Hello community, here is the log from the commit of package vsftpd for openSUSE:Factory checked in at 2014-05-27 12:03:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vsftpd (Old) and /work/SRC/openSUSE:Factory/.vsftpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "vsftpd" Changes: -------- --- /work/SRC/openSUSE:Factory/vsftpd/vsftpd.changes 2014-04-11 13:42:44.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.vsftpd.new/vsftpd.changes 2014-05-27 12:03:21.000000000 +0200 @@ -1,0 +2,22 @@ +Mon May 26 13:13:44 UTC 2014 - tchva...@suse.com + +- Cleanup with spec-cleaner +- Remove conditions about init files as we do not build for < 12.1 + anyway. +- Update the README.SUSE file to describe more the listen option. + +------------------------------------------------------------------- +Mon May 26 12:52:56 UTC 2014 - tchva...@suse.com + +- Add socket service for vsftpd to avoid the need for xinetd here. + +------------------------------------------------------------------- +Mon May 26 12:42:21 UTC 2014 - tchva...@suse.com + +- Add comment about listen variables for xinetd configuration. + Fixes bnc#872221. +- Add default configuration as arg to xinetd started vsftpd. +- Updated patch: + * vsftpd-2.0.4-xinetd.diff + +------------------------------------------------------------------- Old: ---- vsftpd.init New: ---- vsftpd.socket vsftpd@.service ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vsftpd.spec ++++++ --- /var/tmp/diff_new_pack.8QPaEd/_old 2014-05-27 12:03:22.000000000 +0200 +++ /var/tmp/diff_new_pack.8QPaEd/_new 2014-05-27 12:03:22.000000000 +0200 @@ -16,19 +16,7 @@ # -%global with_sysvinit 0 -%if 0%{?suse_version} < 1310 -%global with_sysvinit 1 -%endif - Name: vsftpd -BuildRequires: gpg-offline -BuildRequires: libcap-devel -BuildRequires: openssl-devel -BuildRequires: pam-devel -%if 0%{?suse_version} > 1140 -BuildRequires: systemd -%endif Version: 3.0.2 Release: 0 Summary: Very Secure FTP Daemon - Written from Scratch @@ -36,14 +24,15 @@ Group: Productivity/Networking/Ftp/Servers Url: https://security.appspot.com/vsftpd.html Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz -Source1: %name.pam -Source2: %name.logrotate -Source3: %name.init +Source1: %{name}.pam +Source2: %{name}.logrotate Source4: README.SUSE -Source5: %name.xml -Source6: %name.firewall +Source5: %{name}.xml +Source6: %{name}.firewall Source7: vsftpd.service -Source9: %name.keyring +Source8: vsftpd@.service +Source9: %{name}.keyring +Source10: vsftpd.socket Source1000: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz.asc Patch1: vsftpd-2.0.4-lib64.diff Patch3: vsftpd-2.0.4-xinetd.diff @@ -67,11 +56,16 @@ Patch16: vsftpd-root-squashed-chroot.patch #PATCH-FIX-UPSTREAM: bnc#870122 Patch17: vsftpd-enable-gettimeofday-sec.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: gpg-offline +BuildRequires: libcap-devel +BuildRequires: openssl-devel +BuildRequires: pam-devel +BuildRequires: systemd +Requires: logrotate +Requires(pre): %{_sbindir}/useradd Provides: ftp-server -Requires(pre): %insserv_prereq /usr/sbin/useradd +BuildRoot: %{_tmppath}/%{name}-%{version}-build %{?systemd_requires} -Requires: logrotate %description Vsftpd is an FTP server, or daemon. The "vs" stands for Very Secure. @@ -88,7 +82,7 @@ %gpg_verify %{S:1000} %setup -q %patch1 -%patch3 +%patch3 -p1 %patch4 %patch5 %patch6 @@ -105,90 +99,58 @@ %patch17 -p1 %build -%define seccomp_opts %{nil} -%if 0%{?suse_version} > 1030 %define seccomp_opts -D_GNU_SOURCE -DUSE_SECCOMP -%endif rm -f dummyinc/sys/capability.h -make CFLAGS="$RPM_OPT_FLAGS -DOPENSSL_NO_SSL_INTERN -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -fstack-protector --param=ssp-buffer-size=4 %{seccomp_opts}" \ +make CFLAGS="%{optflags} -DOPENSSL_NO_SSL_INTERN -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -fstack-protector --param=ssp-buffer-size=4 %{seccomp_opts}" \ LDFLAGS="-fPIE -pie -Wl,-z,relro -Wl,-z,now" LINK= %install -mkdir -p $RPM_BUILD_ROOT/usr/share/empty -cp %SOURCE4 . -install -D -m 755 %name $RPM_BUILD_ROOT/usr/sbin/%name -install -D -m 600 %name.conf $RPM_BUILD_ROOT/etc/%name.conf -install -D -m 600 xinetd.d/%name $RPM_BUILD_ROOT/etc/xinetd.d/%name -install -D -m 644 $RPM_SOURCE_DIR/%name.pam $RPM_BUILD_ROOT/etc/pam.d/%name -install -D -m 644 $RPM_SOURCE_DIR/%name.logrotate $RPM_BUILD_ROOT/etc/logrotate.d/%name -install -D -m 644 %name.conf.5 $RPM_BUILD_ROOT/%_mandir/man5/%name.conf.5 -install -D -m 644 %name.8 $RPM_BUILD_ROOT/%_mandir/man8/%name.8 -%if %{with_sysvinit} -install -D -m 755 %SOURCE3 $RPM_BUILD_ROOT/etc/init.d/%name -ln -sf ../../etc/init.d/%name $RPM_BUILD_ROOT/%_prefix/sbin/rc%name -%else -ln -sf service $RPM_BUILD_ROOT/%{_prefix}/sbin/rc%{name} -%endif -install -d $RPM_BUILD_ROOT/%_datadir/omc/svcinfo.d/ -install -D -m 644 %SOURCE5 $RPM_BUILD_ROOT/%_datadir/omc/svcinfo.d/ -install -d $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ -install -m 644 %{S:6} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} -%if 0%{?suse_version} > 1140 -install -D -m 0644 %SOURCE7 %{buildroot}/%{_unitdir}/%{name}.service -%endif +mkdir -p %{buildroot}%{_datadir}/empty +cp %{SOURCE4} . +install -D -m 755 %{name} %{buildroot}%{_sbindir}/%{name} +install -D -m 600 %{name}.conf %{buildroot}%{_sysconfdir}/%{name}.conf +install -D -m 600 xinetd.d/%{name} %{buildroot}%{_sysconfdir}/xinetd.d/%{name} +install -D -m 644 $RPM_SOURCE_DIR/%{name}.pam %{buildroot}%{_sysconfdir}/pam.d/%{name} +install -D -m 644 $RPM_SOURCE_DIR/%{name}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name} +install -D -m 644 %{name}.conf.5 %{buildroot}/%{_mandir}/man5/%{name}.conf.5 +install -D -m 644 %{name}.8 %{buildroot}/%{_mandir}/man8/%{name}.8 +ln -sf service %{buildroot}/%{_sbindir}/rc%{name} +install -D -m 0644 %{SOURCE7} %{buildroot}/%{_unitdir}/%{name}.service +install -D -m 0644 %{SOURCE8} %{buildroot}/%{_unitdir}/%{name}@.service +install -D -m 0644 %{SOURCE10} %{buildroot}/%{_unitdir}/%{name}.socket +install -d %{buildroot}/%{_datadir}/omc/svcinfo.d/ +install -D -m 644 %{SOURCE5} %{buildroot}/%{_datadir}/omc/svcinfo.d/ +install -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ +install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} %pre -/usr/sbin/useradd -r -g nogroup -s /bin/false -c "Secure FTP User" -d /var/lib/empty ftpsecure 2> /dev/null || : -%if 0%{?suse_version} > 1140 +%{_sbindir}/useradd -r -g nogroup -s /bin/false -c "Secure FTP User" -d %{_localstatedir}/lib/empty ftpsecure 2> /dev/null || : %service_add_pre %{name}.service -%endif %preun -if [ -e /etc/init.d/%{name} ]; then -%stop_on_removal %name -fi - -%if 0%{?suse_version} > 1140 %service_del_preun %{name}.service -%endif %post -%if %{with_sysvinit} -%{fillup_and_insserv -f %{name}} -%endif - -%if 0%{?suse_version} > 1140 %service_add_post %{name}.service -%endif %postun -%if %{with_sysvinit} -%insserv_cleanup -%restart_on_update %name -%endif - -%if 0%{?suse_version} > 1140 %service_del_postun %{name}.service -%endif %files %defattr(-,root,root) -%if 0%{?suse_version} > 1140 %{_unitdir}/%{name}.service -%endif -/usr/sbin/%name -/usr/sbin/rc%name -%if %{with_sysvinit} -%config /etc/init.d/%name -%endif -%_datadir/omc/svcinfo.d/vsftpd.xml -%dir /usr/share/empty -%config(noreplace) /etc/xinetd.d/%name -%config(noreplace) /etc/%name.conf -%config /etc/pam.d/%name -%config(noreplace) /etc/logrotate.d/%name -%_mandir/man5/%name.conf.* -%_mandir/man8/%name.* +%{_unitdir}/%{name}.socket +%{_unitdir}/%{name}@.service +%{_sbindir}/%{name} +%{_sbindir}/rc%{name} +%{_datadir}/omc/svcinfo.d/vsftpd.xml +%dir %{_datadir}/empty +%config(noreplace) %{_sysconfdir}/xinetd.d/%{name} +%config(noreplace) %{_sysconfdir}/%{name}.conf +%config %{_sysconfdir}/pam.d/%{name} +%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} +%{_mandir}/man5/%{name}.conf.* +%{_mandir}/man8/%{name}.* %doc BUGS AUDIT Changelog LICENSE README README.security %doc REWARD SPEED TODO SECURITY TUNING SIZE FAQ EXAMPLE COPYING %doc README.SUSE ++++++ README.SUSE ++++++ --- /var/tmp/diff_new_pack.8QPaEd/_old 2014-05-27 12:03:22.000000000 +0200 +++ /var/tmp/diff_new_pack.8QPaEd/_new 2014-05-27 12:03:22.000000000 +0200 @@ -4,4 +4,9 @@ listen=NO listen_ipv6=YES -so no changes for xinetd (/etc/xinetd.d/vsftp) are needed by default. +if you plan to use xinetd (/etc/xinetd.d/vsftp) you don't need to change +anything by default, but if you have ipv6 available you have to set +listen_ipv6=NO too in order for xinetd to work. +Alternatively you can also use systemd socket service that listens on +port 21 and starts the server like xinetd would. This service does +not require you to change ANY variable in the /etc/vsftpd.conf. ++++++ vsftpd-2.0.4-xinetd.diff ++++++ --- /var/tmp/diff_new_pack.8QPaEd/_old 2014-05-27 12:03:22.000000000 +0200 +++ /var/tmp/diff_new_pack.8QPaEd/_new 2014-05-27 12:03:22.000000000 +0200 @@ -1,6 +1,7 @@ ---- xinetd.d/vsftpd.orig -+++ xinetd.d/vsftpd -@@ -1,18 +1,23 @@ +diff -urN vsftpd-3.0.2.old/xinetd.d/vsftpd vsftpd-3.0.2/xinetd.d/vsftpd +--- vsftpd-3.0.2.old/xinetd.d/vsftpd 2014-05-26 14:38:40.717042497 +0200 ++++ vsftpd-3.0.2/xinetd.d/vsftpd 2014-05-26 14:41:23.753049249 +0200 +@@ -1,18 +1,26 @@ -# default: on +# default: off # description: @@ -11,6 +12,9 @@ +# NOTE: This file contains the configuration for xinetd to start vsftpd. +# the configuration file for vsftp itself is in /etc/vsftpd.conf +# ++# NOTE: Remember to set both listen and listen_ipv6 to NO in /etc/vsftpd.conf ++# in order to have working xinetd connection. ++# service ftp { socket_type = stream @@ -24,7 +28,7 @@ - nice = 10 - disable = no + server = /usr/sbin/vsftpd -+# server_args = ++ server_args = /etc/vsftpd.conf +# log_on_success += DURATION USERID +# log_on_failure += USERID +# nice = 10 ++++++ vsftpd.socket ++++++ [Unit] Conflicts=vsftpd.service [Socket] ListenStream=21 Accept=yes [Install] WantedBy=sockets.target ++++++ vsftpd@.service ++++++ [Unit] Description=Very Secure FTP Daemon [Service] Type=simple ExecStart=/usr/sbin/vsftpd /etc/vsftpd.conf -obackground=NO -olisten=NO -olisten_ipv6=NO StandardInput=socket SuccessExitStatus=2 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org