diff -Nru vsftpd-2.0.7.orig/Makefile vsftpd-2.0.7/Makefile --- vsftpd-2.0.7.orig/Makefile 2008-07-30 22:19:12.000000000 +0200 +++ vsftpd-2.0.7/Makefile 2008-07-30 22:19:26.000000000 +0200 @@ -3,7 +3,7 @@ INSTALL = install IFLAGS = -idirafter dummyinc #CFLAGS = -g -CFLAGS = -O2 -Wall -W -Wshadow #-pedantic -Werror -Wconversion +CFLAGS += -Wall -W -Wshadow #-pedantic -Werror -Wconversion LIBS = `./vsf_findlibs.sh` LINK = -Wl,-s @@ -24,21 +24,10 @@ $(CC) -o vsftpd $(OBJS) $(LINK) $(LIBS) $(LDFLAGS) install: - if [ -x /usr/local/sbin ]; then \ - $(INSTALL) -m 755 vsftpd /usr/local/sbin/vsftpd; \ - else \ - $(INSTALL) -m 755 vsftpd /usr/sbin/vsftpd; fi - if [ -x /usr/local/man ]; then \ - $(INSTALL) -m 644 vsftpd.8 /usr/local/man/man8/vsftpd.8; \ - $(INSTALL) -m 644 vsftpd.conf.5 /usr/local/man/man5/vsftpd.conf.5; \ - elif [ -x /usr/share/man ]; then \ - $(INSTALL) -m 644 vsftpd.8 /usr/share/man/man8/vsftpd.8; \ - $(INSTALL) -m 644 vsftpd.conf.5 /usr/share/man/man5/vsftpd.conf.5; \ - else \ - $(INSTALL) -m 644 vsftpd.8 /usr/man/man8/vsftpd.8; \ - $(INSTALL) -m 644 vsftpd.conf.5 /usr/man/man5/vsftpd.conf.5; fi - if [ -x /etc/xinetd.d ]; then \ - $(INSTALL) -m 644 xinetd.d/vsftpd /etc/xinetd.d/vsftpd; fi + $(INSTALL) -D -m 755 vsftpd $(DESTDIR)/usr/sbin/vsftpd + $(INSTALL) -D -m 644 vsftpd.8 $(DESTDIR)/usr/man/man8/vsftpd.8 + $(INSTALL) -D -m 644 vsftpd.conf.5 $(DESTDIR)/usr/man/man5/vsftpd.conf.5 + $(INSTALL) -D -m 600 vsftpd.conf $(DESTDIR)/etc/vsftpd.conf clean: rm -f *.o *.swp vsftpd diff -Nru vsftpd-2.0.7.orig/builddefs.h vsftpd-2.0.7/builddefs.h --- vsftpd-2.0.7.orig/builddefs.h 2008-07-30 22:19:12.000000000 +0200 +++ vsftpd-2.0.7/builddefs.h 2008-07-30 22:19:26.000000000 +0200 @@ -1,9 +1,9 @@ #ifndef VSF_BUILDDEFS_H #define VSF_BUILDDEFS_H -#undef VSF_BUILD_TCPWRAPPERS -#define VSF_BUILD_PAM -#undef VSF_BUILD_SSL +#define VSF_BUILD_TCPWRAPPERS +#undef VSF_BUILD_PAM +#define VSF_BUILD_SSL #endif /* VSF_BUILDDEFS_H */ diff -Nru vsftpd-2.0.7.orig/tunables.c vsftpd-2.0.7/tunables.c --- vsftpd-2.0.7.orig/tunables.c 2008-07-30 22:19:12.000000000 +0200 +++ vsftpd-2.0.7/tunables.c 2008-07-30 22:19:26.000000000 +0200 @@ -104,7 +104,7 @@ /* -rw------- */ unsigned int tunable_chown_upload_mode = 0600; -const char* tunable_secure_chroot_dir = "/usr/share/empty"; +const char* tunable_secure_chroot_dir = "/var/empty"; const char* tunable_ftp_username = "ftp"; const char* tunable_chown_username = "root"; const char* tunable_xferlog_file = "/var/log/xferlog"; @@ -129,10 +129,10 @@ const char* tunable_deny_file = 0; const char* tunable_user_sub_token = 0; const char* tunable_email_password_file = "/etc/vsftpd.email_passwords"; -const char* tunable_rsa_cert_file = "/usr/share/ssl/certs/vsftpd.pem"; +const char* tunable_rsa_cert_file = "/etc/ssl/certs/vsftpd.crt"; const char* tunable_dsa_cert_file = 0; const char* tunable_ssl_ciphers = "DES-CBC3-SHA"; -const char* tunable_rsa_private_key_file = 0; +const char* tunable_rsa_private_key_file = "/etc/ssl/keys/vsftpd.key"; const char* tunable_dsa_private_key_file = 0; const char* tunable_ca_certs_file = 0; diff -Nru vsftpd-2.0.7.orig/vsftpd.conf vsftpd-2.0.7/vsftpd.conf --- vsftpd-2.0.7.orig/vsftpd.conf 2008-07-30 22:19:12.000000000 +0200 +++ vsftpd-2.0.7/vsftpd.conf 2008-07-30 22:19:26.000000000 +0200 @@ -8,11 +8,25 @@ # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # +# +# Run standalone +listen=YES +background=YES +# +# Use tcp_wrappers library +tcp_wrappers=YES +# +# Enable SSL support +#ssl_enable=YES +#ssl_sslv3=YES +# # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=YES # # Uncomment this to allow local users to log in. #local_enable=YES +#force_local_logins_ssl=YES +#force_local_data_ssl=YES # # Uncomment this to enable any form of FTP write command. #write_enable=YES diff -Nru vsftpd-2.0.7.orig/vsftpd.conf.5 vsftpd-2.0.7/vsftpd.conf.5 --- vsftpd-2.0.7.orig/vsftpd.conf.5 2008-07-30 22:19:12.000000000 +0200 +++ vsftpd-2.0.7/vsftpd.conf.5 2008-07-30 22:19:26.000000000 +0200 @@ -927,21 +927,21 @@ This option specifies the location of the RSA certificate to use for SSL encrypted connections. -Default: /usr/share/ssl/certs/vsftpd.pem +Default: /etc/ssl/certs/vsftpd.crt .TP .B rsa_private_key_file This option specifies the location of the RSA private key to use for SSL encrypted connections. If this option is not set, the private key is expected to be in the same file as the certificate. -Default: (none) +Default: /etc/ssl/keys/vsftpd.key .TP .B secure_chroot_dir This option should be the name of a directory which is empty. Also, the directory should not be writable by the ftp user. This directory is used as a secure chroot() jail at times vsftpd does not require filesystem access. -Default: /usr/share/empty +Default: /var/empty .TP .B ssl_ciphers This option can be used to select which SSL ciphers vsftpd will allow for