diff --git a/proftpd.conf b/proftpd.conf index c389c4e..7042665 100644 --- a/proftpd.conf +++ b/proftpd.conf @@ -1,5 +1,5 @@ # This is the ProFTPD configuration file -# $Id: proftpd.conf,v 1.5 2003/03/13 18:00:04 dude Exp $ +# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $ ServerName "ProFTPD server" ServerIdent on "FTP Server ready." @@ -72,6 +72,18 @@ ScoreboardFile /var/run/proftpd.score LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" +# TLS +# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html +#TLSEngine on +#TLSRequired on +#TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem +#TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem +#TLSCipherSuite ALL:!ADH:!DES +#TLSOptions NoCertRequest +#TLSVerifyClient off +##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 +#TLSLog /var/log/proftpd/tls.log + # A basic anonymous configuration, with an upload directory. # # User ftp diff --git a/proftpd.init b/proftpd.init index 532d36d..bf80cdc 100755 --- a/proftpd.init +++ b/proftpd.init @@ -1,5 +1,5 @@ #!/bin/sh -# $Id: proftpd.init,v 1.2 2002/06/10 15:35:47 dude Exp $ +# $Id: proftpd.init,v 1.1 2004/02/26 17:54:30 thias Exp $ # # proftpd This shell script takes care of starting and stopping # proftpd. @@ -28,24 +28,22 @@ RETVAL=0 -FTPSHUT=/opt/sbin/ftpshut +prog="proftpd" start() { - echo -n "Starting proftpd: " + echo -n $"Starting $prog: " daemon proftpd RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/proftpd - return $RETVAL } stop() { - echo -n "Shutting down proftpd: " + echo -n $"Shutting down $prog: " killproc proftpd RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/proftpd - return $RETVAL } # See how we were called. @@ -63,25 +61,22 @@ case "$1" in restart) stop start - RETVAL=$? ;; condrestart) if [ -f /var/lock/subsys/proftpd ]; then stop start - RETVAL=$? fi ;; reload) - echo -n "Re-reading proftpd configuration: " + echo -n $"Re-reading $prog configuration: " killproc proftpd -HUP RETVAL=$? echo ;; *) - echo "Usage: proftpd {start|stop|restart|reload|condrestart|status}" + echo "Usage: $prog {start|stop|restart|reload|condrestart|status}" exit 1 esac exit $RETVAL - diff --git a/proftpd.logrotate b/proftpd.logrotate index 2d71902..06514c1 100644 --- a/proftpd.logrotate +++ b/proftpd.logrotate @@ -2,7 +2,7 @@ compress missingok postrotate - /usr/bin/killall -HUP proftpd + test -f /var/lock/subsys/proftpd && /usr/bin/killall -HUP proftpd endscript } @@ -10,7 +10,7 @@ compress missingok postrotate - /usr/bin/killall -HUP proftpd + test -f /var/lock/subsys/proftpd && /usr/bin/killall -HUP proftpd endscript } diff --git a/proftpd.spec b/proftpd.spec index 48e7c64..94f5d3b 100644 --- a/proftpd.spec +++ b/proftpd.spec @@ -1,30 +1,30 @@ -#$Id: proftpd.spec,v 1.8 2003/03/13 18:00:04 dude Exp $ +# $Id$ +# Upstream: -Summary: A flexible, stable and highly-configurable FTP Server. +Summary: Flexible, stable and highly-configurable FTP server Name: proftpd -Version: 1.2.8 -Release: fr1%{?_with_ldap:_ldap}%{?_with_mysql:_mysql}%{?_with_postgres:_postgres} -Epoch: 4 -Group: System Environment/Daemons +Version: 1.2.10 +Release: 2%{?_with_ldap:_ldap}%{?_with_mysql:_mysql}%{?_with_postgresql:_pgsql} License: GPL +Group: System Environment/Daemons URL: http://www.proftpd.org/ -Source: ftp://proftpd.org/distrib/source/%{name}-%{version}.tar.bz2 +Source0: ftp://ftp.proftpd.org/distrib/source/proftpd-%{version}.tar.bz2 Source1: proftpd.conf Source2: proftpd.init Source3: proftpd-xinetd Source4: proftpd.logrotate Source5: welcome.msg -Buildroot: %{_tmppath}/%{name}-root +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root Requires: pam >= 0.59, /sbin/service, /sbin/chkconfig, /etc/init.d +BuildRequires: pam-devel, perl, ncurses-devel, pkgconfig +%{!?_without_tls:Requires: openssl} +%{!?_without_tls:BuildRequires: openssl-devel, krb5-devel} %{?_with_ldap:Requires: openldap} %{?_with_ldap:BuildRequires: openldap-devel} %{?_with_mysql:Requires: mysql} -%{?_with_mysql:BuildRequires: mysql-devel} -%{?_with_postgres:Requires: postgresql} -%{?_with_postgres:BuildRequires: postgresql-devel} -%{?_with_tls:Requires: openssl} -%{?_with_tls:BuildRequires: openssl-devel} -BuildRequires: pam-devel, perl +%{?_with_mysql:BuildRequires: mysql-devel, zlib-devel} +%{?_with_postgresql:Requires: postgresql-libs} +%{?_with_postgresql:BuildRequires: postgresql-devel} Provides: ftpserver Conflicts: wu-ftpd, anonftp, vsftpd @@ -39,74 +39,91 @@ This package defaults to the standalone behaviour of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. Available rpmbuild rebuild options : ---with : ldap mysql postgres tls +--without : tls +--with : ldap mysql postgresql + %prep -%setup -q +%setup + %build # Workaround for the PostgreSQL include file -perl -pi -e 's|pgsql/libpq-fe.h|libpq-fe.h|g' contrib/mod_sql_postgres.c +%{__perl} -pi -e 's|pgsql/libpq-fe.h|libpq-fe.h|g' contrib/mod_sql_postgres.c + +# TLS includes +OPENSSL_INC="" +if OPENSSL_CFLAGS=`pkg-config --cflags openssl`; then + for i in ${OPENSSL_CFLAGS}; do + INCPATH=`echo $i | perl -pi -e 's|-I([a-z/]*)|$1|g'` + test ! -z ${INCPATH} && OPENSSL_INC="${OPENSSL_INC}:${INCPATH}" + done +fi %configure \ - --with-includes=%{_includedir} \ - %{?_with_mysql:--with-libraries=%{_libdir}/mysql} \ - %{?_with_postgres:--with-libraries=%{_libdir}} \ - --with-modules=mod_readme:mod_auth_pam%{?_with_ldap::mod_ldap}%{?_with_mysql::mod_sql:mod_sql_mysql}%{?_with_postgres::mod_sql:mod_sql_postgres}%{?_with_tls::mod_tls} -make %{?_smp_mflags} + --localstatedir="/var/run" \ + --with-includes="%{_includedir}%{!?_without_tls:${OPENSSL_INC}}%{?_with_mysql::%{_includedir}/mysql}" \ + %{?_with_mysql:--with-libraries="%{_libdir}/mysql"} \ + %{?_with_postgresql:--with-libraries="%{_libdir}"} \ + --with-modules=mod_readme:mod_auth_pam%{?_with_ldap::mod_ldap}%{?_with_mysql::mod_sql:mod_sql_mysql}%{?_with_postgresql::mod_sql:mod_sql_postgres}%{!?_without_tls::mod_tls} +%{__make} %{?_smp_mflags} + %install -rm -rf %{buildroot} -%makeinstall rundir=%{buildroot}%{_localstatedir}/run/proftpd \ - INSTALL_USER=`id -un` \ - INSTALL_GROUP=`id -gn` -install -D -m 644 contrib/dist/rpm/ftp.pamd %{buildroot}%{_sysconfdir}/pam.d/ftp -install -D -m 640 %{SOURCE1} %{buildroot}%{_sysconfdir}/proftpd.conf -install -D -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/rc.d/init.d/proftpd -install -D -m 640 %{SOURCE3} %{buildroot}%{_sysconfdir}/xinetd.d/proftpd -install -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/proftpd -install -D -m 644 %{SOURCE5} %{buildroot}/var/ftp/welcome.msg -mkdir -p %{buildroot}/var/ftp/uploads -mkdir -p %{buildroot}/var/ftp/pub -mkdir -p %{buildroot}/var/log/proftpd +%{__rm} -rf %{buildroot} +%makeinstall rundir="%{buildroot}%{_localstatedir}/run/proftpd" \ + INSTALL_USER=`id -un` \ + INSTALL_GROUP=`id -gn` +%{__install} -D -m 644 contrib/dist/rpm/ftp.pamd %{buildroot}%{_sysconfdir}/pam.d/ftp +%{__install} -D -m 640 %{SOURCE1} %{buildroot}%{_sysconfdir}/proftpd.conf +%{__install} -D -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/rc.d/init.d/proftpd +%{__install} -D -m 640 %{SOURCE3} %{buildroot}%{_sysconfdir}/xinetd.d/xproftpd +%{__install} -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/proftpd +%{__install} -D -m 644 %{SOURCE5} %{buildroot}/var/ftp/welcome.msg +%{__mkdir_p} %{buildroot}/var/ftp/uploads +%{__mkdir_p} %{buildroot}/var/ftp/pub +%{__mkdir_p} %{buildroot}/var/log/proftpd touch %{buildroot}%{_sysconfdir}/ftpusers + +%clean +%{__rm} -rf %{buildroot} + + %post if [ $1 = 1 ]; then - /sbin/chkconfig --add proftpd - IFS=":"; cat /etc/passwd | \ - while { read username nu nu gid nu nu nu nu; }; do \ - if [ $gid -lt 100 -a "$username" != "ftp" ]; then - echo $username >> %{_sysconfdir}/ftpusers - fi - done + /sbin/chkconfig --add proftpd + IFS=":"; cat /etc/passwd | \ + while { read username nu nu gid nu nu nu nu; }; do \ + if [ $gid -lt 100 -a "$username" != "ftp" ]; then + echo $username >> %{_sysconfdir}/ftpusers + fi + done fi %preun if [ $1 = 0 ]; then - /sbin/service proftpd stop >/dev/null 2>&1 || : - /sbin/chkconfig --del proftpd - /sbin/service xinetd reload >/dev/null 2>&1 || : - if [ -d /var/run/proftpd ]; then - rm -rf /var/run/proftpd/* - fi + /sbin/service proftpd stop >/dev/null 2>&1 || : + /sbin/chkconfig --del proftpd + /sbin/service xinetd reload >/dev/null 2>&1 || : + if [ -d /var/run/proftpd ]; then + rm -rf /var/run/proftpd/* + fi fi %postun if [ $1 -ge 1 ]; then - /sbin/service proftpd condrestart >/dev/null 2>&1 + /sbin/service proftpd condrestart >/dev/null 2>&1 fi -%clean -rm -rf %{buildroot} %files -%defattr(-, root, root) -%doc COPYING CREDITS ChangeLog NEWS README README.LDAP README.PAM -%doc README.linux-privs doc/* sample-configurations -%dir %{_localstatedir}/run/proftpd +%defattr(-, root, root, 0755) +%doc COPYING CREDITS ChangeLog NEWS README* +%doc doc/* sample-configurations/ +%dir %{_localstatedir}/run/proftpd/ %config(noreplace) %{_sysconfdir}/proftpd.conf -%config(noreplace) %{_sysconfdir}/xinetd.d/proftpd +%config(noreplace) %{_sysconfdir}/xinetd.d/xproftpd %config %{_sysconfdir}/ftpusers %config %{_sysconfdir}/pam.d/ftp %config %{_sysconfdir}/logrotate.d/proftpd @@ -114,93 +131,135 @@ rm -rf %{buildroot} %{_mandir}/*/* %{_bindir}/* %{_sbindir}/* -%dir /var/ftp -%attr(331, ftp, ftp) %dir /var/ftp/uploads -%dir /var/ftp/pub +%dir /var/ftp/ +%attr(331, ftp, ftp) %dir /var/ftp/uploads/ +%dir /var/ftp/pub/ %config(noreplace) /var/ftp/welcome.msg -%attr(750, root, root) %dir /var/log/proftpd +%attr(750, root, root) %dir /var/log/proftpd/ + %changelog -* Thu Mar 13 2003 Matthias Saou +* Tue Nov 16 2004 Matthias Saou 1.2.10-2 +- Bump release to provide Extras upgrade path. + +* Wed Sep 22 2004 Matthias Saou 1.2.10-1 +- Updated to release 1.2.10. + +* Tue Jun 22 2004 Matthias Saou 1.2.9-8 +- Added ncurses-devel build requires to fix the ftptop utility. + +* Fri Feb 26 2004 Magnus-swe 1.2.9-7 +- Fixed the scoreboard and pidfile issues. + +* Fri Jan 9 2004 Matthias Saou 1.2.9-6 +- Pass /var/run/proftpd as localstatedir to configure to fix pid and + scoreboard file problems. + +* Wed Dec 10 2003 Matthias Saou 1.2.9-4 +- Fixed the MySQL include path, thanks to Jim Richardson. +- Renamed the postgres conditional build to postgresql. + +* Tue Nov 11 2003 Matthias Saou 1.2.9-3 +- Renamed the xinetd service to xproftpd to avoid conflict. +- Only HUP the standalone proftpd through logrotate if it's running. + +* Fri Nov 7 2003 Matthias Saou 1.2.9-2 +- Rebuild for Fedora Core 1. +- Modified the init script to make it i18n aware. + +* Fri Oct 31 2003 Matthias Saou 1.2.9-1 +- Update to 1.2.9. + +* Wed Sep 24 2003 Matthias Saou +- Update to 1.2.8p to fix secutiry vulnerability. +- Fix the TLS build option at last, enable it by default. + +* Mon Aug 4 2003 Matthias Saou +- Minor fixes in included README files. + +* Mon Mar 31 2003 Matthias Saou +- Rebuilt for Red Hat Linux 9. + +* Thu Mar 13 2003 Matthias Saou - Update to 1.2.8. - Remove the renamed linuxprivs module. - Added TLS module build option. -* Fri Dec 13 2002 Matthias Saou +* Fri Dec 13 2002 Matthias Saou - Fix change for ScoreboardFile in the default conf, thanks to Sven Hoexter. -* Mon Dec 9 2002 Matthias Saou +* Mon Dec 9 2002 Matthias Saou - Update to 1.2.7. -* Thu Sep 26 2002 Matthias Saou +* Thu Sep 26 2002 Matthias Saou - Rebuilt for Red Hat Linux 8.0. -* Tue Sep 17 2002 Matthias Saou +* Tue Sep 17 2002 Matthias Saou - Update to 1.2.6. - Fixed typo in the config for "AllowForeignAddress" thanks to Michel Kraus. - Removed obsolete user install patch. - Added "modular" ldap, mysql and postgresql support. -* Mon Jun 10 2002 Matthias Saou +* Mon Jun 10 2002 Matthias Saou - Update to 1.2.5. - Changed the welcome.msg to config so that it doesn't get replaced. -* Fri May 3 2002 Matthias Saou +* Fri May 3 2002 Matthias Saou - Rebuilt against Red Hat Linux 7.3. - Added the %%{?_smp_mflags} expansion. -* Tue Oct 23 2001 Matthias Saou +* Tue Oct 23 2001 Matthias Saou - Changed the default config file : Where the pid file is stored, addedd an upload authorization in anon server, and separate anon logfiles. - Updated welcome.msg to something nicer. -* Fri Oct 19 2001 Matthias Saou +* Fri Oct 19 2001 Matthias Saou - Update to 1.2.4, since 1.2.3 had a nasty umask bug. -* Sat Aug 18 2001 Matthias Saou +* Sat Aug 18 2001 Matthias Saou - Update to 1.2.2 final. - Changed the default config file a lot. -* Wed Apr 25 2001 Matthias Saou +* Wed Apr 25 2001 Matthias Saou - Update to 1.2.2rc2. -* Mon Apr 1 2001 Matthias Saou +* Mon Apr 1 2001 Matthias Saou - Update to 1.2.2rc1. -* Tue Mar 20 2001 Matthias Saou +* Tue Mar 20 2001 Matthias Saou - Added a DenyFilter to prevent a recently discovered DOS attack. This is only useful for fresh installs since the config file is not overwritten. -* Fri Mar 2 2001 Matthias Saou +* Fri Mar 2 2001 Matthias Saou - Upgraded to 1.2.1. - New init script (added condrestart). -* Tue Feb 27 2001 Matthias Saou +* Tue Feb 27 2001 Matthias Saou - Upgraded to 1.2.0 final. -* Tue Feb 6 2001 Matthias Saou +* Tue Feb 6 2001 Matthias Saou - Upgraded to 1.2.0rc3 (at last a new version!) - Modified the spec file to support transparent upgrades -* Wed Nov 8 2000 Matthias Saou +* Wed Nov 8 2000 Matthias Saou - Upgraded to the latest CVS to fix the "no PORT command" bug - Fixed the ftpuser creation script - Modified the default config file to easily change to an anonymous server -* Sun Oct 15 2000 Matthias Saou +* Sun Oct 15 2000 Matthias Saou [proftpd-1.2.0rc2-2] - Updated the spec file and build process for RedHat 7.0 - Added xinetd support - Added logrotate.d support -* Fri Jul 28 2000 Matthias Saou +* Fri Jul 28 2000 Matthias Saou [proftpd-1.2.0rc2-1] - Upgraded to 1.2.0rc2 - Upgraded to 1.2.0rc1 -* Sat Jul 22 2000 Matthias Saou +* Sat Jul 22 2000 Matthias Saou [proftpd-1.2.0rc1-1] - Upgraded to 1.2.0rc1 - Re-did the whole spec file (it's hopefully cleaner now)