--- /dev/null
+diff -ur vsftpd-3.0.3.orig/Changelog vsftpd-3.0.3/Changelog
+--- vsftpd-3.0.3.orig/Changelog 2015-07-23 08:01:55.000000000 +0200
++++ vsftpd-3.0.3/Changelog 2019-01-30 17:56:49.864000000 +0100
+@@ -1159,7 +1159,7 @@
+ - Pull in a couple of minor tidyup patches from Openwall.
+ - Add "-o" command line option to specify option, e.g. vsftpd -olisten=NO. Also
+ respect ordering with respect config files, e.g.
+-vsftpd -olisten=NO /etc/vsftpd.conf -olocal_enable=NO
++vsftpd -olisten=NO /etc/vsftpd/vsftpd.conf -olocal_enable=NO
+ Inspiration from Solar / Openwall.
+ (vsftpd-2.2.0pre2)
+ - Revert listen to be "NO" by default and also set max_per_ip / max_clients
+diff -ur vsftpd-3.0.3.orig/defs.h vsftpd-3.0.3/defs.h
+--- vsftpd-3.0.3.orig/defs.h 2015-07-21 01:03:17.000000000 +0200
++++ vsftpd-3.0.3/defs.h 2019-01-30 17:56:04.488000000 +0100
+@@ -1,7 +1,7 @@
+ #ifndef VSF_DEFS_H
+ #define VSF_DEFS_H
+
+-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf"
++#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf"
+
+ #define VSFTP_COMMAND_FD 0
+
+diff -ur vsftpd-3.0.3.orig/EXAMPLE/INTERNET_SITE_NOINETD/README vsftpd-3.0.3/EXAMPLE/INTERNET_SITE_NOINETD/README
+--- vsftpd-3.0.3.orig/EXAMPLE/INTERNET_SITE_NOINETD/README 2008-02-02 02:30:40.000000000 +0100
++++ vsftpd-3.0.3/EXAMPLE/INTERNET_SITE_NOINETD/README 2019-01-30 17:56:53.536000000 +0100
+@@ -17,7 +17,7 @@
+
+ To use this example config:
+
+-1) Copy the vsftpd.conf file in this directory to /etc/vsftpd.conf.
++1) Copy the vsftpd.conf file in this directory to /etc/vsftpd/vsftpd.conf.
+
+ 2) Start up vsftpd, e.g.
+ vsftpd &
+@@ -51,5 +51,5 @@
+ listen_address=192.168.1.2
+
+ And launch vsftpd with a specific config file like this:
+-vsftpd /etc/vsftpd.conf.site1 &
++vsftpd /etc/vsftpd/vsftpd.conf.site1 &
+
+diff -ur vsftpd-3.0.3.orig/EXAMPLE/VIRTUAL_HOSTS/README vsftpd-3.0.3/EXAMPLE/VIRTUAL_HOSTS/README
+--- vsftpd-3.0.3.orig/EXAMPLE/VIRTUAL_HOSTS/README 2008-02-02 02:30:40.000000000 +0100
++++ vsftpd-3.0.3/EXAMPLE/VIRTUAL_HOSTS/README 2019-01-30 17:57:22.394000000 +0100
+@@ -43,7 +43,7 @@
+
+ This launches this FTP site with a different vsftpd configuration file.
+
+-cp /etc/vsftpd.conf /etc/vsftpd_site2.conf
++cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/site2.conf
+
+ Add two lines:
+ ftp_username=ftp_site2
+diff -ur vsftpd-3.0.3.orig/EXAMPLE/VIRTUAL_USERS_2/README vsftpd-3.0.3/EXAMPLE/VIRTUAL_USERS_2/README
+--- vsftpd-3.0.3.orig/EXAMPLE/VIRTUAL_USERS_2/README 2008-02-02 02:30:40.000000000 +0100
++++ vsftpd-3.0.3/EXAMPLE/VIRTUAL_USERS_2/README 2019-01-30 17:57:02.448000000 +0100
+@@ -15,7 +15,7 @@
+ Step 1) Activate per-user configurability.
+
+ To activate this powerful vsftpd feature, add the following to
+-/etc/vsftpd.conf:
++/etc/vsftpd/vsftpd.conf:
+ user_config_dir=/etc/vsftpd_user_conf
+
+ And, create this directory:
+@@ -39,7 +39,7 @@
+ Check it out - login as tom and now "ls" will return a directory listing!
+ Log in as fred and it won't.
+ NOTE - restart vsftpd to pick up the config setting changes to
+-/etc/vsftpd.conf. (Advanced users can send SIGHUP to the vsftpd listener
++/etc/vsftpd/vsftpd.conf. (Advanced users can send SIGHUP to the vsftpd listener
+ process).
+
+
+diff -ur vsftpd-3.0.3.orig/FAQ vsftpd-3.0.3/FAQ
+--- vsftpd-3.0.3.orig/FAQ 2011-12-17 20:34:54.000000000 +0100
++++ vsftpd-3.0.3/FAQ 2019-01-30 17:56:34.417000000 +0100
+@@ -35,7 +35,7 @@
+ Q) Help! Local users cannot log in.
+ A) There are various possible problems.
+ A1) By default, vsftpd disables any logins other than anonymous logins. Put
+-local_enable=YES in your /etc/vsftpd.conf to allow local users to log in.
++local_enable=YES in your /etc/vsftpd/vsftpd.conf to allow local users to log in.
+ A2) vsftpd tries to link with PAM. (Run "ldd vsftpd" and look for libpam to
+ find out whether this has happened or not). If vsftpd links with PAM, then
+ you will need to have a PAM file installed for the vsftpd service. There is
+@@ -47,12 +47,12 @@
+ A4) If you are not using PAM, then vsftpd will do its own check for a valid
+ user shell in /etc/shells. You may need to disable this if you use an invalid
+ shell to disable logins other than FTP logins. Put check_shell=NO in your
+-/etc/vsftpd.conf.
++/etc/vsftpd/vsftpd.conf.
+
+ Q) Help! Uploads or other write commands give me "500 Unknown command.".
+ A) By default, write commands, including uploads and new directories, are
+ disabled. This is a security measure. To enable writes, put write_enable=YES
+-in your /etc/vsftpd.conf.
++in your /etc/vsftpd/vsftpd.conf.
+
+ Q) Help! What are the security implications referred to in the
+ "chroot_local_user" option?
+@@ -88,7 +88,7 @@
+ mode. Use "listen_address=x.x.x.x" to set the virtual IP.
+
+ Q) Help! Does vsftpd support virtual users?
+-A) Yes, via PAM integration. Set "guest_enable=YES" in /etc/vsftpd.conf. This
++A) Yes, via PAM integration. Set "guest_enable=YES" in /etc/vsftpd/vsftpd.conf. This
+ has the effect of mapping every non-anonymous successful login to the local
+ username specified in "guest_username". Then, use PAM and (e.g.) its pam_userdb
+ module to provide authentication against an external (i.e. non-/etc/passwd)
+@@ -154,7 +154,7 @@
+ users a lot.
+ A) Install the libcap-devel. This certainly affects Fedora.
+
+-Q) Help! I've put settings in /etc/vsftpd.conf, but they are not taking
++Q) Help! I've put settings in /etc/vsftpd/vsftpd.conf, but they are not taking
+ effect!
+ A) This is affecting some RedHat users - some RedHat versions put the config
+ file in /etc/vsftpd/vsftpd.conf.
+diff -ur vsftpd-3.0.3.orig/README.ssl vsftpd-3.0.3/README.ssl
+--- vsftpd-3.0.3.orig/README.ssl 2008-02-02 02:30:40.000000000 +0100
++++ vsftpd-3.0.3/README.ssl 2019-01-30 18:32:18.827000000 +0100
+@@ -27,7 +27,7 @@
+ "#undef VSF_BUILD_SSL" to "#define VSF_BUILD_SSL".
+ - "ssl_enable=YES" in your vsftpd.conf.
+ - A SSL certificate. By default, an RSA certificate is looked for at the
+-location /usr/share/ssl/certs/vsftpd.pem. To get an RSA certificate, either
++location /etc/vsftpd/vsftpd.pem. To get an RSA certificate, either
+ buy one from a certificate authority, or you can create your own self-signed
+ certificate. If you have OpenSSL installed, you may find a "Makefile" in
+ your shared certificates directory, e.g. /usr/share/ssl/certs. In that case,
+diff -ur vsftpd-3.0.3.orig/tunables.c vsftpd-3.0.3/tunables.c
+--- vsftpd-3.0.3.orig/tunables.c 2015-07-23 06:13:07.000000000 +0200
++++ vsftpd-3.0.3/tunables.c 2019-01-30 18:29:26.569000000 +0100
+@@ -262,11 +262,11 @@
+ install_str_setting(".message", &tunable_message_file);
+ install_str_setting("nobody", &tunable_nopriv_user);
+ install_str_setting(0, &tunable_ftpd_banner);
+- install_str_setting("/etc/vsftpd.banned_emails", &tunable_banned_email_file);
+- install_str_setting("/etc/vsftpd.chroot_list", &tunable_chroot_list_file);
++ install_str_setting("/etc/vsftpd/vsftpd.banned_emails", &tunable_banned_email_file);
++ install_str_setting("/etc/vsftpd/vsftpd.chroot_list", &tunable_chroot_list_file);
+ install_str_setting("ftp", &tunable_pam_service_name);
+ install_str_setting("ftp", &tunable_guest_username);
+- install_str_setting("/etc/vsftpd.user_list", &tunable_userlist_file);
++ install_str_setting("/etc/vsftpd/vsftpd.user_list", &tunable_userlist_file);
+ install_str_setting(0, &tunable_anon_root);
+ install_str_setting(0, &tunable_local_root);
+ install_str_setting(0, &tunable_banner_file);
+@@ -279,9 +279,9 @@
+ install_str_setting(0, &tunable_hide_file);
+ install_str_setting(0, &tunable_deny_file);
+ install_str_setting(0, &tunable_user_sub_token);
+- install_str_setting("/etc/vsftpd.email_passwords",
++ install_str_setting("/etc/vsftpd/vsftpd.email_passwords",
+ &tunable_email_password_file);
+- install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
++ install_str_setting("/etc/vsftpd/vsftpd.pem",
+ &tunable_rsa_cert_file);
+ install_str_setting(0, &tunable_dsa_cert_file);
+ install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
+diff -ur vsftpd-3.0.3.orig/vsftpd.8 vsftpd-3.0.3/vsftpd.8
+--- vsftpd-3.0.3.orig/vsftpd.8 2009-07-17 22:56:23.000000000 +0200
++++ vsftpd-3.0.3/vsftpd.8 2019-01-30 17:56:25.649000000 +0100
+@@ -21,7 +21,7 @@
+ recommended. It is activated by setting
+ .Pa listen=YES
+ in
+-.Pa /etc/vsftpd.conf .
++.Pa /etc/vsftpd/vsftpd.conf .
+ Direct execution of the
+ .Nm vsftpd
+ binary will then launch the FTP service ready for immediate client connections.
+@@ -33,7 +33,7 @@
+ as a config file that will be loaded. Note that config files are loaded in the
+ strict order that they are encountered on the command line.
+ If no config files are specified, the default configuration file of
+-.Pa /etc/vsftpd.conf
++.Pa /etc/vsftpd/vsftpd.conf
+ will be loaded, after all other command line options are processed.
+ .Pp
+ Supported options are:
+@@ -47,14 +47,14 @@
+ config files.
+ .El
+ .Sh EXAMPLES
+-vsftpd -olisten=NO /etc/vsftpd.conf -oftpd_banner=blah
++vsftpd -olisten=NO /etc/vsftpd/vsftpd.conf -oftpd_banner=blah
+ .Pp
+ That example overrides vsftpd's built-in default for the "listen" option to be
+-NO, but then loads /etc/vsftpd.conf which may override that setting. Finally,
++NO, but then loads /etc/vsftpd/vsftpd.conf which may override that setting. Finally,
+ the "ftpd_banner" setting is set to "blah", which overrides any default vsftpd
+ setting and any identical setting that was in the config file.
+ .Sh FILES
+-.Pa /etc/vsftpd.conf
++.Pa /etc/vsftpd/vsftpd.conf
+ .Sh SEE ALSO
+ .Xr vsftpd.conf 5
+ .end
+diff -ur vsftpd-3.0.3.orig/vsftpd.conf vsftpd-3.0.3/vsftpd.conf
+--- vsftpd-3.0.3.orig/vsftpd.conf 2011-12-17 19:24:40.000000000 +0100
++++ vsftpd-3.0.3/vsftpd.conf 2019-01-30 18:30:05.393000000 +0100
+@@ -1,4 +1,4 @@
+-# Example config file /etc/vsftpd.conf
++# Example config file /etc/vsftpd/vsftpd.conf
+ #
+ # The default compiled in settings are fairly paranoid. This sample file
+ # loosens things up a bit, to make the ftp daemon more usable.
+@@ -87,7 +87,7 @@
+ # useful for combatting certain DoS attacks.
+ #deny_email_enable=YES
+ # (default follows)
+-#banned_email_file=/etc/vsftpd.banned_emails
++#banned_email_file=/etc/vsftpd/vsftpd.banned_emails
+ #
+ # You may specify an explicit list of local users to chroot() to their home
+ # directory. If chroot_local_user is YES, then this list becomes a list of
+@@ -98,7 +98,7 @@
+ #chroot_local_user=YES
+ #chroot_list_enable=YES
+ # (default follows)
+-#chroot_list_file=/etc/vsftpd.chroot_list
++#chroot_list_file=/etc/vsftpd/vsftpd.chroot_list
+ #
+ # You may activate the "-R" option to the builtin ls. This is disabled by
+ # default to avoid remote users being able to cause excessive I/O on large
+diff -ur vsftpd-3.0.3.orig/vsftpd.conf.5 vsftpd-3.0.3/vsftpd.conf.5
+--- vsftpd-3.0.3.orig/vsftpd.conf.5 2009-10-19 04:46:30.000000000 +0200
++++ vsftpd-3.0.3/vsftpd.conf.5 2019-01-30 18:32:09.195000000 +0100
+@@ -4,7 +4,7 @@
+ .SH DESCRIPTION
+ vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
+ default, vsftpd looks for this file at the location
+-.BR /etc/vsftpd.conf .
++.BR /etc/vsftpd/vsftpd.conf .
+ However, you may override this by specifying a command line argument to
+ vsftpd. The command line argument is the pathname of the configuration file
+ for vsftpd. This behaviour is useful because you may wish to use an advanced
+@@ -138,7 +138,7 @@
+ different if chroot_local_user is set to YES. In this case, the list becomes
+ a list of users which are NOT to be placed in a chroot() jail.
+ By default, the file containing this list is
+-/etc/vsftpd.chroot_list, but you may override this with the
++/etc/vsftpd/vsftpd.chroot_list, but you may override this with the
+ .BR chroot_list_file
+ setting.
+
+@@ -177,7 +177,7 @@
+ .B deny_email_enable
+ If activated, you may provide a list of anonymous password e-mail responses
+ which cause login to be denied. By default, the file containing this list is
+-/etc/vsftpd.banned_emails, but you may override this with the
++/etc/vsftpd/vsftpd.banned_emails, but you may override this with the
+ .BR banned_email_file
+ setting.
+
+@@ -433,7 +433,7 @@
+ file specified by the
+ .BR email_password_file
+ setting. The file format is one password per line, no extra whitespace. The
+-default filename is /etc/vsftpd.email_passwords.
++default filename is /etc/vsftpd/vsftpd.email_passwords.
+
+ Default: NO
+ .TP
+@@ -764,7 +764,7 @@
+ .BR deny_email_enable
+ is enabled.
+
+-Default: /etc/vsftpd.banned_emails
++Default: /etc/vsftpd/vsftpd.banned_emails
+ .TP
+ .B banner_file
+ This option is the name of a file containing text to display when someone
+@@ -803,7 +803,7 @@
+ is enabled, then the list file becomes a list of users to NOT place in a
+ chroot() jail.
+
+-Default: /etc/vsftpd.chroot_list
++Default: /etc/vsftpd/vsftpd.chroot_list
+ .TP
+ .B cmds_allowed
+ This options specifies a comma separated list of allowed FTP commands (post
+@@ -864,7 +864,7 @@
+ .BR secure_email_list_enable
+ setting.
+
+-Default: /etc/vsftpd.email_passwords
++Default: /etc/vsftpd/vsftpd.email_passwords
+ .TP
+ .B ftp_username
+ This is the name of the user we use for handling anonymous FTP. The home
+@@ -955,7 +955,7 @@
+ This option specifies the location of the RSA certificate to use for SSL
+ encrypted connections.
+
+-Default: /usr/share/ssl/certs/vsftpd.pem
++Default: /etc/vsftpd/vsftpd.pem
+ .TP
+ .B rsa_private_key_file
+ This option specifies the location of the RSA private key to use for SSL
+@@ -1026,7 +1026,7 @@
+ .BR userlist_enable
+ option is active.
+
+-Default: /etc/vsftpd.user_list
++Default: /etc/vsftpd/vsftpd.user_list
+ .TP
+ .B vsftpd_log_file
+ This option is the name of the file to which we write the vsftpd style
%bcond_with clamav # ClamAV scanning support
%define _ftpdir /home/services/ftp
+
Summary: vsftpd - Very Secure FTP Daemon
Summary(pl.UTF-8): Bardzo Bezpieczny Demon FTP
Summary(pt_BR.UTF-8): vsftpd - Daemon FTP Muito Seguro
Name: vsftpd
Version: 3.0.3
-Release: 1
+Release: 2
License: GPL v2
Group: Daemons
Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz
Patch0: %{name}-builddefs.patch
Patch1: %{name}-amd64-findlibs.patch
Patch2: %{name}-clamav.patch
-Patch3: %{name}-switch_sha256_to_sha1.patch
-Patch4: %{name}-findlibs-egrep.patch
+Patch3: %{name}-findlibs-egrep.patch
+Patch4: %{name}-configdir.patch
URL: https://security.appspot.com/vsftpd.html
BuildRequires: libcap-devel
BuildRequires: libwrap-devel
-%if "%{pld_release}" == "ac"
-BuildRequires: openssl-devel >= 0.9.7d
-%else
BuildRequires: openssl-devel >= 0.9.8
-%endif
BuildRequires: rpmbuild(macros) >= 1.268
Requires: %{name}-init = %{version}-%{release}
Requires: filesystem >= 3.0-11
%if %{with clamav}
%patch2 -p1
%endif
-%if "%{pld_release}" == "ac"
%patch3 -p1
-%endif
%patch4 -p1
%build
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man{5,8}} \
- $RPM_BUILD_ROOT/etc/{pam.d,sysconfig/rc-inetd,logrotate.d,ftpd,rc.d/init.d} \
+ $RPM_BUILD_ROOT/etc/{pam.d,sysconfig/rc-inetd,logrotate.d,vsftpd,rc.d/init.d} \
$RPM_BUILD_ROOT{%{_ftpdir}/pub/incoming,/var/log}
install -p vsftpd $RPM_BUILD_ROOT%{_sbindir}/vsftpd
-cp -p vsftpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd.conf
+cp -p vsftpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/vsftpd.conf
cp -p vsftpd.conf.5 $RPM_BUILD_ROOT%{_mandir}/man5/vsftpd.conf.5
cp -p vsftpd.8 $RPM_BUILD_ROOT%{_mandir}/man8/vsftpd.8
cp -p RedHat/vsftpd.log $RPM_BUILD_ROOT/etc/logrotate.d/vsftpd
install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/sysconfig/rc-inetd/vsftpd
cp -p %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/ftp
-cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/ftpd/ftpusers
+cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/ftpusers
install -p %{SOURCE5} $RPM_BUILD_ROOT/etc/rc.d/init.d/vsftpd
> $RPM_BUILD_ROOT/var/log/vsftpd.log
%service -q vsftpd restart
fi
+%triggerun -- %{name} < 3.0.3-2
+if [ $1 -le 1 ]; then
+ exit 0
+fi
+[ -d /etc/vsftpd ] || mkdir /etc/vsftpd 2>/dev/null || :
+for f in /etc/{vsftpd.{conf,banned_emails,chroot_list,email_passwords,user_list},ftpd/ftpusers}; do
+ [ -f "$f" ] && mv "$f" /etc/vsftpd 2>/dev/null || :
+done
+find /etc/vsftpd -type f 2>/dev/null | xargs sed -i -e 's|/etc/ftpd|/etc/vsftpd|g' 2>/dev/null
+[ -n "$(find /etc/ftpd -type d -empty 2>/dev/null)" ] && rmdir /etc/ftpd 2>/dev/null || :
+
+%triggerpostun -- %{name} < 3.0.3-2
+echo
+echo "Warning! Configuration has been migrated to /etc/vsftpd."
+echo
+
%files
%defattr(644,root,root,755)
%doc AUDIT BENCHMARKS BUGS Changelog FAQ README README.ssl REWARD SIZE SPEED TODO TUNING EXAMPLE SECURITY
%attr(755,root,root) %{_sbindir}/vsftpd
-%dir %attr(750,root,ftp) %dir %{_sysconfdir}/ftpd
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/vsftpd.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ftpd/ftpusers
+%dir %attr(750,root,ftp) %dir %{_sysconfdir}/vsftpd
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/vsftpd/vsftpd.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/vsftpd/ftpusers
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/ftp
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/vsftpd
%attr(640,root,root) %ghost /var/log/vsftpd.log
TLD / packages / vsftpd.git / commitdiff