vsftpd: removed
This commit is contained in:
parent
1cdd6006f2
commit
7fc393c9b8
@ -1,21 +0,0 @@
|
||||
drwxr-xr-x root/root etc/
|
||||
drwxr-xr-x root/root etc/rc.d/
|
||||
-rwxr-xr-x root/root etc/rc.d/vsftpd
|
||||
drwxr-xr-x root/root etc/ssl/
|
||||
drwxr-xr-x root/root etc/ssl/certs/
|
||||
-rw------- root/root etc/ssl/certs/vsftpd.crt (EMPTY)
|
||||
drwxr-xr-x root/root etc/ssl/keys/
|
||||
-rw------- root/root etc/ssl/keys/vsftpd.key (EMPTY)
|
||||
-rw------- root/root etc/vsftpd.conf
|
||||
drwxr-xr-x root/root usr/
|
||||
drwxr-xr-x root/root usr/sbin/
|
||||
-rwxr-xr-x root/root usr/sbin/vsftpd
|
||||
drwxr-xr-x root/root usr/share/
|
||||
drwxr-xr-x root/root usr/share/man/
|
||||
drwxr-xr-x root/root usr/share/man/man5/
|
||||
-rw-r--r-- root/root usr/share/man/man5/vsftpd.conf.5.gz
|
||||
drwxr-xr-x root/root usr/share/man/man8/
|
||||
-rw-r--r-- root/root usr/share/man/man8/vsftpd.8.gz
|
||||
drwxr-xr-x root/root var/
|
||||
drwxr-xr-x root/root var/log/
|
||||
-rw-r--r-- root/root var/log/vsftpd.log (EMPTY)
|
||||
@ -1,7 +0,0 @@
|
||||
untrusted comment: verify with /etc/ports/opt.pub
|
||||
RWSE3ohX2g5d/V1YuXU/W2YqAa4m4XQN2RAQt3sL45Xqs6KYEy0NiIDQu62czeCsw0vedtsYdbFVYeY+w6YWPpc0OX9vdzhDIwo=
|
||||
SHA256 (Pkgfile) = b9332abf68d9111e31bf550ef00c94a73991229df1118265224f0b76a40ebdfe
|
||||
SHA256 (.footprint) = 1e3fadf862486a51388e505fbc073b97190793feef90079ea56fc0bd416c6680
|
||||
SHA256 (vsftpd-3.0.3.tar.gz) = 9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7
|
||||
SHA256 (vsftpd-config.patch) = 5ae1b937e4493ad75f4117f81bb35936ff712fdf8c9cab0d91c01d04d956c9e3
|
||||
SHA256 (vsftpd) = a87ac32cfd6d50ebc7a8679c47dfeb349048b0136371b96e2a8a26808f6f4dc7
|
||||
@ -1,25 +0,0 @@
|
||||
# Description: Probably the most secure and fastest FTP server
|
||||
# URL: http://vsftpd.beasts.org
|
||||
# Maintainer: Juergen Daubert, jue at crux dot nu
|
||||
# Depends on: openssl libcap
|
||||
|
||||
name=vsftpd
|
||||
version=3.0.3
|
||||
release=1
|
||||
source=(https://security.appspot.com/downloads/$name-$version.tar.gz \
|
||||
$name-config.patch vsftpd)
|
||||
|
||||
build () {
|
||||
cd $name-$version
|
||||
|
||||
patch -p1 -i $SRC/$name-config.patch
|
||||
|
||||
make
|
||||
make DESTDIR=$PKG install
|
||||
|
||||
install -d $PKG/{etc/{rc.d,ssl/{certs,keys}},var/log}
|
||||
install -m 755 $SRC/vsftpd $PKG/etc/rc.d
|
||||
touch $PKG/etc/ssl/{certs/$name.crt,keys/$name.key}
|
||||
chmod 600 $PKG/etc/ssl/{certs/$name.crt,keys/$name.key}
|
||||
touch $PKG/var/log/vsftpd.log
|
||||
}
|
||||
@ -1,41 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# /etc/rc.d/vsftpd: start/stop vsftpd daemon
|
||||
#
|
||||
|
||||
SSD=/sbin/start-stop-daemon
|
||||
PROG=/usr/sbin/vsftpd
|
||||
OPTS=""
|
||||
|
||||
CRT=/etc/ssl/certs/vsftpd.crt
|
||||
KEY=/etc/ssl/keys/vsftpd.key
|
||||
|
||||
|
||||
case $1 in
|
||||
start)
|
||||
if [ ! -s $CRT -o ! -s $KEY ]; then
|
||||
/usr/bin/mksslcert $KEY $CRT
|
||||
fi
|
||||
$SSD --start --exec $PROG -- $OPTS
|
||||
;;
|
||||
stop)
|
||||
$SSD --stop --retry 10 --exec $PROG
|
||||
;;
|
||||
restart)
|
||||
$0 stop
|
||||
$0 start
|
||||
;;
|
||||
status)
|
||||
$SSD --status --exec $PROG
|
||||
case $? in
|
||||
0) echo "$PROG is running with pid $(pgrep -o -x vsftpd )" ;;
|
||||
3) echo "$PROG is not running" ;;
|
||||
4) echo "Unable to determine the program status" ;;
|
||||
esac
|
||||
;;
|
||||
*)
|
||||
echo "usage: $0 [start|stop|restart|status]"
|
||||
;;
|
||||
esac
|
||||
|
||||
# End of file
|
||||
@ -1,136 +0,0 @@
|
||||
diff -Nru vsftpd-3.0.3.orig/Makefile vsftpd-3.0.3/Makefile
|
||||
--- vsftpd-3.0.3.orig/Makefile 2015-07-25 10:46:48.976048527 +0200
|
||||
+++ vsftpd-3.0.3/Makefile 2015-07-25 10:47:10.025301281 +0200
|
||||
@@ -3,7 +3,7 @@
|
||||
INSTALL = install
|
||||
IFLAGS = -idirafter dummyinc
|
||||
#CFLAGS = -g
|
||||
-CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \
|
||||
+CFLAGS += -fPIE -fstack-protector --param=ssp-buffer-size=4 \
|
||||
-Wall -W -Wshadow -Werror -Wformat-security \
|
||||
-D_FORTIFY_SOURCE=2 \
|
||||
#-pedantic -Wconversion
|
||||
@@ -29,21 +29,10 @@
|
||||
$(CC) -o vsftpd $(OBJS) $(LINK) $(LDFLAGS) $(LIBS)
|
||||
|
||||
install:
|
||||
- if [ -x /usr/local/sbin ]; then \
|
||||
- $(INSTALL) -m 755 vsftpd /usr/local/sbin/vsftpd; \
|
||||
- else \
|
||||
- $(INSTALL) -m 755 vsftpd /usr/sbin/vsftpd; fi
|
||||
- if [ -x /usr/local/man ]; then \
|
||||
- $(INSTALL) -m 644 vsftpd.8 /usr/local/man/man8/vsftpd.8; \
|
||||
- $(INSTALL) -m 644 vsftpd.conf.5 /usr/local/man/man5/vsftpd.conf.5; \
|
||||
- elif [ -x /usr/share/man ]; then \
|
||||
- $(INSTALL) -m 644 vsftpd.8 /usr/share/man/man8/vsftpd.8; \
|
||||
- $(INSTALL) -m 644 vsftpd.conf.5 /usr/share/man/man5/vsftpd.conf.5; \
|
||||
- else \
|
||||
- $(INSTALL) -m 644 vsftpd.8 /usr/man/man8/vsftpd.8; \
|
||||
- $(INSTALL) -m 644 vsftpd.conf.5 /usr/man/man5/vsftpd.conf.5; fi
|
||||
- if [ -x /etc/xinetd.d ]; then \
|
||||
- $(INSTALL) -m 644 xinetd.d/vsftpd /etc/xinetd.d/vsftpd; fi
|
||||
+ $(INSTALL) -D -m 755 vsftpd $(DESTDIR)/usr/sbin/vsftpd
|
||||
+ $(INSTALL) -D -m 644 vsftpd.8 $(DESTDIR)/usr/share/man/man8/vsftpd.8
|
||||
+ $(INSTALL) -D -m 644 vsftpd.conf.5 $(DESTDIR)/usr/share/man/man5/vsftpd.conf.5
|
||||
+ $(INSTALL) -D -m 600 vsftpd.conf $(DESTDIR)/etc/vsftpd.conf
|
||||
|
||||
clean:
|
||||
rm -f *.o *.swp vsftpd
|
||||
diff -Nru vsftpd-3.0.3.orig/builddefs.h vsftpd-3.0.3/builddefs.h
|
||||
--- vsftpd-3.0.3.orig/builddefs.h 2015-07-25 10:46:48.976048527 +0200
|
||||
+++ vsftpd-3.0.3/builddefs.h 2015-07-25 10:51:14.686615834 +0200
|
||||
@@ -2,8 +2,8 @@
|
||||
#define VSF_BUILDDEFS_H
|
||||
|
||||
#undef VSF_BUILD_TCPWRAPPERS
|
||||
-#define VSF_BUILD_PAM
|
||||
-#undef VSF_BUILD_SSL
|
||||
+#undef VSF_BUILD_PAM
|
||||
+#define VSF_BUILD_SSL
|
||||
|
||||
#endif /* VSF_BUILDDEFS_H */
|
||||
|
||||
diff -Nru vsftpd-3.0.3.orig/tunables.c vsftpd-3.0.3/tunables.c
|
||||
--- vsftpd-3.0.3.orig/tunables.c 2015-07-25 10:46:48.976048527 +0200
|
||||
+++ vsftpd-3.0.3/tunables.c 2015-07-25 10:48:46.175221304 +0200
|
||||
@@ -254,7 +254,7 @@
|
||||
/* -rw------- */
|
||||
tunable_chown_upload_mode = 0600;
|
||||
|
||||
- install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
|
||||
+ install_str_setting("/var/empty", &tunable_secure_chroot_dir);
|
||||
install_str_setting("ftp", &tunable_ftp_username);
|
||||
install_str_setting("root", &tunable_chown_username);
|
||||
install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
|
||||
@@ -281,11 +281,10 @@
|
||||
install_str_setting(0, &tunable_user_sub_token);
|
||||
install_str_setting("/etc/vsftpd.email_passwords",
|
||||
&tunable_email_password_file);
|
||||
- install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
|
||||
- &tunable_rsa_cert_file);
|
||||
+ install_str_setting("/etc/ssl/certs/vsftpd.crt", &tunable_rsa_cert_file);
|
||||
install_str_setting(0, &tunable_dsa_cert_file);
|
||||
install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
|
||||
- install_str_setting(0, &tunable_rsa_private_key_file);
|
||||
+ install_str_setting("/etc/ssl/keys/vsftpd.key", &tunable_rsa_private_key_file);
|
||||
install_str_setting(0, &tunable_dsa_private_key_file);
|
||||
install_str_setting(0, &tunable_ca_certs_file);
|
||||
}
|
||||
diff -Nru vsftpd-3.0.3.orig/vsftpd.conf vsftpd-3.0.3/vsftpd.conf
|
||||
--- vsftpd-3.0.3.orig/vsftpd.conf 2015-07-25 10:46:48.976048527 +0200
|
||||
+++ vsftpd-3.0.3/vsftpd.conf 2015-07-25 10:50:10.758885261 +0200
|
||||
@@ -8,11 +8,18 @@
|
||||
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
|
||||
# capabilities.
|
||||
#
|
||||
+#
|
||||
+# Enable SSL support
|
||||
+#ssl_enable=YES
|
||||
+#ssl_sslv3=YES
|
||||
+#
|
||||
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
|
||||
anonymous_enable=YES
|
||||
#
|
||||
# Uncomment this to allow local users to log in.
|
||||
#local_enable=YES
|
||||
+#force_local_logins_ssl=YES
|
||||
+#force_local_data_ssl=YES
|
||||
#
|
||||
# Uncomment this to enable any form of FTP write command.
|
||||
#write_enable=YES
|
||||
@@ -110,6 +117,7 @@
|
||||
# listens on IPv4 sockets. This directive cannot be used in conjunction
|
||||
# with the listen_ipv6 directive.
|
||||
listen=YES
|
||||
+background=YES
|
||||
#
|
||||
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
|
||||
# sockets, you must run two copies of vsftpd with two configuration files.
|
||||
diff -Nru vsftpd-3.0.3.orig/vsftpd.conf.5 vsftpd-3.0.3/vsftpd.conf.5
|
||||
--- vsftpd-3.0.3.orig/vsftpd.conf.5 2015-07-25 10:46:48.976048527 +0200
|
||||
+++ vsftpd-3.0.3/vsftpd.conf.5 2015-07-25 10:47:10.025301281 +0200
|
||||
@@ -955,21 +955,21 @@
|
||||
This option specifies the location of the RSA certificate to use for SSL
|
||||
encrypted connections.
|
||||
|
||||
-Default: /usr/share/ssl/certs/vsftpd.pem
|
||||
+Default: /etc/ssl/certs/vsftpd.crt
|
||||
.TP
|
||||
.B rsa_private_key_file
|
||||
This option specifies the location of the RSA private key to use for SSL
|
||||
encrypted connections. If this option is not set, the private key is expected
|
||||
to be in the same file as the certificate.
|
||||
|
||||
-Default: (none)
|
||||
+Default: /etc/ssl/keys/vsftpd.key
|
||||
.TP
|
||||
.B secure_chroot_dir
|
||||
This option should be the name of a directory which is empty. Also, the
|
||||
directory should not be writable by the ftp user. This directory is used
|
||||
as a secure chroot() jail at times vsftpd does not require filesystem access.
|
||||
|
||||
-Default: /usr/share/empty
|
||||
+Default: /var/empty
|
||||
.TP
|
||||
.B ssl_ciphers
|
||||
This option can be used to select which SSL ciphers vsftpd will allow for
|
||||
Loading…
Reference in New Issue
Block a user