Message ID | 1358328248-15016-1-git-send-email-sho@relinux.de |
---|---|
State | Accepted |
Headers | show |
On 16/01/13 10:24, Stephan Hoffmann wrote: > vsftpd comes with a sample config file that can serve as a starting > point for customization and enables a basic functionality. Since > this config refers to a directory "/usr/share/empty" this is also > created. I think the point of /usr/share/empty is that it's a directory that doesn't exist, so vsftpd will not allow any up/download unless you change the configuration file. I think it's a bad idea to default giving access to some random location - even if it is read-only non-anonymous access to an empty directory. But that's just my opinion. Regards, Arnout > > Signed-off-by: Stephan Hoffmann<sho@relinux.de> > --- > package/vsftpd/vsftpd.mk | 4 ++++ > 1 files changed, 4 insertions(+), 0 deletions(-) > > diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk > index ca711bb..f694b87 100644 > --- a/package/vsftpd/vsftpd.mk > +++ b/package/vsftpd/vsftpd.mk > @@ -37,6 +37,10 @@ define VSFTPD_INSTALL_TARGET_CMDS > test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \ > $(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \ > $(TARGET_DIR)/etc/init.d/S70vsftpd > + test -f $(TARGET_DIR)/etc/vsftpd.conf || \ > + $(INSTALL) -D -m 644 $(@D)/vsftpd.conf \ > + $(TARGET_DIR)/etc/vsftpd.conf > + $(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty > endef > > define VSFTPD_UNINSTALL_TARGET_CMDS
>>>>> "Stephan" == Stephan Hoffmann <sho@relinux.de> writes:
Stephan> vsftpd comes with a sample config file that can serve as a starting
Stephan> point for customization and enables a basic functionality. Since
Stephan> this config refers to a directory "/usr/share/empty" this is also
Stephan> created.
Stephan> Signed-off-by: Stephan Hoffmann <sho@relinux.de>
Stephan> ---
Stephan> package/vsftpd/vsftpd.mk | 4 ++++
Stephan> 1 files changed, 4 insertions(+), 0 deletions(-)
Stephan> diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk
Stephan> index ca711bb..f694b87 100644
Stephan> --- a/package/vsftpd/vsftpd.mk
Stephan> +++ b/package/vsftpd/vsftpd.mk
Stephan> @@ -37,6 +37,10 @@ define VSFTPD_INSTALL_TARGET_CMDS
Stephan> test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \
Stephan> $(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \
Stephan> $(TARGET_DIR)/etc/init.d/S70vsftpd
Stephan> + test -f $(TARGET_DIR)/etc/vsftpd.conf || \
Stephan> + $(INSTALL) -D -m 644 $(@D)/vsftpd.conf \
Stephan> + $(TARGET_DIR)/etc/vsftpd.conf
Stephan> + $(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty
Committed minus the /usr/share/empty creation, thanks.
Am 19.01.2013 11:25, schrieb Arnout Vandecappelle: > On 16/01/13 10:24, Stephan Hoffmann wrote: >> vsftpd comes with a sample config file that can serve as a starting >> point for customization and enables a basic functionality. Since >> this config refers to a directory "/usr/share/empty" this is also >> created. > > I think the point of /usr/share/empty is that it's a directory that > doesn't exist, so vsftpd will not allow any up/download unless you > change the configuration file. Arnout, Peter, I checked this. Obviously, vsftpd uses this directory to chroot there. If it isn't present it refuses to work: > 500 OOPS: vsftpd: not found: directory given in > 'secure_chroot_dir':/usr/share/empty At least I admit that my commit message was misleading. So I'll send a patch to add this;-) > I think it's a bad idea to default giving access to some random > location - even if it is read-only non-anonymous access to an empty > directory. That is not the case. Default configuration allows anonymous login, but shows empty directory without write access. Kind regards Stephan > > But that's just my opinion. > > Regards, > Arnout > >> >> Signed-off-by: Stephan Hoffmann<sho@relinux.de> >> --- >> package/vsftpd/vsftpd.mk | 4 ++++ >> 1 files changed, 4 insertions(+), 0 deletions(-) >> >> diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk >> index ca711bb..f694b87 100644 >> --- a/package/vsftpd/vsftpd.mk >> +++ b/package/vsftpd/vsftpd.mk >> @@ -37,6 +37,10 @@ define VSFTPD_INSTALL_TARGET_CMDS >> test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \ >> $(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \ >> $(TARGET_DIR)/etc/init.d/S70vsftpd >> + test -f $(TARGET_DIR)/etc/vsftpd.conf || \ >> + $(INSTALL) -D -m 644 $(@D)/vsftpd.conf \ >> + $(TARGET_DIR)/etc/vsftpd.conf >> + $(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty >> endef >> >> define VSFTPD_UNINSTALL_TARGET_CMDS > >
On 01/21/13 19:14, Stephan Hoffmann wrote: > Am 19.01.2013 11:25, schrieb Arnout Vandecappelle: >> On 16/01/13 10:24, Stephan Hoffmann wrote: >>> vsftpd comes with a sample config file that can serve as a starting >>> point for customization and enables a basic functionality. Since >>> this config refers to a directory "/usr/share/empty" this is also >>> created. >> >> I think the point of /usr/share/empty is that it's a directory that >> doesn't exist, so vsftpd will not allow any up/download unless you >> change the configuration file. > > Arnout, Peter, > > I checked this. Obviously, vsftpd uses this directory to chroot there. > If it isn't present it refuses to work: >> 500 OOPS: vsftpd: not found: directory given in >> 'secure_chroot_dir':/usr/share/empty > > At least I admit that my commit message was misleading. So I'll send a > patch to add this;-) > >> I think it's a bad idea to default giving access to some random >> location - even if it is read-only non-anonymous access to an empty >> directory. > > That is not the case. Default configuration allows anonymous login, but > shows empty directory without write access. I still think it's better to make vsftpd fail to start than to give anonymous read-only access to some random empty directory. That way you at least notice that something is wrong. That said, it's no big deal. It's just a pity that if you provide a real vsftpd.conf in the post-build script, you'll still get this useless /usr/share/empty. Regards, Arnout [snip]
diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk index ca711bb..f694b87 100644 --- a/package/vsftpd/vsftpd.mk +++ b/package/vsftpd/vsftpd.mk @@ -37,6 +37,10 @@ define VSFTPD_INSTALL_TARGET_CMDS test -f $(TARGET_DIR)/etc/init.d/S70vsftpd || \ $(INSTALL) -D -m 755 package/vsftpd/vsftpd-init \ $(TARGET_DIR)/etc/init.d/S70vsftpd + test -f $(TARGET_DIR)/etc/vsftpd.conf || \ + $(INSTALL) -D -m 644 $(@D)/vsftpd.conf \ + $(TARGET_DIR)/etc/vsftpd.conf + $(INSTALL) -d -m 755 $(TARGET_DIR)/usr/share/empty endef define VSFTPD_UNINSTALL_TARGET_CMDS
vsftpd comes with a sample config file that can serve as a starting point for customization and enables a basic functionality. Since this config refers to a directory "/usr/share/empty" this is also created. Signed-off-by: Stephan Hoffmann <sho@relinux.de> --- package/vsftpd/vsftpd.mk | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-)