diff mbox

vsftpd: install sample config file to /etc

Message ID 1358328248-15016-1-git-send-email-sho@relinux.de
State Accepted
Headers show

Commit Message

Stephan Hoffmann Jan. 16, 2013, 9:24 a.m. UTC 
vsftpd comes with a sample config file that can serve as a starting
point for customization and enables a basic functionality. Since
this config refers to a directory "/usr/share/empty" this is also
created.

Signed-off-by: Stephan Hoffmann <sho@relinux.de>
---
 package/vsftpd/vsftpd.mk |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

Comments

Arnout Vandecappelle Jan. 19, 2013, 10:25 a.m. UTC | #1 
On 16/01/13 10:24, Stephan Hoffmann wrote:
> vsftpd comes with a sample config file that can serve as a starting
> point for customization and enables a basic functionality. Since
> this config refers to a directory "/usr/share/empty" this is also
> created.

  I think the point of /usr/share/empty is that it's a directory that 
doesn't exist, so vsftpd will not allow any up/download unless you change 
the configuration file.

  I think it's a bad idea to default giving access to some random 
location - even if it is read-only non-anonymous access to an empty 
directory.

  But that's just my opinion.

  Regards,
  Arnout

>
> Signed-off-by: Stephan Hoffmann<sho@relinux.de>
> ---
>   package/vsftpd/vsftpd.mk |    4 ++++
>   1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk
> index ca711bb..f694b87 100644
> --- a/package/vsftpd/vsftpd.mk
> +++ b/package/vsftpd/vsftpd.mk
> @@ -37,6 +37,10 @@ define VSFTPD_INSTALL_TARGET_CMDS
>   	test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \
>   		$(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \
>   			$(TARGET_DIR)/etc/init.d/S70vsftpd
> +	test -f $(TARGET_DIR)/etc/vsftpd.conf || \
> +		$(INSTALL) -D -m 644 $(@D)/vsftpd.conf \
> +			$(TARGET_DIR)/etc/vsftpd.conf
> +	$(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty
>   endef
>
>   define VSFTPD_UNINSTALL_TARGET_CMDS
Peter Korsgaard Jan. 20, 2013, 9:17 p.m. UTC | #2 
>>>>> "Stephan" == Stephan Hoffmann <sho@relinux.de> writes:

 Stephan> vsftpd comes with a sample config file that can serve as a starting
 Stephan> point for customization and enables a basic functionality. Since
 Stephan> this config refers to a directory "/usr/share/empty" this is also
 Stephan> created.

 Stephan> Signed-off-by: Stephan Hoffmann <sho@relinux.de>
 Stephan> ---
 Stephan>  package/vsftpd/vsftpd.mk |    4 ++++
 Stephan>  1 files changed, 4 insertions(+), 0 deletions(-)

 Stephan> diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk
 Stephan> index ca711bb..f694b87 100644
 Stephan> --- a/package/vsftpd/vsftpd.mk
 Stephan> +++ b/package/vsftpd/vsftpd.mk
 Stephan> @@ -37,6 +37,10 @@ define VSFTPD_INSTALL_TARGET_CMDS
 Stephan>  	test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \
 Stephan>  		$(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \
 Stephan>  			$(TARGET_DIR)/etc/init.d/S70vsftpd
 Stephan> +	test -f $(TARGET_DIR)/etc/vsftpd.conf || \
 Stephan> +		$(INSTALL) -D -m 644 $(@D)/vsftpd.conf \
 Stephan> +			$(TARGET_DIR)/etc/vsftpd.conf
 Stephan> +	$(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty

Committed minus the /usr/share/empty creation, thanks.
Stephan Hoffmann Jan. 21, 2013, 6:14 p.m. UTC | #3 
Am 19.01.2013 11:25, schrieb Arnout Vandecappelle:
> On 16/01/13 10:24, Stephan Hoffmann wrote:
>> vsftpd comes with a sample config file that can serve as a starting
>> point for customization and enables a basic functionality. Since
>> this config refers to a directory "/usr/share/empty" this is also
>> created.
>
>  I think the point of /usr/share/empty is that it's a directory that
> doesn't exist, so vsftpd will not allow any up/download unless you
> change the configuration file.
Arnout, Peter,

I checked this. Obviously, vsftpd uses this directory to chroot there.
If it isn't present it refuses to work:
> 500 OOPS: vsftpd: not found: directory given in
> 'secure_chroot_dir':/usr/share/empty
At least I admit that my commit message was misleading. So I'll send a
patch to add this;-)

>  I think it's a bad idea to default giving access to some random
> location - even if it is read-only non-anonymous access to an empty
> directory.
That is not the case. Default configuration allows anonymous login, but
shows empty directory without write access.

Kind regards

Stephan
>
>  But that's just my opinion.
>
>  Regards,
>  Arnout
>
>>
>> Signed-off-by: Stephan Hoffmann<sho@relinux.de>
>> ---
>>   package/vsftpd/vsftpd.mk |    4 ++++
>>   1 files changed, 4 insertions(+), 0 deletions(-)
>>
>> diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk
>> index ca711bb..f694b87 100644
>> --- a/package/vsftpd/vsftpd.mk
>> +++ b/package/vsftpd/vsftpd.mk
>> @@ -37,6 +37,10 @@ define VSFTPD_INSTALL_TARGET_CMDS
>>       test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \
>>           $(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \
>>               $(TARGET_DIR)/etc/init.d/S70vsftpd
>> +    test -f $(TARGET_DIR)/etc/vsftpd.conf || \
>> +        $(INSTALL) -D -m 644 $(@D)/vsftpd.conf \
>> +            $(TARGET_DIR)/etc/vsftpd.conf
>> +    $(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty
>>   endef
>>
>>   define VSFTPD_UNINSTALL_TARGET_CMDS
>
>
Arnout Vandecappelle Jan. 24, 2013, 6:39 a.m. UTC | #4 
On 01/21/13 19:14, Stephan Hoffmann wrote:
> Am 19.01.2013 11:25, schrieb Arnout Vandecappelle:
>> On 16/01/13 10:24, Stephan Hoffmann wrote:
>>> vsftpd comes with a sample config file that can serve as a starting
>>> point for customization and enables a basic functionality. Since
>>> this config refers to a directory "/usr/share/empty" this is also
>>> created.
>>
>>   I think the point of /usr/share/empty is that it's a directory that
>> doesn't exist, so vsftpd will not allow any up/download unless you
>> change the configuration file.
 >
> Arnout, Peter,
>
> I checked this. Obviously, vsftpd uses this directory to chroot there.
> If it isn't present it refuses to work:
>> 500 OOPS: vsftpd: not found: directory given in
>> 'secure_chroot_dir':/usr/share/empty
 >
> At least I admit that my commit message was misleading. So I'll send a
> patch to add this;-)
>
>>   I think it's a bad idea to default giving access to some random
>> location - even if it is read-only non-anonymous access to an empty
>> directory.
 >
> That is not the case. Default configuration allows anonymous login, but
> shows empty directory without write access.

  I still think it's better to make vsftpd fail to start than to give 
anonymous read-only access to some random empty directory. That way you 
at least notice that something is wrong.

  That said, it's no big deal. It's just a pity that if you provide a 
real vsftpd.conf in the post-build script, you'll still get this useless 
/usr/share/empty.

  Regards,
  Arnout


[snip]
diff mbox

Patch

diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk
index ca711bb..f694b87 100644
--- a/package/vsftpd/vsftpd.mk
+++ b/package/vsftpd/vsftpd.mk
@@ -37,6 +37,10 @@  define VSFTPD_INSTALL_TARGET_CMDS
 	test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \
 		$(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \
 			$(TARGET_DIR)/etc/init.d/S70vsftpd
+	test -f $(TARGET_DIR)/etc/vsftpd.conf || \
+		$(INSTALL) -D -m 644 $(@D)/vsftpd.conf \
+			$(TARGET_DIR)/etc/vsftpd.conf
+	$(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty
 endef
 
 define VSFTPD_UNINSTALL_TARGET_CMDS