From 7b21d79e3044100cf458d88f5f54c15b60b8c99d Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Wed, 30 Jan 2019 00:26:55 +0100 Subject: [PATCH] - migrated configuration to /etc/proftpd - move macro definitions so they don't interfere with other parts of spec --- ftp.pamd | 2 +- proftpd-mod_tls.conf | 6 +-- proftpd-paths.patch | 6 +-- proftpd.conf | 6 +-- proftpd.init | 2 +- proftpd.spec | 104 ++++++++++++++++++++++++++++++++----------- 6 files changed, 88 insertions(+), 38 deletions(-) diff --git a/ftp.pamd b/ftp.pamd index 53c7399..bcf9204 100644 --- a/ftp.pamd +++ b/ftp.pamd @@ -1,5 +1,5 @@ #%PAM-1.0 -auth required pam_listfile.so item=user sense=deny file=/etc/ftpd/ftpusers onerr=succeed +auth required pam_listfile.so item=user sense=deny file=/etc/proftpd/ftpusers onerr=succeed auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.ftp onerr=succeed #auth required pam_shells.so auth include system-auth diff --git a/proftpd-mod_tls.conf b/proftpd-mod_tls.conf index 5e7405f..8fdcd15 100644 --- a/proftpd-mod_tls.conf +++ b/proftpd-mod_tls.conf @@ -7,13 +7,13 @@ TLSEngine on TLSLog /var/log/proftpd/tls.log # Path to CA chain file -#TLSCACertificateFile /etc/ftpd/CA.crt +#TLSCACertificateFile /etc/proftpd/CA.crt # Path to certificate file -TLSRSACertificateFile /etc/ftpd/server.crt +TLSRSACertificateFile /etc/proftpd/server.crt # Path to certificate key file -TLSRSACertificateKeyFile /etc/ftpd/server.key +TLSRSACertificateKeyFile /etc/proftpd/server.key # Define available TLS/SSL ciphers (allow only strong ones by default) TLSCipherSuite HIGH:!kDHd:!aNULL:!aDSS:!eNULL:!DES:!RC4:!RC2:!MD5:!SHA1:!SHA:!SSLv2:!SSLv3:!TLSv1:!TLSv1.1:!EXP:!EXPORT56:!LOW:!MEDIUM:!ADH:!DSS:!NULL diff --git a/proftpd-paths.patch b/proftpd-paths.patch index b50179d..39e56ca 100644 --- a/proftpd-paths.patch +++ b/proftpd-paths.patch @@ -30,7 +30,7 @@ diff -urNpa proftpd-1.3.6.orig/include/default_paths.h proftpd-1.3.6/include/def */ #ifndef PR_CONFIG_FILE_PATH -# define PR_CONFIG_FILE_PATH "/etc/proftpd.conf" -+# define PR_CONFIG_FILE_PATH "/etc/ftpd/proftpd.conf" ++# define PR_CONFIG_FILE_PATH "/etc/proftpd/proftpd.conf" #endif /* The location of your `shells' file; a newline delimited list of @@ -39,14 +39,14 @@ diff -urNpa proftpd-1.3.6.orig/include/default_paths.h proftpd-1.3.6/include/def * requests. */ -#define PR_SHUTMSG_PATH "/etc/shutmsg" -+#define PR_SHUTMSG_PATH "/etc/ftpd/shutmsg" ++#define PR_SHUTMSG_PATH "/etc/proftpd/shutmsg" /* Location of the file containing users that *cannot* use ftp * services (odd, eh?) */ #ifndef PR_FTPUSERS_PATH -# define PR_FTPUSERS_PATH "/etc/ftpusers" -+# define PR_FTPUSERS_PATH "/etc/ftpd/ftpusers" ++# define PR_FTPUSERS_PATH "/etc/proftpd/ftpusers" #endif #endif /* PROFTPD_PATHS_H */ diff --git a/proftpd.conf b/proftpd.conf index 6256934..5c1ebbd 100644 --- a/proftpd.conf +++ b/proftpd.conf @@ -46,8 +46,8 @@ Port 21 MaxLoginAttempts 3 # Specify alternate passwd/group files to be used - #AuthUserFile /etc/ftpd/passwd - #AuthGroupFile /etc/ftpd/group + #AuthUserFile /etc/proftpd/passwd + #AuthGroupFile /etc/proftpd/group # Set the default method of data transfer DefaultTransferMode binary @@ -81,4 +81,4 @@ Port 21 # Load additional config files (modules etc.) -Include /etc/ftpd/conf.d/*.conf +Include /etc/proftpd/conf.d/*.conf diff --git a/proftpd.init b/proftpd.init index 71ac087..b86c9ff 100644 --- a/proftpd.init +++ b/proftpd.init @@ -7,7 +7,7 @@ # operating systems. # processname: proftpd # pidfile: /var/run/proftpd.pid -# config: /etc/ftpd/proftpd.conf +# config: /etc/proftpd/proftpd.conf # Source function library diff --git a/proftpd.spec b/proftpd.spec index fcd03ca..2b7c882 100644 --- a/proftpd.spec +++ b/proftpd.spec @@ -24,7 +24,7 @@ Summary(pt_BR.UTF-8): Servidor FTP profissional, com sintaxe de configuração s Summary(zh_CN.UTF-8): 易于管理的,安全的 FTP 服务器 Name: proftpd Version: 1.3.6 -Release: 4 +Release: 5 Epoch: 2 License: GPL v2+ Group: Networking/Daemons @@ -71,10 +71,59 @@ BuildRequires: postgresql-devel BuildRequires: rpmbuild(macros) >= 1.268 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) -%define _sysconfdir /etc/ftpd +%define _sysconfdir /etc/proftpd %define _localstatedir /var/run %define _libexecdir %{_prefix}/%{_lib}/%{name} +# macro called at module post scriptlet +%define module_post \ +if [ "$1" = "1" ]; then \ + if grep -iEqs "^ServerType[[:space:]]+inetd" %{_sysconfdir}/proftpd.conf; then \ + %service -q rc-inetd reload \ + elif grep -iEqs "^ServerType[[:space:]]+standalone" %{_sysconfdir}/proftpd.conf; then \ + %service -q proftpd restart \ + fi \ +fi + +# macro called at module postun scriptlet +%define module_postun \ +if [ "$1" = "0" ]; then \ + if grep -iEqs "^ServerType[[:space:]]+inetd" %{_sysconfdir}/proftpd.conf; then \ + %service -q rc-inetd reload \ + elif grep -iEqs "^ServerType[[:space:]]+standalone" %{_sysconfdir}/proftpd.conf; then \ + %service -q proftpd restart \ + fi \ +fi + +%define module_triggerun \ +if [ $1 -le 1 ]; then \ + exit 0 \ +fi \ +[ -d /etc/proftpd/conf.d ] || mkdir -p /etc/proftpd 2>/dev/null || : \ +%if "%1" == "mod_tls" \ +for f in /etc/ftpd/{conf.d/mod_tls.conf,server.crt,server.key}; do \ + f=${f##*/} \ + [ -f "/etc/ftpd/$f" ] && mv "/etc/ftpd/$f" /etc/proftpd 2>/dev/null || : \ + [ -f "/etc/ftpd/conf.d/$f" ] && mv "/etc/ftpd/conf.d/$f" /etc/proftpd/conf.d 2>/dev/null || : \ +done \ +%else \ +[ -f /etc/ftpd/conf.d/%1.conf ] && mv /etc/ftpd/conf.d/%1.conf /etc/proftpd/conf.d 2>/dev/null || : \ +%endif \ +sed -i -e 's|/etc/ftpd|/etc/proftpd|g' /etc/ftpd/conf.d/%1.conf 2>/dev/null \ +[ -n "$(find /etc/ftpd/conf.d -type d -empty 2>/dev/null)" ] && rmdir /etc/ftpd/conf.d 2>/dev/null || : \ +[ -n "$(find /etc/ftpd -type d -empty 2>/dev/null)" ] && rmdir /etc/ftpd 2>/dev/null || : + +# it's sooo annoying to write them +%define module_scripts() \ +%post %1 \ +%module_post \ +\ +%postun %1 \ +%module_postun \ +\ +%triggerun %1 -- proftpd-%1 \ +%module_triggerun + %description ProFTPD is a highly configurable FTP daemon for Unix and Unix-like operating systems. ProFTPD is designed to be somewhat of a "drop-in" @@ -606,33 +655,34 @@ if [ "$2" != 1 ]; then %service -q proftpd restart fi -# macro called at module post scriptlet -%define module_post \ -if [ "$1" = "1" ]; then \ - if grep -iEqs "^ServerType[[:space:]]+inetd" %{_sysconfdir}/proftpd.conf; then \ - %service -q rc-inetd reload \ - elif grep -iEqs "^ServerType[[:space:]]+standalone" %{_sysconfdir}/proftpd.conf; then \ - %service -q proftpd restart \ - fi \ +%triggerun common -- proftpd-common < 2:1.3.6-5 +if [ $1 -le 1 ]; then + exit 0 fi - -# macro called at module postun scriptlet -%define module_postun \ -if [ "$1" = "0" ]; then \ - if grep -iEqs "^ServerType[[:space:]]+inetd" %{_sysconfdir}/proftpd.conf; then \ - %service -q rc-inetd reload \ - elif grep -iEqs "^ServerType[[:space:]]+standalone" %{_sysconfdir}/proftpd.conf; then \ - %service -q proftpd restart \ - fi \ +[ -d /etc/proftpd/conf.d ] || mkdir -p /etc/proftpd/conf.d 2>/dev/null || : +for f in /etc/ftpd/{conf.d/mod_{auth_file,clamav,ident}.conf,ftpusers,ftpusers.default,proftpd.conf}; do + f=${f##*/} + [ -f "/etc/ftpd/$f" ] && mv "/etc/ftpd/$f" /etc/proftpd 2>/dev/null || : + [ -f "/etc/ftpd/conf.d/$f" ] && mv "/etc/ftpd/conf.d/$f" /etc/proftpd/conf.d 2>/dev/null || : +done +find /etc/proftpd -type f 2>/dev/null | xargs sed -i -e 's|/etc/ftpd|/etc/proftpd|g' 2>/dev/null +[ -n "$(find /etc/ftpd/conf.d -type d -empty 2>/dev/null)" ] && rmdir /etc/ftpd 2>/dev/null || : +[ -n "$(find /etc/ftpd -type d -empty 2>/dev/null)" ] && rmdir /etc/ftpd 2>/dev/null || : + +%triggerpostun common -- proftpd-common < 2:1.3.6-5 +echo +echo "Warning! Configuration has been migrated to /etc/proftpd." +echo + +%triggerun anonftp -- proftpd-anonftp < 2:1.3.6-5 +if [ $1 -le 1 ]; then + exit 0 fi - -# it's sooo annoying to write them -%define module_scripts() \ -%post %1 \ -%module_post \ -\ -%postun %1 \ -%module_postun +[ -d /etc/proftpd/conf.d ] || mkdir -p /etc/proftpd 2>/dev/null || : +[ -f /etc/ftpd/conf.d/anonftp.conf ] && mv /etc/ftpd/conf.d/anonftp.conf /etc/proftpd/conf.d 2>/dev/null || : +sed -i -e 's|/etc/ftpd|/etc/proftpd|g' /etc/ftpd/conf.d/anonftp.conf 2>/dev/null +[ -n "$(find /etc/ftpd/conf.d -type d -empty 2>/dev/null)" ] && rmdir /etc/ftpd 2>/dev/null || : +[ -n "$(find /etc/ftpd -type d -empty 2>/dev/null)" ] && rmdir /etc/ftpd 2>/dev/null || : %module_scripts mod_auth_pam %module_scripts mod_ldap -- 2.44.0