[vsftpd] adds reverse lookup option to vsftpd.conf changes types of uid and gid to uint removes spare patch p
Jiri Skala
jskala at fedoraproject.org
Tue May 13 11:20:39 UTC 2014
commit c1683a2133aca7ef034044b82e6f316bfc708694
Author: Jiri Skala <jskala at redhat.com>
Date: Tue May 13 13:20:26 2014 +0200
adds reverse lookup option to vsftpd.conf
changes types of uid and gid to uint
removes spare patch pasv-addr
implements DH cipher
gets rid init scirpt subpackage
vsftpd-3.0.2-dh.patch | 117 ++++++++++++++++++++
vsftpd-3.0.2-lookup.patch | 85 +++++++++++++++
vsftpd-3.0.2-pasv-addr.patch | 24 ----
vsftpd-3.0.2-uint-uidgid.patch | 229 ++++++++++++++++++++++++++++++++++++++++
vsftpd.init | 106 ------------------
vsftpd.spec | 34 +++----
6 files changed, 446 insertions(+), 149 deletions(-)
---
diff --git a/vsftpd-3.0.2-dh.patch b/vsftpd-3.0.2-dh.patch
new file mode 100644
index 0000000..17639a9
--- /dev/null
+++ b/vsftpd-3.0.2-dh.patch
@@ -0,0 +1,117 @@
+diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
+--- vsftpd-3.0.2/ssl.c.dh 2012-04-03 02:23:42.000000000 +0200
++++ vsftpd-3.0.2/ssl.c 2014-05-13 12:36:26.790953361 +0200
+@@ -28,6 +28,8 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ #include <openssl/bio.h>
++#include <openssl/dh.h>
++#include <openssl/bn.h>
+ #include <errno.h>
+ #include <limits.h>
+
+@@ -38,6 +40,7 @@ static void setup_bio_callbacks();
+ static long bio_callback(
+ BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
+ static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
++static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength);
+ static int ssl_cert_digest(
+ SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
+ static void maybe_log_shutdown_state(struct vsf_session* p_sess);
+@@ -51,6 +54,36 @@ static int ssl_read_common(struct vsf_se
+ static int ssl_inited;
+ static struct mystr debug_str;
+
++
++// Grab DH parameters from OpenSSL; <openssl/bn.h>
++// (get_rfc*) for all available primes.
++#define make_get_dh(rfc,size) \
++static DH *get_dh##size(void) \
++{ \
++ DH *dh = DH_new(); \
++ if (!dh) { \
++ return NULL; \
++ } \
++ dh->p = get_##rfc##_prime_##size(NULL); \
++ BN_dec2bn(&dh->g, "2"); \
++ if (!dh->p || !dh->g) { \
++ DH_free(dh); \
++ return NULL; \
++ } \
++ return dh; \
++}
++
++// Prepare DH parameters from 768 to 8192 bits
++make_get_dh(rfc2409, 768)
++make_get_dh(rfc2409, 1024)
++make_get_dh(rfc3526, 1536)
++make_get_dh(rfc3526, 2048)
++make_get_dh(rfc3526, 3072)
++make_get_dh(rfc3526, 4096)
++make_get_dh(rfc3526, 6144)
++make_get_dh(rfc3526, 8192)
++
++
+ void
+ ssl_init(struct vsf_session* p_sess)
+ {
+@@ -156,6 +189,9 @@ ssl_init(struct vsf_session* p_sess)
+ /* Ensure cached session doesn't expire */
+ SSL_CTX_set_timeout(p_ctx, INT_MAX);
+ }
++
++ SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
++
+ p_sess->p_ssl_ctx = p_ctx;
+ ssl_inited = 1;
+ }
+@@ -675,6 +711,49 @@ ssl_verify_callback(int verify_ok, X509_
+ return 1;
+ }
+
++#define UNUSED(x) ( (void)(x) )
++
++static DH *
++ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
++{
++ DH *dh_tmp=NULL;
++
++ // strict compiler bypassing
++ UNUSED(ssl);
++ UNUSED(is_export);
++
++ switch (keylength) {
++ case 768:
++ dh_tmp = get_dh768();
++ break;
++ case 1024:
++ dh_tmp = get_dh1024();
++ break;
++ case 1536:
++ dh_tmp = get_dh1536();
++ break;
++ case 2048:
++ dh_tmp = get_dh2048();
++ break;
++ case 3072:
++ dh_tmp = get_dh3072();
++ break;
++ case 4096:
++ dh_tmp = get_dh4096();
++ break;
++ case 6144:
++ dh_tmp = get_dh6144();
++ break;
++ case 8192:
++ dh_tmp = get_dh8192();
++ break;
++ default:
++ dh_tmp = get_dh1024();
++ break;
++ }
++ return dh_tmp;
++}
++
+ void
+ ssl_add_entropy(struct vsf_session* p_sess)
+ {
diff --git a/vsftpd-3.0.2-lookup.patch b/vsftpd-3.0.2-lookup.patch
new file mode 100644
index 0000000..8f5e5a6
--- /dev/null
+++ b/vsftpd-3.0.2-lookup.patch
@@ -0,0 +1,85 @@
+diff -up vsftpd-3.0.2/parseconf.c.lookup vsftpd-3.0.2/parseconf.c
+--- vsftpd-3.0.2/parseconf.c.lookup 2014-04-17 10:01:50.862951491 +0200
++++ vsftpd-3.0.2/parseconf.c 2014-04-17 10:02:42.343955443 +0200
+@@ -91,6 +91,7 @@ parseconf_bool_array[] =
+ { "mdtm_write", &tunable_mdtm_write },
+ { "lock_upload_files", &tunable_lock_upload_files },
+ { "pasv_addr_resolve", &tunable_pasv_addr_resolve },
++ { "reverse_lookup_enable", &tunable_reverse_lookup_enable },
+ { "userlist_log", &tunable_userlist_log },
+ { "debug_ssl", &tunable_debug_ssl },
+ { "require_cert", &tunable_require_cert },
+diff -up vsftpd-3.0.2/sysdeputil.c.lookup vsftpd-3.0.2/sysdeputil.c
+--- vsftpd-3.0.2/sysdeputil.c.lookup 2014-04-17 09:57:02.111933144 +0200
++++ vsftpd-3.0.2/sysdeputil.c 2014-04-17 10:01:31.069950498 +0200
+@@ -354,12 +354,16 @@ vsf_sysdep_check_auth(struct mystr* p_us
+ return 0;
+ }
+ #ifdef PAM_RHOST
+- sin.sin_addr.s_addr = inet_addr(str_getbuf(p_remote_host));
+- host = gethostbyaddr((char*)&sin.sin_addr.s_addr,sizeof(struct in_addr),AF_INET);
+- if (host != (struct hostent*)0)
+- retval = pam_set_item(s_pamh, PAM_RHOST, host->h_name);
+- else
++ if (tunable_reverse_lookup_enable) {
++ sin.sin_addr.s_addr = inet_addr(str_getbuf(p_remote_host));
++ host = gethostbyaddr((char*)&sin.sin_addr.s_addr,sizeof(struct in_addr),AF_INET);
++ if (host != (struct hostent*)0)
++ retval = pam_set_item(s_pamh, PAM_RHOST, host->h_name);
++ else
++ retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host));
++ } else {
+ retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host));
++ }
+ if (retval != PAM_SUCCESS)
+ {
+ (void) pam_end(s_pamh, retval);
+diff -up vsftpd-3.0.2/tunables.c.lookup vsftpd-3.0.2/tunables.c
+--- vsftpd-3.0.2/tunables.c.lookup 2014-04-17 10:03:22.766958324 +0200
++++ vsftpd-3.0.2/tunables.c 2014-04-17 10:04:52.004964675 +0200
+@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
+ int tunable_mdtm_write;
+ int tunable_lock_upload_files;
+ int tunable_pasv_addr_resolve;
++int tunable_reverse_lookup_enable;
+ int tunable_userlist_log;
+ int tunable_debug_ssl;
+ int tunable_require_cert;
+@@ -213,6 +214,7 @@ tunables_load_defaults()
+ tunable_mdtm_write = 1;
+ tunable_lock_upload_files = 1;
+ tunable_pasv_addr_resolve = 0;
++ tunable_reverse_lookup_enable = 1;
+ tunable_userlist_log = 0;
+ tunable_debug_ssl = 0;
+ tunable_require_cert = 0;
+diff -up vsftpd-3.0.2/tunables.h.lookup vsftpd-3.0.2/tunables.h
+--- vsftpd-3.0.2/tunables.h.lookup 2014-04-17 10:03:27.405958676 +0200
++++ vsftpd-3.0.2/tunables.h 2014-04-17 10:04:22.763963824 +0200
+@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl;
+ extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */
+ extern int tunable_lock_upload_files; /* Lock uploading files */
+ extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */
++extern int tunable_reverse_lookup_enable; /* Get hostname before pam auth */
+ extern int tunable_userlist_log; /* Log every failed login attempt */
+ extern int tunable_debug_ssl; /* Verbose SSL logging */
+ extern int tunable_require_cert; /* SSL client cert required */
+diff -up vsftpd-3.0.2/vsftpd.conf.5.lookup vsftpd-3.0.2/vsftpd.conf.5
+--- vsftpd-3.0.2/vsftpd.conf.5.lookup 2014-04-17 10:05:30.956969003 +0200
++++ vsftpd-3.0.2/vsftpd.conf.5 2014-04-17 10:06:36.586971828 +0200
+@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2
+
+ Default: YES
+ .TP
++.B reverse_lookup_enable
++Set to YES if you want vsftpd to transform the ip address into the hostname,
++before pam authentication. This is useful if you use pam_access including the
++hostname. If you want vsftpd to run on the environment where the reverse lookup
++for some hostname is available and the name server doesn't respond for a while,
++you should set this to NO to avoid a performance issue.
++
++Default: YES
++.TP
+ .B run_as_launching_user
+ Set to YES if you want vsftpd to run as the user which launched vsftpd. This is
+ useful where root access is not available. MASSIVE WARNING! Do NOT enable this
diff --git a/vsftpd-3.0.2-uint-uidgid.patch b/vsftpd-3.0.2-uint-uidgid.patch
new file mode 100644
index 0000000..fb0d502
--- /dev/null
+++ b/vsftpd-3.0.2-uint-uidgid.patch
@@ -0,0 +1,229 @@
+diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c
+--- vsftpd-3.0.2/ls.c.uint-uidgid 2014-04-17 13:47:01.835114063 +0200
++++ vsftpd-3.0.2/ls.c 2014-04-17 13:47:01.845114063 +0200
+@@ -501,7 +501,7 @@ build_dir_line(struct mystr* p_str, cons
+ }
+ else
+ {
+- int uid = vsf_sysutil_statbuf_get_uid(p_stat);
++ unsigned int uid = vsf_sysutil_statbuf_get_uid(p_stat);
+ struct vsf_sysutil_user* p_user = 0;
+ if (tunable_text_userdb_names)
+ {
+@@ -526,7 +526,7 @@ build_dir_line(struct mystr* p_str, cons
+ }
+ else
+ {
+- int gid = vsf_sysutil_statbuf_get_gid(p_stat);
++ unsigned int gid = vsf_sysutil_statbuf_get_gid(p_stat);
+ struct vsf_sysutil_group* p_group = 0;
+ if (tunable_text_userdb_names)
+ {
+diff -up vsftpd-3.0.2/privops.c.uint-uidgid vsftpd-3.0.2/privops.c
+--- vsftpd-3.0.2/privops.c.uint-uidgid 2012-09-16 09:21:24.000000000 +0200
++++ vsftpd-3.0.2/privops.c 2014-04-17 13:48:26.431113895 +0200
+@@ -236,8 +236,7 @@ vsf_privop_do_file_chown(struct vsf_sess
+ /* Drop it like a hot potato unless it's a regular file owned by
+ * the the anonymous ftp user
+ */
+- if (p_sess->anon_upload_chown_uid == -1 ||
+- !vsf_sysutil_statbuf_is_regfile(s_p_statbuf) ||
++ if (!vsf_sysutil_statbuf_is_regfile(s_p_statbuf) ||
+ (vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->anon_ftp_uid &&
+ vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->guest_user_uid))
+ {
+diff -up vsftpd-3.0.2/session.h.uint-uidgid vsftpd-3.0.2/session.h
+--- vsftpd-3.0.2/session.h.uint-uidgid 2012-04-05 03:27:19.000000000 +0200
++++ vsftpd-3.0.2/session.h 2014-04-17 13:47:01.845114063 +0200
+@@ -54,9 +54,9 @@ struct vsf_session
+ struct mystr_list* p_visited_dir_list;
+
+ /* Details of userids which are interesting to us */
+- int anon_ftp_uid;
+- int guest_user_uid;
+- int anon_upload_chown_uid;
++ unsigned int anon_ftp_uid;
++ unsigned int guest_user_uid;
++ unsigned int anon_upload_chown_uid;
+
+ /* Things we need to cache before we chroot() */
+ struct mystr banned_email_str;
+diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
+--- vsftpd-3.0.2/sysutil.c.uint-uidgid 2014-04-17 13:47:01.839114063 +0200
++++ vsftpd-3.0.2/sysutil.c 2014-04-17 13:47:01.846114063 +0200
+@@ -1454,14 +1454,14 @@ vsf_sysutil_statbuf_get_size(const struc
+ return p_stat->st_size;
+ }
+
+-int
++unsigned int
+ vsf_sysutil_statbuf_get_uid(const struct vsf_sysutil_statbuf* p_statbuf)
+ {
+ const struct stat* p_stat = (const struct stat*) p_statbuf;
+ return p_stat->st_uid;
+ }
+
+-int
++unsigned int
+ vsf_sysutil_statbuf_get_gid(const struct vsf_sysutil_statbuf* p_statbuf)
+ {
+ const struct stat* p_stat = (const struct stat*) p_statbuf;
+@@ -1502,7 +1502,7 @@ vsf_sysutil_statbuf_get_sortkey_mtime(
+ }
+
+ void
+-vsf_sysutil_fchown(const int fd, const int uid, const int gid)
++vsf_sysutil_fchown(const int fd, const unsigned int uid, const unsigned int gid)
+ {
+ if (fchown(fd, uid, gid) != 0)
+ {
+@@ -2320,13 +2320,9 @@ vsf_sysutil_dns_resolve(struct vsf_sysut
+ }
+
+ struct vsf_sysutil_user*
+-vsf_sysutil_getpwuid(const int uid)
++vsf_sysutil_getpwuid(const unsigned int uid)
+ {
+- if (uid < 0)
+- {
+- bug("negative uid in vsf_sysutil_getpwuid");
+- }
+- return (struct vsf_sysutil_user*) getpwuid((unsigned int) uid);
++ return (struct vsf_sysutil_user*) getpwuid(uid);
+ }
+
+ struct vsf_sysutil_user*
+@@ -2349,14 +2345,14 @@ vsf_sysutil_user_get_homedir(const struc
+ return p_passwd->pw_dir;
+ }
+
+-int
++unsigned int
+ vsf_sysutil_user_getuid(const struct vsf_sysutil_user* p_user)
+ {
+ const struct passwd* p_passwd = (const struct passwd*) p_user;
+ return p_passwd->pw_uid;
+ }
+
+-int
++unsigned int
+ vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user)
+ {
+ const struct passwd* p_passwd = (const struct passwd*) p_user;
+@@ -2364,13 +2360,9 @@ vsf_sysutil_user_getgid(const struct vsf
+ }
+
+ struct vsf_sysutil_group*
+-vsf_sysutil_getgrgid(const int gid)
++vsf_sysutil_getgrgid(const unsigned int gid)
+ {
+- if (gid < 0)
+- {
+- die("negative gid in vsf_sysutil_getgrgid");
+- }
+- return (struct vsf_sysutil_group*) getgrgid((unsigned int) gid);
++ return (struct vsf_sysutil_group*) getgrgid(gid);
+ }
+
+ const char*
+@@ -2445,25 +2437,17 @@ vsf_sysutil_setgid_numeric(int gid)
+ }
+ }
+
+-int
++unsigned int
+ vsf_sysutil_geteuid(void)
+ {
+- int retval = geteuid();
+- if (retval < 0)
+- {
+- die("geteuid");
+- }
++ unsigned int retval = geteuid();
+ return retval;
+ }
+
+-int
++unsigned int
+ vsf_sysutil_getegid(void)
+ {
+- int retval = getegid();
+- if (retval < 0)
+- {
+- die("getegid");
+- }
++ unsigned int retval = getegid();
+ return retval;
+ }
+
+@@ -2854,7 +2838,7 @@ vsf_sysutil_ftruncate(int fd)
+ }
+ }
+
+-int
++unsigned int
+ vsf_sysutil_getuid(void)
+ {
+ return getuid();
+diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
+--- vsftpd-3.0.2/sysutil.h.uint-uidgid 2014-04-17 13:47:01.827114063 +0200
++++ vsftpd-3.0.2/sysutil.h 2014-04-17 13:47:01.846114063 +0200
+@@ -129,15 +129,15 @@ const char* vsf_sysutil_statbuf_get_nume
+ const struct vsf_sysutil_statbuf* p_stat, int use_localtime);
+ unsigned int vsf_sysutil_statbuf_get_links(
+ const struct vsf_sysutil_statbuf* p_stat);
+-int vsf_sysutil_statbuf_get_uid(const struct vsf_sysutil_statbuf* p_stat);
+-int vsf_sysutil_statbuf_get_gid(const struct vsf_sysutil_statbuf* p_stat);
++unsigned int vsf_sysutil_statbuf_get_uid(const struct vsf_sysutil_statbuf* p_stat);
++unsigned int vsf_sysutil_statbuf_get_gid(const struct vsf_sysutil_statbuf* p_stat);
+ int vsf_sysutil_statbuf_is_readable_other(
+ const struct vsf_sysutil_statbuf* p_stat);
+ const char* vsf_sysutil_statbuf_get_sortkey_mtime(
+ const struct vsf_sysutil_statbuf* p_stat);
+
+ int vsf_sysutil_chmod(const char* p_filename, unsigned int mode);
+-void vsf_sysutil_fchown(const int fd, const int uid, const int gid);
++void vsf_sysutil_fchown(const int fd, const unsigned int uid, const unsigned int gid);
+ void vsf_sysutil_fchmod(const int fd, unsigned int mode);
+ int vsf_sysutil_readlink(const char* p_filename, char* p_dest,
+ unsigned int bufsiz);
+@@ -290,15 +290,15 @@ int vsf_sysutil_inet_aton(
+ struct vsf_sysutil_user;
+ struct vsf_sysutil_group;
+
+-struct vsf_sysutil_user* vsf_sysutil_getpwuid(const int uid);
++struct vsf_sysutil_user* vsf_sysutil_getpwuid(const unsigned int uid);
+ struct vsf_sysutil_user* vsf_sysutil_getpwnam(const char* p_user);
+ const char* vsf_sysutil_user_getname(const struct vsf_sysutil_user* p_user);
+ const char* vsf_sysutil_user_get_homedir(
+ const struct vsf_sysutil_user* p_user);
+-int vsf_sysutil_user_getuid(const struct vsf_sysutil_user* p_user);
+-int vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user);
++unsigned int vsf_sysutil_user_getuid(const struct vsf_sysutil_user* p_user);
++unsigned int vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user);
+
+-struct vsf_sysutil_group* vsf_sysutil_getgrgid(const int gid);
++struct vsf_sysutil_group* vsf_sysutil_getgrgid(const unsigned int gid);
+ const char* vsf_sysutil_group_getname(const struct vsf_sysutil_group* p_group);
+
+ /* More random things */
+@@ -316,7 +316,7 @@ void vsf_sysutil_qsort(void* p_base, uns
+ char* vsf_sysutil_getenv(const char* p_var);
+ typedef void (*exitfunc_t)(void);
+ void vsf_sysutil_set_exit_func(exitfunc_t exitfunc);
+-int vsf_sysutil_getuid(void);
++unsigned int vsf_sysutil_getuid(void);
+
+ /* Syslogging (bah) */
+ void vsf_sysutil_openlog(int force);
+@@ -329,8 +329,8 @@ void vsf_sysutil_setuid(const struct vsf
+ void vsf_sysutil_setgid(const struct vsf_sysutil_user* p_user);
+ void vsf_sysutil_setuid_numeric(int uid);
+ void vsf_sysutil_setgid_numeric(int gid);
+-int vsf_sysutil_geteuid(void);
+-int vsf_sysutil_getegid(void);
++unsigned int vsf_sysutil_geteuid(void);
++unsigned int vsf_sysutil_getegid(void);
+ void vsf_sysutil_seteuid(const struct vsf_sysutil_user* p_user);
+ void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user);
+ void vsf_sysutil_seteuid_numeric(int uid);
diff --git a/vsftpd.spec b/vsftpd.spec
index 53309c0..5bb1096 100644
--- a/vsftpd.spec
+++ b/vsftpd.spec
@@ -3,7 +3,7 @@
Name: vsftpd
Version: 3.0.2
-Release: 7%{?dist}
+Release: 8%{?dist}
Summary: Very Secure Ftp Daemon
Group: System Environment/Daemons
@@ -15,7 +15,6 @@ Source1: vsftpd.xinetd
Source2: vsftpd.pam
Source3: vsftpd.ftpusers
Source4: vsftpd.user_list
-Source5: vsftpd.init
Source6: vsftpd_conf_migrate.sh
Source7: vsftpd.service
Source8: vsftpd at .service
@@ -60,22 +59,14 @@ Patch22: vsftpd-2.3.5-aslim.patch
Patch23: vsftpd-3.0.0-tz.patch
Patch24: vsftpd-3.0.0-xferlog.patch
Patch25: vsftpd-3.0.0-logrotate.patch
-Patch26: vsftpd-3.0.2-pasv-addr.patch
+Patch26: vsftpd-3.0.2-lookup.patch
+Patch27: vsftpd-3.0.2-uint-uidgid.patch
+Patch28: vsftpd-3.0.2-dh.patch
%description
vsftpd is a Very Secure FTP daemon. It was written completely from
scratch.
-%package sysvinit
-Group: System Environment/Daemons
-Summary: SysV initscript for vsftpd daemon
-Requires: %{name} = %{version}-%{release}
-Requires(preun): /sbin/service
-Requires(postun): /sbin/service
-
-%description sysvinit
-The vsftpd-sysvinit contains SysV initscritps support.
-
%prep
%setup -q -n %{name}-%{version}
cp %{SOURCE1} .
@@ -101,7 +92,9 @@ cp %{SOURCE1} .
%patch23 -p1 -b .tz
%patch24 -p1 -b .xferlog
%patch25 -p1 -b .logrotate
-%patch26 -p1 -b .pasv-addr
+%patch26 -p1 -b .lookup
+%patch27 -p1 -b .uint-uidgid
+%patch28 -p1 -b .dh
%build
%ifarch s390x sparcv9 sparc64
@@ -116,7 +109,7 @@ make CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}
-mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{vsftpd,pam.d,logrotate.d,rc.d/init.d}
+mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{vsftpd,pam.d,logrotate.d}
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man{5,8}
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
mkdir -p $RPM_BUILD_ROOT%{_generatorsdir}
@@ -128,7 +121,6 @@ install -m 644 RedHat/vsftpd.log $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/vsftp
install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/vsftpd
install -m 600 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/ftpusers
install -m 600 %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/user_list
-install -m 755 %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/vsftpd
install -m 744 %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/vsftpd_conf_migrate.sh
install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_unitdir}
install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_unitdir}
@@ -168,10 +160,14 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vsftpd.*
%{_var}/ftp
-%files sysvinit
-%{_sysconfdir}/rc.d/init.d/vsftpd
-
%changelog
+* Tue May 13 2014 Jiri Skala <jskala at redhat.com> - 3.0.2-8
+- adds reverse lookup option to vsftpd.conf
+- changes types of uid and gid to uint
+- removes spare patch pasv-addr
+- implements DH cipher
+- gets rid init scirpt subpackage
+
* Tue Sep 10 2013 Jiri Skala <jskala at redhat.com> - 3.0.2-7
- fixed #1005549 - vsftpd startup broken
More information about the scm-commits
mailing list