%define name proftpd %define version 1.2.10 %define mod_gss_version 1.2.3 %define release 9.1.102mdk %define ftpurl ftp://ftp.proftpd.org/distrib/source %define url http://proftpd.org/ %define _localstatedir /var/run %define mod_ldap_version 2.8.12 %define mod_wrap_version 2.0.2 Name: %{name} Summary: ProFTPd -- Professional FTP Server Version: %{version} Release: %{release} License: GPL Group: System/Servers URL: %{url} Source: %{ftpurl}/proftpd/%{name}-%{version}.tar.bz2 Source1: %{name}.logrotate Source2: proftpd.xinetd Source3: proftpd.init # from http://www.castaglia.org/proftpd/ Source7: proftpd-mod-wrap-%{mod_wrap_version}.tar.bz2 Source8: http://prdownloads.sourceforge.net/gssmod/mod_gss-%{mod_gss_version}.tar.bz2 Patch0: proftpd-1.2.10-ldap.patch.bz2 Patch1: proftpd-1.2.9-default-conf.patch.bz2 Patch2: proftpd-1.2.10-biarch-utmp.patch.bz2 # (pixel): i kept the /lib/security/*.so instead of *.so in the patch to have a smaller patch # (pixel): spec-helper will clean it up Patch3: proftpd-1.2.9-use-system-auth-instead-of-pam_pwdb.patch.bz2 Patch4: proftpd-1.3.0rc2-CAN-2005-2390.patch Requires: pam >= 0.59, chkconfig Requires: setup >= 2.2.0-21mdk PreReq: rpm-helper BuildRequires: openldap-devel openssl-devel pam-devel tcp_wrappers-devel BuildRequires: %{mklibname sasl 2}-plug-gssapi libkrb-devel Provides: ftpserver Conflicts: wu-ftpd ncftpd beroftpd anonftp Prereq: fileutils BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot %package anonymous Summary: Anonymous logins for ProFTPd Requires: proftpd = %{version} PreReq: rpm-helper Group: System/Servers %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %description anonymous This enables anonymous logins for ProFTPd. Install this if you wish to have anonymous logins for ProFTPd. %prep %setup -q -a 7 -a 8 # fix strange perms find . -type f -perm 0640 -exec chmod 644 {} \; find . -type f -perm 0744 -exec chmod 644 {} \; %patch0 -p1 -b .ldap %patch1 -p1 -b .default-conf %patch2 -p1 -b .biarch-utmp %patch3 -p1 -b .pam %patch4 -p0 -b .can-2005-2390 %build %serverbuild CFLAGS="$RPM_OPT_FLAGS -DUSE_LDAPV3_TLS" \ pushd mod_gss-%{mod_gss_version} %configure2_5x #\--enable-heimdal cp mod_gss.c ../contrib perl -pi -e "s|<gssapi.h>|<gssapi/gssapi.h>|" mod_gss.h cp mod_gss.h ../include cp README* .. popd %configure2_5x \ --with-modules=mod_ratio:mod_readme:mod_auth_pam:mod_ldap:mod_wrap:mod_tls:mod_radius:mod_gss \ --enable-autoshadow #--enable-sendfile %make %install rm -rf $RPM_BUILD_ROOT myname=`id -un` mygroup=`id -gn` %makeinstall localstatedir=%{buildroot}/var/run rundir=%{buildroot}/var/run/proftpd INSTALL_USER=$myname INSTALL_GROUP=$mygroup # Default home install -d %{buildroot}/var/ftp/pub # Log dir install -d %{buildroot}/var/log/proftpd # Pam conf install -d %{buildroot}%{_sysconfdir}/pam.d/ install -m644 contrib/dist/rpm/ftp.pamd %{buildroot}%{_sysconfdir}/pam.d/ftp install -m755 contrib/xferstats.holger-preiss %{buildroot}%{_sbindir} # Logrotate install -d %{buildroot}%{_sysconfdir}/logrotate.d/ install -m644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} # Xinetd install -d %{buildroot}%{_sysconfdir}/xinetd.d/ install -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/xinetd.d/%{name}-xinetd # Basic conf install sample-configurations/basic.conf $RPM_BUILD_ROOT%_sysconfdir/proftpd.conf install sample-configurations/anonymous.conf $RPM_BUILD_ROOT%_sysconfdir/proftpd-anonymous.conf # Init script install -d %{buildroot}%{_initrddir} install -m755 %{SOURCE3} %{buildroot}%{_initrddir}/proftpd chmod 511 %{buildroot}%{_sbindir}/proftpd ln -sf proftpd %{buildroot}%{_sbindir}/in.proftpd ln -sf proftpd %{buildroot}%{_sbindir}/in.ftpd rm -f contrib/README.mod_sql contrib/README.linux-privs # LDAP docs #mv mod_ldap-%{mod_ldap_version} mod_ldap #rm mod_ldap/*.c %post %_post_service proftpd # xinetd reset # Only do it if xinetd is there. -- Geoff if [ -x /usr/sbin/xinetd ];then %_post_service xinetd fi # ftpusers creation if [ ! -f %{_sysconfdir}/ftpusers ]; then touch %{_sysconfdir}/ftpusers fi USERS="root bin daemon adm lp sync shutdown halt mail news uucp operator games nobody" for i in $USERS ;do cat %{_sysconfdir}/ftpusers | grep -q "^$i$" || echo $i >> %{_sysconfdir}/ftpusers done %pre %_pre_useradd ftp /var/ftp /bin/false %postun %_postun_userdel ftp %preun %_preun_service proftpd if [ "$1" = 0 ]; then if [ -d /var/run/proftpd ]; then rm -rf /var/run/proftpd/* fi fi if [ -x /usr/sbin/xinetd ];then %_post_service xinetd fi %post anonymous if [ $1 = "1" ]; then cat /etc/proftpd.conf | egrep -q "Include[[:space:]]+/etc/proftpd-anonymous.conf[[:space:]]*$" if [ $? != "0" ];then echo -e -n "Include\t\t\t/etc/proftpd-anonymous.conf\n" >> /etc/proftpd.conf %_post_service proftpd exit 0 fi fi # Enable it if we have this line already. perl -pi -e "s|#[[:space:]]*Include[[:space:]]+/etc/proftpd-anonymous.conf[[:space:]]*$|Include\t\t\t/etc/proftpd-anonymous.conf|" /etc/proftpd.conf %_post_service proftpd %postun anonymous if [ $1 = "0" ]; then # Remove *active* include file only. Comments stay. perl -pi -e "s|^[[:space:]]*Include[[:space:]]+/etc/proftpd-anonymous.conf[[:space:]]*$||" /etc/proftpd.conf %_post_service proftpd fi %clean [ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot} %files %defattr(-,root,root) %doc README* ChangeLog INSTALL NEWS CREDITS COPYING doc/* contrib/README.* contrib/*.html %doc sample-configurations/* #%doc mod_ldap %attr(600,root,root) %config(noreplace) %{_sysconfdir}/proftpd.conf #%config(noreplace) %{_sysconfdir}/ftpusers %config(noreplace) %{_sysconfdir}/pam.d/ftp %config(noreplace) %{_sysconfdir}/xinetd.d/%{name}-xinetd %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %config(noreplace) %{_initrddir}/proftpd %{_sbindir}/* %{_bindir}/* %{_mandir}/man*/* %dir /var/run/proftpd %dir /var/log/proftpd %attr(0755,ftp,ftp) %dir /var/ftp %attr(2755,ftp,ftp) %dir /var/ftp/pub %files anonymous %defattr(-,root,root) %attr(600, root,root) %config(noreplace) %{_sysconfdir}/proftpd-anonymous.conf %changelog * Mon Aug 15 2005 Vincent Danen <vdanen@mandriva.com> 1.2.10-9.1.102mdk - P4: security update for CAN-2005-2390 * Fri Apr 01 2005 Nicolas Chipaux <chipaux@mandrakesoft.com> 1.2.10-9mdk - Disable sendfile (break big file transfer on i586) * Thu Feb 10 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.2.10-8mdk - fix dates in changelog (Christiaan Welvaart aka. hawkeye) * Thu Feb 10 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.2.10-7mdk - rebuilt against new openldap libs - fix strange perms * Tue Feb 08 2005 Buchan Milne <bgmilne@linux-mandrake.com> 1.2.10-6mdk - rebuild for ldap2.2_7 * Fri Feb 4 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.2.10-5mdk - rebuilt against new openldap libs * Wed Nov 17 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.10-4mdk - arg, mixed up, fix the correct buildrequires * Sat Nov 13 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.10-3mdk - fix buildrequires * Wed Sep 29 2004 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 1.2.10-2mdk - buildrequires fixes for lib64 platforms * Tue Sep 15 2004 Florin <florin@mandrakesoft.com> 1.2.10-1mdk - 1.2.10 - add the gss module - update the ldap and biarch patches - remove the obsolete getfile patch - add the ftpdctl man page - update the BuildRequires * Tue Jun 22 2004 Florin <florin@mandrakesoft.com> 1.2.9-7mdk - add CFLAGS -DUSE_LDAPV3_TLS (B. Milne) * Tue May 11 2004 Pixel <pixel@mandrakesoft.com> 1.2.9-6mdk - rebuild for cooker * Tue May 11 2004 Pixel <pixel@mandrakesoft.com> 1.2.9-3.2.100mdk - use system-auth instead of pam_pwdb.so in pam.d/ftp (so that it adapts to winbind/ldap/...) * Fri Apr 30 2004 Vincent Danen <vdanen@mandrakesoft.com> 1.2.9-3.1.100mdk - security fix for ACLs with CIDR entries * Thu Nov 20 2003 Florin <florin@mandrakesoft.com> 1.2.9-3mdk - compile with tls support - add the contrib/*.html doc files * Wed Nov 19 2003 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.9-2mdk - mod_wrap 2.0.2 * Tue Nov 04 2003 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 1.2.9-1mdk - 1.2.9 - regenerate P0 & P1 * Fri Aug 8 2003 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 1.2.8-4mdk - Remove explicit Requires: libldap2 already autoreq'ed - Update Patch0 (ldap) with lib64 fixes and link to SSL libraries * Tue Jul 22 2003 Per Ãyvind Karlsen <peroyvind@sintrax.net> 1.2.8-3mdk - rebuild - rm -rf $RPM_BUILD_ROOT at the beginning of %%install * Mon Apr 7 2003 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 1.2.8-2mdk - Patch2: Handle biarch struct utmp[x] * Mon Mar 31 2003 Per Ãyvind Karlsen <peroyvind@sintrax.net> 1.2.8-1mdk - 1.2.8 - updated Patch1 - mod_linuxprivs -> mod_cap, don't specify this with --with-modules - mod_pam -> mod_auth_pam - added ftptop.1 to man pages - PreReq on rpm-helper * Wed Jan 15 2003 Chmouel Boudjnah <chmouel@mandrakesoft.com> 1.2.7-1mdk - Remove mod_quota (obsoletes). - Bump to version 1.2.7. * Thu Aug 29 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-3mdk - Init script fix (grousse). * Fri Jul 12 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-2mdk - Adapt to _pre_useradd / _postun_userdel. * Sun Jun 16 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-1mdk - Really 1.2.5. * Sat May 26 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-0.rc2.2mdk - Comment out redundant line in the build section. * Tue May 14 2002 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.5-0.rc2.1mdk - Bump up version. - Re-enable sendfile. * Tue Feb 5 2002 Vincent Danen <vdanen@mandrakesoft.com> 1.2.5-0.rc1.4mdk - apply patch from CVS to fix bug with users being unable to overwrite files they have permission to (patch #10) * Tue Feb 5 2002 Frederic Lepied <flepied@mandrakesoft.com> 1.2.5-0.rc1.3mdk - use nogroup instead of nobody * Thu Jan 17 2002 Vincent Danen <vdanen@mandrakesoft.com> 1.2.5-0.rc1.2mdk - put back anonymous package (sorry) * Thu Jan 10 2002 Vincent Danen <vdanen@mandrakesoft.com> 1.2.5-0.rc1.1mdk - 1.2.5rc1 - mod_wrap 1.2.3 * Tue Nov 20 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.4-2mdk - DESTDIR support. * Sun Oct 21 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.4-1mdk - Gee, that was quick. We're not through with 1.2.3 and the next one is already out for consumption. * Fri Oct 19 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.3-1mdk - Presenting the all-new and shiny proftpd 1.2.3. * Mon Oct 15 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-6mdk - Rebuild for the new and shiny libdb3.3. - Give a RETVAL in proftpd start init script (Guilllaume Rousse). * Sun Sep 30 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-5mdk - Mark proftpd-anonymous.conf as a configuration and non-replacable file. * Sun Sep 30 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-4mdk - Use the Include directive so that anonymous login will work out of the box with the installation of the proftpd-anonymous package. :) - Enable AllowStoreRestart so FTP resume works (#5163). - Don't use make as parallel build seem to be broke. * Thu Sep 27 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-3mdk - Only restart xinetd in scriptlets if xinetd is present. * Sun Sep 09 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-2mdk - Work against the advice of Chmou and Jeff and disable --enable-sendfile for now as it is causing strange file corruptions (Ural Khassanov). * Sat Aug 18 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-1mdk - Really 1.2.2. * Sat Aug 04 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc3.2mdk - Really fix xinetd. (David Walluck). * Fri Jul 13 2001 Christian Zoffoli <czoffoli@linux-mandrake.com> 1.2.2-0.rc3.1mdk - rc3 * Thu Jul 05 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.7mdk - Rebuild with the new libdb-3.2 (flepied). * Tue Jun 26 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.6mdk - Fix bad postun script. * Tue Jun 26 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.5mdk - Put in anonymous login in proftpd.conf, but comment it out so you still don't get it by default (thx tom ;) - s|Copyright|License|; * Sun Jun 24 2001 Stefan van der Eijk <stefan@eijk.nu> 1.2.2-0.rc2.4mdk - BuildRequires: openssl-devel - BuildRequires: pam-devel - bzipped patches * Thu May 31 2001 Stefan van der Eijk <stefan@eijk.nu> 1.2.2-0.rc2.3mdk - BuildRequires: tcp_wrappers-devel * Sat May 12 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc2.2mdk - Also compile mod_wrap (thx cooker). * Sat Apr 21 2001 Christian Zoffoli <czoffoli@linux-mandrake.com> 1.2.2-0.rc2.1mdk - rc2 - removed external patch - fixed previous changelog (currently mod_ldap doesn't support TLS) - removed requires: libsasl7-devel - Geoffrey Lee <snailtalk@mandrakesoft.com> - PersistentPasswd off in proftpd.conf for NIS to work (closes bug #3103). * Fri Apr 20 2001 Christian Zoffoli <czoffoli@linux-mandrake.com> 1.2.2-0.rc1.6mdk - little cleanup in spec - more macros - added LDAP support v2.7.6 - added LDAP configuration directives to proftpd.conf - patched makefile to compile mod_ldap - added BuildRequires: libsasl7-devel, libldap2-devel - added Requires: libsasl7, libldap2 - fixed xinetd installation - fixed xinetd default (disabled) - added xinetd reload after an upgrade - removed creation of /home/ftp - improved ftpusers creation * Fri Apr 20 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.5mdk - Fix define of _localstatedir (oops). * Fri Apr 20 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.4mdk - --enable-sendfile (Chmouel, Jeff Garzik). - Put back proftpd-anonymous.conf. * Sun Apr 8 2001 Frederic Lepied <flepied@mandrakesoft.com> 1.2.2-0.rc1.3mdk - use server macros * Sat Apr 07 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.2mdk - Put back the proftpd.xinetd which was missing (Christian Zoffoli). * Tue Apr 03 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.2-0.rc1.1mdk - Bump up to 1.2.2rc1 for security fixes (Andrew Lee). * Fri Mar 23 2001 Vincent Danen <vdanen@mandrakesoft.com> 1.2.1-5mdk - fix configs to use nobody.nobody not nobody.nogroup to run as nogroup seems to no longer exist - clean initscript so it is more consistant with other initscripts * Mon Mar 12 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-4mdk - Have xinetd, but put it in the documents directory. * Fri Mar 09 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-3mdk - URL change from .net -> .org (Sebastian Dransfeld). * Thu Mar 08 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-2mdk - Don't enable Anonymous login by default (/me, Vincent Danen). * Tue Mar 06 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.1-1mdk - 1.2.1 Version out for everyone to use. * Thu Feb 22 2001 Geoffrey lee <snailtalk@mandrakesoft.com> 1.2.0rc3-2mdk - Remove support for inetd. * Thu Feb 08 2001 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc3-1mdk - 1.2.0rc3: security update * Wed Nov 01 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-9mdk - fix the anonymous login in proftpd configuration files. * Wed Sep 27 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-7mdk - really fix inetd problem. We remnove it from /etc/inetd.conf, and let it run instandalone mode which seems to work quite fine ... * Fri Sep 22 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-6mdk - really add the xinetd entry. * Thu Sep 21 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-5mdk - include the chkconfig entry, but don't run chkconfig by default. - add an xinetd entry. - re-add the inetd.conf entry ... * Fri Sep 15 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-4mdk - rebuild for the Big Move (tm) and hope that I don't break anything. - remove inetd.conf entry (again, hoping that I don't break anything.) * Tue Aug 29 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-3mdk - use of _initrddir. * Wed Aug 23 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-2mdk - quick and ugly hack to fix wu-ftpd breakage when proftpd is uninstalled. - change the description as the AUTH patch is no longer here. * Sat Jul 29 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.2.0rc2-1mdk - new version - remove the packager tag (vincentscks) * Wed Jul 19 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc1-3mdk - rebuild for directory changes * Tue Jul 18 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc1-2mdk - add directory /var/log/proftpd - add home directory /home/ftp - add conflicts with anonftp - fix so can install as nonroot - add --enable-autoshadow to configure * Wed Jul 12 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.2.0rc1-1mdk - 1.2.0rc1 - macroization - remove directory /home/ftp since we don't need it * Fri Jun 30 2000 Vincent Danen <vdanen@linux-mandrake.com> 1.2.0pre10-2mdk - merge with .spec file from Geoffrey Lee <snailtalk@linux-mandrake.com>: - add logrotate entry - add symlinks to in.proftpd and in.ftpd - on uninstall, run /etc/rc.d/init.d/proftpd stop prior to uninstall - compile with mod_pam support - add Conflicts: wu-ftpd, ncftpd, beroftpd * Fri May 5 2000 Vincent Danen <vdanen@linux-mandrake.com> 1.2.0pre10-1mdk - build for Mandrake - bzip sources - bzip manpages - remove multi-package creation. one package does all... updates /etc/inetd.conf but defaults to standalone server type * Thu Oct 3 1999 O.Elliyasa <osman@Cable.EU.org> - Multi package creation. Created core, standalone, inetd (&doc) package creations. Added startup script for init.d Need to make the "standalone & inetd" packages being created as "noarch" - Added URL. - Added prefix to make the package relocatable. * Wed Sep 8 1999 O.Elliyasa <osman@Cable.EU.org> - Corrected inetd.conf line addition/change logic. * Sat Jul 24 1999 MacGyver <macgyver@tos.net> - Initial import of spec.