[PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable
@ 2013-10-10  8:34 rongqing.li
  2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
  2013-10-18 16:30 ` [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable Joe MacDonald
  0 siblings, 2 replies; 5+ messages in thread
From: rongqing.li @ 2013-10-10  8:34 UTC (permalink / raw)
  To: openembedded-devel

From: Roy Li <rongqing.li@windriver.com>

"test -z ${PAMLIB}" in do_install() may report error if ${PAMLIB}
has space chars. This commit added double quotes to wrap it in
case of errors.

Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
 meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
index 2c3e009..7677477 100644
--- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
+++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
@@ -60,7 +60,7 @@ do_install() {
 
     install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
     install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
-    if ! test -z ${PAMLIB} ; then
+    if ! test -z "${PAMLIB}" ; then
         install -d ${D}${sysconfdir}/pam.d/
         cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
         sed -i "s:/lib/security:${base_libdir}/security:" ${D}${sysconfdir}/pam.d/vsftpd
-- 
1.7.10.4



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir
  2013-10-10  8:34 [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable rongqing.li
@ 2013-10-10  8:34 ` rongqing.li
  2013-10-18 16:29   ` Joe MacDonald
  2013-10-18 16:30 ` [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable Joe MacDonald
  1 sibling, 1 reply; 5+ messages in thread
From: rongqing.li @ 2013-10-10  8:34 UTC (permalink / raw)
  To: openembedded-devel

From: Roy Li <rongqing.li@windriver.com>

Change default value of secure_chroot_dir to /var/run/vsftpd/empty, add
volatiles entry for it, to ensure it won't fail to start by xinetd.

Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
 .../vsftpd/files/change-secure_chroot_dir.patch    |   55 ++++++++++++++++++++
 meta-networking/recipes-daemons/vsftpd/files/init  |    2 +-
 .../vsftpd/files/volatiles.99_vsftpd               |    2 +
 .../recipes-daemons/vsftpd/vsftpd_3.0.0.bb         |    7 ++-
 4 files changed, 64 insertions(+), 2 deletions(-)
 create mode 100644 meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
 create mode 100644 meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd

diff --git a/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
new file mode 100644
index 0000000..e7a673e
--- /dev/null
+++ b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
@@ -0,0 +1,55 @@
+vsftpd: change secure_chroot_dir default value
+
+Upstream-Status: Pending
+
+Change secure_chroot_dir pointing to a volatile directory.
+
+Signed-off-by: Ming Liu <ming.liu@windriver.com>
+---
+ INSTALL       |    6 +++---
+ tunables.c    |    2 +-
+ vsftpd.conf.5 |    2 +-
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff -urpN a/INSTALL b/INSTALL
+--- a/INSTALL	2013-09-13 10:23:57.504972397 +0800
++++ b/INSTALL	2013-09-13 10:25:25.664971779 +0800
+@@ -27,11 +27,11 @@ user in case it does not already exist. 
+ [root@localhost root]# useradd nobody
+ useradd: user nobody exists
+ 
+-2b) vsftpd needs the (empty) directory /usr/share/empty in the default
++2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default
+ configuration. Add this directory in case it does not already exist. e.g.:
+ 
+-[root@localhost root]# mkdir /usr/share/empty/
+-mkdir: cannot create directory `/usr/share/empty': File exists
++[root@localhost root]# mkdir /var/run/vsftpd/empty/
++mkdir: cannot create directory `/var/run/vsftpd/empty': File exists
+ 
+ 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a
+ valid home directory (which is NOT owned or writable by the user "ftp").
+diff -urpN a/tunables.c b/tunables.c
+--- a/tunables.c	2013-09-13 10:26:29.554972817 +0800
++++ b/tunables.c	2013-09-13 10:27:18.104972210 +0800
+@@ -254,7 +254,7 @@ tunables_load_defaults()
+   /* -rw------- */
+   tunable_chown_upload_mode = 0600;
+ 
+-  install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
++  install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir);
+   install_str_setting("ftp", &tunable_ftp_username);
+   install_str_setting("root", &tunable_chown_username);
+   install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
+diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5
+--- a/vsftpd.conf.5	2013-09-13 10:09:33.774972462 +0800
++++ b/vsftpd.conf.5	2013-09-13 10:10:41.914971989 +0800
+@@ -969,7 +969,7 @@ This option should be the name of a dire
+ directory should not be writable by the ftp user. This directory is used
+ as a secure chroot() jail at times vsftpd does not require filesystem access.
+ 
+-Default: /usr/share/empty
++Default: /var/run/vsftpd/empty
+ .TP
+ .B ssl_ciphers
+ This option can be used to select which SSL ciphers vsftpd will allow for
diff --git a/meta-networking/recipes-daemons/vsftpd/files/init b/meta-networking/recipes-daemons/vsftpd/files/init
index d0ec010..513f407 100755
--- a/meta-networking/recipes-daemons/vsftpd/files/init
+++ b/meta-networking/recipes-daemons/vsftpd/files/init
@@ -2,7 +2,7 @@
 DAEMON=/usr/sbin/vsftpd
 NAME=vsftpd
 DESC="FTP Server"
-ARGS=""
+ARGS="/etc/vsftpd.conf"
 FTPDIR=/var/lib/ftp
 
 test -f $DAEMON || exit 0
diff --git a/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
new file mode 100644
index 0000000..0f80776
--- /dev/null
+++ b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
@@ -0,0 +1,2 @@
+# <type> <owner> <group> <mode> <path> <linksource>
+d root root 0755 /var/run/vsftpd/empty none
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
index 7677477..09de1e9 100644
--- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
+++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
@@ -14,6 +14,8 @@ SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \
            file://vsftpd.conf \
            file://vsftpd.user_list \
            file://vsftpd.ftpusers \
+           file://change-secure_chroot_dir.patch \
+           file://volatiles.99_vsftpd \
 "
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271 \
@@ -40,7 +42,7 @@ LDFLAGS_append =" -lcrypt -lcap"
 do_configure() {
     # Fix hardcoded /usr, /etc, /var mess.
     cat tunables.c|sed s:\"/usr:\"${prefix}:g|sed s:\"/var:\"${localstatedir}:g \
-    |sed s:\"${prefix}/share/empty:\"${localstatedir}/share/empty:g |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
+    |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
     mv tunables.c.new tunables.c
 }
 
@@ -60,6 +62,9 @@ do_install() {
 
     install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
     install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
+    install -d ${D}/${sysconfdir}/default/volatiles
+    install -m 644 ${WORKDIR}/volatiles.99_vsftpd ${D}/${sysconfdir}/default/volatiles/99_vsftpd
+
     if ! test -z "${PAMLIB}" ; then
         install -d ${D}${sysconfdir}/pam.d/
         cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
-- 
1.7.10.4



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir
  2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
@ 2013-10-18 16:29   ` Joe MacDonald
  2013-10-22  5:20     ` Rongqing Li
  0 siblings, 1 reply; 5+ messages in thread
From: Joe MacDonald @ 2013-10-18 16:29 UTC (permalink / raw)
  To: rongqing.li; +Cc: openembedded-devel

[-- Attachment #1: Type: text/plain, Size: 6444 bytes --]

Hi Roy,

Is this different from the patch I received from Ming Liu about a month
ago?  It doesn't look it at first glance, but I didn't diff the two.

-J.

[[oe] [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir] On 13.10.10 (Thu 16:34) rongqing.li@windriver.com wrote:

> From: Roy Li <rongqing.li@windriver.com>
> 
> Change default value of secure_chroot_dir to /var/run/vsftpd/empty, add
> volatiles entry for it, to ensure it won't fail to start by xinetd.
> 
> Signed-off-by: Roy Li <rongqing.li@windriver.com>
> ---
>  .../vsftpd/files/change-secure_chroot_dir.patch    |   55 ++++++++++++++++++++
>  meta-networking/recipes-daemons/vsftpd/files/init  |    2 +-
>  .../vsftpd/files/volatiles.99_vsftpd               |    2 +
>  .../recipes-daemons/vsftpd/vsftpd_3.0.0.bb         |    7 ++-
>  4 files changed, 64 insertions(+), 2 deletions(-)
>  create mode 100644 meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>  create mode 100644 meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
> 
> diff --git a/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
> new file mode 100644
> index 0000000..e7a673e
> --- /dev/null
> +++ b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
> @@ -0,0 +1,55 @@
> +vsftpd: change secure_chroot_dir default value
> +
> +Upstream-Status: Pending
> +
> +Change secure_chroot_dir pointing to a volatile directory.
> +
> +Signed-off-by: Ming Liu <ming.liu@windriver.com>
> +---
> + INSTALL       |    6 +++---
> + tunables.c    |    2 +-
> + vsftpd.conf.5 |    2 +-
> + 3 files changed, 5 insertions(+), 5 deletions(-)
> +
> +diff -urpN a/INSTALL b/INSTALL
> +--- a/INSTALL	2013-09-13 10:23:57.504972397 +0800
> ++++ b/INSTALL	2013-09-13 10:25:25.664971779 +0800
> +@@ -27,11 +27,11 @@ user in case it does not already exist. 
> + [root@localhost root]# useradd nobody
> + useradd: user nobody exists
> + 
> +-2b) vsftpd needs the (empty) directory /usr/share/empty in the default
> ++2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default
> + configuration. Add this directory in case it does not already exist. e.g.:
> + 
> +-[root@localhost root]# mkdir /usr/share/empty/
> +-mkdir: cannot create directory `/usr/share/empty': File exists
> ++[root@localhost root]# mkdir /var/run/vsftpd/empty/
> ++mkdir: cannot create directory `/var/run/vsftpd/empty': File exists
> + 
> + 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a
> + valid home directory (which is NOT owned or writable by the user "ftp").
> +diff -urpN a/tunables.c b/tunables.c
> +--- a/tunables.c	2013-09-13 10:26:29.554972817 +0800
> ++++ b/tunables.c	2013-09-13 10:27:18.104972210 +0800
> +@@ -254,7 +254,7 @@ tunables_load_defaults()
> +   /* -rw------- */
> +   tunable_chown_upload_mode = 0600;
> + 
> +-  install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
> ++  install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir);
> +   install_str_setting("ftp", &tunable_ftp_username);
> +   install_str_setting("root", &tunable_chown_username);
> +   install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
> +diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5
> +--- a/vsftpd.conf.5	2013-09-13 10:09:33.774972462 +0800
> ++++ b/vsftpd.conf.5	2013-09-13 10:10:41.914971989 +0800
> +@@ -969,7 +969,7 @@ This option should be the name of a dire
> + directory should not be writable by the ftp user. This directory is used
> + as a secure chroot() jail at times vsftpd does not require filesystem access.
> + 
> +-Default: /usr/share/empty
> ++Default: /var/run/vsftpd/empty
> + .TP
> + .B ssl_ciphers
> + This option can be used to select which SSL ciphers vsftpd will allow for
> diff --git a/meta-networking/recipes-daemons/vsftpd/files/init b/meta-networking/recipes-daemons/vsftpd/files/init
> index d0ec010..513f407 100755
> --- a/meta-networking/recipes-daemons/vsftpd/files/init
> +++ b/meta-networking/recipes-daemons/vsftpd/files/init
> @@ -2,7 +2,7 @@
>  DAEMON=/usr/sbin/vsftpd
>  NAME=vsftpd
>  DESC="FTP Server"
> -ARGS=""
> +ARGS="/etc/vsftpd.conf"
>  FTPDIR=/var/lib/ftp
>  
>  test -f $DAEMON || exit 0
> diff --git a/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
> new file mode 100644
> index 0000000..0f80776
> --- /dev/null
> +++ b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
> @@ -0,0 +1,2 @@
> +# <type> <owner> <group> <mode> <path> <linksource>
> +d root root 0755 /var/run/vsftpd/empty none
> diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> index 7677477..09de1e9 100644
> --- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> @@ -14,6 +14,8 @@ SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \
>             file://vsftpd.conf \
>             file://vsftpd.user_list \
>             file://vsftpd.ftpusers \
> +           file://change-secure_chroot_dir.patch \
> +           file://volatiles.99_vsftpd \
>  "
>  
>  LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271 \
> @@ -40,7 +42,7 @@ LDFLAGS_append =" -lcrypt -lcap"
>  do_configure() {
>      # Fix hardcoded /usr, /etc, /var mess.
>      cat tunables.c|sed s:\"/usr:\"${prefix}:g|sed s:\"/var:\"${localstatedir}:g \
> -    |sed s:\"${prefix}/share/empty:\"${localstatedir}/share/empty:g |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
> +    |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
>      mv tunables.c.new tunables.c
>  }
>  
> @@ -60,6 +62,9 @@ do_install() {
>  
>      install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
>      install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
> +    install -d ${D}/${sysconfdir}/default/volatiles
> +    install -m 644 ${WORKDIR}/volatiles.99_vsftpd ${D}/${sysconfdir}/default/volatiles/99_vsftpd
> +
>      if ! test -z "${PAMLIB}" ; then
>          install -d ${D}${sysconfdir}/pam.d/
>          cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
-- 
-Joe MacDonald.
:wq

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 205 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable
  2013-10-10  8:34 [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable rongqing.li
  2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
@ 2013-10-18 16:30 ` Joe MacDonald
  1 sibling, 0 replies; 5+ messages in thread
From: Joe MacDonald @ 2013-10-18 16:30 UTC (permalink / raw)
  To: rongqing.li; +Cc: openembedded-devel

[-- Attachment #1: Type: text/plain, Size: 1384 bytes --]

Merged, thanks.
-J.

[[oe] [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable] On 13.10.10 (Thu 16:34) rongqing.li@windriver.com wrote:

> From: Roy Li <rongqing.li@windriver.com>
> 
> "test -z ${PAMLIB}" in do_install() may report error if ${PAMLIB}
> has space chars. This commit added double quotes to wrap it in
> case of errors.
> 
> Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
> Signed-off-by: Roy Li <rongqing.li@windriver.com>
> ---
>  meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> index 2c3e009..7677477 100644
> --- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> @@ -60,7 +60,7 @@ do_install() {
>  
>      install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
>      install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
> -    if ! test -z ${PAMLIB} ; then
> +    if ! test -z "${PAMLIB}" ; then
>          install -d ${D}${sysconfdir}/pam.d/
>          cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
>          sed -i "s:/lib/security:${base_libdir}/security:" ${D}${sysconfdir}/pam.d/vsftpd
-- 
-Joe MacDonald.
:wq

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 205 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir
  2013-10-18 16:29   ` Joe MacDonald
@ 2013-10-22  5:20     ` Rongqing Li
  0 siblings, 0 replies; 5+ messages in thread
From: Rongqing Li @ 2013-10-22  5:20 UTC (permalink / raw)
  To: Joe MacDonald; +Cc: openembedded-devel



On 10/19/2013 12:29 AM, Joe MacDonald wrote:
> Hi Roy,
>
> Is this different from the patch I received from Ming Liu about a month
> ago?  It doesn't look it at first glance, but I didn't diff the two.
>
> -J.

Sorry, I did not sync my repo, LiuMing patch is OK.
Thanks


-Roy


>
> [[oe] [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir] On 13.10.10 (Thu 16:34) rongqing.li@windriver.com wrote:
>
>> From: Roy Li <rongqing.li@windriver.com>
>>
>> Change default value of secure_chroot_dir to /var/run/vsftpd/empty, add
>> volatiles entry for it, to ensure it won't fail to start by xinetd.
>>
>> Signed-off-by: Roy Li <rongqing.li@windriver.com>
>> ---
>>   .../vsftpd/files/change-secure_chroot_dir.patch    |   55 ++++++++++++++++++++
>>   meta-networking/recipes-daemons/vsftpd/files/init  |    2 +-
>>   .../vsftpd/files/volatiles.99_vsftpd               |    2 +
>>   .../recipes-daemons/vsftpd/vsftpd_3.0.0.bb         |    7 ++-
>>   4 files changed, 64 insertions(+), 2 deletions(-)
>>   create mode 100644 meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>>   create mode 100644 meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
>>
>> diff --git a/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>> new file mode 100644
>> index 0000000..e7a673e
>> --- /dev/null
>> +++ b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>> @@ -0,0 +1,55 @@
>> +vsftpd: change secure_chroot_dir default value
>> +
>> +Upstream-Status: Pending
>> +
>> +Change secure_chroot_dir pointing to a volatile directory.
>> +
>> +Signed-off-by: Ming Liu <ming.liu@windriver.com>
>> +---
>> + INSTALL       |    6 +++---
>> + tunables.c    |    2 +-
>> + vsftpd.conf.5 |    2 +-
>> + 3 files changed, 5 insertions(+), 5 deletions(-)
>> +
>> +diff -urpN a/INSTALL b/INSTALL
>> +--- a/INSTALL	2013-09-13 10:23:57.504972397 +0800
>> ++++ b/INSTALL	2013-09-13 10:25:25.664971779 +0800
>> +@@ -27,11 +27,11 @@ user in case it does not already exist.
>> + [root@localhost root]# useradd nobody
>> + useradd: user nobody exists
>> +
>> +-2b) vsftpd needs the (empty) directory /usr/share/empty in the default
>> ++2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default
>> + configuration. Add this directory in case it does not already exist. e.g.:
>> +
>> +-[root@localhost root]# mkdir /usr/share/empty/
>> +-mkdir: cannot create directory `/usr/share/empty': File exists
>> ++[root@localhost root]# mkdir /var/run/vsftpd/empty/
>> ++mkdir: cannot create directory `/var/run/vsftpd/empty': File exists
>> +
>> + 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a
>> + valid home directory (which is NOT owned or writable by the user "ftp").
>> +diff -urpN a/tunables.c b/tunables.c
>> +--- a/tunables.c	2013-09-13 10:26:29.554972817 +0800
>> ++++ b/tunables.c	2013-09-13 10:27:18.104972210 +0800
>> +@@ -254,7 +254,7 @@ tunables_load_defaults()
>> +   /* -rw------- */
>> +   tunable_chown_upload_mode = 0600;
>> +
>> +-  install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
>> ++  install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir);
>> +   install_str_setting("ftp", &tunable_ftp_username);
>> +   install_str_setting("root", &tunable_chown_username);
>> +   install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
>> +diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5
>> +--- a/vsftpd.conf.5	2013-09-13 10:09:33.774972462 +0800
>> ++++ b/vsftpd.conf.5	2013-09-13 10:10:41.914971989 +0800
>> +@@ -969,7 +969,7 @@ This option should be the name of a dire
>> + directory should not be writable by the ftp user. This directory is used
>> + as a secure chroot() jail at times vsftpd does not require filesystem access.
>> +
>> +-Default: /usr/share/empty
>> ++Default: /var/run/vsftpd/empty
>> + .TP
>> + .B ssl_ciphers
>> + This option can be used to select which SSL ciphers vsftpd will allow for
>> diff --git a/meta-networking/recipes-daemons/vsftpd/files/init b/meta-networking/recipes-daemons/vsftpd/files/init
>> index d0ec010..513f407 100755
>> --- a/meta-networking/recipes-daemons/vsftpd/files/init
>> +++ b/meta-networking/recipes-daemons/vsftpd/files/init
>> @@ -2,7 +2,7 @@
>>   DAEMON=/usr/sbin/vsftpd
>>   NAME=vsftpd
>>   DESC="FTP Server"
>> -ARGS=""
>> +ARGS="/etc/vsftpd.conf"
>>   FTPDIR=/var/lib/ftp
>>
>>   test -f $DAEMON || exit 0
>> diff --git a/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
>> new file mode 100644
>> index 0000000..0f80776
>> --- /dev/null
>> +++ b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
>> @@ -0,0 +1,2 @@
>> +# <type> <owner> <group> <mode> <path> <linksource>
>> +d root root 0755 /var/run/vsftpd/empty none
>> diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
>> index 7677477..09de1e9 100644
>> --- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
>> +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
>> @@ -14,6 +14,8 @@ SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \
>>              file://vsftpd.conf \
>>              file://vsftpd.user_list \
>>              file://vsftpd.ftpusers \
>> +           file://change-secure_chroot_dir.patch \
>> +           file://volatiles.99_vsftpd \
>>   "
>>
>>   LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271 \
>> @@ -40,7 +42,7 @@ LDFLAGS_append =" -lcrypt -lcap"
>>   do_configure() {
>>       # Fix hardcoded /usr, /etc, /var mess.
>>       cat tunables.c|sed s:\"/usr:\"${prefix}:g|sed s:\"/var:\"${localstatedir}:g \
>> -    |sed s:\"${prefix}/share/empty:\"${localstatedir}/share/empty:g |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
>> +    |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
>>       mv tunables.c.new tunables.c
>>   }
>>
>> @@ -60,6 +62,9 @@ do_install() {
>>
>>       install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
>>       install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
>> +    install -d ${D}/${sysconfdir}/default/volatiles
>> +    install -m 644 ${WORKDIR}/volatiles.99_vsftpd ${D}/${sysconfdir}/default/volatiles/99_vsftpd
>> +
>>       if ! test -z "${PAMLIB}" ; then
>>           install -d ${D}${sysconfdir}/pam.d/
>>           cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd

-- 
Best Reagrds,
Roy | RongQing Li


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2013-10-22  5:20 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-10-10  8:34 [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable rongqing.li
2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
2013-10-18 16:29   ` Joe MacDonald
2013-10-22  5:20     ` Rongqing Li
2013-10-18 16:30 ` [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable Joe MacDonald

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.