Author: bdubbs Date: 2011-10-28 12:57:13 -0600 (Fri, 28 Oct 2011) New Revision: 8922
Modified: trunk/BOOK/general.ent trunk/BOOK/general/prog/python.xml trunk/BOOK/introduction/welcome/changelog.xml trunk/BOOK/postlfs/security/firewalling.xml trunk/BOOK/server/major/vsftpd.xml Log: Update to to vsftpd-2.3.4. Tweak firewall instructions. Touchup Python instructions. Modified: trunk/BOOK/general/prog/python.xml =================================================================== --- trunk/BOOK/general/prog/python.xml 2011-10-26 21:50:06 UTC (rev 8921) +++ trunk/BOOK/general/prog/python.xml 2011-10-28 18:57:13 UTC (rev 8922) @@ -5,7 +5,7 @@ %general-entities; <!ENTITY python-download-http "http://www.python.org/ftp/python/&Python-version;/Python-&Python-version;.tar.xz";> - <!ENTITY python-download-ftp "&gentoo-ftp-repo;/Python-&Python-version;.tar.bz2"> + <!ENTITY python-download-ftp "&gentoo-ftp-repo;/Python-&Python-version;.tar.xz"> <!ENTITY python-md5sum "3720ce9460597e49264bbb63b48b946d"> <!ENTITY python-size "8.5 MB"> <!ENTITY python-buildsize "141 MB (23MB for the test suite)"> @@ -65,12 +65,12 @@ </itemizedlist> <bridgehead renderas="sect3">Additional Downloads</bridgehead> - <itemizedlist spacing='compact'> - <listitem> + <!--<itemizedlist spacing='compact'> + <listitem> <para>Required patch: <ulink url="&patch-root;/Python-&Python-version;-bdb_4.8-1.patch"/></para> - </listitem> - </itemizedlist> + </listitem> + </itemizedlist>--> <itemizedlist spacing='compact'> <title>Optional HTML Documentation</title> Modified: trunk/BOOK/general.ent =================================================================== --- trunk/BOOK/general.ent 2011-10-26 21:50:06 UTC (rev 8921) +++ trunk/BOOK/general.ent 2011-10-28 18:57:13 UTC (rev 8922) @@ -3,7 +3,7 @@ $Date$ --> -<!ENTITY day "26"> <!-- Always 2 digits --> +<!ENTITY day "28"> <!-- Always 2 digits --> <!ENTITY month "10"> <!-- Always 2 digits --> <!ENTITY year "2011"> <!ENTITY copyrightdate "2001-&year;"> @@ -55,7 +55,7 @@ <!ENTITY lfs-vim-version "7.3"> <!-- End LFS versions --> -<!ENTITY blfs-bootscripts-version "20111026"> +<!ENTITY blfs-bootscripts-version "20111028"> <!ENTITY blfs-bootscripts-download "&downloads-root;/blfs-bootscripts-&blfs-bootscripts-version;.tar.bz2"> <!ENTITY blfs-wiki "http://wiki.&lfs-domainname;/blfs/wiki";> @@ -484,7 +484,7 @@ <!-- openssh (chapter 18) --> <!ENTITY proftpd-version "1.3.0"> <!-- samba3 (chapter 18) --> -<!ENTITY vsftpd-version "2.0.5"> +<!ENTITY vsftpd-version "2.3.4"> <!ENTITY xinetd-version "2.3.14"> <!-- Chapter 22 --> Modified: trunk/BOOK/introduction/welcome/changelog.xml =================================================================== --- trunk/BOOK/introduction/welcome/changelog.xml 2011-10-26 21:50:06 UTC (rev 8921) +++ trunk/BOOK/introduction/welcome/changelog.xml 2011-10-28 18:57:13 UTC (rev 8922) @@ -45,6 +45,15 @@ <para>October 26th, 2011</para> <itemizedlist> <listitem> + <para>[bdubbs] - Updated to vsftpd-2.3.4.</para> + </listitem> + </itemizedlist> + </listitem> + + <listitem> + <para>October 26th, 2011</para> + <itemizedlist> + <listitem> <para>[bdubbs] - Update to subversion-1.7.1.</para> </listitem> <listitem> Modified: trunk/BOOK/postlfs/security/firewalling.xml =================================================================== --- trunk/BOOK/postlfs/security/firewalling.xml 2011-10-26 21:50:06 UTC (rev 8921) +++ trunk/BOOK/postlfs/security/firewalling.xml 2011-10-28 18:57:13 UTC (rev 8922) @@ -202,9 +202,9 @@ echo 1 > /proc/sys/net/ipv4/tcp_syncookies # Disable ICMP Redirect Acceptance -echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects +echo 0 > /proc/sys/net/ipv4/conf/default/accept_redirects -# Don't send Redirect Messages +# Do not send Redirect Messages echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects @@ -330,11 +330,11 @@ echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects # Don�t send Redirect Messages -echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects +echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects # Drop Spoofed Packets coming in on an interface where responses # would result in the reply going out a different interface. -echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter +echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter # Log packets with impossible addresses. echo 1 > /proc/sys/net/ipv4/conf/all/log_martians @@ -374,8 +374,8 @@ # Log everything for debugging # (last of all rules, but before policy rules) -iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT " -iptables -A FORWARD -j LOG --log-prefix "FIREWALL:FORWARD" +iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT " +iptables -A FORWARD -j LOG --log-prefix "FIREWALL:FORWARD " iptables -A OUTPUT -j LOG --log-prefix "FIREWALL:OUTPUT " # Enable IP Forwarding @@ -497,7 +497,7 @@ network scans):</para> <screen><literal>iptables -I INPUT -p tcp -m state --state INVALID \ - -j LOG --log-prefix "FIREWALL:INVALID" + -j LOG --log-prefix "FIREWALL:INVALID " iptables -I INPUT -p tcp -m state --state INVALID -j DROP</literal></screen> </listitem> Modified: trunk/BOOK/server/major/vsftpd.xml =================================================================== --- trunk/BOOK/server/major/vsftpd.xml 2011-10-26 21:50:06 UTC (rev 8921) +++ trunk/BOOK/server/major/vsftpd.xml 2011-10-28 18:57:13 UTC (rev 8922) @@ -5,10 +5,10 @@ %general-entities; <!ENTITY vsftpd-download-http " "> - <!ENTITY vsftpd-download-ftp "ftp://vsftpd.beasts.org/users/cevans/vsftpd-&vsftpd-version;.tar.gz";> - <!ENTITY vsftpd-md5sum "146062e8b2f93af43ff6c2c770feea94"> - <!ENTITY vsftpd-size "152 KB"> - <!ENTITY vsftpd-buildsize "1.5 MB"> + <!ENTITY vsftpd-download-ftp "https://security.appspot.com/downloads//vsftpd-&vsftpd-version;.tar.gz";> + <!ENTITY vsftpd-md5sum "2ea5d19978710527bb7444d93b67767a"> + <!ENTITY vsftpd-size "188 KB"> + <!ENTITY vsftpd-buildsize "1.8 MB"> <!ENTITY vsftpd-time "less than 0.1 SBU"> ]> @@ -33,6 +33,8 @@ secure and very small FTP daemon. This is useful for serving files over a network.</para> + &lfs70_checked; + <bridgehead renderas="sect3">Package Information</bridgehead> <itemizedlist spacing="compact"> <listitem> @@ -77,13 +79,17 @@ users, and groups with the following commands:</para> <screen role="root"><userinput>install -v -d -m 0755 /var/ftp/empty && -install -v -d -m 0755 /home/ftp && -groupadd -g 47 vsftpd && -useradd -d /dev/null -c "vsftpd User" -g vsftpd -s /bin/false \ - -u 47 vsftpd && -groupadd -g 45 ftp && -useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false -u 45 ftp</userinput></screen> +install -v -d -m 0755 /home/ftp && +groupadd -g 47 vsftpd && +groupadd -g 45 ftp && +useradd -c "vsftpd User" -d /dev/null -g vsftpd -s /bin/false -u 47 vsftpd && +useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false -u 45 ftp</userinput></screen> + <para>If you did not install the optional <application>libcap2</application> package, + run the following to avoid a build error:</para> + +<screen><userinput>sed -i -e 's:#define VSF_SYSDEP_HAVE_LIBCAP|//&|' sysdeputil.c</userinput></screen> + <para>Build <application>vsftpd</application> as an unprivileged user using the following command:</para> @@ -95,10 +101,10 @@ user and install <application>vsftpd</application> with the following commands:</para> -<screen><userinput>install -v -m 755 vsftpd /usr/sbin/vsftpd && -install -v -m 644 vsftpd.8 /usr/share/man/man8 && +<screen><userinput>install -v -m 755 vsftpd /usr/sbin/vsftpd && +install -v -m 644 vsftpd.8 /usr/share/man/man8 && install -v -m 644 vsftpd.conf.5 /usr/share/man/man5 && -install -v -m 644 vsftpd.conf /etc</userinput></screen> +install -v -m 644 vsftpd.conf /etc</userinput></screen> </sect2>
-- http://linuxfromscratch.org/mailman/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
