From 210c37578623b55a2bfd7a1995e9f89e02345fa188df6291b74983241f0c9ee0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Mon, 26 May 2014 13:22:17 +0000 Subject: [PATCH] - Cleanup with spec-cleaner - Remove conditions about init files as we do not build for < 12.1 anyway. - Update the README.SUSE file to describe more the listen option. OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=63 --- README.SUSE | 7 ++- vsftpd.changes | 8 +++ vsftpd.init | 107 ---------------------------------------- vsftpd.spec | 130 ++++++++++++++++--------------------------------- 4 files changed, 57 insertions(+), 195 deletions(-) delete mode 100644 vsftpd.init diff --git a/README.SUSE b/README.SUSE index ad7cfaf..59bfe80 100644 --- a/README.SUSE +++ b/README.SUSE @@ -4,4 +4,9 @@ compatibility, default /etc/vsftpd.conf in SUSE contains listen=NO listen_ipv6=YES -so no changes for xinetd (/etc/xinetd.d/vsftp) are needed by default. +if you plan to use xinetd (/etc/xinetd.d/vsftp) you don't need to change +anything by default, but if you have ipv6 available you have to set +listen_ipv6=NO too in order for xinetd to work. +Alternatively you can also use systemd socket service that listens on +port 21 and starts the server like xinetd would. This service does +not require you to change ANY variable in the /etc/vsftpd.conf. diff --git a/vsftpd.changes b/vsftpd.changes index 5cd6e34..5c207b0 100644 --- a/vsftpd.changes +++ b/vsftpd.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon May 26 13:13:44 UTC 2014 - tchvatal@suse.com + +- Cleanup with spec-cleaner +- Remove conditions about init files as we do not build for < 12.1 + anyway. +- Update the README.SUSE file to describe more the listen option. + ------------------------------------------------------------------- Mon May 26 12:52:56 UTC 2014 - tchvatal@suse.com diff --git a/vsftpd.init b/vsftpd.init deleted file mode 100644 index 7c25dca..0000000 --- a/vsftpd.init +++ /dev/null @@ -1,107 +0,0 @@ -#! /bin/sh -# Copyright (c) 1995-2005 SUSE Linux GmbH, Nuernberg, Germany. -# All rights reserved. -# -# Author: Mads Martin Joergensen -# -# /etc/init.d/vsftpd -# and its symbolic link -# /usr/sbin/rcvsftpd -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -### BEGIN INIT INFO -# Provides: ftpd -# Required-Start: $local_fs $remote_fs $syslog network-remotefs -# Required-Stop: $local_fs $remote_fs $syslog network-remotefs -# Default-Start: 3 5 -# Default-Stop: 0 1 2 6 -# Description: very secure ftp daemon -# Short-Description: very secure ftp daemon -### END INIT INFO -# Note on runlevels: -# 0 - halt/poweroff 6 - reboot -# 1 - single user 2 - multiuser without network exported -# 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm) -# -# Note on script names: -# http://www.linuxbase.org/spec/refspecs/LSB_1.3.0/gLSB/gLSB/scrptnames.html -# A registry has been set up to manage the init script namespace. -# http://www.lanana.org/ -# Please use the names already registered or register one or use a -# vendor prefix. - -VSFTPD_BIN=/usr/sbin/vsftpd -test -x $VSFTPD_BIN || { echo "$VSFTPD_BIN not installed"; - if [ "$1" = "stop" ]; then exit 0; - else exit 5; fi; } - -. /etc/rc.status - -rc_reset - -case "$1" in - start) - echo -n "Starting vsftpd " - /sbin/startproc -l /var/log/rcvsftp.log $VSFTPD_BIN - rc_status -v - ;; - stop) - echo -n "Shutting down vsftpd " - /sbin/killproc -TERM $VSFTPD_BIN - rc_status -v - ;; - try-restart|condrestart) - ## Do a restart only if the service was active before. - ## Note: try-restart is now part of LSB (as of 1.9). - ## RH has a similar command named condrestart. - if test "$1" = "condrestart"; then - echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" - fi - $0 status - if test $? = 0; then - $0 restart - else - rc_reset # Not running is not a failure. - fi - - rc_status - ;; - restart) - $0 stop - $0 start - rc_status - ;; - force-reload) - echo -n "Reload service vsftpd " - /sbin/killproc -HUP $VSFTPD_BIN - rc_status -v - ;; - reload) - echo -n "Reload service vsftpd " - /sbin/killproc -HUP $VSFTPD_BIN - rc_status -v - ;; - status) - echo -n "Checking for service vsftpd " - /sbin/checkproc $VSFTPD_BIN - rc_status -v - ;; - *) - echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}" - exit 1 - ;; -esac -rc_exit diff --git a/vsftpd.spec b/vsftpd.spec index 36d36eb..6521ad8 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -16,19 +16,7 @@ # -%global with_sysvinit 0 -%if 0%{?suse_version} < 1310 -%global with_sysvinit 1 -%endif - Name: vsftpd -BuildRequires: gpg-offline -BuildRequires: libcap-devel -BuildRequires: openssl-devel -BuildRequires: pam-devel -%if 0%{?suse_version} > 1140 -BuildRequires: systemd -%endif Version: 3.0.2 Release: 0 Summary: Very Secure FTP Daemon - Written from Scratch @@ -36,15 +24,14 @@ License: SUSE-GPL-2.0-with-openssl-exception Group: Productivity/Networking/Ftp/Servers Url: https://security.appspot.com/vsftpd.html Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz -Source1: %name.pam -Source2: %name.logrotate -Source3: %name.init +Source1: %{name}.pam +Source2: %{name}.logrotate Source4: README.SUSE -Source5: %name.xml -Source6: %name.firewall +Source5: %{name}.xml +Source6: %{name}.firewall Source7: vsftpd.service Source8: vsftpd@.service -Source9: %name.keyring +Source9: %{name}.keyring Source10: vsftpd.socket Source1000: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz.asc Patch1: vsftpd-2.0.4-lib64.diff @@ -69,11 +56,16 @@ Patch15: vsftpd-enable-dev-log-sendto.patch Patch16: vsftpd-root-squashed-chroot.patch #PATCH-FIX-UPSTREAM: bnc#870122 Patch17: vsftpd-enable-gettimeofday-sec.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build -Provides: ftp-server -Requires(pre): %insserv_prereq /usr/sbin/useradd -%{?systemd_requires} +BuildRequires: gpg-offline +BuildRequires: libcap-devel +BuildRequires: openssl-devel +BuildRequires: pam-devel +BuildRequires: systemd Requires: logrotate +Requires(pre): %{_sbindir}/useradd +Provides: ftp-server +BuildRoot: %{_tmppath}/%{name}-%{version}-build +%{?systemd_requires} %description Vsftpd is an FTP server, or daemon. The "vs" stands for Very Secure. @@ -107,94 +99,58 @@ tests. %patch17 -p1 %build -%define seccomp_opts %{nil} -%if 0%{?suse_version} > 1030 %define seccomp_opts -D_GNU_SOURCE -DUSE_SECCOMP -%endif rm -f dummyinc/sys/capability.h -make CFLAGS="$RPM_OPT_FLAGS -DOPENSSL_NO_SSL_INTERN -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -fstack-protector --param=ssp-buffer-size=4 %{seccomp_opts}" \ +make CFLAGS="%{optflags} -DOPENSSL_NO_SSL_INTERN -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -fstack-protector --param=ssp-buffer-size=4 %{seccomp_opts}" \ LDFLAGS="-fPIE -pie -Wl,-z,relro -Wl,-z,now" LINK= %install -mkdir -p $RPM_BUILD_ROOT/usr/share/empty -cp %SOURCE4 . -install -D -m 755 %name $RPM_BUILD_ROOT/usr/sbin/%name -install -D -m 600 %name.conf $RPM_BUILD_ROOT/etc/%name.conf -install -D -m 600 xinetd.d/%name $RPM_BUILD_ROOT/etc/xinetd.d/%name -install -D -m 644 $RPM_SOURCE_DIR/%name.pam $RPM_BUILD_ROOT/etc/pam.d/%name -install -D -m 644 $RPM_SOURCE_DIR/%name.logrotate $RPM_BUILD_ROOT/etc/logrotate.d/%name -install -D -m 644 %name.conf.5 $RPM_BUILD_ROOT/%_mandir/man5/%name.conf.5 -install -D -m 644 %name.8 $RPM_BUILD_ROOT/%_mandir/man8/%name.8 -%if %{with_sysvinit} -install -D -m 755 %SOURCE3 $RPM_BUILD_ROOT/etc/init.d/%name -ln -sf ../../etc/init.d/%name $RPM_BUILD_ROOT/%_prefix/sbin/rc%name -%else -ln -sf service $RPM_BUILD_ROOT/%{_prefix}/sbin/rc%{name} -%endif -install -d $RPM_BUILD_ROOT/%_datadir/omc/svcinfo.d/ -install -D -m 644 %SOURCE5 $RPM_BUILD_ROOT/%_datadir/omc/svcinfo.d/ -install -d $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ -install -m 644 %{S:6} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} -%if 0%{?suse_version} > 1140 -install -D -m 0644 %SOURCE7 %{buildroot}/%{_unitdir}/%{name}.service -install -D -m 0644 %SOURCE8 %{buildroot}/%{_unitdir}/%{name}@.service -install -D -m 0644 %SOURCE10 %{buildroot}/%{_unitdir}/%{name}.socket -%endif +mkdir -p %{buildroot}%{_datadir}/empty +cp %{SOURCE4} . +install -D -m 755 %{name} %{buildroot}%{_sbindir}/%{name} +install -D -m 600 %{name}.conf %{buildroot}%{_sysconfdir}/%{name}.conf +install -D -m 600 xinetd.d/%{name} %{buildroot}%{_sysconfdir}/xinetd.d/%{name} +install -D -m 644 $RPM_SOURCE_DIR/%{name}.pam %{buildroot}%{_sysconfdir}/pam.d/%{name} +install -D -m 644 $RPM_SOURCE_DIR/%{name}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name} +install -D -m 644 %{name}.conf.5 %{buildroot}/%{_mandir}/man5/%{name}.conf.5 +install -D -m 644 %{name}.8 %{buildroot}/%{_mandir}/man8/%{name}.8 +ln -sf service %{buildroot}/%{_sbindir}/rc%{name} +install -D -m 0644 %{SOURCE7} %{buildroot}/%{_unitdir}/%{name}.service +install -D -m 0644 %{SOURCE8} %{buildroot}/%{_unitdir}/%{name}@.service +install -D -m 0644 %{SOURCE10} %{buildroot}/%{_unitdir}/%{name}.socket +install -d %{buildroot}/%{_datadir}/omc/svcinfo.d/ +install -D -m 644 %{SOURCE5} %{buildroot}/%{_datadir}/omc/svcinfo.d/ +install -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ +install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} %pre -/usr/sbin/useradd -r -g nogroup -s /bin/false -c "Secure FTP User" -d /var/lib/empty ftpsecure 2> /dev/null || : -%if 0%{?suse_version} > 1140 +%{_sbindir}/useradd -r -g nogroup -s /bin/false -c "Secure FTP User" -d %{_localstatedir}/lib/empty ftpsecure 2> /dev/null || : %service_add_pre %{name}.service -%endif %preun -if [ -e /etc/init.d/%{name} ]; then -%stop_on_removal %name -fi - -%if 0%{?suse_version} > 1140 %service_del_preun %{name}.service -%endif %post -%if %{with_sysvinit} -%{fillup_and_insserv -f %{name}} -%endif - -%if 0%{?suse_version} > 1140 %service_add_post %{name}.service -%endif %postun -%if %{with_sysvinit} -%insserv_cleanup -%restart_on_update %name -%endif - -%if 0%{?suse_version} > 1140 %service_del_postun %{name}.service -%endif %files %defattr(-,root,root) -%if 0%{?suse_version} > 1140 %{_unitdir}/%{name}.service %{_unitdir}/%{name}.socket %{_unitdir}/%{name}@.service -%endif -/usr/sbin/%name -/usr/sbin/rc%name -%if %{with_sysvinit} -%config /etc/init.d/%name -%endif -%_datadir/omc/svcinfo.d/vsftpd.xml -%dir /usr/share/empty -%config(noreplace) /etc/xinetd.d/%name -%config(noreplace) /etc/%name.conf -%config /etc/pam.d/%name -%config(noreplace) /etc/logrotate.d/%name -%_mandir/man5/%name.conf.* -%_mandir/man8/%name.* +%{_sbindir}/%{name} +%{_sbindir}/rc%{name} +%{_datadir}/omc/svcinfo.d/vsftpd.xml +%dir %{_datadir}/empty +%config(noreplace) %{_sysconfdir}/xinetd.d/%{name} +%config(noreplace) %{_sysconfdir}/%{name}.conf +%config %{_sysconfdir}/pam.d/%{name} +%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} +%{_mandir}/man5/%{name}.conf.* +%{_mandir}/man8/%{name}.* %doc BUGS AUDIT Changelog LICENSE README README.security %doc REWARD SPEED TODO SECURITY TUNING SIZE FAQ EXAMPLE COPYING %doc README.SUSE