%bcond_without pgsql # disable PostgreSQL support
%bcond_without puredb # disable pure-db support
%bcond_without tls # disable SSL/TLS support
-#
+%bcond_without cap # disable capabilities
+
+%define rel 3
Summary: Small, fast and secure FTP server
-Summary(pl): Ma³y, szybki i bezpieczny serwer FTP
+Summary(pl.UTF-8): Mały, szybki i bezpieczny serwer FTP
Name: pure-ftpd
-Version: 1.0.20
-Release: 10%{?with_extra:extra}
-Epoch: 0
+Version: 1.0.49
+Release: %{rel}%{?with_extra:extra}
License: BSD-like%{?with_extra:, GLPv2 for pure-config due to libcfg+ license}
Group: Daemons
-Source0: ftp://ftp.pureftpd.org/pub/pure-ftpd/releases/%{name}-%{version}.tar.bz2
-# Source0-md5: e928e9e15adf6b52bfe6183fdad20144
+Source0: http://download.pureftpd.org/pub/pure-ftpd/releases/%{name}-%{version}.tar.bz2
+# Source0-md5: b7025f469711d88bd84a3518f67c1470
Source1: %{name}.pamd
Source2: %{name}.init
-Source3: ftpusers.tar.bz2
-# Source3-md5: 76c80b6ec9f4d079a1e27316edddbe16
-Source4: http://twittner.host.sk/files/pure-config/pure-config-20041201.tar.gz
-# Source4-md5: 3f2ff6b00b5c38ee11ce588ee5af6cf6
+Source3: %{name}.sysconfig
+Source4: ftpusers.tar.bz2
+# Source4-md5: 76c80b6ec9f4d079a1e27316edddbe16
+Source5: http://twittner.host.sk/files/pure-config/pure-config-20041201.tar.gz
+# Source5-md5: 3f2ff6b00b5c38ee11ce588ee5af6cf6
Patch0: %{name}-config.patch
-Patch1: %{name}-path_to_ssl_cert_in_config.patch
+Patch1: %{name}-allauth.patch
Patch2: %{name}-pure-pw_passwd.patch
-Patch3: %{name}-userlength.patch
-Patch4: %{name}-mysql_config.patch
-Patch5: %{name}-nosymlinks-hideuidmismatch.patch
-Patch6: %{name}-auth-can-delete-pure.patch
+Patch3: %{name}-mysql_config.patch
+# from Fedora
+Patch4: 0003-Allow-having-both-options-and-config-file-on-command.patch
+Patch5: paths.patch
+Patch6: %{name}-apparmor.patch
+Patch7: %{name}-mysql-utf8.patch
+Patch8: caps.patch
URL: http://www.pureftpd.org/
%{?with_extra:BuildRequires: autoconf}
%{?with_extra:BuildRequires: automake}
-BuildRequires: libcap-devel
+BuildRequires: libapparmor-devel
+%{?with_cap:BuildRequires: libcap-devel}
%{?with_extra:BuildRequires: libcfg+-devel >= 0.6.2}
+BuildRequires: libsodium-devel
%{?with_mysql:BuildRequires: mysql-devel}
-%{?with_ldap:BuildRequires: openldap-devel}
+%{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
%{?with_tls:BuildRequires: openssl-devel}
BuildRequires: pam-devel
%{?with_pgsql:BuildRequires: postgresql-devel}
+BuildRequires: rpmbuild(macros) >= 1.304
+Requires(post): /usr/bin/openssl
Requires(post,preun): /sbin/chkconfig
+Requires(postun): /usr/sbin/groupdel
+Requires(postun): /usr/sbin/userdel
+Requires(pre): /bin/id
+Requires(pre): /usr/bin/getgid
+Requires(pre): /usr/sbin/groupadd
+Requires(pre): /usr/sbin/useradd
Requires: pam >= 0.79.0
%{!?with_extra:Requires: perl-base}
Requires: rc-scripts
Provides: ftpserver
-Obsoletes: ftpserver
-Obsoletes: anonftp
-Obsoletes: bftpd
-Obsoletes: ftpd-BSD
-Obsoletes: glftpd
-Obsoletes: heimdal-ftpd
-Obsoletes: linux-ftpd
-Obsoletes: muddleftpd
-Obsoletes: proftpd
-Obsoletes: proftpd-common
-Obsoletes: proftpd-inetd
-Obsoletes: proftpd-standalone
-Obsoletes: troll-ftpd
-Obsoletes: vsftpd
-Obsoletes: wu-ftpd
+Provides: user(ftpauth)
+Provides: group(ftpauth)
+Provides: user(ftpcert)
+Provides: group(ftpcert)
Conflicts: man-pages < 1.51
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sysconfdir /etc/ftpd
%define _ftpdir /home/services/ftp
+%define schemadir /usr/share/openldap/schema
%description
Pure-FTPd is a fast, production-quality, standard-comformant FTP
directories, virtual domains, built-in LS, anti-warez system, bounded
ports for passive downloads...
-%description -l pl
-Pure-FTPD to szybki, wysokiej jako¶ci, odpowiadaj±cy standardom serwer
-FTP bazuj±cy na Troll-FTPd. W przeciwieñstwie do innych serwerów FTP
-nie ma znanych luk w bezpieczeñstwie. Ponadto jest trywialny w
+%description -l pl.UTF-8
+Pure-FTPD to szybki, wysokiej jakości, odpowiadający standardom serwer
+FTP bazujący na Troll-FTPd. W przeciwieństwie do innych serwerów FTP
+nie ma znanych luk w bezpieczeństwie. Ponadto jest trywialny w
konfiguracji i specjalnie zaprojektowany dla nowych kerneli Linuksa
-(setfsuid, sendfile, capabilibies). Mo¿liwo¶ci to wsparcie dla PAM-a,
-IPv6, chroot()owanych katalogów domowych, virtualne domeny, wbudowany
-LS, system anty-warezowy, ograniczanie portów dla pasywnych
-po³±czeñ...
+(setfsuid, sendfile, capabilibies). Możliwości to wsparcie dla PAM-a,
+IPv6, chroot()owanych katalogów domowych, virtualne domeny, wbudowany
+LS, system anty-warezowy, ograniczanie portów dla pasywnych
+połączeń...
+
+%package -n openldap-schema-pureftpd
+Summary: Pure-FTPd LDAP schema
+Summary(pl.UTF-8): Schemat LDAP dla Pure-FTPd
+Group: Networking/Daemons
+Requires(post,postun): sed >= 4.0
+Requires: openldap-servers
+Requires: sed >= 4.0
+%if "%{_rpmversion}" >= "5"
+BuildArch: noarch
+%endif
+
+%description -n openldap-schema-pureftpd
+This package contains an Pure-FTPd openldap schema.
+
+%description -n openldap-schema-pureftpd -l pl.UTF-8
+Ten pakiet zawiera schemat Pure-FTPd pureftpd.schema dla openldapa.
%prep
-%setup -q -a 4
+%setup -q -a 5
%patch0 -p0
+%patch1 -p1
+%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
-%{?with_longusername:%patch3 -p1}
-%{?with_extra:%patch1 -p1}
+%patch7 -p1
+%patch8 -p1
+
%{?with_extra:%patch2 -p1}
%build
+%{__aclocal} -Im4
+%{__autoconf}
+%{__autoheader}
+%{__automake}
%configure \
+ CFLAGS="%{rpmcflags} %{rpmcppflags} -DALLOW_DELETION_OF_TEMPORARY_FILES=1 -DALWAYS_SHOW_RESOLVED_SYMLINKS=1" \
+ --disable-silent-rules \
--with-boring \
--with-altlog \
--with-cookie \
--with-extauth \
--with-ftpwho \
--with-language=english \
- --with-largefile \
+ %{!?with_cap:--without-capabilities} \
%{?with_ldap:--with-ldap} \
%{?with_mysql:CPPFLAGS="-I%{_includedir}/mysql" --with-mysql} \
--with-pam \
--with-quotas \
--with-ratios \
--with-throttling \
- %{?with_tls:--with-tls --with-certfile=%{_sharedstatedir}/openssl/certs/ftpd.pem} \
+ %{?with_tls:--with-tls --with-certfile=/etc/pure-ftpd/ssl/pure-ftpd.pem} \
--with-uploadscript \
--with-virtualchroot \
- --with-virtualhosts
+ --with-virtualhosts \
+ --with-apparmor
%if %{with extra}
cd pure-config
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT/etc/{pam.d,sysconfig,security,rc.d/init.d} \
- $RPM_BUILD_ROOT{%{_sysconfdir}/vhosts,%{_ftpdir}}
+install -d $RPM_BUILD_ROOT/etc/{pam.d,sysconfig,security,rc.d/init.d,%{name}/{certd,authd,conf,ssl}} \
+ $RPM_BUILD_ROOT{%{_sysconfdir}/vhosts,%{_ftpdir},%{schemadir}}
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
-install %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/%{name}
-install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
+cp -p %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/%{name}
+install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
+cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
%{?with_ldap:install pureftpd-ldap.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-ldap.conf}
%{?with_mysql:install pureftpd-mysql.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-mysql.conf}
%{?with_pgsql:install pureftpd-pgsql.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-pgsql.conf}
-install configuration-file/pure-ftpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd.conf
-%{!?with_extra:install configuration-file/pure-config.pl $RPM_BUILD_ROOT%{_sbindir}}
-touch $RPM_BUILD_ROOT/etc/security/blacklist.ftp
+cp -p pureftpd.schema $RPM_BUILD_ROOT%{schemadir}/pureftpd.schema
+
+mv $RPM_BUILD_ROOT%{_sysconfdir}/{pure-ftpd,pureftpd}.conf
+
+touch $RPM_BUILD_ROOT%{_sysconfdir}/{ftpusers,pureftpd-dir-aliases}
+:> $RPM_BUILD_ROOT/etc/pure-ftpd/ssl/dhparams.pem
ln -s vhosts $RPM_BUILD_ROOT%{_sysconfdir}/pure-ftpd
-bzip2 -dc %{SOURCE3} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
+bzip2 -dc %{SOURCE4} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
+rm -f $RPM_BUILD_ROOT%{_mandir}/ftpusers-path.diff
%if %{with extra}
-cd pure-config
-%{__make} install \
+%{__make} -C pure-config install \
DESTDIR=$RPM_BUILD_ROOT
%endif
rm -rf $RPM_BUILD_ROOT
%post
-/sbin/chkconfig --add %{name}
-if [ -f %{_var}/lock/subsys/%{name} ]; then
- /etc/rc.d/init.d/%{name} restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/%{name} start\" to start PureFTPD daemon."
+if [ ! -s /etc/pure-ftpd/ssl/dhparams.pem ]; then
+ umask 027
+ %{_bindir}/openssl dhparam -out /etc/pure-ftpd/ssl/dhparams.pem 2048 || :
fi
+/sbin/chkconfig --add %{name}
+%service %{name} restart "PureFTPD daemon"
+
+%pre
+%groupadd -g 326 ftpauth
+%useradd -u 326 -d %{_ftpdir} -s /bin/false -c "FTP Auth daemon" -g ftpauth ftpauth
+%groupadd -g 335 ftpcert
+%useradd -u 335 -d %{_ftpdir} -s /bin/false -c "FTP Cert daemon" -g ftpcert ftpcert
+
%preun
if [ "$1" = "0" ]; then
- if [ -f %{_var}/lock/subsys/%{name} ]; then
- /etc/rc.d/init.d/%{name} stop 1>&2
- fi
+ %service %{name} stop
/sbin/chkconfig --del %{name}
fi
+%postun
+if [ "$1" = "0" ]; then
+ %userremove ftpauth
+ %groupremove ftpauth
+ %userremove ftpcert
+ %groupremove ftpcert
+fi
+
+%post -n openldap-schema-pureftpd
+%openldap_schema_register %{schemadir}/pureftpd.schema -d core
+%service -q ldap restart
+
+%postun -n openldap-schema-pureftpd
+if [ "$1" = "0" ]; then
+ %openldap_schema_unregister %{schemadir}/pureftpd.schema
+ %service -q ldap restart
+fi
+
+%triggerpostun -- %{name} < 1.0.41-2
+%{?with_mysql:sed -i -e 's#MYSQLCrypt[\t ]\+all#MYSQLCrypt any#gi' $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-mysql.conf}
+%{?with_pgsql:sed -i -e 's#PgSQLCrypt[\t ]\+all#PgSQLCrypt any#gi' $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-pgsql.conf}
+sed -i -e 's#SSLCertFile#CertFile#gi' $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd.conf
+exit 0
+
%files
%defattr(644,root,root,755)
-%doc AUTHORS ChangeLog CONTACT FAQ HISTORY NEWS README* THANKS pure*.conf pureftpd.schema
+%doc AUTHORS ChangeLog COPYING FAQ HISTORY NEWS README* THANKS pure*.conf pureftpd.schema
%attr(755,root,root) %{_bindir}/*
%attr(755,root,root) %{_sbindir}/*
%attr(754,root,root) /etc/rc.d/init.d/%{name}
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/*
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist.ftp
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/*
+%attr(751,root,root) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}
+%attr(750,root,ftpauth) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/authd
+%attr(750,root,ftpcert) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/certd
+# for future /etc/ftpd -> /etc/pure-ftpd/conf migration
+# %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/conf
+%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/ssl
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost /etc/%{name}/ssl/dhparams.pem
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ftpusers
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-dir-aliases
%{?with_ldap:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-ldap.conf}
%{?with_mysql:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-mysql.conf}
%{?with_pgsql:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-pgsql.conf}
%lang(pl) %{_mandir}/pl/man5/ftpusers*
%lang(pt_BR) %{_mandir}/pt_BR/man5/ftpusers*
%lang(ru) %{_mandir}/ru/man5/ftpusers*
+
+%files -n openldap-schema-pureftpd
+%defattr(644,root,root,755)
+%{schemadir}/pureftpd.schema
projects / packages / pure-ftpd.git / blobdiff