%define name proftpd
%define version 1.2.10
%define mod_gss_version 1.2.3
%define release 9.1.102mdk
%define ftpurl ftp://ftp.proftpd.org/distrib/source
%define url http://proftpd.org/
%define _localstatedir /var/run
%define mod_ldap_version 2.8.12
%define mod_wrap_version 2.0.2
Name: %{name}
Summary: ProFTPd -- Professional FTP Server
Version: %{version}
Release: %{release}
License: GPL
Group: System/Servers
URL: %{url}
Source: %{ftpurl}/proftpd/%{name}-%{version}.tar.bz2
Source1: %{name}.logrotate
Source2: proftpd.xinetd
Source3: proftpd.init
# from http://www.castaglia.org/proftpd/
Source7: proftpd-mod-wrap-%{mod_wrap_version}.tar.bz2
Source8: http://prdownloads.sourceforge.net/gssmod/mod_gss-%{mod_gss_version}.tar.bz2
Patch0: proftpd-1.2.10-ldap.patch.bz2
Patch1: proftpd-1.2.9-default-conf.patch.bz2
Patch2: proftpd-1.2.10-biarch-utmp.patch.bz2
# (pixel): i kept the /lib/security/*.so instead of *.so in the patch to have a smaller patch
# (pixel): spec-helper will clean it up
Patch3: proftpd-1.2.9-use-system-auth-instead-of-pam_pwdb.patch.bz2
Patch4: proftpd-1.3.0rc2-CAN-2005-2390.patch
Requires: pam >= 0.59, chkconfig
Requires: setup >= 2.2.0-21mdk
PreReq: rpm-helper
BuildRequires: openldap-devel openssl-devel pam-devel tcp_wrappers-devel
BuildRequires: %{mklibname sasl 2}-plug-gssapi libkrb-devel
Provides: ftpserver
Conflicts: wu-ftpd ncftpd beroftpd anonftp
Prereq: fileutils
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
%package anonymous
Summary: Anonymous logins for ProFTPd
Requires: proftpd = %{version}
PreReq: rpm-helper
Group: System/Servers
%description
ProFTPd is an enhanced FTP server with a focus toward simplicity, security,
and ease of configuration. It features a very Apache-like configuration
syntax, and a highly customizable server infrastructure, including support for
multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory
visibility.
This version supports both standalone and xinetd operation.
%description anonymous
This enables anonymous logins for ProFTPd.
Install this if you wish to have anonymous logins for ProFTPd.
%prep
%setup -q -a 7 -a 8
# fix strange perms
find . -type f -perm 0640 -exec chmod 644 {} \;
find . -type f -perm 0744 -exec chmod 644 {} \;
%patch0 -p1 -b .ldap
%patch1 -p1 -b .default-conf
%patch2 -p1 -b .biarch-utmp
%patch3 -p1 -b .pam
%patch4 -p0 -b .can-2005-2390
%build
%serverbuild
CFLAGS="$RPM_OPT_FLAGS -DUSE_LDAPV3_TLS" \
pushd mod_gss-%{mod_gss_version}
%configure2_5x
#\--enable-heimdal
cp mod_gss.c ../contrib
perl -pi -e "s|<gssapi.h>|<gssapi/gssapi.h>|" mod_gss.h
cp mod_gss.h ../include
cp README* ..
popd
%configure2_5x \
--with-modules=mod_ratio:mod_readme:mod_auth_pam:mod_ldap:mod_wrap:mod_tls:mod_radius:mod_gss \
--enable-autoshadow
#--enable-sendfile
%make
%install
rm -rf $RPM_BUILD_ROOT
myname=`id -un`
mygroup=`id -gn`
%makeinstall localstatedir=%{buildroot}/var/run rundir=%{buildroot}/var/run/proftpd INSTALL_USER=$myname INSTALL_GROUP=$mygroup
# Default home
install -d %{buildroot}/var/ftp/pub
# Log dir
install -d %{buildroot}/var/log/proftpd
# Pam conf
install -d %{buildroot}%{_sysconfdir}/pam.d/
install -m644 contrib/dist/rpm/ftp.pamd %{buildroot}%{_sysconfdir}/pam.d/ftp
install -m755 contrib/xferstats.holger-preiss %{buildroot}%{_sbindir}
# Logrotate
install -d %{buildroot}%{_sysconfdir}/logrotate.d/
install -m644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
# Xinetd
install -d %{buildroot}%{_sysconfdir}/xinetd.d/
install -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/xinetd.d/%{name}-xinetd
# Basic conf
install sample-configurations/basic.conf $RPM_BUILD_ROOT%_sysconfdir/proftpd.conf
install sample-configurations/anonymous.conf $RPM_BUILD_ROOT%_sysconfdir/proftpd-anonymous.conf
# Init script
install -d %{buildroot}%{_initrddir}
install -m755 %{SOURCE3} %{buildroot}%{_initrddir}/proftpd
chmod 511 %{buildroot}%{_sbindir}/proftpd
ln -sf proftpd %{buildroot}%{_sbindir}/in.proftpd
ln -sf proftpd %{buildroot}%{_sbindir}/in.ftpd
rm -f contrib/README.mod_sql contrib/README.linux-privs
# LDAP docs
#mv mod_ldap-%{mod_ldap_version} mod_ldap
#rm mod_ldap/*.c
%post
%_post_service proftpd
# xinetd reset
# Only do it if xinetd is there. -- Geoff
if [ -x /usr/sbin/xinetd ];then
%_post_service xinetd
fi
# ftpusers creation
if [ ! -f %{_sysconfdir}/ftpusers ]; then
touch %{_sysconfdir}/ftpusers
fi
USERS="root bin daemon adm lp sync shutdown halt mail news uucp operator games nobody"
for i in $USERS ;do
cat %{_sysconfdir}/ftpusers | grep -q "^$i$" || echo $i >> %{_sysconfdir}/ftpusers
done
%pre
%_pre_useradd ftp /var/ftp /bin/false
%postun
%_postun_userdel ftp
%preun
%_preun_service proftpd
if [ "$1" = 0 ]; then
if [ -d /var/run/proftpd ]; then
rm -rf /var/run/proftpd/*
fi
fi
if [ -x /usr/sbin/xinetd ];then
%_post_service xinetd
fi
%post anonymous
if [ $1 = "1" ]; then
cat /etc/proftpd.conf | egrep -q "Include[[:space:]]+/etc/proftpd-anonymous.conf[[:space:]]*$"
if [ $? != "0" ];then
echo -e -n "Include\t\t\t/etc/proftpd-anonymous.conf\n" >> /etc/proftpd.conf
%_post_service proftpd
exit 0
fi
fi
# Enable it if we have this line already.
perl -pi -e "s|#[[:space:]]*Include[[:space:]]+/etc/proftpd-anonymous.conf[[:space:]]*$|Include\t\t\t/etc/proftpd-anonymous.conf|" /etc/proftpd.conf
%_post_service proftpd
%postun anonymous
if [ $1 = "0" ]; then
# Remove *active* include file only. Comments stay.
perl -pi -e "s|^[[:space:]]*Include[[:space:]]+/etc/proftpd-anonymous.conf[[:space:]]*$||" /etc/proftpd.conf
%_post_service proftpd
fi
%clean
[ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot}
%files
%defattr(-,root,root)
%doc README* ChangeLog INSTALL NEWS CREDITS COPYING doc/* contrib/README.* contrib/*.html
%doc sample-configurations/*
#%doc mod_ldap
%attr(600,root,root) %config(noreplace) %{_sysconfdir}/proftpd.conf
#%config(noreplace) %{_sysconfdir}/ftpusers
%config(noreplace) %{_sysconfdir}/pam.d/ftp
%config(noreplace) %{_sysconfdir}/xinetd.d/%{name}-xinetd
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%config(noreplace) %{_initrddir}/proftpd
%{_sbindir}/*
%{_bindir}/*
%{_mandir}/man*/*
%dir /var/run/proftpd
%dir /var/log/proftpd
%attr(0755,ftp,ftp) %dir /var/ftp
%attr(2755,ftp,ftp) %dir /var/ftp/pub
%files anonymous
%defattr(-,root,root)
%attr(600, root,root) %config(noreplace) %{_sysconfdir}/proftpd-anonymous.conf
%changelog
* Mon Aug 15 2005 Vincent Danen <vdanen@mandriva.com> 1.2.10-9.1.102mdk
- P4: security update for CAN-2005-2390
* Fri Apr 01 2005 Nicolas Chipaux <chipaux@mandrakesoft.com> 1.2.10-9mdk
- Disable sendfile (break big file transfer on i586)
* Thu Feb 10 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.2.10-8mdk
- fix dates in changelog (Christiaan Welvaart aka. hawkeye)
* Thu Feb 10 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.2.10-7mdk
- rebuilt against new openldap libs
- fix strange perms
* Tue Feb 08 2005 Buchan Milne <bgmilne@linux-mandrake.com> 1.2.10-6mdk
- rebuild for ldap2.2_7
* Fri Feb 4 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.2.10-5mdk
- rebuilt against new openldap libs
* Wed Nov 17 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.10-4mdk
- arg, mixed up, fix the correct buildrequires
* Sat Nov 13 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.10-3mdk
- fix buildrequires
* Wed Sep 29 2004 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 1.2.10-2mdk
- buildrequires fixes for lib64 platforms
* Tue Sep 15 2004 Florin <florin@mandrakesoft.com> 1.2.10-1mdk
- 1.2.10
- add the gss module
- update the ldap and biarch patches
- remove the obsolete getfile patch
- add the ftpdctl man page
- update the BuildRequires
* Tue Jun 22 2004 Florin <florin@mandrakesoft.com> 1.2.9-7mdk
- add CFLAGS -DUSE_LDAPV3_TLS (B. Milne)
* Tue May 11 2004 Pixel <pixel@mandrakesoft.com> 1.2.9-6mdk
- rebuild for cooker
* Tue May 11 2004 Pixel <pixel@mandrakesoft.com> 1.2.9-3.2.100mdk
- use system-auth instead of pam_pwdb.so in pam.d/ftp (so that it adapts to winbind/ldap/...)
* Fri Apr 30 2004 Vincent Danen <vdanen@mandrakesoft.com> 1.2.9-3.1.100mdk
- security fix for ACLs with CIDR entries
* Thu Nov 20 2003 Florin <florin@mandrakesoft.com> 1.2.9-3mdk
- compile with tls support
- add the contrib/*.html doc files
* Wed Nov 19 2003 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.9-2mdk
- mod_wrap 2.0.2
* Tue Nov 04 2003 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.9-1mdk
- 1.2.9
- regenerate P0 & P1
* Fri Aug 8 2003 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 1.2.8-4mdk
- Remove explicit Requires: libldap2 already autoreq'ed
- Update Patch0 (ldap) with lib64 fixes and link to SSL libraries
* Tue Jul 22 2003 Per Ãyvind Karlsen <peroyvind@sintrax.net> 1.2.8-3mdk
- rebuild
- rm -rf $RPM_BUILD_ROOT at the beginning of %%install
* Mon Apr 7 2003 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 1.2.8-2mdk
- Patch2: Handle biarch struct utmp[x]
* Mon Mar 31 2003 Per Ãyvind Karlsen <peroyvind@sintrax.net> 1.2.8-1mdk
- 1.2.8
- updated Patch1
- mod_linuxprivs -> mod_cap, don't specify this with --with-modules
- mod_pam -> mod_auth_pam
- added ftptop.1 to man pages
- PreReq on rpm-helper
* Wed Jan 15 2003 Chmouel Boudjnah <chmouel@mandrakesoft.com> 1.2.7-1mdk
- Remove mod_quota (obsoletes).
- Bump to version 1.2.7.
* Thu Aug 29 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-3mdk
- Init script fix (grousse).
* Fri Jul 12 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-2mdk
- Adapt to _pre_useradd / _postun_userdel.
* Sun Jun 16 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-1mdk
- Really 1.2.5.
* Sat May 26 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-0.rc2.2mdk
- Comment out redundant line in the build section.
* Tue May 14 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-0.rc2.1mdk
- Bump up version.
- Re-enable sendfile.
* Tue Feb 5 2002 Vincent Danen <vdanen@mandrakesoft.com> 1.2.5-0.rc1.4mdk
- apply patch from CVS to fix bug with users being unable to overwrite files
they have permission to (patch #10)
* Tue Feb 5 2002 Frederic Lepied <flepied@mandrakesoft.com> 1.2.5-0.rc1.3mdk
- use nogroup instead of nobody
* Thu Jan 17 2002 Vincent Danen <vdanen@mandrakesoft.com> 1.2.5-0.rc1.2mdk
- put back anonymous package (sorry)
* Thu Jan 10 2002 Vincent Danen <vdanen@mandrakesoft.com> 1.2.5-0.rc1.1mdk
- 1.2.5rc1
- mod_wrap 1.2.3
* Tue Nov 20 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.4-2mdk
- DESTDIR support.
* Sun Oct 21 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.4-1mdk
- Gee, that was quick. We're not through with 1.2.3 and the next one is
already out for consumption.
* Fri Oct 19 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.3-1mdk
- Presenting the all-new and shiny proftpd 1.2.3.
* Mon Oct 15 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-6mdk
- Rebuild for the new and shiny libdb3.3.
- Give a RETVAL in proftpd start init script (Guilllaume Rousse).
* Sun Sep 30 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-5mdk
- Mark proftpd-anonymous.conf as a configuration and non-replacable file.
* Sun Sep 30 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-4mdk
- Use the Include directive so that anonymous login will work out of the
box with the installation of the proftpd-anonymous package. :)
- Enable AllowStoreRestart so FTP resume works (#5163).
- Don't use make as parallel build seem to be broke.
* Thu Sep 27 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-3mdk
- Only restart xinetd in scriptlets if xinetd is present.
* Sun Sep 09 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-2mdk
- Work against the advice of Chmou and Jeff and disable --enable-sendfile
for now as it is causing strange file corruptions (Ural Khassanov).
* Sat Aug 18 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-1mdk
- Really 1.2.2.
* Sat Aug 04 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc3.2mdk
- Really fix xinetd. (David Walluck).
* Fri Jul 13 2001 Christian Zoffoli <czoffoli@linux-mandrake.com> 1.2.2-0.rc3.1mdk
- rc3
* Thu Jul 05 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.7mdk
- Rebuild with the new libdb-3.2 (flepied).
* Tue Jun 26 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.6mdk
- Fix bad postun script.
* Tue Jun 26 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.5mdk
- Put in anonymous login in proftpd.conf, but comment it out so you still
don't get it by default (thx tom ;)
- s|Copyright|License|;
* Sun Jun 24 2001 Stefan van der Eijk <stefan@eijk.nu> 1.2.2-0.rc2.4mdk
- BuildRequires: openssl-devel
- BuildRequires: pam-devel
- bzipped patches
* Thu May 31 2001 Stefan van der Eijk <stefan@eijk.nu> 1.2.2-0.rc2.3mdk
- BuildRequires: tcp_wrappers-devel
* Sat May 12 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.2mdk
- Also compile mod_wrap (thx cooker).
* Sat Apr 21 2001 Christian Zoffoli <czoffoli@linux-mandrake.com> 1.2.2-0.rc2.1mdk
- rc2
- removed external patch
- fixed previous changelog (currently mod_ldap doesn't support TLS)
- removed requires: libsasl7-devel
- Geoffrey Lee <snailtalk@mandrakesoft.com>
- PersistentPasswd off in proftpd.conf for NIS to work (closes bug #3103).
* Fri Apr 20 2001 Christian Zoffoli <czoffoli@linux-mandrake.com> 1.2.2-0.rc1.6mdk
- little cleanup in spec
- more macros
- added LDAP support v2.7.6
- added LDAP configuration directives to proftpd.conf
- patched makefile to compile mod_ldap
- added BuildRequires: libsasl7-devel, libldap2-devel
- added Requires: libsasl7, libldap2
- fixed xinetd installation
- fixed xinetd default (disabled)
- added xinetd reload after an upgrade
- removed creation of /home/ftp
- improved ftpusers creation
* Fri Apr 20 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.5mdk
- Fix define of _localstatedir (oops).
* Fri Apr 20 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.4mdk
- --enable-sendfile (Chmouel, Jeff Garzik).
- Put back proftpd-anonymous.conf.
* Sun Apr 8 2001 Frederic Lepied <flepied@mandrakesoft.com> 1.2.2-0.rc1.3mdk
- use server macros
* Sat Apr 07 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.2mdk
- Put back the proftpd.xinetd which was missing (Christian Zoffoli).
* Tue Apr 03 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.1mdk
- Bump up to 1.2.2rc1 for security fixes (Andrew Lee).
* Fri Mar 23 2001 Vincent Danen <vdanen@mandrakesoft.com> 1.2.1-5mdk
- fix configs to use nobody.nobody not nobody.nogroup to run as nogroup
seems to no longer exist
- clean initscript so it is more consistant with other initscripts
* Mon Mar 12 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-4mdk
- Have xinetd, but put it in the documents directory.
* Fri Mar 09 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-3mdk
- URL change from .net -> .org (Sebastian Dransfeld).
* Thu Mar 08 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-2mdk
- Don't enable Anonymous login by default (/me, Vincent Danen).
* Tue Mar 06 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-1mdk
- 1.2.1 Version out for everyone to use.
* Thu Feb 22 2001 Geoffrey lee <snailtalk@mandrakesoft.com> 1.2.0rc3-2mdk
- Remove support for inetd.
* Thu Feb 08 2001 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc3-1mdk
- 1.2.0rc3: security update
* Wed Nov 01 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-9mdk
- fix the anonymous login in proftpd configuration files.
* Wed Sep 27 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-7mdk
- really fix inetd problem. We remnove it from /etc/inetd.conf, and let it
run instandalone mode which seems to work quite fine ...
* Fri Sep 22 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-6mdk
- really add the xinetd entry.
* Thu Sep 21 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-5mdk
- include the chkconfig entry, but don't run chkconfig by default.
- add an xinetd entry.
- re-add the inetd.conf entry ...
* Fri Sep 15 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-4mdk
- rebuild for the Big Move (tm) and hope that I don't break anything.
- remove inetd.conf entry (again, hoping that I don't break anything.)
* Tue Aug 29 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-3mdk
- use of _initrddir.
* Wed Aug 23 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-2mdk
- quick and ugly hack to fix wu-ftpd breakage when proftpd is uninstalled.
- change the description as the AUTH patch is no longer here.
* Sat Jul 29 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-1mdk
- new version
- remove the packager tag (vincentscks)
* Wed Jul 19 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc1-3mdk
- rebuild for directory changes
* Tue Jul 18 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc1-2mdk
- add directory /var/log/proftpd
- add home directory /home/ftp
- add conflicts with anonftp
- fix so can install as nonroot
- add --enable-autoshadow to configure
* Wed Jul 12 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc1-1mdk
- 1.2.0rc1
- macroization
- remove directory /home/ftp since we don't need it
* Fri Jun 30 2000 Vincent Danen <vdanen@linux-mandrake.com> 1.2.0pre10-2mdk
- merge with .spec file from Geoffrey Lee <snailtalk@linux-mandrake.com>:
- add logrotate entry
- add symlinks to in.proftpd and in.ftpd
- on uninstall, run /etc/rc.d/init.d/proftpd stop prior to uninstall
- compile with mod_pam support
- add Conflicts: wu-ftpd, ncftpd, beroftpd
* Fri May 5 2000 Vincent Danen <vdanen@linux-mandrake.com> 1.2.0pre10-1mdk
- build for Mandrake
- bzip sources
- bzip manpages
- remove multi-package creation. one package does all... updates
/etc/inetd.conf but defaults to standalone server type
* Thu Oct 3 1999 O.Elliyasa <osman@Cable.EU.org>
- Multi package creation.
Created core, standalone, inetd (&doc) package creations.
Added startup script for init.d
Need to make the "standalone & inetd" packages being created as "noarch"
- Added URL.
- Added prefix to make the package relocatable.
* Wed Sep 8 1999 O.Elliyasa <osman@Cable.EU.org>
- Corrected inetd.conf line addition/change logic.
* Sat Jul 24 1999 MacGyver <macgyver@tos.net>
- Initial import of spec.
