS=-L${STAGING_LIBDIR} -lcrypt -lcap ${PAMLIB} -lwrap" | ||
53 | } | ||
54 | |||
55 | do_install() { | ||
56 | install -d ${D}${sbindir} | ||
57 | install -d ${D}${mandir}/man8 | ||
58 | install -d ${D}${mandir}/man5 | ||
59 | oe_runmake 'DESTDIR=${D}' install | ||
60 | install -d ${D}${sysconfdir} | ||
61 | install -m 600 ${WORKDIR}/vsftpd.conf ${D}${sysconfdir}/vsftpd.conf | ||
62 | install -d ${D}${sysconfdir}/init.d/ | ||
63 | install -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/vsftpd | ||
64 | install -d ${D}/${sysconfdir}/default/volatiles | ||
65 | install -m 644 ${WORKDIR}/volatiles.99_vsftpd ${D}/${sysconfdir}/default/volatiles/99_vsftpd | ||
66 | |||
67 | install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/ | ||
68 | install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/ | ||
69 | if ! test -z "${PAMLIB}" ; then | ||
70 | install -d ${D}${sysconfdir}/pam.d/ | ||
71 | cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd | ||
72 | sed -i "s:/lib/security:${base_libdir}/security:" ${D}${sysconfdir}/pam.d/vsftpd | ||
73 | sed -i "s:ftpusers:vsftpd.ftpusers:" ${D}${sysconfdir}/pam.d/vsftpd | ||
74 | fi | ||
75 | if ${@base_contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then | ||
76 | install -d ${D}${sysconfdir}/tmpfiles.d | ||
77 | echo "d /var/run/vsftpd/empty 0755 root root -" \ | ||
78 | > ${D}${sysconfdir}/tmpfiles.d/${BPN}.conf | ||
79 | fi | ||
80 | |||
81 | # Install systemd unit files | ||
82 | install -d ${D}${systemd_unitdir}/system | ||
83 | install -m 0644 ${WORKDIR}/vsftpd.service ${D}${systemd_unitdir}/system | ||
84 | sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/vsftpd.service | ||
85 | } | ||
86 | |||
87 | INITSCRIPT_PACKAGES = "${PN}" | ||
88 | INITSCRIPT_NAME_${PN} = "vsftpd" | ||
89 | INITSCRIPT_PARAMS_${PN} = "defaults 80" | ||
90 | |||
91 | USERADD_PACKAGES = "${PN}" | ||
92 | USERADD_PARAM_${PN} = "--system --home-dir /var/lib/ftp --no-create-home -g ftp \ | ||
93 | --shell /bin/false ftp " | ||
94 | GROUPADD_PARAM_${PN} = "-r ftp" | ||
95 | |||
96 | SYSTEMD_SERVICE_${PN} = "vsftpd.service" | ||
97 | |||
98 | pkg_postinst_${PN}() { | ||
99 | if [ -z "$D" ]; then | ||
100 | if type systemd-tmpfiles >/dev/null; then | ||
101 | systemd-tmpfiles --create | ||
102 | elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then | ||
103 | ${sysconfdir}/init.d/populate-volatile.sh update | ||
104 | fi | ||
105 | fi | ||
106 | } | ||