forked from pool/proftpd
596f606c69
update to 1.3.6c, fix for boo#1164572 (CVE-2020-9272, gh#902), fix for boo#1164574 (CVE-2020-9273, gh#903) OBS-URL: https://build.opensuse.org/request/show/778853 OBS-URL: https://build.opensuse.org/package/show/network/proftpd?expand=0&rev=76
63 lines
2.3 KiB
Diff
63 lines
2.3 KiB
Diff
Index: contrib/ftpasswd
|
|
===================================================================
|
|
--- contrib/ftpasswd.orig
|
|
+++ contrib/ftpasswd
|
|
@@ -32,8 +32,8 @@ use Getopt::Long;
|
|
$Getopt::Long::auto_abbrev = 0;
|
|
|
|
my $program = basename($0);
|
|
-my $default_passwd_file = "./ftpd.passwd";
|
|
-my $default_group_file = "./ftpd.group";
|
|
+my $default_passwd_file = "/etc/proftpd/auth/passwd";
|
|
+my $default_group_file = "/etc/proftpd/auth/group";
|
|
my $shell_file = "/etc/shells";
|
|
my $default_cracklib_dict = "/usr/lib/cracklib_dict";
|
|
my $cracklib_dict;
|
|
@@ -1128,6 +1128,46 @@ usage: $program [--help] [--hash|--group
|
|
--version
|
|
Displays the version of $program.
|
|
|
|
+Creating Files
|
|
+
|
|
+The ftpasswd program can create and update files for both AuthUserFile and
|
|
+ AuthGroupFile. When it is used for the first time, the program will create
|
|
+ the necessary file. If that file already exists, ftpasswd will update it
|
|
+ with the new information.
|
|
+
|
|
+ftpasswd must first know what type of file to create. Use either the
|
|
+ --passwd option (for handling AuthUserFiles), or the --group option
|
|
+ (for handling AuthGroupFiles); this is required.
|
|
+
|
|
+When creating an AuthUserFile, the following options are also
|
|
+ required: --name, --uid, --home, and --shell.
|
|
+ This information is required by proftpd to authenticate a user. The optional
|
|
+ parameters for an AuthUserFile include --gid
|
|
+ (defaults to the given --uid argument when not provided)
|
|
+ and --gecos (not used by proftpd at all). For example:
|
|
+
|
|
+ ftpasswd --passwd --name=bob --uid=1001 --home=/home/bob --shell=/bin/false
|
|
+
|
|
+creates an account for user bob.
|
|
+
|
|
+To create a file with a name or location other than the default
|
|
+ (which, for --passwd mode is /etc/proftpd/auth/passwd), use the --file option.
|
|
+
|
|
+For example, to create the alternate password file in /usr/local/etc/ftpd/passwd:
|
|
+
|
|
+ ftpasswd --passwd --file=/usr/local/etc/ftpd/passwd --name=bob --uid=1001 \
|
|
+ --home=/home/bob --shell=/bin/false
|
|
+
|
|
+For AuthGroupFiles, use --group:
|
|
+
|
|
+ ftpasswd --group --name=group-name --gid=group-id --member=user-member1 \
|
|
+ --member=user-member2 ... --member=user-memberN
|
|
+
|
|
+The most common change to these files is made to AuthUserFiles, to change
|
|
+ a user's password. The --change-password option was provided just for this scenario:
|
|
+
|
|
+ ftpasswd --passwd --name=user --change-password
|
|
+
|
|
END_OF_USAGE
|
|
|
|
exit 0;
|