initial commit of file from CVS for e-smith-proftpd on Wed 12 Jul 09:05:44 BST 2023
This commit is contained in:
parent
9f1a450709
commit
ced40fe923
4
.gitignore
vendored
Normal file
4
.gitignore
vendored
Normal file
@ -0,0 +1,4 @@
|
||||
*.rpm
|
||||
*.log
|
||||
*spec-20*
|
||||
*.tar.xz
|
21
Makefile
Normal file
21
Makefile
Normal file
@ -0,0 +1,21 @@
|
||||
# Makefile for source rpm: e-smith-proftpd
|
||||
# $Id: Makefile,v 1.1 2016/02/05 21:57:24 stephdl Exp $
|
||||
NAME := e-smith-proftpd
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
ifeq ($(MAKEFILE_COMMON),)
|
||||
# attept a checkout
|
||||
define checkout-makefile-common
|
||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||
endif
|
||||
|
||||
include $(MAKEFILE_COMMON)
|
18
README.md
18
README.md
@ -1,3 +1,17 @@
|
||||
# e-smith-proftpd
|
||||
# <img src="https://www.koozali.org/images/koozali/Logo/Png/Koozali_logo_2016.png" width="25%" vertical="auto" style="vertical-align:bottom"> e-smith-proftpd
|
||||
|
||||
SMEServer Koozali developed git repo for e-smith-proftpd smeserver
|
||||
SMEServer Koozali developed git repo for e-smith-proftpd smeserver
|
||||
|
||||
## Wiki
|
||||
<br />https://wiki.koozali.org/
|
||||
|
||||
## Bugzilla
|
||||
Show list of outstanding bugs: [here](https://bugs.koozali.org/buglist.cgi?component=e-smith-proftpd&product=SME%20Server%2010.X&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED)
|
||||
|
||||
## Description
|
||||
|
||||
<br />*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.*
|
||||
*Once it has been checked, then this comment will be deleted*
|
||||
<br />
|
||||
|
||||
e-smith-Proftpd is an open source software package that allows users to easily set up an FTP server on their Linux or Unix-based system. It is a part of the e-smith software family, which consists of a number of professional tools for system administrators. The package provides a secure and reliable way to transfer files over the internet. It provides a wide range of features, such as virtual hosting, bandwidth throttling, file transfer logging, and support for stand-alone or inetd/xinetd operations. It is a powerful and versatile tool, and is ideal for those who want to manage and share files from their own web server.
|
||||
|
340
additional/COPYING
Normal file
340
additional/COPYING
Normal file
@ -0,0 +1,340 @@
|
||||
GNU GENERAL PUBLIC LICENSE
|
||||
Version 2, June 1991
|
||||
|
||||
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
|
||||
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
Preamble
|
||||
|
||||
The licenses for most software are designed to take away your
|
||||
freedom to share and change it. By contrast, the GNU General Public
|
||||
License is intended to guarantee your freedom to share and change free
|
||||
software--to make sure the software is free for all its users. This
|
||||
General Public License applies to most of the Free Software
|
||||
Foundation's software and to any other program whose authors commit to
|
||||
using it. (Some other Free Software Foundation software is covered by
|
||||
the GNU Library General Public License instead.) You can apply it to
|
||||
your programs, too.
|
||||
|
||||
When we speak of free software, we are referring to freedom, not
|
||||
price. Our General Public Licenses are designed to make sure that you
|
||||
have the freedom to distribute copies of free software (and charge for
|
||||
this service if you wish), that you receive source code or can get it
|
||||
if you want it, that you can change the software or use pieces of it
|
||||
in new free programs; and that you know you can do these things.
|
||||
|
||||
To protect your rights, we need to make restrictions that forbid
|
||||
anyone to deny you these rights or to ask you to surrender the rights.
|
||||
These restrictions translate to certain responsibilities for you if you
|
||||
distribute copies of the software, or if you modify it.
|
||||
|
||||
For example, if you distribute copies of such a program, whether
|
||||
gratis or for a fee, you must give the recipients all the rights that
|
||||
you have. You must make sure that they, too, receive or can get the
|
||||
source code. And you must show them these terms so they know their
|
||||
rights.
|
||||
|
||||
We protect your rights with two steps: (1) copyright the software, and
|
||||
(2) offer you this license which gives you legal permission to copy,
|
||||
distribute and/or modify the software.
|
||||
|
||||
Also, for each author's protection and ours, we want to make certain
|
||||
that everyone understands that there is no warranty for this free
|
||||
software. If the software is modified by someone else and passed on, we
|
||||
want its recipients to know that what they have is not the original, so
|
||||
that any problems introduced by others will not reflect on the original
|
||||
authors' reputations.
|
||||
|
||||
Finally, any free program is threatened constantly by software
|
||||
patents. We wish to avoid the danger that redistributors of a free
|
||||
program will individually obtain patent licenses, in effect making the
|
||||
program proprietary. To prevent this, we have made it clear that any
|
||||
patent must be licensed for everyone's free use or not licensed at all.
|
||||
|
||||
The precise terms and conditions for copying, distribution and
|
||||
modification follow.
|
||||
|
||||
GNU GENERAL PUBLIC LICENSE
|
||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||
|
||||
0. This License applies to any program or other work which contains
|
||||
a notice placed by the copyright holder saying it may be distributed
|
||||
under the terms of this General Public License. The "Program", below,
|
||||
refers to any such program or work, and a "work based on the Program"
|
||||
means either the Program or any derivative work under copyright law:
|
||||
that is to say, a work containing the Program or a portion of it,
|
||||
either verbatim or with modifications and/or translated into another
|
||||
language. (Hereinafter, translation is included without limitation in
|
||||
the term "modification".) Each licensee is addressed as "you".
|
||||
|
||||
Activities other than copying, distribution and modification are not
|
||||
covered by this License; they are outside its scope. The act of
|
||||
running the Program is not restricted, and the output from the Program
|
||||
is covered only if its contents constitute a work based on the
|
||||
Program (independent of having been made by running the Program).
|
||||
Whether that is true depends on what the Program does.
|
||||
|
||||
1. You may copy and distribute verbatim copies of the Program's
|
||||
source code as you receive it, in any medium, provided that you
|
||||
conspicuously and appropriately publish on each copy an appropriate
|
||||
copyright notice and disclaimer of warranty; keep intact all the
|
||||
notices that refer to this License and to the absence of any warranty;
|
||||
and give any other recipients of the Program a copy of this License
|
||||
along with the Program.
|
||||
|
||||
You may charge a fee for the physical act of transferring a copy, and
|
||||
you may at your option offer warranty protection in exchange for a fee.
|
||||
|
||||
2. You may modify your copy or copies of the Program or any portion
|
||||
of it, thus forming a work based on the Program, and copy and
|
||||
distribute such modifications or work under the terms of Section 1
|
||||
above, provided that you also meet all of these conditions:
|
||||
|
||||
a) You must cause the modified files to carry prominent notices
|
||||
stating that you changed the files and the date of any change.
|
||||
|
||||
b) You must cause any work that you distribute or publish, that in
|
||||
whole or in part contains or is derived from the Program or any
|
||||
part thereof, to be licensed as a whole at no charge to all third
|
||||
parties under the terms of this License.
|
||||
|
||||
c) If the modified program normally reads commands interactively
|
||||
when run, you must cause it, when started running for such
|
||||
interactive use in the most ordinary way, to print or display an
|
||||
announcement including an appropriate copyright notice and a
|
||||
notice that there is no warranty (or else, saying that you provide
|
||||
a warranty) and that users may redistribute the program under
|
||||
these conditions, and telling the user how to view a copy of this
|
||||
License. (Exception: if the Program itself is interactive but
|
||||
does not normally print such an announcement, your work based on
|
||||
the Program is not required to print an announcement.)
|
||||
|
||||
These requirements apply to the modified work as a whole. If
|
||||
identifiable sections of that work are not derived from the Program,
|
||||
and can be reasonably considered independent and separate works in
|
||||
themselves, then this License, and its terms, do not apply to those
|
||||
sections when you distribute them as separate works. But when you
|
||||
distribute the same sections as part of a whole which is a work based
|
||||
on the Program, the distribution of the whole must be on the terms of
|
||||
this License, whose permissions for other licensees extend to the
|
||||
entire whole, and thus to each and every part regardless of who wrote it.
|
||||
|
||||
Thus, it is not the intent of this section to claim rights or contest
|
||||
your rights to work written entirely by you; rather, the intent is to
|
||||
exercise the right to control the distribution of derivative or
|
||||
collective works based on the Program.
|
||||
|
||||
In addition, mere aggregation of another work not based on the Program
|
||||
with the Program (or with a work based on the Program) on a volume of
|
||||
a storage or distribution medium does not bring the other work under
|
||||
the scope of this License.
|
||||
|
||||
3. You may copy and distribute the Program (or a work based on it,
|
||||
under Section 2) in object code or executable form under the terms of
|
||||
Sections 1 and 2 above provided that you also do one of the following:
|
||||
|
||||
a) Accompany it with the complete corresponding machine-readable
|
||||
source code, which must be distributed under the terms of Sections
|
||||
1 and 2 above on a medium customarily used for software interchange; or,
|
||||
|
||||
b) Accompany it with a written offer, valid for at least three
|
||||
years, to give any third party, for a charge no more than your
|
||||
cost of physically performing source distribution, a complete
|
||||
machine-readable copy of the corresponding source code, to be
|
||||
distributed under the terms of Sections 1 and 2 above on a medium
|
||||
customarily used for software interchange; or,
|
||||
|
||||
c) Accompany it with the information you received as to the offer
|
||||
to distribute corresponding source code. (This alternative is
|
||||
allowed only for noncommercial distribution and only if you
|
||||
received the program in object code or executable form with such
|
||||
an offer, in accord with Subsection b above.)
|
||||
|
||||
The source code for a work means the preferred form of the work for
|
||||
making modifications to it. For an executable work, complete source
|
||||
code means all the source code for all modules it contains, plus any
|
||||
associated interface definition files, plus the scripts used to
|
||||
control compilation and installation of the executable. However, as a
|
||||
special exception, the source code distributed need not include
|
||||
anything that is normally distributed (in either source or binary
|
||||
form) with the major components (compiler, kernel, and so on) of the
|
||||
operating system on which the executable runs, unless that component
|
||||
itself accompanies the executable.
|
||||
|
||||
If distribution of executable or object code is made by offering
|
||||
access to copy from a designated place, then offering equivalent
|
||||
access to copy the source code from the same place counts as
|
||||
distribution of the source code, even though third parties are not
|
||||
compelled to copy the source along with the object code.
|
||||
|
||||
4. You may not copy, modify, sublicense, or distribute the Program
|
||||
except as expressly provided under this License. Any attempt
|
||||
otherwise to copy, modify, sublicense or distribute the Program is
|
||||
void, and will automatically terminate your rights under this License.
|
||||
However, parties who have received copies, or rights, from you under
|
||||
this License will not have their licenses terminated so long as such
|
||||
parties remain in full compliance.
|
||||
|
||||
5. You are not required to accept this License, since you have not
|
||||
signed it. However, nothing else grants you permission to modify or
|
||||
distribute the Program or its derivative works. These actions are
|
||||
prohibited by law if you do not accept this License. Therefore, by
|
||||
modifying or distributing the Program (or any work based on the
|
||||
Program), you indicate your acceptance of this License to do so, and
|
||||
all its terms and conditions for copying, distributing or modifying
|
||||
the Program or works based on it.
|
||||
|
||||
6. Each time you redistribute the Program (or any work based on the
|
||||
Program), the recipient automatically receives a license from the
|
||||
original licensor to copy, distribute or modify the Program subject to
|
||||
these terms and conditions. You may not impose any further
|
||||
restrictions on the recipients' exercise of the rights granted herein.
|
||||
You are not responsible for enforcing compliance by third parties to
|
||||
this License.
|
||||
|
||||
7. If, as a consequence of a court judgment or allegation of patent
|
||||
infringement or for any other reason (not limited to patent issues),
|
||||
conditions are imposed on you (whether by court order, agreement or
|
||||
otherwise) that contradict the conditions of this License, they do not
|
||||
excuse you from the conditions of this License. If you cannot
|
||||
distribute so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you
|
||||
may not distribute the Program at all. For example, if a patent
|
||||
license would not permit royalty-free redistribution of the Program by
|
||||
all those who receive copies directly or indirectly through you, then
|
||||
the only way you could satisfy both it and this License would be to
|
||||
refrain entirely from distribution of the Program.
|
||||
|
||||
If any portion of this section is held invalid or unenforceable under
|
||||
any particular circumstance, the balance of the section is intended to
|
||||
apply and the section as a whole is intended to apply in other
|
||||
circumstances.
|
||||
|
||||
It is not the purpose of this section to induce you to infringe any
|
||||
patents or other property right claims or to contest validity of any
|
||||
such claims; this section has the sole purpose of protecting the
|
||||
integrity of the free software distribution system, which is
|
||||
implemented by public license practices. Many people have made
|
||||
generous contributions to the wide range of software distributed
|
||||
through that system in reliance on consistent application of that
|
||||
system; it is up to the author/donor to decide if he or she is willing
|
||||
to distribute software through any other system and a licensee cannot
|
||||
impose that choice.
|
||||
|
||||
This section is intended to make thoroughly clear what is believed to
|
||||
be a consequence of the rest of this License.
|
||||
|
||||
8. If the distribution and/or use of the Program is restricted in
|
||||
certain countries either by patents or by copyrighted interfaces, the
|
||||
original copyright holder who places the Program under this License
|
||||
may add an explicit geographical distribution limitation excluding
|
||||
those countries, so that distribution is permitted only in or among
|
||||
countries not thus excluded. In such case, this License incorporates
|
||||
the limitation as if written in the body of this License.
|
||||
|
||||
9. The Free Software Foundation may publish revised and/or new versions
|
||||
of the General Public License from time to time. Such new versions will
|
||||
be similar in spirit to the present version, but may differ in detail to
|
||||
address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the Program
|
||||
specifies a version number of this License which applies to it and "any
|
||||
later version", you have the option of following the terms and conditions
|
||||
either of that version or of any later version published by the Free
|
||||
Software Foundation. If the Program does not specify a version number of
|
||||
this License, you may choose any version ever published by the Free Software
|
||||
Foundation.
|
||||
|
||||
10. If you wish to incorporate parts of the Program into other free
|
||||
programs whose distribution conditions are different, write to the author
|
||||
to ask for permission. For software which is copyrighted by the Free
|
||||
Software Foundation, write to the Free Software Foundation; we sometimes
|
||||
make exceptions for this. Our decision will be guided by the two goals
|
||||
of preserving the free status of all derivatives of our free software and
|
||||
of promoting the sharing and reuse of software generally.
|
||||
|
||||
NO WARRANTY
|
||||
|
||||
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
|
||||
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
|
||||
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
|
||||
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
|
||||
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
|
||||
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
|
||||
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
|
||||
REPAIR OR CORRECTION.
|
||||
|
||||
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
|
||||
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
|
||||
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
|
||||
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
|
||||
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
|
||||
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
|
||||
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
|
||||
POSSIBILITY OF SUCH DAMAGES.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
How to Apply These Terms to Your New Programs
|
||||
|
||||
If you develop a new program, and you want it to be of the greatest
|
||||
possible use to the public, the best way to achieve this is to make it
|
||||
free software which everyone can redistribute and change under these terms.
|
||||
|
||||
To do so, attach the following notices to the program. It is safest
|
||||
to attach them to the start of each source file to most effectively
|
||||
convey the exclusion of warranty; and each file should have at least
|
||||
the "copyright" line and a pointer to where the full notice is found.
|
||||
|
||||
<one line to give the program's name and a brief idea of what it does.>
|
||||
Copyright (C) 19yy <name of author>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
|
||||
Also add information on how to contact you by electronic and paper mail.
|
||||
|
||||
If the program is interactive, make it output a short notice like this
|
||||
when it starts in an interactive mode:
|
||||
|
||||
Gnomovision version 69, Copyright (C) 19yy name of author
|
||||
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||
This is free software, and you are welcome to redistribute it
|
||||
under certain conditions; type `show c' for details.
|
||||
|
||||
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||
parts of the General Public License. Of course, the commands you use may
|
||||
be called something other than `show w' and `show c'; they could even be
|
||||
mouse-clicks or menu items--whatever suits your program.
|
||||
|
||||
You should also get your employer (if you work as a programmer) or your
|
||||
school, if any, to sign a "copyright disclaimer" for the program, if
|
||||
necessary. Here is a sample; alter the names:
|
||||
|
||||
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
|
||||
`Gnomovision' (which makes passes at compilers) written by James Hacker.
|
||||
|
||||
<signature of Ty Coon>, 1 April 1989
|
||||
Ty Coon, President of Vice
|
||||
|
||||
This General Public License does not permit incorporating your program into
|
||||
proprietary programs. If your program is a subroutine library, you may
|
||||
consider it more useful to permit linking proprietary applications with the
|
||||
library. If this is what you want to do, use the GNU Library General
|
||||
Public License instead of this License.
|
375
additional/e-smith-proftpd.spec
Normal file
375
additional/e-smith-proftpd.spec
Normal file
@ -0,0 +1,375 @@
|
||||
Summary: e-smith specific proftpd configuration files and templates
|
||||
%define name e-smith-proftpd
|
||||
Name: %{name}
|
||||
%define version 1.11.0
|
||||
%define release 01
|
||||
Version: %{version}
|
||||
Release: %{release}
|
||||
License: GPL
|
||||
Vendor: Mitel Networks Corporation
|
||||
Group: Networking/Daemons
|
||||
Source: %{name}-%{version}.tar.gz
|
||||
Packager: e-smith developers <bugs@e-smith.com>
|
||||
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
|
||||
BuildArchitectures: noarch
|
||||
Requires: e-smith-base >= 4.6.0-15, proftpd
|
||||
Requires: e-smith-lib >= 1.13.1-33
|
||||
Requires: iptables
|
||||
AutoReqProv: no
|
||||
|
||||
%changelog
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-01]
|
||||
- Changing version to development stream number - 1.11.0
|
||||
|
||||
* Thu Jun 26 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.10.0-01]
|
||||
- Changing version to stable stream number - 1.10.0
|
||||
|
||||
* Tue Apr 29 2003 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.9.0-14]
|
||||
- Modify xinetd.conf/30ftp to properly handle enabled/disabled/missing cases [gordonr 8609]
|
||||
|
||||
* Mon Apr 21 2003 Mark Knox <markk@e-smith.com>
|
||||
- [1.9.0-13]
|
||||
- Force 0640 on proftpd.conf [markk 8408]
|
||||
|
||||
* Tue Apr 8 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-12]
|
||||
- Fix typo in path for anonymous login. [charlieb 5652]
|
||||
- Remove selective binding to interfaces for now - it requires
|
||||
a full xinetd restart, which we don't do in remoteaccess-update.
|
||||
[charlieb 951]
|
||||
- Change ScoreboardPath to ScoreboardFile - the former is deprecated
|
||||
(with extreme prejudice) in current proftpd. [charlieb 5411]
|
||||
|
||||
* Tue Apr 8 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-11]
|
||||
- Add ScoreboardPath directive to config file templates [charlieb 5411]
|
||||
|
||||
* Tue Mar 18 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-10]
|
||||
- Add config migration fragment to migrate old ftp access properties
|
||||
to new. [charlieb 7683]
|
||||
- Change Copyright header to License. [charlieb]
|
||||
|
||||
* Thu Mar 13 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-09]
|
||||
- Use LoginAccess property to control ftp login access - this replaces the
|
||||
"acccess" semantics of 5.5 and earlier. [charlieb 7466]
|
||||
- Add back the special case for Primary i-bay, as it's needed for anonymous
|
||||
ftp. [charlieb 5652]
|
||||
|
||||
* Fri Mar 7 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-08]
|
||||
- esmith::utils::processTemplate => esmith::templates::processTemplate.
|
||||
[charlieb 7466]
|
||||
|
||||
* Thu Mar 6 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-07]
|
||||
- Escape braces in logrotate.d template fragment [charlieb 6438]
|
||||
|
||||
* Thu Mar 6 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-06]
|
||||
- Fix missed accessLimits => access change in ftp masq fragment [charlieb 7466]
|
||||
|
||||
* Thu Mar 6 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-05]
|
||||
- Fix migrate fragment problem. [charlieb 1507]
|
||||
- Remove legacy code from proftpd config templates, and simplify. [charlieb 7466]
|
||||
|
||||
* Mon Mar 3 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-04]
|
||||
- Template /etc/logrotate.d/proftpd and remove postrotate sigHUP. [charlieb 6438]
|
||||
- Add default config db fragments to set type/access/status [charlieb 1507]
|
||||
- Replace migrate script in post-upgrade event with template fragment in
|
||||
db/configuration/migrate directory. [charlieb 1507]
|
||||
- Use "access" rather than "accessLimits" to control access to ftp from
|
||||
outside LAN. [charlieb 7466]
|
||||
- Bind to local interface only if access is private. [charlieb 951]
|
||||
|
||||
* Fri Feb 28 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-03]
|
||||
- Re-do hosts.allow template to use esmith::ConfigDB::hosts_allow_spec.
|
||||
Add dependency on up-to-date e-smith-lib.
|
||||
TODO: fix accessLimits v access issue. [charlieb 5650]
|
||||
|
||||
* Wed Jan 29 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-02]
|
||||
- Remove special cases for primary in proftpd.conf - primary
|
||||
is now a pre-defined i-bay. [charlieb 5652]
|
||||
|
||||
* Wed Jan 29 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-01]
|
||||
- Rolling development stream to 1.9.0
|
||||
|
||||
* Fri Oct 11 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.8.0-01]
|
||||
- Roll to maintained version number to 1.8.0
|
||||
|
||||
* Wed Oct 2 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.3-05]
|
||||
- Removed stray braces in get_all_by_prop [markk 3786]
|
||||
|
||||
* Mon Sep 23 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.3-04]
|
||||
- Fix proftpd.conf template breakage [markk 3786]
|
||||
|
||||
* Mon Sep 23 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-03]
|
||||
- Fix hosts.allow template breakage [charlieb 3786]
|
||||
|
||||
* Thu Sep 19 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-02]
|
||||
- Fix i-bay section of proftpd.conf [charlieb 4950]
|
||||
|
||||
* Thu Sep 12 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-01]
|
||||
- Preparing for rebuild as-source, to get rid of some patch detritus - see
|
||||
bug 4825. [charlieb 4793]
|
||||
|
||||
* Thu Sep 12 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-05]
|
||||
- Add missing 10LimitSiteChmod template fragment [charlieb 4793]
|
||||
|
||||
* Thu Sep 12 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-04]
|
||||
- Replace deprecate AllowChmod with <Limit SITE_CHMOD>, which requires some
|
||||
fragment shuffling. Remove unnecessary template-{begin,end}, move
|
||||
10localAccess to 00localAccess. [charlieb 4793]
|
||||
|
||||
* Wed Sep 11 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-03]
|
||||
- Fix esmith::Networks => esmith::NetworksDB snafu in /etc/proftpd.conf
|
||||
template. [charlieb 3786]
|
||||
|
||||
* Tue Sep 10 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.2-02]
|
||||
- Change use of allow_tcp_in() function to allow dynamic reconfig.
|
||||
[charlieb 4501]
|
||||
- Remove deprecated split on pipe [markk 3786]
|
||||
|
||||
* Thu Aug 8 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-01]
|
||||
- Remove 46AllowFTPActive masq template fragment, allow port 21 inbound
|
||||
access and allow netfilter connection tracking to do the rest of the
|
||||
job of FTP access control. [charlieb 4499]
|
||||
|
||||
* Wed Jul 17 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.1-01]
|
||||
- Change masq script fragment to use iptables. [charlieb 1268]
|
||||
|
||||
* Wed Jun 5 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.0-01]
|
||||
- Changing version to development stream number - 1.7.0
|
||||
|
||||
* Fri May 31 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.6.0-01]
|
||||
- Changing version to maintained stream number to 1.6.0
|
||||
|
||||
* Thu May 23 2002 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.5.5-01]
|
||||
- RPM rebuild forced by cvsroot2rpm
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.4-01]
|
||||
- Disable reverse DNS and ident lookups [charlieb 339]
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.3-01]
|
||||
- Once more with feeling! (I missed one).
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.2-01]
|
||||
- Fix createlinks problems with missing directories and $event scope.
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.1-01]
|
||||
- Test build to verify CVS conversion.
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.0-01]
|
||||
- rollRPM: Rolled version number to 1.5.0-01. Includes patches up to 1.4.0-08.
|
||||
|
||||
* Wed Dec 05 2001 Jason Miller <jmiller@e-smith.com>
|
||||
- [1.4.0-08]
|
||||
- Fix 45AllowFTP masq template to handle case where status=disabled
|
||||
|
||||
* Fri Nov 16 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-07]
|
||||
- Be sure to regenerate /etc/ftpusers during password-modify event, to allow
|
||||
access to password protected i-bays.
|
||||
- Remove proftpd-conf actions from post-install and post-upgrade events -
|
||||
bootstrap-console-save is sufficient.
|
||||
|
||||
* Thu Nov 08 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-06]
|
||||
- Fix xinetd.conf template fragment so that status=disabled is honoured.
|
||||
|
||||
* Mon Oct 22 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-05]
|
||||
- Add missing bootstrap-console-save symlink.
|
||||
|
||||
* Tue Aug 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.4.0-04]
|
||||
- Fixed e-smith-base dependency
|
||||
|
||||
* Tue Aug 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.4.0-03]
|
||||
- Removed "public" from /etc/ftpusers
|
||||
- Removed post-restore event
|
||||
- Added Vendor tag
|
||||
|
||||
* Fri Aug 17 2001 gordonr
|
||||
- [1.4.0-02]
|
||||
- Autorebuild by rebuildRPM
|
||||
|
||||
* Wed Aug 8 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-01]
|
||||
- Rolled version number to 1.4.0-01. Includes patches upto 1.3.0-03.
|
||||
|
||||
* Fri Jul 6 2001 Peter Samuel <peters@e-smith.com>
|
||||
- [1.3.0-03]
|
||||
- Changed license to GPL
|
||||
|
||||
* Fri Jun 29 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-02]
|
||||
- Make use of /etc/e-smith/pam/accounts.deny as template for /etc/ftpusers
|
||||
|
||||
* Fri Jun 29 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-01]
|
||||
- Rolled version number to 1.3.0-01. Includes patches upto 1.2.0-07.
|
||||
|
||||
* Tue Mar 27 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-07]
|
||||
- Avoid proftp DoS attack with wildcards
|
||||
- Allow FTP ports, with optional "ForcePassive|yes" property, defaulting to no
|
||||
|
||||
* Thu Feb 8 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.2.0-06]
|
||||
- Rolling release number for GPG signing.
|
||||
|
||||
* Tue Jan 30 2001 Jason Miller <jmiller@e-smith.com>
|
||||
- [1.2.0-05]
|
||||
- Changed 'use smith::db' to 'use esmith::db'.
|
||||
|
||||
* Tue Jan 30 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-04]
|
||||
- And "use esmith::db" is reuqired.
|
||||
|
||||
* Mon Jan 29 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-03]
|
||||
- Fixed syntax error in previous fix :-)
|
||||
|
||||
* Fri Jan 26 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-02]
|
||||
- Fix reference to legacy config variable in proftpd.conf fragment
|
||||
|
||||
* Fri Jan 26 2001 Peter Samuel <peters@e-smith.com>
|
||||
- [1.2.0-01]
|
||||
- Rolled version number to 1.2.0-01. Includes patches upto 1.1.0-13.
|
||||
|
||||
* Thu Jan 25 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-13]
|
||||
- Added default for accessLimits in proftpd-conf
|
||||
|
||||
* Wed Jan 24 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-12]
|
||||
- Added AllowFTP fragment for /etc/rc.d/init.d/masq.
|
||||
- Remove %post action
|
||||
|
||||
* Thu Jan 18 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-11]
|
||||
- FTP now uses a new setting FTP access limits in remote access
|
||||
which completely governs access control to the service.
|
||||
- The old FTP setting governs only user logins.
|
||||
- updated xinetd.conf/ftp fragment to use new value
|
||||
|
||||
* Wed Jan 17 2001 Jason Miller <jmiller@e-smith.com>
|
||||
- removed %postun deletion of ftp line in configuration
|
||||
to comply with the sillyness of rpm upgrade
|
||||
|
||||
* Fri Jan 12 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- ftpd != ftp :-(
|
||||
|
||||
* Fri Jan 12 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- Migrate FTPServerMode variable
|
||||
|
||||
* Sat Jan 6 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-7]
|
||||
- Only run %post and %postun scripts if in runlevel 7
|
||||
|
||||
* Fri Jan 5 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-6]
|
||||
- add selective bind back in.
|
||||
|
||||
* Fri Jan 5 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-5]
|
||||
- backed out bind local interface code, needs to be rethought
|
||||
to allow access to localhost
|
||||
|
||||
* Thu Jan 4 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-4]
|
||||
- changed 30ftp to only expand if ftp service is enabled.
|
||||
- if ftp access is set to private, only bind to LocalIP in
|
||||
xinetd.conf
|
||||
|
||||
* Sun Dec 17 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-3]
|
||||
- Delete /etc/rc.d/init.d/masq template fragment.
|
||||
|
||||
* Mon Dec 4 2000 Adrian Chung <adrianc@e-smith.com>
|
||||
- Added link for post-install.
|
||||
|
||||
* Fri Dec 1 2000 Adrian Chung <adrianc@e-smith.com>
|
||||
- initial release
|
||||
|
||||
%description
|
||||
Configuration files and templates for the ProFTPd ftp server.
|
||||
|
||||
%prep
|
||||
%setup
|
||||
|
||||
%build
|
||||
mkdir -p root/etc/e-smith/events
|
||||
for i in \
|
||||
console-save \
|
||||
bootstrap-console-save \
|
||||
domain-create \
|
||||
domain-delete \
|
||||
domain-modify \
|
||||
ibay-create \
|
||||
ibay-delete \
|
||||
ibay-modify \
|
||||
ibay-modify-servers \
|
||||
ip-change \
|
||||
network-create \
|
||||
network-delete \
|
||||
post-upgrade \
|
||||
remoteaccess-update \
|
||||
password-modify
|
||||
do
|
||||
mkdir root/etc/e-smith/events/$i
|
||||
done
|
||||
perl createlinks
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
|
||||
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
|
||||
> %{name}-%{version}-%{release}-filelist
|
||||
echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%pre
|
||||
|
||||
%preun
|
||||
|
||||
%post
|
||||
|
||||
%postun
|
||||
|
||||
%files -f %{name}-%{version}-%{release}-filelist
|
||||
%defattr(-,root,root)
|
1
contriborbase
Normal file
1
contriborbase
Normal file
@ -0,0 +1 @@
|
||||
sme10
|
78
createlinks
Executable file
78
createlinks
Executable file
@ -0,0 +1,78 @@
|
||||
#!/usr/bin/perl -w
|
||||
|
||||
use esmith::Build::CreateLinks qw(:all);
|
||||
|
||||
safe_symlink("proftpd", "root/var/service/ftp");
|
||||
|
||||
templates2events("/etc/logrotate.d/proftpd", qw(
|
||||
bootstrap-console-save
|
||||
e-smith-proftpd-update
|
||||
));
|
||||
templates2events("/etc/pam.d/ftp", qw(
|
||||
bootstrap-console-save
|
||||
e-smith-proftpd-update
|
||||
));
|
||||
templates2events("/etc/ftpusers", qw(
|
||||
bootstrap-console-save
|
||||
network-create
|
||||
network-delete
|
||||
remoteaccess-update
|
||||
password-modify
|
||||
user-lock
|
||||
e-smith-proftpd-update
|
||||
));
|
||||
|
||||
templates2events("/etc/proftpd.conf", qw(
|
||||
console-save
|
||||
bootstrap-console-save
|
||||
domain-create
|
||||
domain-delete
|
||||
domain-modify
|
||||
ibay-create
|
||||
ibay-delete
|
||||
ibay-modify
|
||||
ibay-modify-servers
|
||||
ip-change
|
||||
network-create
|
||||
network-delete
|
||||
remoteaccess-update
|
||||
password-modify
|
||||
e-smith-proftpd-update
|
||||
ssl-update
|
||||
));
|
||||
|
||||
foreach my $event (qw(
|
||||
remoteaccess-update))
|
||||
{
|
||||
safe_symlink("sigusr1", "root/etc/e-smith/events/$event/services2adjust/ftp");
|
||||
}
|
||||
|
||||
foreach my $event (qw(
|
||||
bootstrap-console-save
|
||||
network-create
|
||||
remoteaccess-update
|
||||
network-delete
|
||||
e-smith-proftpd-update
|
||||
))
|
||||
{
|
||||
templates2events("/var/service/ftp/peers/0", $event);
|
||||
templates2events("/var/service/ftp/peers/local", $event);
|
||||
}
|
||||
foreach my $event (qw(
|
||||
network-create
|
||||
network-delete
|
||||
))
|
||||
{
|
||||
safe_symlink("sigusr1", "root/etc/e-smith/events/$event/services2adjust/ftp");
|
||||
}
|
||||
|
||||
safe_symlink("restart", "root/etc/e-smith/events/ssl-update/services2adjust/ftp");
|
||||
|
||||
my $event = 'e-smith-proftpd-update';
|
||||
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/ftp");
|
||||
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/rsyslog");
|
||||
templates2events("/etc/systemd/system-preset/49-koozali.preset", $event);
|
||||
event_link("systemd-reload", $event, "89");
|
||||
templates2events("/etc/rsyslog.conf", $event);
|
||||
|
||||
exit 0;
|
623
e-smith-proftpd.spec
Normal file
623
e-smith-proftpd.spec
Normal file
@ -0,0 +1,623 @@
|
||||
# $Id: e-smith-proftpd.spec,v 1.16 2021/05/31 04:21:31 jpp Exp $
|
||||
|
||||
Summary: e-smith specific proftpd configuration files and templates
|
||||
%define name e-smith-proftpd
|
||||
Name: %{name}
|
||||
%define version 2.6.0
|
||||
%define release 16
|
||||
Version: %{version}
|
||||
Release: %{release}%{?dist}
|
||||
License: GPL
|
||||
Group: Networking/Daemons
|
||||
Source: %{name}-%{version}.tar.xz
|
||||
|
||||
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
|
||||
BuildArchitectures: noarch
|
||||
BuildRequires: e-smith-devtools
|
||||
Requires: e-smith-base >= 4.15.0-05, proftpd
|
||||
Requires: e-smith-lib >= 1.15.1-33
|
||||
Requires: iptables
|
||||
AutoReqProv: no
|
||||
|
||||
%changelog
|
||||
* Wed Jul 12 2023 cvs2git.sh aka Brian Read <brianr@koozali.org> 2.6.0-16.sme
|
||||
- Roll up patches and move to git repo [SME: 12338]
|
||||
|
||||
* Wed Jul 12 2023 BogusDateBot
|
||||
- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
|
||||
by assuming the date is correct and changing the weekday.
|
||||
|
||||
* Mon May 31 2021 Jean-Philippe Pialasse <tests@pialasse.com> 2.6.0-15.sme
|
||||
- restart proftpd on ssl-update [SME: 11603]
|
||||
|
||||
* Tue Mar 16 2021 Jean-Philippe Pialasse <tests@pialasse.com> 2.6.0-14.sme
|
||||
- cleanup in /etc/rc.d [SME: 9692]
|
||||
|
||||
* Wed Mar 03 2021 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-13.sme
|
||||
- redirect log away from message [SME: 11384]
|
||||
|
||||
* Thu Feb 18 2021 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-12.sme
|
||||
- fix circular Conflict with proftpd [SME: 11357]
|
||||
|
||||
* Thu Jan 14 2021 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-11.sme
|
||||
- improve protect from proftpd.service running [SME: 11106]
|
||||
|
||||
* Fri Jan 08 2021 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-10.sme
|
||||
- protect from proftpd.service running in place of ftp.service [SME: 11106]
|
||||
- remove system-preset file from usr [SME: 10958]
|
||||
- SSL crt and key to self signed if path does not exist [SME: 11316]
|
||||
|
||||
* Thu Dec 10 2020 Michel Begue <mab974@gmail.com> 2.6.0-8.sme
|
||||
- add Requires=runit.service [SME: 11245]
|
||||
|
||||
* Thu Dec 03 2020 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-7.sme
|
||||
- execute systemd-reload before service adjust in events [SME: 11228]
|
||||
- remove S95reset-unsavedflag [SME: 11229]
|
||||
|
||||
* Wed Nov 25 2020 Michel Begue <mab974@gmail.com> 2.6.0-6.sme
|
||||
- Remove ftp from 'init.d/supervise' [SME: 11106] [SME: 11150]
|
||||
|
||||
* Wed Nov 25 2020 Michel Begue <mab974@gmail.com> 2.6.0-5.sme
|
||||
- Move ftp service to systemd [SME: 11106]
|
||||
- Create e-smith-proftpd-update event [SME: 11150]
|
||||
|
||||
* Wed Aug 03 2016 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-4.sme
|
||||
- fix typos [SME: 6804]
|
||||
- set default as required
|
||||
- NB: client must be set as active connection, not passive
|
||||
|
||||
* Fri Jun 17 2016 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-3.sme
|
||||
- updated patch for certificate chain
|
||||
- Thanks to Daniel Berteaud
|
||||
|
||||
* Fri Jun 17 2016 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-2.sme
|
||||
- Adding TLS support to proftp configuration [SME: 6804]
|
||||
- default is enabled but not required, only TLSv1.1 and v1.2
|
||||
|
||||
* Fri Feb 05 2016 stephane de Labrusse <stephdl@de-labrusse.fr> 2.6.0-1.sme
|
||||
- Initial release to sme10
|
||||
|
||||
* Fri Jun 7 2013 Daniel Berteaud <daniel@firewall-services.com> 2.4.0-3.sme
|
||||
- Also remove the empty template-begin file in pam.d/proftpd templates [SME: 7660]
|
||||
|
||||
* Fri Jun 7 2013 Daniel Berteaud <daniel@firewall-services.com> 2.4.0-2.sme
|
||||
- Remove unused pam templates [SME: 7660]
|
||||
|
||||
* Wed Feb 13 2013 Shad L. Lords <slords@mail.com> 2.4.0-1.sme
|
||||
- Roll new stream for sme9
|
||||
|
||||
* Fri Feb 8 2013 Ian Wells <esmith@wellsi.com> 2.2.0-6.sme
|
||||
- Ensure Deny from all is on its own line in 15LimitLOGIN [SME: 7327]
|
||||
|
||||
* Wed Jan 23 2013 Ian Wells <esmith@wellsi.com> 2.2.0-5.sme
|
||||
- Workaround a deficiency in the proftpd package where it doesn't
|
||||
handle long lines correctly in its configuration file.
|
||||
Fix submitted by Charlie Brady [SME: 6949]
|
||||
|
||||
* Tue Jan 22 2013 Ian Wells <esmith@wellsi.com> 2.2.0-4.sme
|
||||
- Remove previous change [SME: 7129]
|
||||
|
||||
* Wed Dec 19 2012 Ian Wells <esmith@wellsi.com> 2.2.0-3.sme
|
||||
- Add VRoot engine to avoid pam log error [SME: 7129]
|
||||
|
||||
* Wed Sep 22 2010 Daniel Berteaud <daniel@firewall-services.com> 2.2.0-2.sme
|
||||
- Add PersistentPasswd directive to force proftpd to use pam [SME: 6219]
|
||||
|
||||
* Tue Oct 7 2008 Shad L. Lords <slords@mail.com> 2.2.0-1.sme
|
||||
- Roll new stream to separate sme7/sme8 trees [SME: 4633]
|
||||
|
||||
* Wed Jan 09 2008 Stephen Noble <support@dungog.net> 1.12.0-11
|
||||
- ShowSymlinks off [SME: 993]
|
||||
|
||||
* Wed Oct 31 2007 Gavin Weight <gweight@gmail.com> 1.12.0-10
|
||||
- Rename DisplayFirstChdir to DisplayChdir. [SME: 3479]
|
||||
|
||||
* Tue Jun 26 2007 Gavin Weight <gweight@gmail.com> 1.12.0-9
|
||||
- Create pam.d directory and move ftp/proftpd templates into pam.d.
|
||||
[SME: 2762]
|
||||
|
||||
* Sun Apr 29 2007 Shad L. Lords <slords@mail.com>
|
||||
- Clean up spec so package can be built by koji/plague
|
||||
|
||||
* Fri Apr 06 2007 Shad L. Lords <slords@mail.com> 1.12.0-8
|
||||
- Change perms for ftpusers file. [SME: 2841]
|
||||
|
||||
* Fri Apr 06 2007 Shad L. Lords <slords@mail.com> 1.12.0-7
|
||||
- Rename log directory from proftpd to ftp [SME: 2706]
|
||||
|
||||
* Wed Jan 10 2007 Shad L. Lords <slords@mail.com> 1.12.0-6
|
||||
- Add global override for chroot path. [SME: 590]
|
||||
|
||||
* Wed Jan 03 2007 Shad L. Lords <slords@mail.com> 1.12.0-5
|
||||
- Add fixed chroot patch back in. [SME: 590]
|
||||
|
||||
* Thu Dec 07 2006 Shad L. Lords <slords@mail.com>
|
||||
- Update to new release naming. No functional changes.
|
||||
- Make Packager generic
|
||||
|
||||
* Thu Sep 21 2006 Gavin Weight <gweight@gmail.com> 1.12.0-03
|
||||
- Expand /etc/ftpusers if user is locked/password reset. [SME: 1921]
|
||||
|
||||
* Tue Apr 18 2006 Gordon Rowell <gordonr@gormand.com.au> 1.12.0-02
|
||||
- Force permissions on /var/log/proftpd in log/run script [SME: 1267]
|
||||
|
||||
* Thu Mar 16 2006 Charlie Brady <charlie_brady@mitel.com> 1.12.0-01
|
||||
- Roll stable stream version. [SME: 1016]
|
||||
|
||||
* Tue Feb 28 2006 Charlie Brady <charlie_brady@mitel.com> 1.11.0-29
|
||||
- Back out the chroot patch for now. [SME: 590]
|
||||
|
||||
* Fri Jan 27 2006 Shad L. Lords <slords@mail.com> 1.11.0-28
|
||||
- Disable anonymous ibays if globally disabled.
|
||||
|
||||
* Fri Jan 27 2006 Shad L. Lords <slords@mail.com> 1.11.0-27
|
||||
- Add chroot for users [SME: 590]
|
||||
- Add ability to disable anonymous access [SME: 591]
|
||||
|
||||
* Wed Nov 30 2005 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-26
|
||||
- Bump release number only
|
||||
|
||||
* Wed Oct 12 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-25]
|
||||
- Filter out comments in peers files, to avoid log noise from
|
||||
tcpsvd. Fix name of peers/local templates.metadata file.
|
||||
[SF: 1324719]
|
||||
|
||||
* Wed Jul 27 2005 Shad Lords <slords@mail.com>
|
||||
- [1.11.0-24]
|
||||
- Move masq fragement from template to db [SF: 1241416]
|
||||
|
||||
* Tue Jun 14 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-23]
|
||||
- Re-expand peers/{0,local} in remoteaccess-update, as permissions
|
||||
may have changed. [SF: 1220510]
|
||||
|
||||
* Tue Mar 29 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-22]
|
||||
- Create empty template-begin template fragments for tcpsvd
|
||||
ACL files.
|
||||
|
||||
* Tue Mar 29 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-21]
|
||||
- Don't use sigusr1 in bootstrap-console-save, as the service is not
|
||||
up, and sigusr1 will be ignored. Instead, call ./control/1 from run
|
||||
script.
|
||||
|
||||
* Wed Mar 23 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-20]
|
||||
- Use sigusr1 in remoteaccess-update. This will generate the network ACL
|
||||
symlinks. 'adjust-services' implicitly starts any service which
|
||||
should be running.
|
||||
|
||||
* Wed Mar 16 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-19]
|
||||
- Use tcpsvd in place of tcpserver. Manage network access lists
|
||||
using new esmith::tcpsvd library. Update e-smith-lib depenency.
|
||||
- Add symlink /var/service/ftp -> proftpd.
|
||||
- Add zero length template-begin files to peers/{0,local}, to avoid
|
||||
log noise from comment lines.
|
||||
|
||||
* Wed Mar 16 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-18]
|
||||
- Add missing templates for peers/{0,local}.
|
||||
|
||||
* Wed Mar 16 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-17]
|
||||
- Optimise template expansions versus events - only expand files
|
||||
which may have changed.
|
||||
|
||||
* Tue Mar 15 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-16]
|
||||
- Fix service name in adjust-services symlink. [MN00065576]
|
||||
|
||||
* Sun Mar 13 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-15]
|
||||
- Replace proftp-startstop action with call to 'adjust-services'.
|
||||
Update e-smith-lib version dependency. [MN00065576]
|
||||
- Use generic_template_expand action in place of proftpd-conf.
|
||||
[MN00064130]
|
||||
- Re-add missing restart patch to config.
|
||||
|
||||
* Thu Mar 10 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-14]
|
||||
- Allow restarts of retreive and store. Patch from Shad. [MN00073802]
|
||||
- Avoid duplicate Primary section in config. Patch from Shad. [MN00073804]
|
||||
|
||||
* Wed Feb 9 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-13]
|
||||
- Remove migrate fragment for very old FTPServerMode property. [MN00065931]
|
||||
- Clean BuildRequires. [charlieb MN00043055]
|
||||
|
||||
* Fri Sep 3 2004 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-12]
|
||||
- Backout of user-create/delete addition. Wrong way to go.
|
||||
[msoulier MN00035806]
|
||||
|
||||
* Fri Sep 3 2004 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-11]
|
||||
- Added proftpd-conf and startstop to user-create/delete.
|
||||
[msoulier MN00035806]
|
||||
|
||||
* Wed Aug 4 2004 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-10]
|
||||
- Updated startstop to use esmith::util::serviceControl. [msoulier MN00031530]
|
||||
|
||||
* Mon Sep 22 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-09]
|
||||
- Fixed network spec format. CIDR format expected. [msoulier 10069]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-08]
|
||||
- Fix c&p error in tcprules template fragment. [charlieb 9547]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-07]
|
||||
- Add requires for correct version of e-smith-base. [charlieb 9547]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-06]
|
||||
- Remove hosts.allow and xinetd.conf template fragments.
|
||||
[charlieb 9547]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-05]
|
||||
- Fix a couple of run time errors. [charlieb 9547]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-04]
|
||||
- Service directory and rc7.d symlinks must be called ftp, since that is
|
||||
the service record name. Use /etc/rc.d/init.d/supervise directory, to
|
||||
avoid potential clash with stock init script. [charlieb 9547,9930]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-03]
|
||||
- Use new createlinks library to reduce code. [charlieb 9809]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-02]
|
||||
- Run proftpd under supervise and tcpserver. [charlieb 9547]
|
||||
|
||||
* Fri Sep 5 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-01]
|
||||
- Changing version to development stream number - 1.11.0
|
||||
|
||||
* Thu Jun 26 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.10.0-01]
|
||||
- Changing version to stable stream number - 1.10.0
|
||||
|
||||
* Tue Apr 29 2003 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.9.0-14]
|
||||
- Modify xinetd.conf/30ftp to properly handle enabled/disabled/missing cases [gordonr 8609]
|
||||
|
||||
* Mon Apr 21 2003 Mark Knox <markk@e-smith.com>
|
||||
- [1.9.0-13]
|
||||
- Force 0640 on proftpd.conf [markk 8408]
|
||||
|
||||
* Tue Apr 8 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-12]
|
||||
- Fix typo in path for anonymous login. [charlieb 5652]
|
||||
- Remove selective binding to interfaces for now - it requires
|
||||
a full xinetd restart, which we don't do in remoteaccess-update.
|
||||
[charlieb 951]
|
||||
- Change ScoreboardPath to ScoreboardFile - the former is deprecated
|
||||
(with extreme prejudice) in current proftpd. [charlieb 5411]
|
||||
|
||||
* Tue Apr 8 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-11]
|
||||
- Add ScoreboardPath directive to config file templates [charlieb 5411]
|
||||
|
||||
* Tue Mar 18 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-10]
|
||||
- Add config migration fragment to migrate old ftp access properties
|
||||
to new. [charlieb 7683]
|
||||
- Change Copyright header to License. [charlieb]
|
||||
|
||||
* Thu Mar 13 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-09]
|
||||
- Use LoginAccess property to control ftp login access - this replaces the
|
||||
"acccess" semantics of 5.5 and earlier. [charlieb 7466]
|
||||
- Add back the special case for Primary i-bay, as it's needed for anonymous
|
||||
ftp. [charlieb 5652]
|
||||
|
||||
* Fri Mar 7 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-08]
|
||||
- esmith::utils::processTemplate => esmith::templates::processTemplate.
|
||||
[charlieb 7466]
|
||||
|
||||
* Thu Mar 6 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-07]
|
||||
- Escape braces in logrotate.d template fragment [charlieb 6438]
|
||||
|
||||
* Thu Mar 6 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-06]
|
||||
- Fix missed accessLimits => access change in ftp masq fragment [charlieb 7466]
|
||||
|
||||
* Thu Mar 6 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-05]
|
||||
- Fix migrate fragment problem. [charlieb 1507]
|
||||
- Remove legacy code from proftpd config templates, and simplify. [charlieb 7466]
|
||||
|
||||
* Mon Mar 3 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-04]
|
||||
- Template /etc/logrotate.d/proftpd and remove postrotate sigHUP. [charlieb 6438]
|
||||
- Add default config db fragments to set type/access/status [charlieb 1507]
|
||||
- Replace migrate script in post-upgrade event with template fragment in
|
||||
db/configuration/migrate directory. [charlieb 1507]
|
||||
- Use "access" rather than "accessLimits" to control access to ftp from
|
||||
outside LAN. [charlieb 7466]
|
||||
- Bind to local interface only if access is private. [charlieb 951]
|
||||
|
||||
* Fri Feb 28 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-03]
|
||||
- Re-do hosts.allow template to use esmith::ConfigDB::hosts_allow_spec.
|
||||
Add dependency on up-to-date e-smith-lib.
|
||||
TODO: fix accessLimits v access issue. [charlieb 5650]
|
||||
|
||||
* Wed Jan 29 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-02]
|
||||
- Remove special cases for primary in proftpd.conf - primary
|
||||
is now a pre-defined i-bay. [charlieb 5652]
|
||||
|
||||
* Wed Jan 29 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-01]
|
||||
- Rolling development stream to 1.9.0
|
||||
|
||||
* Fri Oct 11 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.8.0-01]
|
||||
- Roll to maintained version number to 1.8.0
|
||||
|
||||
* Wed Oct 2 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.3-05]
|
||||
- Removed stray braces in get_all_by_prop [markk 3786]
|
||||
|
||||
* Mon Sep 23 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.3-04]
|
||||
- Fix proftpd.conf template breakage [markk 3786]
|
||||
|
||||
* Mon Sep 23 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-03]
|
||||
- Fix hosts.allow template breakage [charlieb 3786]
|
||||
|
||||
* Thu Sep 19 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-02]
|
||||
- Fix i-bay section of proftpd.conf [charlieb 4950]
|
||||
|
||||
* Thu Sep 12 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-01]
|
||||
- Preparing for rebuild as-source, to get rid of some patch detritus - see
|
||||
bug 4825. [charlieb 4793]
|
||||
|
||||
* Thu Sep 12 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-05]
|
||||
- Add missing 10LimitSiteChmod template fragment [charlieb 4793]
|
||||
|
||||
* Thu Sep 12 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-04]
|
||||
- Replace deprecate AllowChmod with <Limit SITE_CHMOD>, which requires some
|
||||
fragment shuffling. Remove unnecessary template-{begin,end}, move
|
||||
10localAccess to 00localAccess. [charlieb 4793]
|
||||
|
||||
* Wed Sep 11 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-03]
|
||||
- Fix esmith::Networks => esmith::NetworksDB snafu in /etc/proftpd.conf
|
||||
template. [charlieb 3786]
|
||||
|
||||
* Tue Sep 10 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.2-02]
|
||||
- Change use of allow_tcp_in() function to allow dynamic reconfig.
|
||||
[charlieb 4501]
|
||||
- Remove deprecated split on pipe [markk 3786]
|
||||
|
||||
* Thu Aug 8 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-01]
|
||||
- Remove 46AllowFTPActive masq template fragment, allow port 21 inbound
|
||||
access and allow netfilter connection tracking to do the rest of the
|
||||
job of FTP access control. [charlieb 4499]
|
||||
|
||||
* Wed Jul 17 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.1-01]
|
||||
- Change masq script fragment to use iptables. [charlieb 1268]
|
||||
|
||||
* Wed Jun 5 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.0-01]
|
||||
- Changing version to development stream number - 1.7.0
|
||||
|
||||
* Fri May 31 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.6.0-01]
|
||||
- Changing version to maintained stream number to 1.6.0
|
||||
|
||||
* Thu May 23 2002 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.5.5-01]
|
||||
- RPM rebuild forced by cvsroot2rpm
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.4-01]
|
||||
- Disable reverse DNS and ident lookups [charlieb 339]
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.3-01]
|
||||
- Once more with feeling! (I missed one).
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.2-01]
|
||||
- Fix createlinks problems with missing directories and $event scope.
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.1-01]
|
||||
- Test build to verify CVS conversion.
|
||||
|
||||
* Fri May 3 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.5.0-01]
|
||||
- rollRPM: Rolled version number to 1.5.0-01. Includes patches up to 1.4.0-08.
|
||||
|
||||
* Wed Dec 05 2001 Jason Miller <jmiller@e-smith.com>
|
||||
- [1.4.0-08]
|
||||
- Fix 45AllowFTP masq template to handle case where status=disabled
|
||||
|
||||
* Fri Nov 16 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-07]
|
||||
- Be sure to regenerate /etc/ftpusers during password-modify event, to allow
|
||||
access to password protected i-bays.
|
||||
- Remove proftpd-conf actions from post-install and post-upgrade events -
|
||||
bootstrap-console-save is sufficient.
|
||||
|
||||
* Thu Nov 08 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-06]
|
||||
- Fix xinetd.conf template fragment so that status=disabled is honoured.
|
||||
|
||||
* Mon Oct 22 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-05]
|
||||
- Add missing bootstrap-console-save symlink.
|
||||
|
||||
* Tue Aug 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.4.0-04]
|
||||
- Fixed e-smith-base dependency
|
||||
|
||||
* Tue Aug 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.4.0-03]
|
||||
- Removed "public" from /etc/ftpusers
|
||||
- Removed post-restore event
|
||||
- Added Vendor tag
|
||||
|
||||
* Fri Aug 17 2001 gordonr
|
||||
- [1.4.0-02]
|
||||
- Autorebuild by rebuildRPM
|
||||
|
||||
* Wed Aug 8 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-01]
|
||||
- Rolled version number to 1.4.0-01. Includes patches upto 1.3.0-03.
|
||||
|
||||
* Fri Jul 6 2001 Peter Samuel <peters@e-smith.com>
|
||||
- [1.3.0-03]
|
||||
- Changed license to GPL
|
||||
|
||||
* Fri Jun 29 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-02]
|
||||
- Make use of /etc/e-smith/pam/accounts.deny as template for /etc/ftpusers
|
||||
|
||||
* Fri Jun 29 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-01]
|
||||
- Rolled version number to 1.3.0-01. Includes patches upto 1.2.0-07.
|
||||
|
||||
* Tue Mar 27 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-07]
|
||||
- Avoid proftp DoS attack with wildcards
|
||||
- Allow FTP ports, with optional "ForcePassive|yes" property, defaulting to no
|
||||
|
||||
* Thu Feb 8 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.2.0-06]
|
||||
- Rolling release number for GPG signing.
|
||||
|
||||
* Tue Jan 30 2001 Jason Miller <jmiller@e-smith.com>
|
||||
- [1.2.0-05]
|
||||
- Changed 'use smith::db' to 'use esmith::db'.
|
||||
|
||||
* Tue Jan 30 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-04]
|
||||
- And "use esmith::db" is reuqired.
|
||||
|
||||
* Mon Jan 29 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-03]
|
||||
- Fixed syntax error in previous fix :-)
|
||||
|
||||
* Fri Jan 26 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.2.0-02]
|
||||
- Fix reference to legacy config variable in proftpd.conf fragment
|
||||
|
||||
* Fri Jan 26 2001 Peter Samuel <peters@e-smith.com>
|
||||
- [1.2.0-01]
|
||||
- Rolled version number to 1.2.0-01. Includes patches upto 1.1.0-13.
|
||||
|
||||
* Thu Jan 25 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-13]
|
||||
- Added default for accessLimits in proftpd-conf
|
||||
|
||||
* Wed Jan 24 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-12]
|
||||
- Added AllowFTP fragment for /etc/rc.d/init.d/masq.
|
||||
- Remove %post action
|
||||
|
||||
* Thu Jan 18 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-11]
|
||||
- FTP now uses a new setting FTP access limits in remote access
|
||||
which completely governs access control to the service.
|
||||
- The old FTP setting governs only user logins.
|
||||
- updated xinetd.conf/ftp fragment to use new value
|
||||
|
||||
* Wed Jan 17 2001 Jason Miller <jmiller@e-smith.com>
|
||||
- removed %postun deletion of ftp line in configuration
|
||||
to comply with the sillyness of rpm upgrade
|
||||
|
||||
* Fri Jan 12 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- ftpd != ftp :-(
|
||||
|
||||
* Fri Jan 12 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- Migrate FTPServerMode variable
|
||||
|
||||
* Sat Jan 6 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-7]
|
||||
- Only run %post and %postun scripts if in runlevel 7
|
||||
|
||||
* Fri Jan 5 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-6]
|
||||
- add selective bind back in.
|
||||
|
||||
* Fri Jan 5 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-5]
|
||||
- backed out bind local interface code, needs to be rethought
|
||||
to allow access to localhost
|
||||
|
||||
* Thu Jan 4 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-4]
|
||||
- changed 30ftp to only expand if ftp service is enabled.
|
||||
- if ftp access is set to private, only bind to LocalIP in
|
||||
xinetd.conf
|
||||
|
||||
* Sun Dec 17 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-3]
|
||||
- Delete /etc/rc.d/init.d/masq template fragment.
|
||||
|
||||
* Mon Dec 4 2000 Adrian Chung <adrianc@e-smith.com>
|
||||
- Added link for post-install.
|
||||
|
||||
* Fri Dec 1 2000 Adrian Chung <adrianc@e-smith.com>
|
||||
- initial release
|
||||
|
||||
%description
|
||||
Configuration files and templates for the ProFTPd ftp server.
|
||||
|
||||
%prep
|
||||
%setup
|
||||
|
||||
# Remove the empty template-begin and the directory
|
||||
rm -rf root/etc/e-smith/templates/etc/pam.d/proftpd/
|
||||
|
||||
%build
|
||||
perl createlinks
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
|
||||
rm -f %{name}-%{version}-%{release}-filelist
|
||||
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
|
||||
--dir /var/service/proftpd 'attr(01755,root,root)' \
|
||||
--file /var/service/proftpd/down 'attr(0644,root,root)' \
|
||||
--file /var/service/proftpd/run 'attr(0755,root,root)' \
|
||||
--file /var/service/proftpd/control/1 'attr(0755,root,root)' \
|
||||
--dir /var/service/proftpd/log 'attr(0755,root,root)' \
|
||||
--dir /var/service/proftpd/log/supervise 'attr(0700,root,root)' \
|
||||
--dir /var/service/proftpd/supervise 'attr(0700,root,root)' \
|
||||
--file /var/service/proftpd/log/run 'attr(0755,root,root)' \
|
||||
--dir /var/log/ftp 'attr(2750,smelog,smelog)' \
|
||||
> %{name}-%{version}-%{release}-filelist
|
||||
echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%pre
|
||||
/sbin/e-smith/create-system-user smelog 1002 \
|
||||
'sme log user' /var/log/smelog /bin/false
|
||||
|
||||
%files -f %{name}-%{version}-%{release}-filelist
|
||||
%defattr(-,root,root)
|
@ -0,0 +1 @@
|
||||
private
|
1
root/etc/e-smith/db/configuration/defaults/ftp/TCPPort
Normal file
1
root/etc/e-smith/db/configuration/defaults/ftp/TCPPort
Normal file
@ -0,0 +1 @@
|
||||
21
|
1
root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable
Normal file
1
root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable
Normal file
@ -0,0 +1 @@
|
||||
on
|
@ -0,0 +1 @@
|
||||
on
|
@ -0,0 +1 @@
|
||||
off
|
1
root/etc/e-smith/db/configuration/defaults/ftp/access
Normal file
1
root/etc/e-smith/db/configuration/defaults/ftp/access
Normal file
@ -0,0 +1 @@
|
||||
private
|
1
root/etc/e-smith/db/configuration/defaults/ftp/status
Normal file
1
root/etc/e-smith/db/configuration/defaults/ftp/status
Normal file
@ -0,0 +1 @@
|
||||
disabled
|
1
root/etc/e-smith/db/configuration/defaults/ftp/type
Normal file
1
root/etc/e-smith/db/configuration/defaults/ftp/type
Normal file
@ -0,0 +1 @@
|
||||
service
|
27
root/etc/e-smith/db/configuration/migrate/20proftpd.access
Normal file
27
root/etc/e-smith/db/configuration/migrate/20proftpd.access
Normal file
@ -0,0 +1,27 @@
|
||||
{
|
||||
my $ftp = $DB->get('ftp');
|
||||
return unless defined $ftp;
|
||||
|
||||
my $access = $ftp->prop('accessLimits');
|
||||
return unless defined $access; # New or already migrated server
|
||||
|
||||
my $login = $ftp->prop('access') || 'private';
|
||||
my $status = $ftp->prop('status') || 'disabled';
|
||||
if ($access eq "normal")
|
||||
{
|
||||
$status = 'enabled';
|
||||
$access = 'public';
|
||||
}
|
||||
if ($access eq "off")
|
||||
{
|
||||
$status = 'disabled';
|
||||
$access = 'private';
|
||||
}
|
||||
|
||||
$ftp->delete_prop('accessLimits');
|
||||
$ftp->merge_props(
|
||||
LoginAccess => $login,
|
||||
access => $access,
|
||||
status => $status,
|
||||
);
|
||||
}
|
4
root/etc/e-smith/templates.metadata/etc/ftpusers
Normal file
4
root/etc/e-smith/templates.metadata/etc/ftpusers
Normal file
@ -0,0 +1,4 @@
|
||||
MORE_DATA={ACCOUNTS_DENY_ALLOW_PUBLIC => 1}
|
||||
TEMPLATE_PATH="/etc/e-smith/pam/accounts.deny"
|
||||
OUTPUT_FILENAME="/etc/ftpusers"
|
||||
PERMS=0644
|
1
root/etc/e-smith/templates.metadata/etc/proftpd.conf
Normal file
1
root/etc/e-smith/templates.metadata/etc/proftpd.conf
Normal file
@ -0,0 +1 @@
|
||||
PERMS=0640
|
@ -0,0 +1,2 @@
|
||||
PERMS=use esmith::ConfigDB; (esmith::ConfigDB->open_ro->get('ftp')->prop('access') eq "private") ? "000" : "0644"
|
||||
FILTER=sub { $_[0] =~ /^#/ ? '' : $_[0] } # Remove comments
|
@ -0,0 +1,2 @@
|
||||
PERMS=use esmith::ConfigDB; (esmith::ConfigDB->open_ro->get('ftp')->prop('status') eq "enabled") ? "0644" : "0000"
|
||||
FILTER=sub { $_[0] =~ /^#/ ? '' : $_[0] } # Remove comments
|
@ -0,0 +1,6 @@
|
||||
|
||||
/var/log/proftpd/*.log \{
|
||||
compress
|
||||
missingok
|
||||
\}
|
||||
|
@ -0,0 +1,4 @@
|
||||
/var/log/xferlog \{
|
||||
compress
|
||||
missingok
|
||||
\}
|
1
root/etc/e-smith/templates/etc/pam.d/ftp/10authFTPusers
Normal file
1
root/etc/e-smith/templates/etc/pam.d/ftp/10authFTPusers
Normal file
@ -0,0 +1 @@
|
||||
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
|
3
root/etc/e-smith/templates/etc/pam.d/ftp/20auth
Normal file
3
root/etc/e-smith/templates/etc/pam.d/ftp/20auth
Normal file
@ -0,0 +1,3 @@
|
||||
auth { -f "/lib/security/pam_pwdb.so" ||
|
||||
-f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" :
|
||||
"include system-auth" }
|
3
root/etc/e-smith/templates/etc/pam.d/ftp/30account
Normal file
3
root/etc/e-smith/templates/etc/pam.d/ftp/30account
Normal file
@ -0,0 +1,3 @@
|
||||
account { -f "/lib/security/pam_pwdb.so" ||
|
||||
-f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" :
|
||||
"include system-auth" }
|
3
root/etc/e-smith/templates/etc/pam.d/ftp/40session
Normal file
3
root/etc/e-smith/templates/etc/pam.d/ftp/40session
Normal file
@ -0,0 +1,3 @@
|
||||
session { -f "/lib/security/pam_pwdb.so" ||
|
||||
-f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" :
|
||||
"include system-auth" }
|
1
root/etc/e-smith/templates/etc/pam.d/ftp/template-begin
Symbolic link
1
root/etc/e-smith/templates/etc/pam.d/ftp/template-begin
Symbolic link
@ -0,0 +1 @@
|
||||
/etc/e-smith/templates-default/template-begin-pam
|
42
root/etc/e-smith/templates/etc/proftpd.conf/00Documentation
Normal file
42
root/etc/e-smith/templates/etc/proftpd.conf/00Documentation
Normal file
@ -0,0 +1,42 @@
|
||||
{
|
||||
#------------------------------------------------------------
|
||||
# FILE ACCESS PERMISSIONS RULES
|
||||
#
|
||||
# - There are three types of user that can connect to the ftp
|
||||
# server: regular users, "admin", and information bay users.
|
||||
#
|
||||
# - When "information bay" users connect, their permissions are
|
||||
# set by the Anonymous sections below.
|
||||
#
|
||||
# - All other users are governed by the permissions declared in
|
||||
# this main section of the proftpd.conf file.
|
||||
#
|
||||
# - The main section permits access only from the local network.
|
||||
# Hence, only the anonymous information bays can be accessed
|
||||
# remotely.
|
||||
#
|
||||
# - Regular users as well as the "admin" account can connect
|
||||
# locally, and the ftp server will switch to their user/group
|
||||
# immediately upon connection. Therefore we program the FTP
|
||||
# server to permit write access to all these users; the Unix
|
||||
# filesystem will sort out who gets to update which files.
|
||||
#
|
||||
# - All Unix accounts have the same primary group name as user
|
||||
# name (normal for Red Hat Linux). However, all user accounts
|
||||
# also belong to group "shared".
|
||||
#
|
||||
# - Files in user accounts are owned by "user/user" (i.e. group
|
||||
# name same as user).
|
||||
#
|
||||
# - For all the other files (primary web site, information bay
|
||||
# files, etc.) either they can only be written by "admin" or
|
||||
# they can be written by any local user. If the former, we
|
||||
# make the files owned by "admin/shared", with permissions
|
||||
# 750/640. If the latter, we make the files owned by
|
||||
# ???/shared, with permissions 770/660. Each file is owned
|
||||
# by the user that created it.
|
||||
#
|
||||
# - Make all directories setgid, so that they continue to be
|
||||
# owned by "shared".
|
||||
#------------------------------------------------------------
|
||||
}
|
@ -0,0 +1,9 @@
|
||||
{
|
||||
# Work out local access specification
|
||||
use esmith::NetworksDB;
|
||||
|
||||
my $ndb = esmith::NetworksDB->open_ro();
|
||||
@local_access = $ndb->local_access_spec;
|
||||
|
||||
return "";
|
||||
}
|
@ -0,0 +1,2 @@
|
||||
AllowRetrieveRestart on
|
||||
AllowStoreRestart on
|
25
root/etc/e-smith/templates/etc/proftpd.conf/05Chroot
Normal file
25
root/etc/e-smith/templates/etc/proftpd.conf/05Chroot
Normal file
@ -0,0 +1,25 @@
|
||||
{
|
||||
use esmith::AccountsDB;
|
||||
|
||||
$OUT = "";
|
||||
my $accounts = esmith::AccountsDB->open;
|
||||
my @users = $accounts->users;
|
||||
|
||||
foreach my $user (@users)
|
||||
{
|
||||
my $chrootDir = $user->prop('ChrootDir') || $ftp{'ChrootDir'} || next;
|
||||
|
||||
if ( $chrootDir =~ m#^/# && -d $chrootDir )
|
||||
{
|
||||
$OUT .= "DefaultRoot $chrootDir ".$user->key."\n";
|
||||
}
|
||||
elsif ( -d "/home/e-smith/files/ibays/$chrootDir" )
|
||||
{
|
||||
$OUT .= "DefaultRoot /home/e-smith/files/ibays/$chrootDir ".$user->key."\n";
|
||||
}
|
||||
elsif ( $chrootDir =~ m#home$# )
|
||||
{
|
||||
$OUT .= "DefaultRoot /home/e-smith/files/users/".$user->key."/home ".$user->key."\n";
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1 @@
|
||||
DefaultRoot /home/e-smith/files
|
@ -0,0 +1 @@
|
||||
DefaultServer on
|
1
root/etc/e-smith/templates/etc/proftpd.conf/05DenyFilter
Normal file
1
root/etc/e-smith/templates/etc/proftpd.conf/05DenyFilter
Normal file
@ -0,0 +1 @@
|
||||
DenyFilter \*.*/
|
@ -0,0 +1 @@
|
||||
DisplayChdir .message
|
@ -0,0 +1 @@
|
||||
DisplayLogin welcome.msg
|
1
root/etc/e-smith/templates/etc/proftpd.conf/05Group
Normal file
1
root/etc/e-smith/templates/etc/proftpd.conf/05Group
Normal file
@ -0,0 +1 @@
|
||||
Group public
|
@ -0,0 +1 @@
|
||||
IdentLookups off
|
@ -0,0 +1 @@
|
||||
MaxInstances 30
|
@ -0,0 +1 @@
|
||||
PersistentPasswd off
|
@ -0,0 +1 @@
|
||||
ScoreboardFile /var/run/proftpd/scoreboard
|
@ -0,0 +1 @@
|
||||
ServerAdmin admin@{ $DomainName }
|
@ -0,0 +1 @@
|
||||
ServerIdent off
|
1
root/etc/e-smith/templates/etc/proftpd.conf/05ServerName
Normal file
1
root/etc/e-smith/templates/etc/proftpd.conf/05ServerName
Normal file
@ -0,0 +1 @@
|
||||
ServerName "ProFTPD SME Server installation"
|
1
root/etc/e-smith/templates/etc/proftpd.conf/05ServerType
Normal file
1
root/etc/e-smith/templates/etc/proftpd.conf/05ServerType
Normal file
@ -0,0 +1 @@
|
||||
ServerType inetd
|
@ -0,0 +1 @@
|
||||
ShowSymlinks off
|
@ -0,0 +1 @@
|
||||
UseFtpUsers on
|
@ -0,0 +1 @@
|
||||
UseReverseDNS off
|
1
root/etc/e-smith/templates/etc/proftpd.conf/05User
Normal file
1
root/etc/e-smith/templates/etc/proftpd.conf/05User
Normal file
@ -0,0 +1 @@
|
||||
User public
|
1
root/etc/e-smith/templates/etc/proftpd.conf/05port
Normal file
1
root/etc/e-smith/templates/etc/proftpd.conf/05port
Normal file
@ -0,0 +1 @@
|
||||
Port 21
|
41
root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS
Normal file
41
root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS
Normal file
@ -0,0 +1,41 @@
|
||||
{
|
||||
#check if TLS is enabled
|
||||
if (($ftp{TLSEnable} || 'on') eq 'on') {
|
||||
|
||||
#check if TLS is required: values "on", "off"
|
||||
#if "on" normal ftp connections are dropped
|
||||
my $tlsrequired = $ftp{'TLSRequired'} || "on";
|
||||
my $tlsclient = $ftp{'TLSVerifyClient'} || "off";
|
||||
#use the same crt and key of httpd
|
||||
my $defaultcrt = "/home/e-smith/ssl.crt/${SystemName}.${DomainName}.crt";
|
||||
my $defaultkey = "/home/e-smith/ssl.key/${SystemName}.${DomainName}.key";
|
||||
|
||||
my $crt = $modSSL{'crt'} || $defaultcrt;
|
||||
$crt = $defaultcrt unless -e $crt;
|
||||
my $key = $modSSL{'key'} || $defaultkey;
|
||||
$key = $defaultkey unless -e $key;
|
||||
|
||||
my $chain_file = $modSSL{CertificateChainFile} ||
|
||||
"# no chain cert";
|
||||
$chain_file = "# no chain cert" unless -e $chain_file;
|
||||
|
||||
$chain_file = ( $chain_file eq "# no chain cert" )? $chain_file : "TLSCertificateChainFile $chain_file";
|
||||
|
||||
$OUT .= <<SSL_END;
|
||||
|
||||
<IfModule mod_tls.c>
|
||||
TLSEngine on
|
||||
TLSLog /var/log/proftpd/tls.log
|
||||
TLSProtocol TLSv1.1 TLSv1.2
|
||||
TLSOptions NoCertRequest AllowClientRenegotiations
|
||||
TLSRSACertificateFile $crt
|
||||
TLSRSACertificateKeyFile $key
|
||||
$chain_file
|
||||
TLSVerifyClient $tlsclient
|
||||
TLSRequired $tlsrequired
|
||||
</IfModule>
|
||||
SSL_END
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1 @@
|
||||
<Directory /*>
|
@ -0,0 +1,3 @@
|
||||
<Limit WRITE>{ # deny all write access unless given explicitly }
|
||||
DenyAll
|
||||
</Limit>
|
@ -0,0 +1,3 @@
|
||||
<Limit SITE_CHMOD>{ # deny all chmod }
|
||||
DenyAll
|
||||
</Limit>
|
@ -0,0 +1 @@
|
||||
</Directory>
|
22
root/etc/e-smith/templates/etc/proftpd.conf/15LimitLOGIN
Normal file
22
root/etc/e-smith/templates/etc/proftpd.conf/15LimitLOGIN
Normal file
@ -0,0 +1,22 @@
|
||||
{
|
||||
# allow normal user connections either only from local network,
|
||||
# or from anywhere
|
||||
}<Limit LOGIN>
|
||||
{
|
||||
my $access = $ftp{LoginAccess} || "private";
|
||||
if ($access eq 'public')
|
||||
{
|
||||
$OUT = " AllowAll";
|
||||
}
|
||||
else
|
||||
{
|
||||
use Net::IPv4Addr qw(ipv4_parse);
|
||||
|
||||
$OUT = " Order Allow,Deny\n";
|
||||
$OUT .= join "\n",
|
||||
map { " Allow from " . join '/', ipv4_parse($_) }
|
||||
@local_access;
|
||||
$OUT .= "\n Deny from all";
|
||||
}
|
||||
}
|
||||
</Limit>
|
15
root/etc/e-smith/templates/etc/proftpd.conf/30UserDirAccess
Normal file
15
root/etc/e-smith/templates/etc/proftpd.conf/30UserDirAccess
Normal file
@ -0,0 +1,15 @@
|
||||
{
|
||||
# Local access to "home" subdirectory of user directories.
|
||||
# (Don't set group, since files are in user's primary group. umask is
|
||||
# 007 to generate permissions of 770/660.)
|
||||
#
|
||||
# NOTE: Users cannot write to their real home directory ~user as it
|
||||
# is blocked by the default deny write
|
||||
}
|
||||
<Directory ~/home>
|
||||
AllowOverwrite on
|
||||
Umask 007
|
||||
<Limit WRITE>
|
||||
AllowAll
|
||||
</Limit>
|
||||
</Directory>
|
42
root/etc/e-smith/templates/etc/proftpd.conf/40IBayAccess
Normal file
42
root/etc/e-smith/templates/etc/proftpd.conf/40IBayAccess
Normal file
@ -0,0 +1,42 @@
|
||||
{
|
||||
# Local access to bay directories. Note that in this context, we can
|
||||
# ignore the public access rules associated with each bay, since this
|
||||
# section of the config file applies only to local logins. We can also
|
||||
# ignore the usepassword rules, since anonymous login is handled
|
||||
# below.
|
||||
|
||||
use esmith::AccountsDB;
|
||||
|
||||
$OUT = "";
|
||||
|
||||
my $adb = esmith::AccountsDB->open_ro();
|
||||
foreach my $ibay ($adb->ibays)
|
||||
{
|
||||
my %properties = $ibay->props;
|
||||
my $key = $ibay->key;
|
||||
my $umask = "027";
|
||||
|
||||
if ($properties{'UserAccess'} eq 'wr-admin-rd-group')
|
||||
{
|
||||
$umask = "027";
|
||||
}
|
||||
elsif ($properties{'UserAccess'} eq 'wr-group-rd-group')
|
||||
{
|
||||
$umask = "007";
|
||||
}
|
||||
elsif ($properties{'UserAccess'} eq 'wr-group-rd-everyone')
|
||||
{
|
||||
$umask = "002";
|
||||
}
|
||||
|
||||
$OUT .= "\n";
|
||||
$OUT .= "<Directory /home/e-smith/files/ibays/$key/*>\n";
|
||||
$OUT .= " AllowOverwrite on\n";
|
||||
$OUT .= " GroupOwner shared\n";
|
||||
$OUT .= " Umask $umask\n";
|
||||
$OUT .= " <Limit WRITE>\n";
|
||||
$OUT .= " AllowAll\n";
|
||||
$OUT .= " </Limit>\n";
|
||||
$OUT .= "</Directory>\n";
|
||||
}
|
||||
}
|
@ -0,0 +1,29 @@
|
||||
{
|
||||
#------------------------------------------------------------
|
||||
# How to handle anonymous FTP logins: chroot to the Primary
|
||||
# i-bay files directory.
|
||||
#------------------------------------------------------------
|
||||
return "" if ($ftp{DisableAnonymous} || 'no') eq 'yes';
|
||||
|
||||
$OUT = << 'EOF';
|
||||
<Anonymous /home/e-smith/files/ibays/Primary/files>
|
||||
User public
|
||||
Group public
|
||||
UserAlias anonymous public
|
||||
UserAlias ftp public
|
||||
AnonRequirePassword off
|
||||
UseFtpUsers on
|
||||
MaxClients 10
|
||||
DisplayLogin welcome.msg
|
||||
DisplayChdir .message
|
||||
<Limit LOGIN>
|
||||
AllowAll
|
||||
</Limit>
|
||||
<Directory *>
|
||||
<Limit WRITE>
|
||||
DenyAll
|
||||
</Limit>
|
||||
</Directory>
|
||||
</Anonymous>
|
||||
EOF
|
||||
}
|
84
root/etc/e-smith/templates/etc/proftpd.conf/60AnonymousIBay
Normal file
84
root/etc/e-smith/templates/etc/proftpd.conf/60AnonymousIBay
Normal file
@ -0,0 +1,84 @@
|
||||
{
|
||||
#------------------------------------------------------------
|
||||
# How to handle logins from information bay accounts: chroot to the
|
||||
# files part of the information bay directory.
|
||||
#------------------------------------------------------------
|
||||
|
||||
use esmith::AccountsDB;
|
||||
use Net::IPv4Addr qw(ipv4_parse);
|
||||
|
||||
$OUT .= "";
|
||||
|
||||
my $adb = esmith::AccountsDB->open_ro();
|
||||
my @local = map { join '/', ipv4_parse($_) } @local_access;
|
||||
my @all = ('all');
|
||||
foreach my $ibay ($adb->ibays)
|
||||
{
|
||||
my $key = $ibay->key;
|
||||
my %properties = $ibay->props;
|
||||
|
||||
next if ($key eq "Primary");
|
||||
|
||||
my $pass;
|
||||
|
||||
my $access = $ibay->prop('PublicAccess') || 'none';
|
||||
|
||||
if ($access eq 'none')
|
||||
{
|
||||
@allow = ('127.0.0.1');
|
||||
$pass = 1;
|
||||
}
|
||||
elsif ($access eq 'local')
|
||||
{
|
||||
@allow = @local;
|
||||
$pass = 0;
|
||||
}
|
||||
elsif ($access eq 'local-pw')
|
||||
{
|
||||
@allow = @local;
|
||||
$pass = 1;
|
||||
}
|
||||
elsif ($access eq 'global')
|
||||
{
|
||||
@allow = @all;
|
||||
$pass = 0;
|
||||
}
|
||||
elsif ($access eq 'global-pw')
|
||||
{
|
||||
@allow = @all;
|
||||
$pass = 1;
|
||||
}
|
||||
elsif ($access eq 'global-pw-remote')
|
||||
{
|
||||
@allow = @all;
|
||||
$pass = 1;
|
||||
}
|
||||
|
||||
# variables: $allow (IP), $pass (bool)
|
||||
|
||||
if ( ($ftp{DisableAnonymous} || 'no') ne 'yes' &&
|
||||
($ibay->prop('DisableAnonymous') || 'no') ne 'yes' )
|
||||
{
|
||||
$OUT .= "\n";
|
||||
$OUT .= "<Anonymous /home/e-smith/files/ibays/$key/files>\n";
|
||||
$OUT .= " User $key\n";
|
||||
$OUT .= " Group $key\n";
|
||||
$OUT .= " AnonRequirePassword " . ($pass ? "on" : "off") . "\n";
|
||||
$OUT .= " UseFtpUsers on\n";
|
||||
$OUT .= " MaxClients 10\n";
|
||||
$OUT .= " DisplayLogin welcome.msg\n";
|
||||
$OUT .= " DisplayChdir .message\n";
|
||||
$OUT .= " <Limit LOGIN>\n";
|
||||
$OUT .= " Order Allow,Deny\n";
|
||||
$OUT .= " Allow from $_\n" foreach @allow;
|
||||
$OUT .= " Deny from all\n";
|
||||
$OUT .= " </Limit>\n";
|
||||
$OUT .= " <Directory *>\n";
|
||||
$OUT .= " <Limit WRITE>\n";
|
||||
$OUT .= " DenyAll\n";
|
||||
$OUT .= " </Limit>\n";
|
||||
$OUT .= " </Directory>\n";
|
||||
$OUT .= "</Anonymous>\n";
|
||||
}
|
||||
}
|
||||
}
|
6
root/etc/e-smith/templates/etc/rsyslog.conf/32proftpd
Normal file
6
root/etc/e-smith/templates/etc/rsyslog.conf/32proftpd
Normal file
@ -0,0 +1,6 @@
|
||||
|
||||
#proftpd
|
||||
if $programname == 'proftpd' and $syslogfacility-text == 'authpriv' then /var/log/secure
|
||||
:programname, isequal, "proftpd" /var/log/proftpd/proftpd.log
|
||||
& stop
|
||||
|
@ -0,0 +1,2 @@
|
||||
127.0.0.1:allow
|
||||
{ $LocalIP }:allow
|
@ -0,0 +1,22 @@
|
||||
{
|
||||
use esmith::util;
|
||||
|
||||
my @prefixes = esmith::util::computeAllLocalNetworkPrefixes($LocalIP,
|
||||
$LocalNetmask);
|
||||
|
||||
require esmith::NetworksDB;
|
||||
my $n = esmith::NetworksDB->open;
|
||||
foreach my $network ($n->get_all_by_prop(type => 'network'))
|
||||
{
|
||||
push(@prefixes,
|
||||
esmith::util::computeAllLocalNetworkPrefixes(
|
||||
$network->key, $network->prop('Mask')));
|
||||
}
|
||||
|
||||
foreach my $prefix ( @prefixes )
|
||||
{
|
||||
my $dot = ( $prefix =~ /\d+\.\d+\.\d+\.\d+/ ) ? '' : '.';
|
||||
|
||||
$OUT .= $prefix . $dot . ":allow\n";
|
||||
}
|
||||
}
|
@ -0,0 +1,4 @@
|
||||
:{
|
||||
my $access = $ftp{'access'} || 'private';
|
||||
$OUT = ($access eq "public") ? "allow" : "deny"
|
||||
}
|
@ -0,0 +1 @@
|
||||
C4
|
@ -0,0 +1 @@
|
||||
C4
|
1
root/service/ftp
Symbolic link
1
root/service/ftp
Symbolic link
@ -0,0 +1 @@
|
||||
/var/service/proftpd
|
16
root/usr/lib/systemd/system/ftp.service
Normal file
16
root/usr/lib/systemd/system/ftp.service
Normal file
@ -0,0 +1,16 @@
|
||||
[Unit]
|
||||
Description=ftp (proftpd)
|
||||
After=network.target
|
||||
Requires=runit.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStartPre=/sbin/e-smith/service-status ftp
|
||||
ExecStart=/usr/bin/sv u /service/ftp
|
||||
ExecStop=/usr/bin/sv stop /service/ftp
|
||||
ExecReload=/usr/bin/sv t /service/ftp
|
||||
RemainAfterExit=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=sme-server.target
|
||||
Alias=proftpd.service
|
@ -0,0 +1,5 @@
|
||||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=/bin/false
|
||||
ExecReload=/bin/false
|
||||
# disabled for Koozali, please use ftp.service instead
|
0
root/var/log/ftp/.gitignore
vendored
Normal file
0
root/var/log/ftp/.gitignore
vendored
Normal file
27
root/var/service/proftpd/control/1
Normal file
27
root/var/service/proftpd/control/1
Normal file
@ -0,0 +1,27 @@
|
||||
#!/usr/bin/perl -w
|
||||
#----------------------------------------------------------------------
|
||||
# copyright (C) 2005 Mitel Networks Corporation
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#
|
||||
# Technical support for this program is available from Mitel Networks
|
||||
# Please visit our web site www.mitel.com/sme/ for details.
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
use esmith::tcpsvd;
|
||||
|
||||
esmith::tcpsvd::configure_peers('ftp');
|
||||
|
||||
exit(0);
|
0
root/var/service/proftpd/down
Normal file
0
root/var/service/proftpd/down
Normal file
0
root/var/service/proftpd/env/.gitignore
vendored
Normal file
0
root/var/service/proftpd/env/.gitignore
vendored
Normal file
23
root/var/service/proftpd/log/run
Normal file
23
root/var/service/proftpd/log/run
Normal file
@ -0,0 +1,23 @@
|
||||
#!/bin/sh
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
# copyright (C) 2003-2006 Mitel Networks Corporation
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#----------------------------------------------------------------------
|
||||
exec \
|
||||
/usr/local/bin/setuidgid smelog \
|
||||
/usr/local/bin/multilog t s5000000 \
|
||||
/var/log/ftp
|
0
root/var/service/proftpd/log/supervise/.gitignore
vendored
Normal file
0
root/var/service/proftpd/log/supervise/.gitignore
vendored
Normal file
0
root/var/service/proftpd/peers/.gitignore
vendored
Normal file
0
root/var/service/proftpd/peers/.gitignore
vendored
Normal file
36
root/var/service/proftpd/run
Normal file
36
root/var/service/proftpd/run
Normal file
@ -0,0 +1,36 @@
|
||||
#!/bin/sh
|
||||
#----------------------------------------------------------------------
|
||||
# copyright (C) 2003-5 Mitel Networks Corporation
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#
|
||||
# Technical support for this program is available from Mitel Networks
|
||||
# Please visit our web site www.mitel.com/sme/ for details.
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
[ -f ./runenv ] && . ./runenv
|
||||
|
||||
exec 2>&1
|
||||
# Adjust ACLs in ./peers
|
||||
./control/1
|
||||
exec /usr/bin/tcpsvd \
|
||||
-v \
|
||||
-i ./peers \
|
||||
-c ${CONCURRENCYREMOTE:-40} \
|
||||
-C ${PER_IP_INSTANCES:-4}:'421 per host concurrency limit reached\r\n' \
|
||||
-l ${LOCALNAME:-0} \
|
||||
${LISTENIP:-0} \
|
||||
${PORT:-ftp} \
|
||||
/usr/sbin/in.proftpd
|
0
root/var/service/proftpd/supervise/.gitignore
vendored
Normal file
0
root/var/service/proftpd/supervise/.gitignore
vendored
Normal file
Loading…
Reference in New Issue
Block a user