[PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable

Openembedded Devel Discussions
 help / color / mirror / Atom feed

* [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable
@ 2013-10-10  8:34 rongqing.li
  2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
  2013-10-18 16:30 ` [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable Joe MacDonald
  0 siblings, 2 replies; 5+ messages in thread
From: rongqing.li @ 2013-10-10  8:34 UTC (permalink / raw)
  To: openembedded-devel

From: Roy Li <rongqing.li@windriver.com>

"test -z ${PAMLIB}" in do_install() may report error if ${PAMLIB}
has space chars. This commit added double quotes to wrap it in
case of errors.

Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
 meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
index 2c3e009..7677477 100644
--- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
+++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
@@ -60,7 +60,7 @@ do_install() {
 
     install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
     install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
-    if ! test -z ${PAMLIB} ; then
+    if ! test -z "${PAMLIB}" ; then
         install -d ${D}${sysconfdir}/pam.d/
         cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
         sed -i "s:/lib/security:${base_libdir}/security:" ${D}${sysconfdir}/pam.d/vsftpd
-- 
1.7.10.4



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir
  2013-10-10  8:34 [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable rongqing.li
@ 2013-10-10  8:34 ` rongqing.li
  2013-10-18 16:29   ` Joe MacDonald
  2013-10-18 16:30 ` [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable Joe MacDonald
  1 sibling, 1 reply; 5+ messages in thread
From: rongqing.li @ 2013-10-10  8:34 UTC (permalink / raw)
  To: openembedded-devel

From: Roy Li <rongqing.li@windriver.com>

Change default value of secure_chroot_dir to /var/run/vsftpd/empty, add
volatiles entry for it, to ensure it won't fail to start by xinetd.

Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
 .../vsftpd/files/change-secure_chroot_dir.patch    |   55 ++++++++++++++++++++
 meta-networking/recipes-daemons/vsftpd/files/init  |    2 +-
 .../vsftpd/files/volatiles.99_vsftpd               |    2 +
 .../recipes-daemons/vsftpd/vsftpd_3.0.0.bb         |    7 ++-
 4 files changed, 64 insertions(+), 2 deletions(-)
 create mode 100644 meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
 create mode 100644 meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd

diff --git a/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
new file mode 100644
index 0000000..e7a673e
--- /dev/null
+++ b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
@@ -0,0 +1,55 @@
+vsftpd: change secure_chroot_dir default value
+
+Upstream-Status: Pending
+
+Change secure_chroot_dir pointing to a volatile directory.
+
+Signed-off-by: Ming Liu <ming.liu@windriver.com>
+---
+ INSTALL       |    6 +++---
+ tunables.c    |    2 +-
+ vsftpd.conf.5 |    2 +-
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff -urpN a/INSTALL b/INSTALL
+--- a/INSTALL	2013-09-13 10:23:57.504972397 +0800
++++ b/INSTALL	2013-09-13 10:25:25.664971779 +0800
+@@ -27,11 +27,11 @@ user in case it does not already exist. 
+ [root@localhost root]# useradd nobody
+ useradd: user nobody exists
+ 
+-2b) vsftpd needs the (empty) directory /usr/share/empty in the default
++2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default
+ configuration. Add this directory in case it does not already exist. e.g.:
+ 
+-[root@localhost root]# mkdir /usr/share/empty/
+-mkdir: cannot create directory `/usr/share/empty': File exists
++[root@localhost root]# mkdir /var/run/vsftpd/empty/
++mkdir: cannot create directory `/var/run/vsftpd/empty': File exists
+ 
+ 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a
+ valid home directory (which is NOT owned or writable by the user "ftp").
+diff -urpN a/tunables.c b/tunables.c
+--- a/tunables.c	2013-09-13 10:26:29.554972817 +0800
++++ b/tunables.c	2013-09-13 10:27:18.104972210 +0800
+@@ -254,7 +254,7 @@ tunables_load_defaults()
+   /* -rw------- */
+   tunable_chown_upload_mode = 0600;
+ 
+-  install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
++  install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir);
+   install_str_setting("ftp", &tunable_ftp_username);
+   install_str_setting("root", &tunable_chown_username);
+   install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
+diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5
+--- a/vsftpd.conf.5	2013-09-13 10:09:33.774972462 +0800
++++ b/vsftpd.conf.5	2013-09-13 10:10:41.914971989 +0800
+@@ -969,7 +969,7 @@ This option should be the name of a dire
+ directory should not be writable by the ftp user. This directory is used
+ as a secure chroot() jail at times vsftpd does not require filesystem access.
+ 
+-Default: /usr/share/empty
++Default: /var/run/vsftpd/empty
+ .TP
+ .B ssl_ciphers
+ This option can be used to select which SSL ciphers vsftpd will allow for
diff --git a/meta-networking/recipes-daemons/vsftpd/files/init b/meta-networking/recipes-daemons/vsftpd/files/init
index d0ec010..513f407 100755
--- a/meta-networking/recipes-daemons/vsftpd/files/init
+++ b/meta-networking/recipes-daemons/vsftpd/files/init
@@ -2,7 +2,7 @@
 DAEMON=/usr/sbin/vsftpd
 NAME=vsftpd
 DESC="FTP Server"
-ARGS=""
+ARGS="/etc/vsftpd.conf"
 FTPDIR=/var/lib/ftp
 
 test -f $DAEMON || exit 0
diff --git a/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
new file mode 100644
index 0000000..0f80776
--- /dev/null
+++ b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
@@ -0,0 +1,2 @@
+# <type> <owner> <group> <mode> <path> <linksource>
+d root root 0755 /var/run/vsftpd/empty none
diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
index 7677477..09de1e9 100644
--- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
+++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
@@ -14,6 +14,8 @@ SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \
            file://vsftpd.conf \
            file://vsftpd.user_list \
            file://vsftpd.ftpusers \
+           file://change-secure_chroot_dir.patch \
+           file://volatiles.99_vsftpd \
 "
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271 \
@@ -40,7 +42,7 @@ LDFLAGS_append =" -lcrypt -lcap"
 do_configure() {
     # Fix hardcoded /usr, /etc, /var mess.
     cat tunables.c|sed s:\"/usr:\"${prefix}:g|sed s:\"/var:\"${localstatedir}:g \
-    |sed s:\"${prefix}/share/empty:\"${localstatedir}/share/empty:g |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
+    |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
     mv tunables.c.new tunables.c
 }
 
@@ -60,6 +62,9 @@ do_install() {
 
     install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
     install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
+    install -d ${D}/${sysconfdir}/default/volatiles
+    install -m 644 ${WORKDIR}/volatiles.99_vsftpd ${D}/${sysconfdir}/default/volatiles/99_vsftpd
+
     if ! test -z "${PAMLIB}" ; then
         install -d ${D}${sysconfdir}/pam.d/
         cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
-- 
1.7.10.4



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir
  2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
@ 2013-10-18 16:29   ` Joe MacDonald
  2013-10-22  5:20     ` Rongqing Li
  0 siblings, 1 reply; 5+ messages in thread
From: Joe MacDonald @ 2013-10-18 16:29 UTC (permalink / raw)
  To: rongqing.li; +Cc: openembedded-devel

[-- Attachment #1: Type: text/plain, Size: 6444 bytes --]

Hi Roy,

Is this different from the patch I received from Ming Liu about a month
ago?  It doesn't look it at first glance, but I didn't diff the two.

-J.

[[oe] [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir] On 13.10.10 (Thu 16:34) rongqing.li@windriver.com wrote:

> From: Roy Li <rongqing.li@windriver.com>
> 
> Change default value of secure_chroot_dir to /var/run/vsftpd/empty, add
> volatiles entry for it, to ensure it won't fail to start by xinetd.
> 
> Signed-off-by: Roy Li <rongqing.li@windriver.com>
> ---
>  .../vsftpd/files/change-secure_chroot_dir.patch    |   55 ++++++++++++++++++++
>  meta-networking/recipes-daemons/vsftpd/files/init  |    2 +-
>  .../vsftpd/files/volatiles.99_vsftpd               |    2 +
>  .../recipes-daemons/vsftpd/vsftpd_3.0.0.bb         |    7 ++-
>  4 files changed, 64 insertions(+), 2 deletions(-)
>  create mode 100644 meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>  create mode 100644 meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
> 
> diff --git a/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
> new file mode 100644
> index 0000000..e7a673e
> --- /dev/null
> +++ b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
> @@ -0,0 +1,55 @@
> +vsftpd: change secure_chroot_dir default value
> +
> +Upstream-Status: Pending
> +
> +Change secure_chroot_dir pointing to a volatile directory.
> +
> +Signed-off-by: Ming Liu <ming.liu@windriver.com>
> +---
> + INSTALL       |    6 +++---
> + tunables.c    |    2 +-
> + vsftpd.conf.5 |    2 +-
> + 3 files changed, 5 insertions(+), 5 deletions(-)
> +
> +diff -urpN a/INSTALL b/INSTALL
> +--- a/INSTALL	2013-09-13 10:23:57.504972397 +0800
> ++++ b/INSTALL	2013-09-13 10:25:25.664971779 +0800
> +@@ -27,11 +27,11 @@ user in case it does not already exist. 
> + [root@localhost root]# useradd nobody
> + useradd: user nobody exists
> + 
> +-2b) vsftpd needs the (empty) directory /usr/share/empty in the default
> ++2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default
> + configuration. Add this directory in case it does not already exist. e.g.:
> + 
> +-[root@localhost root]# mkdir /usr/share/empty/
> +-mkdir: cannot create directory `/usr/share/empty': File exists
> ++[root@localhost root]# mkdir /var/run/vsftpd/empty/
> ++mkdir: cannot create directory `/var/run/vsftpd/empty': File exists
> + 
> + 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a
> + valid home directory (which is NOT owned or writable by the user "ftp").
> +diff -urpN a/tunables.c b/tunables.c
> +--- a/tunables.c	2013-09-13 10:26:29.554972817 +0800
> ++++ b/tunables.c	2013-09-13 10:27:18.104972210 +0800
> +@@ -254,7 +254,7 @@ tunables_load_defaults()
> +   /* -rw------- */
> +   tunable_chown_upload_mode = 0600;
> + 
> +-  install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
> ++  install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir);
> +   install_str_setting("ftp", &tunable_ftp_username);
> +   install_str_setting("root", &tunable_chown_username);
> +   install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
> +diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5
> +--- a/vsftpd.conf.5	2013-09-13 10:09:33.774972462 +0800
> ++++ b/vsftpd.conf.5	2013-09-13 10:10:41.914971989 +0800
> +@@ -969,7 +969,7 @@ This option should be the name of a dire
> + directory should not be writable by the ftp user. This directory is used
> + as a secure chroot() jail at times vsftpd does not require filesystem access.
> + 
> +-Default: /usr/share/empty
> ++Default: /var/run/vsftpd/empty
> + .TP
> + .B ssl_ciphers
> + This option can be used to select which SSL ciphers vsftpd will allow for
> diff --git a/meta-networking/recipes-daemons/vsftpd/files/init b/meta-networking/recipes-daemons/vsftpd/files/init
> index d0ec010..513f407 100755
> --- a/meta-networking/recipes-daemons/vsftpd/files/init
> +++ b/meta-networking/recipes-daemons/vsftpd/files/init
> @@ -2,7 +2,7 @@
>  DAEMON=/usr/sbin/vsftpd
>  NAME=vsftpd
>  DESC="FTP Server"
> -ARGS=""
> +ARGS="/etc/vsftpd.conf"
>  FTPDIR=/var/lib/ftp
>  
>  test -f $DAEMON || exit 0
> diff --git a/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
> new file mode 100644
> index 0000000..0f80776
> --- /dev/null
> +++ b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
> @@ -0,0 +1,2 @@
> +# <type> <owner> <group> <mode> <path> <linksource>
> +d root root 0755 /var/run/vsftpd/empty none
> diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> index 7677477..09de1e9 100644
> --- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> @@ -14,6 +14,8 @@ SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \
>             file://vsftpd.conf \
>             file://vsftpd.user_list \
>             file://vsftpd.ftpusers \
> +           file://change-secure_chroot_dir.patch \
> +           file://volatiles.99_vsftpd \
>  "
>  
>  LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271 \
> @@ -40,7 +42,7 @@ LDFLAGS_append =" -lcrypt -lcap"
>  do_configure() {
>      # Fix hardcoded /usr, /etc, /var mess.
>      cat tunables.c|sed s:\"/usr:\"${prefix}:g|sed s:\"/var:\"${localstatedir}:g \
> -    |sed s:\"${prefix}/share/empty:\"${localstatedir}/share/empty:g |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
> +    |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
>      mv tunables.c.new tunables.c
>  }
>  
> @@ -60,6 +62,9 @@ do_install() {
>  
>      install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
>      install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
> +    install -d ${D}/${sysconfdir}/default/volatiles
> +    install -m 644 ${WORKDIR}/volatiles.99_vsftpd ${D}/${sysconfdir}/default/volatiles/99_vsftpd
> +
>      if ! test -z "${PAMLIB}" ; then
>          install -d ${D}${sysconfdir}/pam.d/
>          cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
-- 
-Joe MacDonald.
:wq

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 205 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable
  2013-10-10  8:34 [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable rongqing.li
  2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
@ 2013-10-18 16:30 ` Joe MacDonald
  1 sibling, 0 replies; 5+ messages in thread
From: Joe MacDonald @ 2013-10-18 16:30 UTC (permalink / raw)
  To: rongqing.li; +Cc: openembedded-devel

[-- Attachment #1: Type: text/plain, Size: 1384 bytes --]

Merged, thanks.
-J.

[[oe] [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable] On 13.10.10 (Thu 16:34) rongqing.li@windriver.com wrote:

> From: Roy Li <rongqing.li@windriver.com>
> 
> "test -z ${PAMLIB}" in do_install() may report error if ${PAMLIB}
> has space chars. This commit added double quotes to wrap it in
> case of errors.
> 
> Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
> Signed-off-by: Roy Li <rongqing.li@windriver.com>
> ---
>  meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> index 2c3e009..7677477 100644
> --- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
> @@ -60,7 +60,7 @@ do_install() {
>  
>      install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
>      install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
> -    if ! test -z ${PAMLIB} ; then
> +    if ! test -z "${PAMLIB}" ; then
>          install -d ${D}${sysconfdir}/pam.d/
>          cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd
>          sed -i "s:/lib/security:${base_libdir}/security:" ${D}${sysconfdir}/pam.d/vsftpd
-- 
-Joe MacDonald.
:wq

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 205 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir
  2013-10-18 16:29   ` Joe MacDonald
@ 2013-10-22  5:20     ` Rongqing Li
  0 siblings, 0 replies; 5+ messages in thread
From: Rongqing Li @ 2013-10-22  5:20 UTC (permalink / raw)
  To: Joe MacDonald; +Cc: openembedded-devel



On 10/19/2013 12:29 AM, Joe MacDonald wrote:
> Hi Roy,
>
> Is this different from the patch I received from Ming Liu about a month
> ago?  It doesn't look it at first glance, but I didn't diff the two.
>
> -J.

Sorry, I did not sync my repo, LiuMing patch is OK.
Thanks


-Roy


>
> [[oe] [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir] On 13.10.10 (Thu 16:34) rongqing.li@windriver.com wrote:
>
>> From: Roy Li <rongqing.li@windriver.com>
>>
>> Change default value of secure_chroot_dir to /var/run/vsftpd/empty, add
>> volatiles entry for it, to ensure it won't fail to start by xinetd.
>>
>> Signed-off-by: Roy Li <rongqing.li@windriver.com>
>> ---
>>   .../vsftpd/files/change-secure_chroot_dir.patch    |   55 ++++++++++++++++++++
>>   meta-networking/recipes-daemons/vsftpd/files/init  |    2 +-
>>   .../vsftpd/files/volatiles.99_vsftpd               |    2 +
>>   .../recipes-daemons/vsftpd/vsftpd_3.0.0.bb         |    7 ++-
>>   4 files changed, 64 insertions(+), 2 deletions(-)
>>   create mode 100644 meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>>   create mode 100644 meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
>>
>> diff --git a/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>> new file mode 100644
>> index 0000000..e7a673e
>> --- /dev/null
>> +++ b/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch
>> @@ -0,0 +1,55 @@
>> +vsftpd: change secure_chroot_dir default value
>> +
>> +Upstream-Status: Pending
>> +
>> +Change secure_chroot_dir pointing to a volatile directory.
>> +
>> +Signed-off-by: Ming Liu <ming.liu@windriver.com>
>> +---
>> + INSTALL       |    6 +++---
>> + tunables.c    |    2 +-
>> + vsftpd.conf.5 |    2 +-
>> + 3 files changed, 5 insertions(+), 5 deletions(-)
>> +
>> +diff -urpN a/INSTALL b/INSTALL
>> +--- a/INSTALL	2013-09-13 10:23:57.504972397 +0800
>> ++++ b/INSTALL	2013-09-13 10:25:25.664971779 +0800
>> +@@ -27,11 +27,11 @@ user in case it does not already exist.
>> + [root@localhost root]# useradd nobody
>> + useradd: user nobody exists
>> +
>> +-2b) vsftpd needs the (empty) directory /usr/share/empty in the default
>> ++2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default
>> + configuration. Add this directory in case it does not already exist. e.g.:
>> +
>> +-[root@localhost root]# mkdir /usr/share/empty/
>> +-mkdir: cannot create directory `/usr/share/empty': File exists
>> ++[root@localhost root]# mkdir /var/run/vsftpd/empty/
>> ++mkdir: cannot create directory `/var/run/vsftpd/empty': File exists
>> +
>> + 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a
>> + valid home directory (which is NOT owned or writable by the user "ftp").
>> +diff -urpN a/tunables.c b/tunables.c
>> +--- a/tunables.c	2013-09-13 10:26:29.554972817 +0800
>> ++++ b/tunables.c	2013-09-13 10:27:18.104972210 +0800
>> +@@ -254,7 +254,7 @@ tunables_load_defaults()
>> +   /* -rw------- */
>> +   tunable_chown_upload_mode = 0600;
>> +
>> +-  install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
>> ++  install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir);
>> +   install_str_setting("ftp", &tunable_ftp_username);
>> +   install_str_setting("root", &tunable_chown_username);
>> +   install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
>> +diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5
>> +--- a/vsftpd.conf.5	2013-09-13 10:09:33.774972462 +0800
>> ++++ b/vsftpd.conf.5	2013-09-13 10:10:41.914971989 +0800
>> +@@ -969,7 +969,7 @@ This option should be the name of a dire
>> + directory should not be writable by the ftp user. This directory is used
>> + as a secure chroot() jail at times vsftpd does not require filesystem access.
>> +
>> +-Default: /usr/share/empty
>> ++Default: /var/run/vsftpd/empty
>> + .TP
>> + .B ssl_ciphers
>> + This option can be used to select which SSL ciphers vsftpd will allow for
>> diff --git a/meta-networking/recipes-daemons/vsftpd/files/init b/meta-networking/recipes-daemons/vsftpd/files/init
>> index d0ec010..513f407 100755
>> --- a/meta-networking/recipes-daemons/vsftpd/files/init
>> +++ b/meta-networking/recipes-daemons/vsftpd/files/init
>> @@ -2,7 +2,7 @@
>>   DAEMON=/usr/sbin/vsftpd
>>   NAME=vsftpd
>>   DESC="FTP Server"
>> -ARGS=""
>> +ARGS="/etc/vsftpd.conf"
>>   FTPDIR=/var/lib/ftp
>>
>>   test -f $DAEMON || exit 0
>> diff --git a/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
>> new file mode 100644
>> index 0000000..0f80776
>> --- /dev/null
>> +++ b/meta-networking/recipes-daemons/vsftpd/files/volatiles.99_vsftpd
>> @@ -0,0 +1,2 @@
>> +# <type> <owner> <group> <mode> <path> <linksource>
>> +d root root 0755 /var/run/vsftpd/empty none
>> diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
>> index 7677477..09de1e9 100644
>> --- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
>> +++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
>> @@ -14,6 +14,8 @@ SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \
>>              file://vsftpd.conf \
>>              file://vsftpd.user_list \
>>              file://vsftpd.ftpusers \
>> +           file://change-secure_chroot_dir.patch \
>> +           file://volatiles.99_vsftpd \
>>   "
>>
>>   LIC_FILES_CHKSUM = "file://COPYING;md5=a6067ad950b28336613aed9dd47b1271 \
>> @@ -40,7 +42,7 @@ LDFLAGS_append =" -lcrypt -lcap"
>>   do_configure() {
>>       # Fix hardcoded /usr, /etc, /var mess.
>>       cat tunables.c|sed s:\"/usr:\"${prefix}:g|sed s:\"/var:\"${localstatedir}:g \
>> -    |sed s:\"${prefix}/share/empty:\"${localstatedir}/share/empty:g |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
>> +    |sed s:\"/etc:\"${sysconfdir}:g > tunables.c.new
>>       mv tunables.c.new tunables.c
>>   }
>>
>> @@ -60,6 +62,9 @@ do_install() {
>>
>>       install -m 600 ${WORKDIR}/vsftpd.ftpusers ${D}${sysconfdir}/
>>       install -m 600 ${WORKDIR}/vsftpd.user_list ${D}${sysconfdir}/
>> +    install -d ${D}/${sysconfdir}/default/volatiles
>> +    install -m 644 ${WORKDIR}/volatiles.99_vsftpd ${D}/${sysconfdir}/default/volatiles/99_vsftpd
>> +
>>       if ! test -z "${PAMLIB}" ; then
>>           install -d ${D}${sysconfdir}/pam.d/
>>           cp ${S}/RedHat/vsftpd.pam ${D}${sysconfdir}/pam.d/vsftpd

-- 
Best Reagrds,
Roy | RongQing Li


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2013-10-22  5:20 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-10-10  8:34 [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable rongqing.li
2013-10-10  8:34 ` [PATCH 2/2 meta-networking] vsftpd: change default secure_chroot_dir rongqing.li
2013-10-18 16:29   ` Joe MacDonald
2013-10-22  5:20     ` Rongqing Li
2013-10-18 16:30 ` [PATCH 1/2 meta-networking] vsftpd: use quotes to wrap variable Joe MacDonald

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox