diff options
author | Conrad Kostecki <conikost@gentoo.org> | 2022-03-27 03:31:32 +0200 |
---|---|---|
committer | Lars Wendler <polynomial-c@gentoo.org> | 2022-04-16 15:45:00 +0200 |
commit | 3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6 (patch) | |
tree | 8e5994e6ee117d971338b18a32235b64e00a6678 /net-ftp/pure-ftpd | |
parent | app-office/lyx: Keyword 2.3.6.1-r1 riscv, #838088 (diff) | |
download | gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.tar.gz gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.tar.bz2 gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.zip |
net-ftp/pure-ftpd: migrate to stand-alone configuration
This bump changed at lot of things:
* Deprecating configuration via 'conf.d', since not all option are
available via command line. User will be informed about this.
* Using '/etc/pure-ftpd.conf' as main configuration file, since more
option are available here.
* Adding pure-certd init script and config script for using SNI via FTP
* Splitting Uploadscript into it's own init script
* Simplified init script by removing much old stuff, which it seems,
that it's not needed any more today. At least in my tests.
* Adding SVCNAME support.
* Removed sed for MAX_USER_LENGTH, as it's already default
* Removed DOCS for default docs
* Removed keepdir, since it looks like it's not needed anymore
* Overhauled eBuild
Signed-off-by: Conrad Kostecki <conikost@gentoo.org>
Closes: https://github.com/gentoo/gentoo/pull/24592
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'net-ftp/pure-ftpd')
-rw-r--r-- | net-ftp/pure-ftpd/files/pure-certd.initd | 19 | ||||
-rw-r--r-- | net-ftp/pure-ftpd/files/pure-certd.script | 27 | ||||
-rw-r--r-- | net-ftp/pure-ftpd/files/pure-ftpd.confd-r4 | 5 | ||||
-rw-r--r-- | net-ftp/pure-ftpd/files/pure-ftpd.initd-r12 | 23 | ||||
-rw-r--r-- | net-ftp/pure-ftpd/files/pure-uploadscript.confd | 8 | ||||
-rw-r--r-- | net-ftp/pure-ftpd/files/pure-uploadscript.initd | 30 | ||||
-rw-r--r-- | net-ftp/pure-ftpd/pure-ftpd-1.0.50-r2.ebuild | 161 | ||||
-rw-r--r-- | net-ftp/pure-ftpd/pure-ftpd-9999.ebuild | 101 |
8 files changed, 329 insertions, 45 deletions
diff --git a/net-ftp/pure-ftpd/files/pure-certd.initd b/net-ftp/pure-ftpd/files/pure-certd.initd new file mode 100644 index 000000000000..1d254e5274a9 --- /dev/null +++ b/net-ftp/pure-ftpd/files/pure-certd.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +certd_scriptfile="/etc/${SVCNAME}.sh" +certd_socketfile="/run/${SVCNAME}.sock" +pidfile="/run/pure-certd.pid" + +command="/usr/sbin/pure-certd" +command_args="--pidfile ${pidfile} --run ${certd_scriptfile} --socket ${certd_socketfile}" +command_background="true" + +start_pre() { + if [ ! -f "${certd_scriptfile}" ] ; then + eerror "The file ${certd_scriptfile} does not exist!" + eerror "Please create and configure the script." + return 1 + fi +} diff --git a/net-ftp/pure-ftpd/files/pure-certd.script b/net-ftp/pure-ftpd/files/pure-certd.script new file mode 100644 index 000000000000..77aa1bf9f702 --- /dev/null +++ b/net-ftp/pure-ftpd/files/pure-certd.script @@ -0,0 +1,27 @@ +#!/bin/sh +# Copyright 1999-2022 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Set default ssl directory +SSL_DIR="/etc/ssl/pure-ftpd" + +# Check SNI and select certificate +case "${CERTD_SNI_NAME}" in + domain1.tld) + FILE_CERT="${SSL_DIR}/domain1.tld.crt" + FILE_KEY="${SSL_DIR}/domain1.tld.key" + ;; + + domain2.tld) + FILE_CERT="${SSL_DIR}/domain2.tld.crt" + FILE_KEY="${SSL_DIR}/domain2.tld.key" + ;; +esac + +# Print selected certificate for 'pure-certd'. +# You can modify 'action' for your needs. +# See man page of 'pure-certd' for more information. +echo "action:fallback" +echo "cert_file:${FILE_CERT}" +echo "key_file:${FILE_KEY}" +echo "end" diff --git a/net-ftp/pure-ftpd/files/pure-ftpd.confd-r4 b/net-ftp/pure-ftpd/files/pure-ftpd.confd-r4 new file mode 100644 index 000000000000..d49b6c509c58 --- /dev/null +++ b/net-ftp/pure-ftpd/files/pure-ftpd.confd-r4 @@ -0,0 +1,5 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# Optionally depend on started Pure-Certd +# RC_NEED="pure-certd" diff --git a/net-ftp/pure-ftpd/files/pure-ftpd.initd-r12 b/net-ftp/pure-ftpd/files/pure-ftpd.initd-r12 new file mode 100644 index 000000000000..c971125784b7 --- /dev/null +++ b/net-ftp/pure-ftpd/files/pure-ftpd.initd-r12 @@ -0,0 +1,23 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +ftpd_configfile="/etc/${SVCNAME}.conf" +pidfile="/run/pure-ftpd.pid" + +command="/usr/sbin/pure-ftpd" +command_args="${ftpd_configfile}" +command_background="true" + +depend() { + need localmount + use netmount +} + +start_pre() { + if [ ! -f "${ftpd_configfile}" ] ; then + eerror "The file ${ftpd_configfile} does not exist!" + eerror "Please create and configure the configuration file." + return 1 + fi +} diff --git a/net-ftp/pure-ftpd/files/pure-uploadscript.confd b/net-ftp/pure-ftpd/files/pure-uploadscript.confd new file mode 100644 index 000000000000..4b8fca0deb8f --- /dev/null +++ b/net-ftp/pure-ftpd/files/pure-uploadscript.confd @@ -0,0 +1,8 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# If you want to process each file uploaded through Pure-FTPd, enter the name +# of the script that should process the files below. +# Use man pure-uploadscript to learn more about how to write this script. +# UPLOADSCRIPT="/path/to/uploadscript" diff --git a/net-ftp/pure-ftpd/files/pure-uploadscript.initd b/net-ftp/pure-ftpd/files/pure-uploadscript.initd new file mode 100644 index 000000000000..f0c57742e749 --- /dev/null +++ b/net-ftp/pure-ftpd/files/pure-uploadscript.initd @@ -0,0 +1,30 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +ftpd_configfile="/etc/${SVCNAME/uploadscript/ftpd}.conf" +pidfile="/run/pure-uploadscript.pid" + +command="/usr/sbin/pure-uploadscript" +command_args="${UPLOADSCRIPT}" +command_background="true" + +depend() { + need localmount + use netmount +} + +start_pre() { + if [ -n "${UPLOADSCRIPT}" ] ; then + eerror "The file ${ftpd_configfile} does not exist!" + eerror "Please create and configure the uploadscript file." + return 1 + fi + + if ! grep "^CallUploadScript" "${ftpd_configfile}" ; then + eerror "You cannot start this uploadscript," + eerror "unless you enable the option CallUploadScript" + eerror "in your main Pure-FTPd configuration file ${ftpd_configfile}" + return 1 + fi +} diff --git a/net-ftp/pure-ftpd/pure-ftpd-1.0.50-r2.ebuild b/net-ftp/pure-ftpd/pure-ftpd-1.0.50-r2.ebuild new file mode 100644 index 000000000000..3d32b367c5cd --- /dev/null +++ b/net-ftp/pure-ftpd/pure-ftpd-1.0.50-r2.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit flag-o-matic + +DESCRIPTION="Fast, production-quality, standard-conformant FTP server" +HOMEPAGE="https://www.pureftpd.org/project/pure-ftpd/" +if [[ "${PV}" == 9999 ]] ; then + inherit autotools git-r3 + EGIT_REPO_URI="https://github.com/jedisct1/pure-ftpd.git" +else + SRC_URI=" + ftp://ftp.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2 + http://download.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2 + " + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" +fi + +LICENSE="BSD" +SLOT="0" +IUSE="anondel anonperm anonren anonres caps implicittls ldap mysql noiplog pam paranoidmsg postgres resolveids selinux ssl sysquota vchroot xinetd" +REQUIRED_USE="implicittls? ( ssl )" + +DEPEND=" + dev-libs/libsodium:= + virtual/libcrypt:= + caps? ( sys-libs/libcap ) + ldap? ( >=net-nds/openldap-2.0.25:= ) + mysql? ( || ( + dev-db/mariadb-connector-c + dev-db/mysql-connector-c + ) + ) + pam? ( sys-libs/pam ) + postgres? ( dev-db/postgresql:= ) + ssl? ( dev-libs/openssl:0=[-bindist(-)] ) + sysquota? ( sys-fs/quota[-rpc] ) + xinetd? ( virtual/inetd ) +" + +RDEPEND=" + ${DEPEND} + net-ftp/ftpbase + selinux? ( sec-policy/selinux-ftp ) +" + +BDEPEND="sys-devel/autoconf-archive" + +PATCHES=( "${FILESDIR}/${PN}-1.0.28-pam.patch" ) + +src_prepare() { + default + + [[ "${PV}" == 9999 ]] && eautoreconf +} + +src_configure() { + # Those features are only configurable like this, see bug #179375. + use anondel && append-cppflags -DANON_CAN_DELETE + use anonperm && append-cppflags -DANON_CAN_CHANGE_PERMS + use anonren && append-cppflags -DANON_CAN_RENAME + use anonres && append-cppflags -DANON_CAN_RESUME + use resolveids && append-cppflags -DALWAYS_RESOLVE_IDS + + # Do not auto-use SSP -- let the user select this. + export ax_cv_check_cflags___fstack_protector_all=no + + local myeconfargs=( + --enable-largefile + # Required for correct pid file location. + # Pure-FTPd appends "/run/pure-ftpd.pid" to the localstatedir + # path, and tries to write to that file even when being + # started in foreground. So we need to pin this to / + --localstatedir="${EPREFIX}"/ + --with-altlog + --with-cookie + --with-diraliases + --with-extauth + --with-ftpwho + --with-language=${PUREFTPD_LANG:=english} + --with-peruserlimits + --with-privsep + --with-puredb + --with-quotas + --with-ratios + --with-throttling + --with-uploadscript + --with-virtualhosts + $(use_with implicittls) + $(use_with ldap) + $(use_with mysql) + $(use_with pam) + $(use_with paranoidmsg) + $(use_with postgres pgsql) + $(use_with ssl tls) + $(use_with sysquota sysquotas) + $(use_with vchroot virtualchroot) + $(usex caps '' '--without-capabilities') + $(usex noiplog '--without-iplogging' '') + $(usex xinetd '' '--without-inetd') + ) + + econf "${myeconfargs[@]}" +} + +src_install() { + default + + newinitd "${FILESDIR}/pure-ftpd.initd-r12" pure-ftpd + newconfd "${FILESDIR}/pure-ftpd.confd-r4" pure-ftpd + + newinitd "${FILESDIR}/pure-uploadscript.initd" pure-uploadscript + newconfd "${FILESDIR}/pure-uploadscript.confd" pure-uploadscript + + if use implicittls ; then + sed -e '/^# Bind/s@21@990@' -i "${ED}"/etc/pure-ftpd.conf || die + fi + + if use ssl ; then + newinitd "${FILESDIR}/pure-certd.initd" pure-certd + + exeinto /etc + newexe "${FILESDIR}/pure-certd.script" pure-certd.sh + fi + + if use ldap ; then + insinto /etc/openldap/schema + doins pureftpd.schema + insinto /etc/openldap + insopts -m 0600 + doins pureftpd-ldap.conf + fi + + if use xinetd ; then + insinto /etc/xinetd.d + newins "${FILESDIR}/pure-ftpd.xinetd" pure-ftpd + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]] ; then + # This is a new installation + elog + elog "Before starting Pure-FTPd, you have to edit the /etc/pure-ftpd.conf file!" + elog + ewarn "It's *really* important to read the README provided with Pure-FTPd!" + ewarn "Check out http://download.pureftpd.org/pub/pure-ftpd/doc/README for general info" + ewarn "and http://download.pureftpd.org/pub/pure-ftpd/doc/README.TLS for SSL/TLS info." + ewarn + else + for v in ${REPLACING_VERSIONS} ; do + if ver_test "${v}" -le "1.0.50" ; then + einfo "Configuration through /etc/conf.d/pure-ftpd is now deprecated!" + einfo "Please migrate your settings to the new configuration file." + einfo "Use /etc/pure-ftpd.conf to adjust your settings." + fi + done + fi +} diff --git a/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild b/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild index 4be40c54c4ef..3d32b367c5cd 100644 --- a/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild +++ b/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild @@ -6,66 +6,63 @@ EAPI=8 inherit flag-o-matic DESCRIPTION="Fast, production-quality, standard-conformant FTP server" -HOMEPAGE="http://www.pureftpd.org/" +HOMEPAGE="https://www.pureftpd.org/project/pure-ftpd/" if [[ "${PV}" == 9999 ]] ; then inherit autotools git-r3 EGIT_REPO_URI="https://github.com/jedisct1/pure-ftpd.git" else - SRC_URI="ftp://ftp.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2 - http://download.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2" + SRC_URI=" + ftp://ftp.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2 + http://download.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2 + " KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" fi LICENSE="BSD" SLOT="0" - IUSE="anondel anonperm anonren anonres caps implicittls ldap mysql noiplog pam paranoidmsg postgres resolveids selinux ssl sysquota vchroot xinetd" - REQUIRED_USE="implicittls? ( ssl )" -BDEPEND="sys-devel/autoconf-archive" - -DEPEND="dev-libs/libsodium:= +DEPEND=" + dev-libs/libsodium:= virtual/libcrypt:= caps? ( sys-libs/libcap ) ldap? ( >=net-nds/openldap-2.0.25:= ) mysql? ( || ( - dev-db/mariadb-connector-c - dev-db/mysql-connector-c - ) ) + dev-db/mariadb-connector-c + dev-db/mysql-connector-c + ) + ) pam? ( sys-libs/pam ) postgres? ( dev-db/postgresql:= ) - ssl? ( - >=dev-libs/openssl-0.9.6g:0=[-bindist(-)] - ) + ssl? ( dev-libs/openssl:0=[-bindist(-)] ) sysquota? ( sys-fs/quota[-rpc] ) - xinetd? ( virtual/inetd )" + xinetd? ( virtual/inetd ) +" -RDEPEND="${DEPEND} +RDEPEND=" + ${DEPEND} net-ftp/ftpbase - selinux? ( sec-policy/selinux-ftp )" + selinux? ( sec-policy/selinux-ftp ) +" -PATCHES=( - "${FILESDIR}/${PN}-1.0.28-pam.patch" -) +BDEPEND="sys-devel/autoconf-archive" + +PATCHES=( "${FILESDIR}/${PN}-1.0.28-pam.patch" ) src_prepare() { default + [[ "${PV}" == 9999 ]] && eautoreconf } src_configure() { - # adjust max user length to something more appropriate - # for virtual hosts. See bug #62472 for details. - sed -e "s:# define MAX_USER_LENGTH 32U:# define MAX_USER_LENGTH 127U:" \ - -i "${S}/src/ftpd.h" || die "sed failed" - # Those features are only configurable like this, see bug #179375. - use anondel && append-cppflags -DANON_CAN_DELETE - use anonperm && append-cppflags -DANON_CAN_CHANGE_PERMS - use anonren && append-cppflags -DANON_CAN_RENAME - use anonres && append-cppflags -DANON_CAN_RESUME - use resolveids && append-cppflags -DALWAYS_RESOLVE_IDS + use anondel && append-cppflags -DANON_CAN_DELETE + use anonperm && append-cppflags -DANON_CAN_CHANGE_PERMS + use anonren && append-cppflags -DANON_CAN_RENAME + use anonres && append-cppflags -DANON_CAN_RESUME + use resolveids && append-cppflags -DALWAYS_RESOLVE_IDS # Do not auto-use SSP -- let the user select this. export ax_cv_check_cflags___fstack_protector_all=no @@ -73,7 +70,7 @@ src_configure() { local myeconfargs=( --enable-largefile # Required for correct pid file location. - # pure-ftpd appends "/run/pure-ftpd.pid" to the localstatedir + # Pure-FTPd appends "/run/pure-ftpd.pid" to the localstatedir # path, and tries to write to that file even when being # started in foreground. So we need to pin this to / --localstatedir="${EPREFIX}"/ @@ -91,40 +88,41 @@ src_configure() { --with-throttling --with-uploadscript --with-virtualhosts + $(use_with implicittls) $(use_with ldap) $(use_with mysql) $(use_with pam) $(use_with paranoidmsg) $(use_with postgres pgsql) $(use_with ssl tls) - $(use_with implicittls) - $(use_with vchroot virtualchroot) $(use_with sysquota sysquotas) + $(use_with vchroot virtualchroot) $(usex caps '' '--without-capabilities') $(usex noiplog '--without-iplogging' '') $(usex xinetd '' '--without-inetd') ) + econf "${myeconfargs[@]}" } src_install() { - local DOCS=( AUTHORS ChangeLog FAQ HISTORY README* NEWS ) - default - newinitd "${FILESDIR}/pure-ftpd.rc11" ${PN} - newconfd "${FILESDIR}/pure-ftpd.conf_d-3" ${PN} + newinitd "${FILESDIR}/pure-ftpd.initd-r12" pure-ftpd + newconfd "${FILESDIR}/pure-ftpd.confd-r4" pure-ftpd + + newinitd "${FILESDIR}/pure-uploadscript.initd" pure-uploadscript + newconfd "${FILESDIR}/pure-uploadscript.confd" pure-uploadscript if use implicittls ; then - sed -i '/^SERVER/s@21@990@' "${ED}"/etc/conf.d/${PN} \ - || die "Adjusting default server port for implicittls usage failed!" + sed -e '/^# Bind/s@21@990@' -i "${ED}"/etc/pure-ftpd.conf || die fi - keepdir /var/lib/run/${PN} + if use ssl ; then + newinitd "${FILESDIR}/pure-certd.initd" pure-certd - if use xinetd ; then - insinto /etc/xinetd.d - newins "${FILESDIR}/pure-ftpd.xinetd" ${PN} + exeinto /etc + newexe "${FILESDIR}/pure-certd.script" pure-certd.sh fi if use ldap ; then @@ -134,17 +132,30 @@ src_install() { insopts -m 0600 doins pureftpd-ldap.conf fi + + if use xinetd ; then + insinto /etc/xinetd.d + newins "${FILESDIR}/pure-ftpd.xinetd" pure-ftpd + fi } pkg_postinst() { - if [[ -z "${REPLACING_VERSIONS}" ]]; then + if [[ -z "${REPLACING_VERSIONS}" ]] ; then # This is a new installation elog - elog "Before starting Pure-FTPd, you have to edit the /etc/conf.d/pure-ftpd file!" + elog "Before starting Pure-FTPd, you have to edit the /etc/pure-ftpd.conf file!" elog ewarn "It's *really* important to read the README provided with Pure-FTPd!" ewarn "Check out http://download.pureftpd.org/pub/pure-ftpd/doc/README for general info" ewarn "and http://download.pureftpd.org/pub/pure-ftpd/doc/README.TLS for SSL/TLS info." ewarn + else + for v in ${REPLACING_VERSIONS} ; do + if ver_test "${v}" -le "1.0.50" ; then + einfo "Configuration through /etc/conf.d/pure-ftpd is now deprecated!" + einfo "Please migrate your settings to the new configuration file." + einfo "Use /etc/pure-ftpd.conf to adjust your settings." + fi + done fi } |