* [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation
@ 2015-10-04 13:31 Maxime Hadjinlian
2015-10-04 13:31 ` [Buildroot] [PATCH 2/3] vsftpd: " Maxime Hadjinlian
` (3 more replies)
0 siblings, 4 replies; 12+ messages in thread
From: Maxime Hadjinlian @ 2015-10-04 13:31 UTC (permalink / raw)
To: buildroot
In order to remove '/home/ftp' and the ftp user from the 'skeleton'
package, we need to add the creation of the ftp users to the package so
it still work out of the box (with an anonymous user).
Signed-off-by Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
---
package/proftpd/proftpd.mk | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/package/proftpd/proftpd.mk b/package/proftpd/proftpd.mk
index dec243d..d040b8c 100644
--- a/package/proftpd/proftpd.mk
+++ b/package/proftpd/proftpd.mk
@@ -51,6 +51,10 @@ define PROFTPD_INSTALL_TARGET_CMDS
$(INSTALL) -m 0644 -D $(@D)/sample-configurations/basic.conf $(TARGET_DIR)/etc/proftpd.conf
endef
+define PROFTPD_USERS
+ ftp -1 ftp -1 * /home/ftp - - Anonymous FTP User
+endef
+
define PROFTPD_INSTALL_INIT_SYSV
$(INSTALL) -D -m 0755 package/proftpd/S50proftpd $(TARGET_DIR)/etc/init.d/S50proftpd
endef
--
2.5.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 2/3] vsftpd: Add ftp user creation
2015-10-04 13:31 [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Maxime Hadjinlian
@ 2015-10-04 13:31 ` Maxime Hadjinlian
2015-10-04 13:53 ` Vincent Olivert Riera
` (2 more replies)
2015-10-04 13:31 ` [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp Maxime Hadjinlian
` (2 subsequent siblings)
3 siblings, 3 replies; 12+ messages in thread
From: Maxime Hadjinlian @ 2015-10-04 13:31 UTC (permalink / raw)
To: buildroot
In order to remove '/home/ftp' and the ftp user from the 'skeleton'
package, we need to add the creation of the ftp users to the package so
it still work out of the box (with an anonymous user).
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
---
package/vsftpd/vsftpd.mk | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk
index 1e48264..976d397 100644
--- a/package/vsftpd/vsftpd.mk
+++ b/package/vsftpd/vsftpd.mk
@@ -43,9 +43,22 @@ define VSFTPD_BUILD_CMDS
LDFLAGS="$(TARGET_LDFLAGS)" LIBS="$(VSFTPD_LIBS)" -C $(@D)
endef
+define VSFTPD_USERS
+ ftp -1 ftp -1 * /home/ftp - - Anonymous FTP User
+endef
+
define VSFTPD_INSTALL_INIT_SYSV
$(INSTALL) -D -m 755 package/vsftpd/S70vsftpd $(TARGET_DIR)/etc/init.d/S70vsftpd
endef
+#
+# VSFTPD won't work if the jail directory is writable, it has to be readable
+# only
+# Otherwise you get the following error:
+# 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
+# That's why we have to chmod /home/ftp
+define VSFTPD_FIX_HOME_PERMISSIONS
+ $(INSTALL) -d -m 555 $(TARGET_DIR)/home/ftp
+endef
define VSFTPD_INSTALL_TARGET_CMDS
$(INSTALL) -D -m 755 $(@D)/vsftpd $(TARGET_DIR)/usr/sbin/vsftpd
@@ -53,6 +66,7 @@ define VSFTPD_INSTALL_TARGET_CMDS
$(INSTALL) -D -m 644 $(@D)/vsftpd.conf \
$(TARGET_DIR)/etc/vsftpd.conf
$(INSTALL) -d -m 700 $(TARGET_DIR)/usr/share/empty
+ $(VSFTPD_FIX_HOME_PERMISSIONS)
endef
$(eval $(generic-package))
--
2.5.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp
2015-10-04 13:31 [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Maxime Hadjinlian
2015-10-04 13:31 ` [Buildroot] [PATCH 2/3] vsftpd: " Maxime Hadjinlian
@ 2015-10-04 13:31 ` Maxime Hadjinlian
2015-10-04 13:54 ` Vincent Olivert Riera
2015-10-10 17:38 ` Thomas Petazzoni
2015-10-04 13:53 ` [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Vincent Olivert Riera
2015-10-10 17:36 ` Thomas Petazzoni
3 siblings, 2 replies; 12+ messages in thread
From: Maxime Hadjinlian @ 2015-10-04 13:31 UTC (permalink / raw)
To: buildroot
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
---
system/skeleton/etc/group | 1 -
system/skeleton/etc/passwd | 1 -
system/skeleton/home/ftp/.empty | 0
3 files changed, 2 deletions(-)
delete mode 100644 system/skeleton/home/ftp/.empty
diff --git a/system/skeleton/etc/group b/system/skeleton/etc/group
index c1dc11f..ba20e90 100644
--- a/system/skeleton/etc/group
+++ b/system/skeleton/etc/group
@@ -21,6 +21,5 @@ plugdev:x:46:
staff:x:50:
lock:x:54:
netdev:x:82:
-ftp:x:83:
nogroup:x:99:
users:x:100:
diff --git a/system/skeleton/etc/passwd b/system/skeleton/etc/passwd
index 3a80341..883265a 100644
--- a/system/skeleton/etc/passwd
+++ b/system/skeleton/etc/passwd
@@ -6,5 +6,4 @@ sync:x:4:100:sync:/bin:/bin/sync
mail:x:8:8:mail:/var/spool/mail:/bin/false
www-data:x:33:33:www-data:/var/www:/bin/false
operator:x:37:37:Operator:/var:/bin/false
-ftp:x:83:83:ftp:/home/ftp:/bin/false
nobody:x:99:99:nobody:/home:/bin/false
diff --git a/system/skeleton/home/ftp/.empty b/system/skeleton/home/ftp/.empty
deleted file mode 100644
index e69de29..0000000
--
2.5.3
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation
2015-10-04 13:31 [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Maxime Hadjinlian
2015-10-04 13:31 ` [Buildroot] [PATCH 2/3] vsftpd: " Maxime Hadjinlian
2015-10-04 13:31 ` [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp Maxime Hadjinlian
@ 2015-10-04 13:53 ` Vincent Olivert Riera
2015-10-10 17:36 ` Thomas Petazzoni
3 siblings, 0 replies; 12+ messages in thread
From: Vincent Olivert Riera @ 2015-10-04 13:53 UTC (permalink / raw)
To: buildroot
Dear Maxime Hadjinlian,
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Regards,
Vincent.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 2/3] vsftpd: Add ftp user creation
2015-10-04 13:31 ` [Buildroot] [PATCH 2/3] vsftpd: " Maxime Hadjinlian
@ 2015-10-04 13:53 ` Vincent Olivert Riera
2015-10-04 14:44 ` Thomas Petazzoni
2015-10-10 17:38 ` Thomas Petazzoni
2 siblings, 0 replies; 12+ messages in thread
From: Vincent Olivert Riera @ 2015-10-04 13:53 UTC (permalink / raw)
To: buildroot
Dear Maxime Hadjinlian,
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Regards,
Vincent.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp
2015-10-04 13:31 ` [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp Maxime Hadjinlian
@ 2015-10-04 13:54 ` Vincent Olivert Riera
2015-10-10 17:38 ` Thomas Petazzoni
1 sibling, 0 replies; 12+ messages in thread
From: Vincent Olivert Riera @ 2015-10-04 13:54 UTC (permalink / raw)
To: buildroot
Dear Maxime Hadjinlian,
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Regards,
Vincent.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 2/3] vsftpd: Add ftp user creation
2015-10-04 13:31 ` [Buildroot] [PATCH 2/3] vsftpd: " Maxime Hadjinlian
2015-10-04 13:53 ` Vincent Olivert Riera
@ 2015-10-04 14:44 ` Thomas Petazzoni
2015-10-04 15:08 ` Yann E. MORIN
2015-10-10 17:38 ` Thomas Petazzoni
2 siblings, 1 reply; 12+ messages in thread
From: Thomas Petazzoni @ 2015-10-04 14:44 UTC (permalink / raw)
To: buildroot
Maxime,
On Sun, 4 Oct 2015 15:31:34 +0200, Maxime Hadjinlian wrote:
> +#
> +# VSFTPD won't work if the jail directory is writable, it has to be readable
> +# only
> +# Otherwise you get the following error:
> +# 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
> +# That's why we have to chmod /home/ftp
> +define VSFTPD_FIX_HOME_PERMISSIONS
> + $(INSTALL) -d -m 555 $(TARGET_DIR)/home/ftp
> +endef
Can we use VSFTPD_PERMISSIONS instead ? The only drawback is that you
will have to set a fixed UID/GID for ftp:ftp in VSFTPD_USERS.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 2/3] vsftpd: Add ftp user creation
2015-10-04 14:44 ` Thomas Petazzoni
@ 2015-10-04 15:08 ` Yann E. MORIN
2015-10-04 18:14 ` Maxime Hadjinlian
0 siblings, 1 reply; 12+ messages in thread
From: Yann E. MORIN @ 2015-10-04 15:08 UTC (permalink / raw)
To: buildroot
Maxime, All,
On 2015-10-04 15:44 +0100, Thomas Petazzoni spake thusly:
> On Sun, 4 Oct 2015 15:31:34 +0200, Maxime Hadjinlian wrote:
> > +#
> > +# VSFTPD won't work if the jail directory is writable, it has to be readable
> > +# only
> > +# Otherwise you get the following error:
> > +# 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
> > +# That's why we have to chmod /home/ftp
> > +define VSFTPD_FIX_HOME_PERMISSIONS
> > + $(INSTALL) -d -m 555 $(TARGET_DIR)/home/ftp
> > +endef
>
> Can we use VSFTPD_PERMISSIONS instead ? The only drawback is that you
> will have to set a fixed UID/GID for ftp:ftp in VSFTPD_USERS.
Canyoucheck if it is possible to:
- check if it is possible to create a premission table with no UID or
GID, only a mode,
- if so:
- move the mkuser script call before th makedev call in fs/common.mk
- use a permission table as suggested by Thomas.
If it's not possible to not specify UID/GID in a permission table, then
we'll have to do with your solution.
Thanks.
Regards,
Yann E. MORIN.
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 2/3] vsftpd: Add ftp user creation
2015-10-04 15:08 ` Yann E. MORIN
@ 2015-10-04 18:14 ` Maxime Hadjinlian
0 siblings, 0 replies; 12+ messages in thread
From: Maxime Hadjinlian @ 2015-10-04 18:14 UTC (permalink / raw)
To: buildroot
Hi Yann, all
On Sun, Oct 4, 2015 at 5:08 PM, Yann E. MORIN <yann.morin.1998@free.fr>
wrote:
> Maxime, All,
>
> On 2015-10-04 15:44 +0100, Thomas Petazzoni spake thusly:
> > On Sun, 4 Oct 2015 15:31:34 +0200, Maxime Hadjinlian wrote:
> > > +#
> > > +# VSFTPD won't work if the jail directory is writable, it has to be
> readable
> > > +# only
> > > +# Otherwise you get the following error:
> > > +# 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
> > > +# That's why we have to chmod /home/ftp
> > > +define VSFTPD_FIX_HOME_PERMISSIONS
> > > + $(INSTALL) -d -m 555 $(TARGET_DIR)/home/ftp
> > > +endef
> >
> > Can we use VSFTPD_PERMISSIONS instead ? The only drawback is that you
> > will have to set a fixed UID/GID for ftp:ftp in VSFTPD_USERS.
>
> Canyoucheck if it is possible to:
> - check if it is possible to create a premission table with no UID or
> GID, only a mode,
> - if so:
> - move the mkuser script call before th makedev call in fs/common.mk
> - use a permission table as suggested by Thomas.
>
> If it's not possible to not specify UID/GID in a permission table, then
> we'll have to do with your solution.
>
> Unfortunately, it doesn't seem to work, I get the following error:
makedevs: unknown group name: -
> Thanks.
>
> Regards,
> Yann E. MORIN.
>
> --
>
> .-----------------.--------------------.------------------.--------------------.
> | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics'
> conspiracy: |
> | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___
> |
> | +33 223 225 172 `------------.-------: X AGAINST | \e/ There
> is no |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v
> conspiracy. |
>
> '------------------------------^-------^------------------^--------------------'
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20151004/2e7a1def/attachment.html>
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation
2015-10-04 13:31 [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Maxime Hadjinlian
` (2 preceding siblings ...)
2015-10-04 13:53 ` [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Vincent Olivert Riera
@ 2015-10-10 17:36 ` Thomas Petazzoni
3 siblings, 0 replies; 12+ messages in thread
From: Thomas Petazzoni @ 2015-10-10 17:36 UTC (permalink / raw)
To: buildroot
Dear Maxime Hadjinlian,
On Sun, 4 Oct 2015 15:31:33 +0200, Maxime Hadjinlian wrote:
> In order to remove '/home/ftp' and the ftp user from the 'skeleton'
> package, we need to add the creation of the ftp users to the package so
> it still work out of the box (with an anonymous user).
>
> Signed-off-by Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
> ---
> package/proftpd/proftpd.mk | 4 ++++
> 1 file changed, 4 insertions(+)
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 2/3] vsftpd: Add ftp user creation
2015-10-04 13:31 ` [Buildroot] [PATCH 2/3] vsftpd: " Maxime Hadjinlian
2015-10-04 13:53 ` Vincent Olivert Riera
2015-10-04 14:44 ` Thomas Petazzoni
@ 2015-10-10 17:38 ` Thomas Petazzoni
2 siblings, 0 replies; 12+ messages in thread
From: Thomas Petazzoni @ 2015-10-10 17:38 UTC (permalink / raw)
To: buildroot
Dear Maxime Hadjinlian,
On Sun, 4 Oct 2015 15:31:34 +0200, Maxime Hadjinlian wrote:
> In order to remove '/home/ftp' and the ftp user from the 'skeleton'
> package, we need to add the creation of the ftp users to the package so
> it still work out of the box (with an anonymous user).
>
> Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
> ---
> package/vsftpd/vsftpd.mk | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
Even though I dislike the solution as I would prefer to use the
<pkg>_PERMISSIONS mechanism, I've applied this patch. I believe that
the fact that we can't do this with our <pkg>_PERMISSIONS mechanism
indicates a deficiency in our implementation.
Also, I've done some minor tweaks to your patch before applying:
[Thomas:
- remove the VSFTPD_FIX_HOME_PERMISSIONS variable, and simply put the
additional command in VSFTPD_INSTALL_TARGET_CMDS.
- slightly tweak the comment.]
Thanks!
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp
2015-10-04 13:31 ` [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp Maxime Hadjinlian
2015-10-04 13:54 ` Vincent Olivert Riera
@ 2015-10-10 17:38 ` Thomas Petazzoni
1 sibling, 0 replies; 12+ messages in thread
From: Thomas Petazzoni @ 2015-10-10 17:38 UTC (permalink / raw)
To: buildroot
Dear Maxime Hadjinlian,
On Sun, 4 Oct 2015 15:31:35 +0200, Maxime Hadjinlian wrote:
> Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
> ---
> system/skeleton/etc/group | 1 -
> system/skeleton/etc/passwd | 1 -
> system/skeleton/home/ftp/.empty | 0
> 3 files changed, 2 deletions(-)
> delete mode 100644 system/skeleton/home/ftp/.empty
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2015-10-10 17:38 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-10-04 13:31 [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Maxime Hadjinlian
2015-10-04 13:31 ` [Buildroot] [PATCH 2/3] vsftpd: " Maxime Hadjinlian
2015-10-04 13:53 ` Vincent Olivert Riera
2015-10-04 14:44 ` Thomas Petazzoni
2015-10-04 15:08 ` Yann E. MORIN
2015-10-04 18:14 ` Maxime Hadjinlian
2015-10-10 17:38 ` Thomas Petazzoni
2015-10-04 13:31 ` [Buildroot] [PATCH 3/3] skeleton: Remove ftp user and /home/ftp Maxime Hadjinlian
2015-10-04 13:54 ` Vincent Olivert Riera
2015-10-10 17:38 ` Thomas Petazzoni
2015-10-04 13:53 ` [Buildroot] [PATCH 1/3] proftpd: Add ftp user creation Vincent Olivert Riera
2015-10-10 17:36 ` Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox