From 3558c9623f71f6be43f1c705fef217ee9c2f3ce6 Mon Sep 17 00:00:00 2001 From: Juergen Daubert Date: Thu, 23 Jul 2015 15:22:37 +0200 Subject: [PATCH] vsftpd: don't set tcp_wrappers in vsftpd.conf, new start script --- vsftpd/.md5sum | 2 +- vsftpd/vsftpd | 21 +++++++++++++++---- vsftpd/vsftpd-config.patch | 42 +++++++++++++++++--------------------- 3 files changed, 37 insertions(+), 28 deletions(-) diff --git a/vsftpd/.md5sum b/vsftpd/.md5sum index 4acdbf06d..2e1f7b123 100644 --- a/vsftpd/.md5sum +++ b/vsftpd/.md5sum @@ -1,3 +1,3 @@ 7f5bb0bcd0f3a54673157aaaee6f6c30 vsftpd 8b00c749719089401315bd3c44dddbb2 vsftpd-3.0.2.tar.gz -e63aa87613fb5abcbd4c97afe2a15b92 vsftpd-config.patch +5c9180f43221374a95eccc3ff55a2340 vsftpd-config.patch diff --git a/vsftpd/vsftpd b/vsftpd/vsftpd index 58a1c9aa0..c9e4ccb42 100644 --- a/vsftpd/vsftpd +++ b/vsftpd/vsftpd @@ -3,26 +3,39 @@ # /etc/rc.d/vsftpd: start/stop vsftpd daemon # +SSD=/sbin/start-stop-daemon +PROG=/usr/sbin/vsftpd +OPTS="" + CRT=/etc/ssl/certs/vsftpd.crt KEY=/etc/ssl/keys/vsftpd.key + case $1 in start) if [ ! -s $CRT -o ! -s $KEY ]; then /usr/bin/mksslcert $KEY $CRT fi - /usr/sbin/vsftpd + $SSD --start --exec $PROG -- $OPTS ;; stop) - killall -q /usr/sbin/vsftpd + $SSD --stop --retry 10 --exec $PROG ;; restart) $0 stop - sleep 2 $0 start ;; +status) + $SSD --status --exec $PROG + case $? in + 0) echo "$PROG is running with pid $(pidof $PROG)" ;; + 1) echo "$PROG is not running but the pid file $PID exists" ;; + 3) echo "$PROG is not running" ;; + 4) echo "Unable to determine the program status" ;; + esac + ;; *) - echo "usage: $0 [start|stop|restart]" + echo "usage: $0 [start|stop|restart|status]" ;; esac diff --git a/vsftpd/vsftpd-config.patch b/vsftpd/vsftpd-config.patch index 2b1e94d01..13c672636 100644 --- a/vsftpd/vsftpd-config.patch +++ b/vsftpd/vsftpd-config.patch @@ -1,6 +1,6 @@ -diff -Nru vsftpd-3.0.0.orig/Makefile vsftpd-3.0.0/Makefile ---- vsftpd-3.0.0.orig/Makefile 2012-04-10 09:29:08.529670293 +0200 -+++ vsftpd-3.0.0/Makefile 2012-04-10 09:38:01.020463369 +0200 +diff -Nru vsftpd-3.0.2.orig/Makefile vsftpd-3.0.2/Makefile +--- vsftpd-3.0.2.orig/Makefile 2015-07-23 14:57:31.840167675 +0200 ++++ vsftpd-3.0.2/Makefile 2015-07-23 14:57:51.082841044 +0200 @@ -3,7 +3,7 @@ INSTALL = install IFLAGS = -idirafter dummyinc @@ -36,25 +36,23 @@ diff -Nru vsftpd-3.0.0.orig/Makefile vsftpd-3.0.0/Makefile clean: rm -f *.o *.swp vsftpd -diff -Nru vsftpd-3.0.0.orig/builddefs.h vsftpd-3.0.0/builddefs.h ---- vsftpd-3.0.0.orig/builddefs.h 2012-04-10 09:29:08.533003507 +0200 -+++ vsftpd-3.0.0/builddefs.h 2012-04-10 09:37:33.624784735 +0200 -@@ -1,9 +1,9 @@ - #ifndef VSF_BUILDDEFS_H +diff -Nru vsftpd-3.0.2.orig/builddefs.h vsftpd-3.0.2/builddefs.h +--- vsftpd-3.0.2.orig/builddefs.h 2015-07-23 14:57:31.843500895 +0200 ++++ vsftpd-3.0.2/builddefs.h 2015-07-23 14:57:51.082841044 +0200 +@@ -2,8 +2,8 @@ #define VSF_BUILDDEFS_H --#undef VSF_BUILD_TCPWRAPPERS + #undef VSF_BUILD_TCPWRAPPERS -#define VSF_BUILD_PAM -#undef VSF_BUILD_SSL -+#undef VSF_BUILD_TCPWRAPPERS +#undef VSF_BUILD_PAM +#define VSF_BUILD_SSL #endif /* VSF_BUILDDEFS_H */ -diff -Nru vsftpd-3.0.0.orig/tunables.c vsftpd-3.0.0/tunables.c ---- vsftpd-3.0.0.orig/tunables.c 2012-04-10 09:29:08.529670293 +0200 -+++ vsftpd-3.0.0/tunables.c 2012-04-10 09:39:55.196345553 +0200 +diff -Nru vsftpd-3.0.2.orig/tunables.c vsftpd-3.0.2/tunables.c +--- vsftpd-3.0.2.orig/tunables.c 2015-07-23 14:57:31.840167675 +0200 ++++ vsftpd-3.0.2/tunables.c 2015-07-23 14:57:51.082841044 +0200 @@ -254,7 +254,7 @@ /* -rw------- */ tunable_chown_upload_mode = 0600; @@ -78,16 +76,14 @@ diff -Nru vsftpd-3.0.0.orig/tunables.c vsftpd-3.0.0/tunables.c install_str_setting(0, &tunable_dsa_private_key_file); install_str_setting(0, &tunable_ca_certs_file); } -diff -Nru vsftpd-3.0.0.orig/vsftpd.conf vsftpd-3.0.0/vsftpd.conf ---- vsftpd-3.0.0.orig/vsftpd.conf 2012-04-10 09:29:08.529670293 +0200 -+++ vsftpd-3.0.0/vsftpd.conf 2012-04-10 09:37:33.624784735 +0200 -@@ -8,11 +8,21 @@ +diff -Nru vsftpd-3.0.2.orig/vsftpd.conf vsftpd-3.0.2/vsftpd.conf +--- vsftpd-3.0.2.orig/vsftpd.conf 2015-07-23 14:57:31.840167675 +0200 ++++ vsftpd-3.0.2/vsftpd.conf 2015-07-23 15:03:41.640840187 +0200 +@@ -8,11 +8,19 @@ # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # +# -+# Use tcp_wrappers library -+tcp_wrappers=YES +# +# Enable SSL support +#ssl_enable=YES @@ -103,7 +99,7 @@ diff -Nru vsftpd-3.0.0.orig/vsftpd.conf vsftpd-3.0.0/vsftpd.conf # # Uncomment this to enable any form of FTP write command. #write_enable=YES -@@ -110,6 +120,7 @@ +@@ -110,6 +118,7 @@ # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES @@ -111,9 +107,9 @@ diff -Nru vsftpd-3.0.0.orig/vsftpd.conf vsftpd-3.0.0/vsftpd.conf # # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd with two configuration files. -diff -Nru vsftpd-3.0.0.orig/vsftpd.conf.5 vsftpd-3.0.0/vsftpd.conf.5 ---- vsftpd-3.0.0.orig/vsftpd.conf.5 2012-04-10 09:29:08.533003507 +0200 -+++ vsftpd-3.0.0/vsftpd.conf.5 2012-04-10 09:37:33.624784735 +0200 +diff -Nru vsftpd-3.0.2.orig/vsftpd.conf.5 vsftpd-3.0.2/vsftpd.conf.5 +--- vsftpd-3.0.2.orig/vsftpd.conf.5 2015-07-23 14:57:31.840167675 +0200 ++++ vsftpd-3.0.2/vsftpd.conf.5 2015-07-23 14:57:51.082841044 +0200 @@ -955,21 +955,21 @@ This option specifies the location of the RSA certificate to use for SSL encrypted connections.