pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/vsftpd
Module Name: pkgsrc
Committed By: triaxx
Date: Fri Feb 9 16:46:42 UTC 2018
Modified Files:
pkgsrc/net/vsftpd: Makefile distinfo
pkgsrc/net/vsftpd/patches: patch-aa patch-ac patch-ad patch-ae patch-af
Log Message:
vsftpd: updated to 3.0.3
v2.3.5
======
- Try and force glibc to cache zoneinfo files in an attempt to work around
glibc parsing vulnerability. Thanks to Kingcope.
- Only report CHMOD in SITE HELP if it's enabled. Thanks to Martin Schwenke
<martin%meltin.net@localhost>.
- Some simple fixes and cleanups from Thorsten Brehm <tbrehm%dspace.de@localhost>.
- Only advertise "AUTH SSL" if one of SSLv2, SSLv3 is enabled. Thanks to
steve willing <eiji-gravion%hotmail.com@localhost>.
- Handle connect() failures properly. Thanks to Takayuki Nagata
<tnagata%redhat.com@localhost>.
- Add stronger checks for the configuration error of running with a writeable
root directory inside a chroot(). This may bite people who carelessly turned
on chroot_local_user but such is life.
v3.0.0
======
- Update vsf_findlibs.sh to work on Ubuntu 11.10+
- Make listen mode the default.
- Add -Werror to build flags.
- Fix missing "const" in ssl.c
- Add seccompsandbox.c to support a seccomp filter sandbox; works against Ubuntu
12.04 ABI.
- Rearrange ftppolicy.c a bit so the syscall list is easily comparable with
seccompsandbox.c
- Rename deprecated "sandbox" to "ptrace_sandbox".
- Add a few more state checks to the privileged helper processes.
- Add tunable "seccomp_sandbox", default on.
- Use hardened build flags. Distros of course override these and provide their
own build flags but no harm in showing how it could be done.
- Retry creating a PASV socket upon port reuse race between bind() and listen(),
patch from Ralph Wuerthner <ralph.wuerthner%de.ibm.com@localhost>.
- Don't die() if recv() indicates a closed remote connection. Problem report
on a Windows client from Herbert van den Bergh,
<herbert.van.den.bergh%oracle.com@localhost>.
- Add new config setting "allow_writeable_chroot" to help people in a bit of
a spot with the v2.3.5 defensive change. Only applies to non-anonymous.
- Remove a couple of fixed things from BUGS.
- strlen() trunction fix -- no particular impact.
- Apply some tidyups from mmoufid%yorku.ca@localhost.
(vsftpd-3.0.0-pre1)
- Fix delete_failed_uploads if there is a timeout. Report from Alejandro
Hernández Hdez <aalejandrohdez%gmail.com@localhost>.
- Fix other data channel bugs such as failure to log failure upon timeout.
- Use exit codes a bit more consistently.
- Fix bad interaction between SSL and trans_chunk_size.
- Redo data timeout to fire properly for SSL sessions.
- Redo idle timeout to fire properly for SSL sessions.
- Make sure PROT_EXEC isn't allowed, thanks to Will Drewry for noticing.
- Use 10 minutes as a max linger time just in case an alarm gets lost.
(vsftpd-3.0.0-pre2)
- Change PR_SET_NO_NEW_PRIVS define, from Kees Cook.
- Add AES128-SHA to default SSL cipher suites for FileZilla compatibility.
Unfortunately the default vsftpd SSL confiuration still doesn't fully work
with FileZilla, because FileZilla has a data connection security problem:
no client certificate presentation and no session reuse. At least the error
message is now very clear.
- Add restart_syscall to seccomp policy. Triggers reliably if you strace whilst
a data transfer is in progress.
- Fix delete_failed_uploads for anonymous sessions.
- Don't listen for urgent data if the control connection is SSL, due to possible
protocol synchronization issues.
v3.0.1
======
- Fix some seccomp related build errors on certain CentOS and Debian versions.
- Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort()
opens and maps /proc/meminfo but only for larger item counts?
- Seccomp filter sandbox: deny socket() gracefully for text_userdb_names.
- Fix various NULL crashes with nonsensical config settings. Noted by Tianyin Xu
<tixu%cs.ucsd.edu@localhost>.
- Force cast to unsigned char in is* char functions.
- Fix harmless integer issues in strlist.c.
- Started on a (possibly ill-advised?) crusade to compile cleanly with
Wconversion. Decided to suspend the effort half-way through.
v3.0.2
======
- One more seccomp policy fix: mremap (denied).
- Support STOU with no filename, uses a STOU. prefix.
v3.0.3
======
- Increase VSFTP_AS_LIMIT to 200MB; various reports.
- Make the PWD response more RFC compliant; report from Barry Kelly
<barry%modeltwozero.com@localhost>.
- Remove the trailing period from EPSV response to work around BT Internet
issues; report from Tim Bishop <tdb%mirrorservice.org@localhost>.
- Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
<mvyskocil%suse.cz@localhost>. At least, syslogging seems to work on my Fedora now.
- Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
probably have a different distro / libc / etc. and there are multiple reports.
- Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
this case gracefully. Report from Vasily Averin <vvs%odin.com@localhost>.
- List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
- Make some compile-time SSL defaults (such as correct client shutdown
handling) stricter.
- Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
delays. From Tim Kosse <tim.kosse%filezilla-project.org@localhost>.
- Kill the FTP session if we see HTTP protocol commands, to avoid
cross-protocol attacks. A report from Jann Horn <jann%thejh.net@localhost>.
- Kill the FTP session if we see session re-use failure. A report from
Tim Kosse <tim.kosse%filezilla-project.org@localhost>.
(vsftpd-3.0.3pre1)
- Enable ECDHE, Tim Kosse <tim.kosse%filezilla-project.org@localhost>.
- Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
- Minor SSL logging improvements.
- Un-default tunable_strict_ssl_write_shutdown again. We still have
tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
upload integrity.
(vsftpd-3.0.3pre2)
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/net/vsftpd/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/vsftpd/distinfo
cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/vsftpd/patches/patch-aa \
pkgsrc/net/vsftpd/patches/patch-ad pkgsrc/net/vsftpd/patches/patch-ae
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/vsftpd/patches/patch-ac
cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/vsftpd/patches/patch-af
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/vsftpd/Makefile
diff -u pkgsrc/net/vsftpd/Makefile:1.43 pkgsrc/net/vsftpd/Makefile:1.44
--- pkgsrc/net/vsftpd/Makefile:1.43 Tue Apr 12 08:07:50 2016
+++ pkgsrc/net/vsftpd/Makefile Fri Feb 9 16:46:42 2018
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.43 2016/04/12 08:07:50 wiz Exp $
+# $NetBSD: Makefile,v 1.44 2018/02/09 16:46:42 triaxx Exp $
-DISTNAME= vsftpd-2.3.4
-PKGREVISION= 5
+DISTNAME= vsftpd-3.0.3
CATEGORIES= net
MASTER_SITES= http://security.appspot.com/downloads/
@@ -32,6 +31,7 @@ INSTALLATION_DIRS= libexec ${PKGMANDIR}/
SUBST_CLASSES+= paths
SUBST_FILES.paths= vsftpd.8 vsftpd.conf.5 vsftpd.conf
SUBST_SED.paths+= -e 's,@PKG_SYSCONFDIR@,${PKG_SYSCONFDIR},g'
+SUBST_SED.paths+= -e 's,@VARBASE@,${VARBASE},g'
SUBST_STAGE.paths= post-patch
MAKE_ENV+= LIBS=${LIBS:Q}
@@ -44,6 +44,13 @@ SUBST_STAGE.dirfd= pre-build
SUBST_FILES.dirfd= port/solaris_bogons.h
SUBST_SED.dirfd= -e '/dirfd_extras/d'
.endif
+.if ${OPSYS} == "FreeBSD"
+SUBST_CLASSES+= idirafter
+SUBST_MESSAGE.idirafter=Fix buggy -idirafter for clang
+SUBST_STAGE.idirafter= pre-build
+SUBST_FILES.idirafter= Makefile
+SUBST_SED.idirafter= -e 's,-idirafter ,-I,'
+.endif
VSFTPD_USER?= vsftpd
VSFTPD_GROUP?= vsftpd
@@ -53,7 +60,7 @@ PKG_USERS= ${VSFTPD_USER}:${VSFTPD_GROUP
PKG_GROUPS_VARS+= VSFTPD_GROUP
PKG_USERS_VARS+= VSFTPD_USER
-CFLAGS+= -DPKG_SYSCONFDIR="\"${PKG_SYSCONFDIR}\""
+CFLAGS+= -DPKG_SYSCONFDIR="\"${PKG_SYSCONFDIR}\"" -DVARBASE="\"${VARBASE}\""
LIBS.SunOS= -lsocket -lnsl -lrt -lsendfile -lresolv
.include "options.mk"
Index: pkgsrc/net/vsftpd/distinfo
diff -u pkgsrc/net/vsftpd/distinfo:1.15 pkgsrc/net/vsftpd/distinfo:1.16
--- pkgsrc/net/vsftpd/distinfo:1.15 Wed Nov 4 00:35:44 2015
+++ pkgsrc/net/vsftpd/distinfo Fri Feb 9 16:46:42 2018
@@ -1,13 +1,13 @@
-$NetBSD: distinfo,v 1.15 2015/11/04 00:35:44 agc Exp $
+$NetBSD: distinfo,v 1.16 2018/02/09 16:46:42 triaxx Exp $
-SHA1 (vsftpd-2.3.4.tar.gz) = b774cc6b4c50e20f4fe9ca7f6aa74169ce7fe5ea
-RMD160 (vsftpd-2.3.4.tar.gz) = 4097b495b5b03833e18b1639931939c3176e498b
-SHA512 (vsftpd-2.3.4.tar.gz) = 031e7b93d8acde62595f005ec1329b0404a61b42bfada041417085da02e5d84474c1dc6a7766a52249261a221a96c3840db28c7bf3756f5beb9f6e804735a979
-Size (vsftpd-2.3.4.tar.gz) = 187043 bytes
-SHA1 (patch-aa) = ed5c8834137c28c63cf12505969e0500985d5909
+SHA1 (vsftpd-3.0.3.tar.gz) = d5f5a180dbecd0fbcdc92bf0ba2fc001c962b55a
+RMD160 (vsftpd-3.0.3.tar.gz) = 0f0fd063661950bd466a818daae51cba3073e3cd
+SHA512 (vsftpd-3.0.3.tar.gz) = 5a4410a88e72ecf6f60a60a89771bcec300c9f63c2ea83b219bdf65fd9749b9853f9579f7257205b55659aefcd5dab243eba878dbbd4f0ff8532dd6e60884df7
+Size (vsftpd-3.0.3.tar.gz) = 196649 bytes
+SHA1 (patch-aa) = 57fdc476df4b7ada021c7fd6e8bad6db2b2e0c48
SHA1 (patch-ab) = df9252f99d06a4742713c36ce6bff8908da171f7
-SHA1 (patch-ac) = 2dcfae2eb16b2053f07eb3ee8f6d4af4b30d9799
-SHA1 (patch-ad) = 8b09a8fbc84f51c7334d6ab08e0a98b2e31c4fa0
-SHA1 (patch-ae) = ba770387570d202b440593d6c7cbd8d53d411a41
-SHA1 (patch-af) = 3ac549f091e6285298f9508a5fec40bd97b7d9d1
+SHA1 (patch-ac) = fc1d148ea7b83df06f4fb44e20491032a159cfce
+SHA1 (patch-ad) = 738c302cd40387216d65ab1abc9ba0eb364320ff
+SHA1 (patch-ae) = 2b49d0566d69f9e30ea151c0c52ad139c4517dc8
+SHA1 (patch-af) = 9643860c52e32150d2c6e17c5f7838bfb9df2e67
SHA1 (patch-sysdeputil.c) = 3efe030f66c50a31f6cb5e8565920f5b0eb4e78d
Index: pkgsrc/net/vsftpd/patches/patch-aa
diff -u pkgsrc/net/vsftpd/patches/patch-aa:1.5 pkgsrc/net/vsftpd/patches/patch-aa:1.6
--- pkgsrc/net/vsftpd/patches/patch-aa:1.5 Mon Nov 8 17:10:55 2010
+++ pkgsrc/net/vsftpd/patches/patch-aa Fri Feb 9 16:46:42 2018
@@ -1,19 +1,23 @@
-$NetBSD: patch-aa,v 1.5 2010/11/08 17:10:55 abs Exp $
+$NetBSD: patch-aa,v 1.6 2018/02/09 16:46:42 triaxx Exp $
Remove unconditional Makefile variable definitions
---- Makefile.orig 2009-05-22 19:44:52.000000000 +0000
+--- Makefile.orig 2012-09-16 07:27:35.000000000 +0000
+++ Makefile
-@@ -1,12 +1,6 @@
+@@ -1,16 +1,6 @@
# Makefile for systems with GNU tools
-CC = gcc
INSTALL = install
IFLAGS = -idirafter dummyinc
-#CFLAGS = -g
--CFLAGS = -O2 -Wall -W -Wshadow #-pedantic -Werror -Wconversion
+-CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \
+- -Wall -W -Wshadow -Werror -Wformat-security \
+- -D_FORTIFY_SOURCE=2 \
+- #-pedantic -Wconversion
-
-LIBS = `./vsf_findlibs.sh`
-LINK = -Wl,-s
+-LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now
OBJS = main.o utility.o prelogin.o ftpcmdio.o postlogin.o privsock.o \
tunables.o ftpdataio.o secbuf.o ls.o \
Index: pkgsrc/net/vsftpd/patches/patch-ad
diff -u pkgsrc/net/vsftpd/patches/patch-ad:1.5 pkgsrc/net/vsftpd/patches/patch-ad:1.6
--- pkgsrc/net/vsftpd/patches/patch-ad:1.5 Mon Nov 8 17:10:55 2010
+++ pkgsrc/net/vsftpd/patches/patch-ad Fri Feb 9 16:46:42 2018
@@ -1,15 +1,15 @@
-$NetBSD: patch-ad,v 1.5 2010/11/08 17:10:55 abs Exp $
+$NetBSD: patch-ad,v 1.6 2018/02/09 16:46:42 triaxx Exp $
Use PKG_SYSCONFDIR instead of hardcoding /etc
---- tunables.c.orig 2010-03-17 02:44:31.000000000 +0000
+--- tunables.c.orig 2015-07-23 04:13:07.000000000 +0000
+++ tunables.c
-@@ -250,19 +250,19 @@ tunables_load_defaults()
+@@ -254,19 +254,19 @@ tunables_load_defaults()
/* -rw------- */
tunable_chown_upload_mode = 0600;
- install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
-+ install_str_setting("/var/chroot/vsftpd", &tunable_secure_chroot_dir);
++ install_str_setting(VARBASE"/chroot/vsftpd", &tunable_secure_chroot_dir);
install_str_setting("ftp", &tunable_ftp_username);
install_str_setting("root", &tunable_chown_username);
install_str_setting("/var/log/xferlog", &tunable_xferlog_file);
@@ -29,7 +29,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
install_str_setting(0, &tunable_anon_root);
install_str_setting(0, &tunable_local_root);
install_str_setting(0, &tunable_banner_file);
-@@ -275,9 +275,9 @@ tunables_load_defaults()
+@@ -279,9 +279,9 @@ tunables_load_defaults()
install_str_setting(0, &tunable_hide_file);
install_str_setting(0, &tunable_deny_file);
install_str_setting(0, &tunable_user_sub_token);
@@ -40,4 +40,4 @@ Use PKG_SYSCONFDIR instead of hardcoding
+ install_str_setting(PKG_SYSCONFDIR"/vsftpd.pem",
&tunable_rsa_cert_file);
install_str_setting(0, &tunable_dsa_cert_file);
- install_str_setting("DES-CBC3-SHA", &tunable_ssl_ciphers);
+ install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
Index: pkgsrc/net/vsftpd/patches/patch-ae
diff -u pkgsrc/net/vsftpd/patches/patch-ae:1.5 pkgsrc/net/vsftpd/patches/patch-ae:1.6
--- pkgsrc/net/vsftpd/patches/patch-ae:1.5 Mon Nov 8 17:10:55 2010
+++ pkgsrc/net/vsftpd/patches/patch-ae Fri Feb 9 16:46:42 2018
@@ -1,4 +1,4 @@
-$NetBSD: patch-ae,v 1.5 2010/11/08 17:10:55 abs Exp $
+$NetBSD: patch-ae,v 1.6 2018/02/09 16:46:42 triaxx Exp $
Use PKG_SYSCONFDIR instead of hardcoding /etc
@@ -9,7 +9,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
.Pa listen=YES
in
-.Pa /etc/vsftpd.conf .
-+.Pa @PKG_SYSCONFDIR@/vsftpd.conf .
++.Pa @PKG_SYSCONFDIR@/vsftpd/vsftpd.conf .
Direct execution of the
.Nm vsftpd
binary will then launch the FTP service ready for immediate client connections.
@@ -18,7 +18,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
strict order that they are encountered on the command line.
If no config files are specified, the default configuration file of
-.Pa /etc/vsftpd.conf
-+.Pa @PKG_SYSCONFDIR@/vsftpd.conf
++.Pa @PKG_SYSCONFDIR@/vsftpd/vsftpd.conf
will be loaded, after all other command line options are processed.
.Pp
Supported options are:
@@ -27,16 +27,16 @@ Use PKG_SYSCONFDIR instead of hardcoding
.El
.Sh EXAMPLES
-vsftpd -olisten=NO /etc/vsftpd.conf -oftpd_banner=blah
-+vsftpd -olisten=NO @PKG_SYSCONFDIR@/vsftpd.conf -oftpd_banner=blah
++vsftpd -olisten=NO @PKG_SYSCONFDIR@/vsftpd/vsftpd.conf -oftpd_banner=blah
.Pp
That example overrides vsftpd's built-in default for the "listen" option to be
-NO, but then loads /etc/vsftpd.conf which may override that setting. Finally,
-+NO, but then loads @PKG_SYSCONFDIR@/vsftpd.conf which may override that setting. Finally,
++NO, but then loads @PKG_SYSCONFDIR@/vsftpd/vsftpd.conf which may override that setting. Finally,
the "ftpd_banner" setting is set to "blah", which overrides any default vsftpd
setting and any identical setting that was in the config file.
.Sh FILES
-.Pa /etc/vsftpd.conf
-+.Pa @PKG_SYSCONFDIR@/vsftpd.conf
++.Pa @PKG_SYSCONFDIR@/vsftpd/vsftpd.conf
.Sh SEE ALSO
.Xr vsftpd.conf 5
.end
Index: pkgsrc/net/vsftpd/patches/patch-ac
diff -u pkgsrc/net/vsftpd/patches/patch-ac:1.4 pkgsrc/net/vsftpd/patches/patch-ac:1.5
--- pkgsrc/net/vsftpd/patches/patch-ac:1.4 Mon Nov 8 17:10:55 2010
+++ pkgsrc/net/vsftpd/patches/patch-ac Fri Feb 9 16:46:42 2018
@@ -1,12 +1,12 @@
-$NetBSD: patch-ac,v 1.4 2010/11/08 17:10:55 abs Exp $
+$NetBSD: patch-ac,v 1.5 2018/02/09 16:46:42 triaxx Exp $
Use PKG_SYSCONFDIR instead of hardcoding /etc
---- vsftpd.conf.orig 2009-10-19 02:04:23.000000000 +0000
+--- vsftpd.conf.orig 2011-12-17 18:24:40.000000000 +0000
+++ vsftpd.conf
@@ -1,4 +1,4 @@
-# Example config file /etc/vsftpd.conf
-+# Example config file @PKG_SYSCONFDIR@/vsftpd.conf
++# Example config file @PKG_SYSCONFDIR/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
@@ -15,16 +15,16 @@ Use PKG_SYSCONFDIR instead of hardcoding
#deny_email_enable=YES
# (default follows)
-#banned_email_file=/etc/vsftpd.banned_emails
-+#banned_email_file=@PKG_SYSCONFDIR@/vsftpd.banned_emails
++#banned_email_file=@PKG_SYSCONFDIR/vsftpd/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
-@@ -95,7 +95,7 @@ connect_from_port_20=YES
+@@ -98,7 +98,7 @@ connect_from_port_20=YES
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
-#chroot_list_file=/etc/vsftpd.chroot_list
-+#chroot_list_file=@PKG_SYSCONFDIR@/vsftpd.chroot_list
++#chroot_list_file=@PKG_SYSCONFDIR/vsftpd/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
Index: pkgsrc/net/vsftpd/patches/patch-af
diff -u pkgsrc/net/vsftpd/patches/patch-af:1.6 pkgsrc/net/vsftpd/patches/patch-af:1.7
--- pkgsrc/net/vsftpd/patches/patch-af:1.6 Mon Nov 8 17:10:55 2010
+++ pkgsrc/net/vsftpd/patches/patch-af Fri Feb 9 16:46:42 2018
@@ -1,4 +1,4 @@
-$NetBSD: patch-af,v 1.6 2010/11/08 17:10:55 abs Exp $
+$NetBSD: patch-af,v 1.7 2018/02/09 16:46:42 triaxx Exp $
Use PKG_SYSCONFDIR instead of hardcoding /etc
@@ -9,7 +9,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
default, vsftpd looks for this file at the location
-.BR /etc/vsftpd.conf .
-+.BR @PKG_SYSCONFDIR@/vsftpd.conf .
++.BR @PKG_SYSCONFDIR@/vsftpd/vsftpd.conf .
However, you may override this by specifying a command line argument to
vsftpd. The command line argument is the pathname of the configuration file
for vsftpd. This behaviour is useful because you may wish to use an advanced
@@ -18,7 +18,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
a list of users which are NOT to be placed in a chroot() jail.
By default, the file containing this list is
-/etc/vsftpd.chroot_list, but you may override this with the
-+@PKG_SYSCONFDIR@/vsftpd.chroot_list, but you may override this with the
++@PKG_SYSCONFDIR@/vsftpd/vsftpd.chroot_list, but you may override this with the
.BR chroot_list_file
setting.
@@ -27,7 +27,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
If activated, you may provide a list of anonymous password e-mail responses
which cause login to be denied. By default, the file containing this list is
-/etc/vsftpd.banned_emails, but you may override this with the
-+@PKG_SYSCONFDIR@/vsftpd.banned_emails, but you may override this with the
++@PKG_SYSCONFDIR@/vsftpd/vsftpd.banned_emails, but you may override this with the
.BR banned_email_file
setting.
@@ -36,7 +36,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
.BR email_password_file
setting. The file format is one password per line, no extra whitespace. The
-default filename is /etc/vsftpd.email_passwords.
-+default filename is @PKG_SYSCONFDIR@/vsftpd.email_passwords.
++default filename is @PKG_SYSCONFDIR@/vsftpd/vsftpd.email_passwords.
Default: NO
.TP
@@ -45,7 +45,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
is enabled.
-Default: /etc/vsftpd.banned_emails
-+Default: @PKG_SYSCONFDIR@/vsftpd.banned_emails
++Default: @PKG_SYSCONFDIR@/vsftpd/vsftpd.banned_emails
.TP
.B banner_file
This option is the name of a file containing text to display when someone
@@ -54,7 +54,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
chroot() jail.
-Default: /etc/vsftpd.chroot_list
-+Default: @PKG_SYSCONFDIR@/vsftpd.chroot_list
++Default: @PKG_SYSCONFDIR@/vsftpd/vsftpd.chroot_list
.TP
.B cmds_allowed
This options specifies a comma separated list of allowed FTP commands (post
@@ -63,7 +63,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
setting.
-Default: /etc/vsftpd.email_passwords
-+Default: @PKG_SYSCONFDIR@/vsftpd.email_passwords
++Default: @PKG_SYSCONFDIR@/vsftpd/vsftpd.email_passwords
.TP
.B ftp_username
This is the name of the user we use for handling anonymous FTP. The home
@@ -72,7 +72,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
as a secure chroot() jail at times vsftpd does not require filesystem access.
-Default: /usr/share/empty
-+Default: /var/chroot/vsftpd
++Default: @VARBASE@/chroot/vsftpd
.TP
.B ssl_ciphers
This option can be used to select which SSL ciphers vsftpd will allow for
@@ -81,11 +81,11 @@ Use PKG_SYSCONFDIR instead of hardcoding
.BR user_config_dir
to be
-.BR /etc/vsftpd_user_conf
-+.BR @PKG_SYSCONFDIR@/vsftpd_user_conf
++.BR @PKG_SYSCONFDIR@/vsftpd/vsftpd_user_conf
and then log on as the user "chris", then vsftpd will apply the settings in
the file
-.BR /etc/vsftpd_user_conf/chris
-+.BR @PKG_SYSCONFDIR@/vsftpd_user_conf/chris
++.BR @PKG_SYSCONFDIR@/vsftpd/vsftpd_user_conf/chris
for the duration of the session. The format of this file is as detailed in
this manual page! PLEASE NOTE that not all settings are effective on a
per-user basis. For example, many settings only prior to the user's session
@@ -94,7 +94,7 @@ Use PKG_SYSCONFDIR instead of hardcoding
option is active.
-Default: /etc/vsftpd.user_list
-+Default: @PKG_SYSCONFDIR@/vsftpd.user_list
++Default: @PKG_SYSCONFDIR@/vsftpd/vsftpd.user_list
.TP
.B vsftpd_log_file
This option is the name of the file to which we write the vsftpd style
Home |
Main Index |
Thread Index |
Old Index