Accepting request 106294 from network

- follow Systemd Packaging guidelines http://en.opensuse.org/openSUSE:Systemd_packaging_guidelines - add $local_fs and $remote_fs to init script - use the original tarball, because the bz2 repacking madness disables gpg --verify - revert a part oc changes utf converting - update to upstream 2.3.5: * Try and force glibc to cache zoneinfo files in an attempt to work around glibc parsing vulnerability. Thanks to Kingcope. * Only report CHMOD in SITE HELP if it's enabled. Thanks to Martin Schwenke <martin@meltin.net>. * Some simple fixes and cleanups from Thorsten Brehm <tbrehm@dspace.de>. * Only advertise "AUTH SSL" if one of SSLv2, SSLv3 is enabled. Thanks to steve willing <eiji-gravion@hotmail.com>. * Handle connect() failures properly. Thanks to Takayuki Nagata <tnagata@redhat.com>. * Add stronger checks for the configuration error of running with a writeable root directory inside a chroot(). This may bite people who carelessly turned on chroot_local_user but such is life. - convert .changes file to unicode - refresh vsftpd-2.0.4-conf.diff to vsftpd-2.3.5-conf.patch - name patches explicitly without macro as per recommendations - remove INSTALL file from binary package - update license to GPL-2.0+ - mark /etc/sysconfig/SuSEfirewall2/services/vsftpd as config file - fis copy/paste error in previous change OBS-URL: https://build.opensuse.org/request/show/106294 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=28
2012-02-22 14:55:42 +00:00 · 2012-02-22 14:55:42 +00:00 · c2aa5ce3b4
commit c2aa5ce3b4
parent f824c15238 b0fe1b3a11
8 changed files with 112 additions and 40 deletions
--- a/12
+++ b/12
@ -1,12 +0,0 @@
-<services>
-  <service name="download_url">
-    <param name="protocol">https</param>
-    <param name="host">security.appspot.com</param>
-    <param name="path">/downloads/vsftpd-2.3.4.tar.gz</param>
-  </service>
-  <service name="verify_file">
-    <param name="file">_service:download_url:vsftpd-2.3.4.tar.gz</param>
-    <param name="verifier">sha256</param>
-    <param name="checksum">b466edf96437afa2b2bea6981d4ab8b0204b83ca0a2ac94bef6b62b42cc71a5a</param>
-  </service>
-</services>
--- a/_service:download_url:vsftpd-2.3.4.tar.gz
+++ b/_service:download_url:vsftpd-2.3.4.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b466edf96437afa2b2bea6981d4ab8b0204b83ca0a2ac94bef6b62b42cc71a5a
-size 187043
--- a/vsftpd-2.3.5-conf.patch
+++ b/vsftpd-2.3.5-conf.patch
@ -1,5 +1,7 @@
--- vsftpd.conf.orig
-+++ vsftpd.conf
+Index: vsftpd.conf
+===================================================================
+--- vsftpd.conf.orig	2011-12-17 18:24:40.000000000 +0000
+++ vsftpd.conf	2011-12-23 17:16:43.000000000 +0000
@@ -4,23 +4,89 @@
 # loosens things up a bit, to make the ftp daemon more usable.
 # Please see vsftpd.conf.5 for all compiled in defaults.
@ -172,7 +174,7 @@
 # Enable this and the server will recognise asynchronous ABOR requests. Not
 # recommended for security (the code is non-trivial). Not enabling it,
 # however, may confuse older FTP clients.
-@@ -77,38 +164,29 @@ connect_from_port_20=YES
+@@ -77,41 +164,29 @@ connect_from_port_20=YES
 # predicted this attack and has always been safe, reporting the size of the
 # raw file.
 # ASCII mangling is a horrible feature of the protocol.
@ -192,6 +194,9 @@
 -# You may specify an explicit list of local users to chroot() to their home
 -# directory. If chroot_local_user is YES, then this list becomes a list of
 -# users to NOT chroot().
+-# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
+-# the user does not have write access to the top level directory within the
+-# chroot)
 -#chroot_local_user=YES
 -#chroot_list_enable=YES
 -# (default follows)
--- a/vsftpd-2.3.5.tar.gz
+++ b/vsftpd-2.3.5.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d87ee2987df8f03e1dbe294905f7907b2798deb89c67ca965f6e2f60879e54f1
+size 187691
--- a/vsftpd.changes
+++ b/vsftpd.changes
@ -1,3 +1,50 @@
+-------------------------------------------------------------------
+Tue Feb 21 10:51:51 UTC 2012 - mvyskocil@suse.cz
+
+- follow Systemd Packaging guidelines
+  http://en.opensuse.org/openSUSE:Systemd_packaging_guidelines
+- add $local_fs and $remote_fs to init script
+
+-------------------------------------------------------------------
+Wed Feb 15 16:41:15 UTC 2012 - mvyskocil@suse.cz
+
+- use the original tarball, because the bz2 repacking madness disables
+  gpg --verify
+- revert a part oc changes utf converting
+
+-------------------------------------------------------------------
+Fri Dec 23 17:48:04 UTC 2011 - andreas.stieger@gmx.de
+
+- update to upstream 2.3.5:
+  * Try and force glibc to cache zoneinfo files in an attempt to work around
+    glibc parsing vulnerability. Thanks to Kingcope.
+  * Only report CHMOD in SITE HELP if it's enabled. Thanks to Martin Schwenke
+    <martin@meltin.net>.
+  * Some simple fixes and cleanups from Thorsten Brehm <tbrehm@dspace.de>.
+  * Only advertise "AUTH SSL" if one of SSLv2, SSLv3 is enabled. Thanks to
+    steve willing <eiji-gravion@hotmail.com>.
+  * Handle connect() failures properly. Thanks to Takayuki Nagata
+    <tnagata@redhat.com>.
+  * Add stronger checks for the configuration error of running with a
+    writeable root directory inside a chroot(). This may bite people who
+    carelessly turned on chroot_local_user but such is life.
+- convert .changes file to unicode
+- refresh vsftpd-2.0.4-conf.diff to vsftpd-2.3.5-conf.patch
+- name patches explicitly without macro as per recommendations
+- remove INSTALL file from binary package
+- update license to GPL-2.0+
+- mark /etc/sysconfig/SuSEfirewall2/services/vsftpd as config file
+
+-------------------------------------------------------------------
+Sat Nov 26 16:31:20 UTC 2011 - crrodriguez@opensuse.org
+
+- fis copy/paste error in previous change 
+
+-------------------------------------------------------------------
+Fri Nov 25 22:14:14 UTC 2011 - crrodriguez@opensuse.org
+
+- Add systemd unit 
+
 -------------------------------------------------------------------
 Thu Sep 22 11:17:04 UTC 2011 - mvyskocil@suse.cz

@ -483,9 +530,9 @@ Mon Jul 28 15:55:40 CEST 2003 - mmj@suse.de
 Fri May 30 12:48:45 CEST 2003 - mmj@suse.de

 - Update to vsftpd-1.2.0 including:
-  · IPv6 support, so drop our patch
-  · Many bugfixes and tunings
-  · Build fixes
+  ˇ IPv6 support, so drop our patch
+  ˇ Many bugfixes and tunings
+  ˇ Build fixes

 -------------------------------------------------------------------
 Thu Mar  6 16:34:30 CET 2003 - mmj@suse.de
--- a/vsftpd.init
+++ b/vsftpd.init
@ -24,8 +24,8 @@
 #
 ### BEGIN INIT INFO
 # Provides:          ftpd
-# Required-Start:    $syslog network-remotefs
-# Required-Stop:     $syslog network-remotefs
+# Required-Start:    $local_fs $remote_fs $syslog network-remotefs
+# Required-Stop:     $local_fs $remote_fs $syslog network-remotefs
 # Default-Start:     3 5
 # Default-Stop:      0 1 2 6
 # Description:		 very secure ftp daemon
--- a/vsftpd.service
+++ b/vsftpd.service
@ -0,0 +1,10 @@
+[Unit]
+Description=Vsftpd ftp daemon
+After=network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/vsftpd /etc/vsftpd.conf
+
+[Install]
+WantedBy=multi-user.target
--- a/vsftpd.spec
+++ b/vsftpd.spec
@ -1,7 +1,7 @@
 #
 # spec file for package vsftpd
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -15,20 +15,22 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #

-# norootforbuild
-

 Name:           vsftpd
-BuildRequires:  openssl-devel pam-devel
+BuildRequires:  openssl-devel
+BuildRequires:  pam-devel
 %if 0%{?suse_version} < 1001
 BuildRequires:  libcap
 %else
 BuildRequires:  libcap-devel
 %endif
-Version:        2.3.4
-Release:        1
+%if 0%{?suse_version} > 1140
+BuildRequires:  systemd
+%endif
+Version:        2.3.5
+Release:        0
 Summary:        Very Secure FTP Daemon - Written from Scratch
-License:        GPLv2+
+License:        GPL-2.0+
 Group:          Productivity/Networking/Ftp/Servers
 Url:            https://security.appspot.com/vsftpd.html
 Source:         %name-%version.tar.gz
@ -38,17 +40,19 @@ Source3:        %name.init
 Source4:        README.SUSE
 Source5:        %name.xml
 Source6:        %name.firewall
-Patch1:         %name-2.0.4-lib64.diff
-Patch3:         %name-2.0.4-xinetd.diff
-Patch4:         %name-2.0.4-enable-ssl.patch
-Patch5:         %name-2.0.4-dmapi.patch
-Patch6:         %name-2.0.5-vuser.patch
-Patch7:         %name-2.0.5-enable-debuginfo.patch
-Patch8:         %name-2.0.5-utf8-log-names.patch
-Patch9:         %name-2.0.4-conf.diff
+Source7:        vsftpd.service
+Patch1:         vsftpd-2.0.4-lib64.diff
+Patch3:         vsftpd-2.0.4-xinetd.diff
+Patch4:         vsftpd-2.0.4-enable-ssl.patch
+Patch5:         vsftpd-2.0.4-dmapi.patch
+Patch6:         vsftpd-2.0.5-vuser.patch
+Patch7:         vsftpd-2.0.5-enable-debuginfo.patch
+Patch8:         vsftpd-2.0.5-utf8-log-names.patch
+Patch9:         vsftpd-2.3.5-conf.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Provides:       ftp-server
 PreReq:         %insserv_prereq /usr/sbin/useradd
+%{?systemd_requires}
 Requires:       logrotate

 %description
@ -94,25 +98,43 @@ install -d $RPM_BUILD_ROOT/%_datadir/omc/svcinfo.d/
 install -D -m 644 %SOURCE5 $RPM_BUILD_ROOT/%_datadir/omc/svcinfo.d/
 install -d $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/
 install -m 644 %{S:6} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
+%if 0%{?suse_version} > 1140
+install -D -m 0644 %SOURCE7 %{buildroot}/%{_unitdir}/%{name}.service
+%endif

 %pre
 /usr/sbin/useradd -r -o -g nogroup -s /bin/false -c "Secure FTP User" -d /var/lib/empty ftpsecure 2> /dev/null || :
+%if 0%{?suse_version} > 1140
+%service_add_pre %{name}.service
+%endif

 %preun
 %stop_on_removal %name
+%if 0%{?suse_version} > 1140
+%service_del_preun %{name}.service
+%endif

 %post
 %{fillup_and_insserv -f %{name}}
+%if 0%{?suse_version} > 1140
+%service_add_post %{name}.service
+%endif

 %postun
 %insserv_cleanup
 %restart_on_update %name
+%if 0%{?suse_version} > 1140
+%service_del_postun %{name}.service
+%endif

 %clean
 rm -rf $RPM_BUILD_ROOT

 %files
 %defattr(-,root,root)
+%if 0%{?suse_version} > 1140
+%{_unitdir}/%{name}.service
+%endif
 /usr/sbin/%name
 /usr/sbin/rc%name
 %config /etc/init.d/%name
@ -124,9 +146,9 @@ rm -rf $RPM_BUILD_ROOT
 %config(noreplace) /etc/logrotate.d/%name
 %_mandir/man5/%name.conf.*
 %_mandir/man8/%name.*
-%doc INSTALL BUGS AUDIT Changelog LICENSE README README.security
+%doc BUGS AUDIT Changelog LICENSE README README.security
 %doc REWARD SPEED TODO SECURITY TUNING SIZE FAQ EXAMPLE COPYING
 %doc README.SUSE
-%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
+%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}

 %changelog