Rel 5; pure-uploadscript retval has meaning only if it is enabled

[packages/pure-ftpd.git] / pure-ftpd.spec

diff --git a/pure-ftpd.spec b/pure-ftpd.spec
index 6782ad091e11c491a2204b6a808e1324067f603a..9c09bbd69ae075d0766612f6f6f402d400253421 100644 (file)
--- a/pure-ftpd.spec
+++ b/pure-ftpd.spec
@@ -8,65 +8,71 @@
 %bcond_without puredb          # disable pure-db support
 %bcond_without tls             # disable SSL/TLS support
 %bcond_without cap             # disable capabilities
-#
+
+%define        rel     5
 Summary:       Small, fast and secure FTP server
 Summary(pl.UTF-8):     Mały, szybki i bezpieczny serwer FTP
 Name:          pure-ftpd
-Version:       1.0.21
-Release:       4%{?with_extra:extra}
-Epoch:         0
+Version:       1.0.49
+Release:       %{rel}%{?with_extra:extra}
 License:       BSD-like%{?with_extra:, GLPv2 for pure-config due to libcfg+ license}
 Group:         Daemons
-Source0:       ftp://ftp.pureftpd.org/pub/pure-ftpd/releases/%{name}-%{version}.tar.bz2
-# Source0-md5: ca8a8dbec0cd9c8ea92fc4c37ea9c410
+Source0:       http://download.pureftpd.org/pub/pure-ftpd/releases/%{name}-%{version}.tar.bz2
+# Source0-md5: b7025f469711d88bd84a3518f67c1470
 Source1:       %{name}.pamd
 Source2:       %{name}.init
-Source3:       ftpusers.tar.bz2
-# Source3-md5: 76c80b6ec9f4d079a1e27316edddbe16
-Source4:       http://twittner.host.sk/files/pure-config/pure-config-20041201.tar.gz
-# Source4-md5: 3f2ff6b00b5c38ee11ce588ee5af6cf6
+Source3:       %{name}.sysconfig
+Source4:       ftpusers.tar.bz2
+# Source4-md5: 76c80b6ec9f4d079a1e27316edddbe16
+Source5:       http://twittner.host.sk/files/pure-config/pure-config-20041201.tar.gz
+# Source5-md5: 3f2ff6b00b5c38ee11ce588ee5af6cf6
 Patch0:                %{name}-config.patch
-Patch1:                %{name}-path_to_ssl_cert_in_config.patch
+Patch1:                %{name}-allauth.patch
 Patch2:                %{name}-pure-pw_passwd.patch
 Patch3:                %{name}-mysql_config.patch
-Patch4:                %{name}-nosymlinks-hideuidmismatch.patch
-Patch5:                %{name}-auth-can-delete-pure.patch
+# from Fedora
+Patch4:                0003-Allow-having-both-options-and-config-file-on-command.patch
+Patch5:                paths.patch
+Patch6:                %{name}-apparmor.patch
+Patch7:                %{name}-mysql-utf8.patch
+Patch8:                caps.patch
+Patch9:                pure-ftpd-1.0.49-diraliases_uninitialized_pointer.patch
+Patch10:       pure-ftpd-1.0.49-pure_strcmp_OOB_read.patch
 URL:           http://www.pureftpd.org/
 %{?with_extra:BuildRequires:   autoconf}
 %{?with_extra:BuildRequires:   automake}
+BuildRequires: libapparmor-devel
 %{?with_cap:BuildRequires:     libcap-devel}
 %{?with_extra:BuildRequires:   libcfg+-devel >= 0.6.2}
+BuildRequires: libsodium-devel
 %{?with_mysql:BuildRequires:   mysql-devel}
 %{?with_ldap:BuildRequires:    openldap-devel >= 2.3.0}
 %{?with_tls:BuildRequires:     openssl-devel}
 BuildRequires: pam-devel
 %{?with_pgsql:BuildRequires:   postgresql-devel}
-BuildRequires: rpmbuild(macros) >= 1.268
+BuildRequires: rpmbuild(macros) >= 1.304
+Requires(post):                /usr/bin/openssl
 Requires(post,preun):  /sbin/chkconfig
+Requires(postun):      /usr/sbin/groupdel
+Requires(postun):      /usr/sbin/userdel
+Requires(pre): /bin/id
+Requires(pre): /usr/bin/getgid
+Requires(pre): /usr/sbin/groupadd
+Requires(pre): /usr/sbin/useradd
 Requires:      pam >= 0.79.0
 %{!?with_extra:Requires:       perl-base}
 Requires:      rc-scripts
 Provides:      ftpserver
-Obsoletes:     anonftp
-Obsoletes:     bftpd
-Obsoletes:     ftpd-BSD
-Obsoletes:     ftpserver
-Obsoletes:     glftpd
-Obsoletes:     heimdal-ftpd
-Obsoletes:     linux-ftpd
-Obsoletes:     muddleftpd
-Obsoletes:     proftpd
-Obsoletes:     proftpd-common
-Obsoletes:     proftpd-inetd
-Obsoletes:     proftpd-standalone
-Obsoletes:     troll-ftpd
-Obsoletes:     vsftpd
-Obsoletes:     wu-ftpd
+Provides:      user(ftpauth)
+Provides:      group(ftpauth)
+Provides:      user(ftpcert)
+Provides:      group(ftpcert)
 Conflicts:     man-pages < 1.51
 BuildRoot:     %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
 %define                _sysconfdir     /etc/ftpd
 %define                _ftpdir         /home/services/ftp
+%define                schemadir       /usr/share/openldap/schema
 
 %description
 Pure-FTPd is a fast, production-quality, standard-comformant FTP
@@ -87,31 +93,44 @@ IPv6, chroot()owanych katalogów domowych, virtualne domeny, wbudowany
 LS, system anty-warezowy, ograniczanie portów dla pasywnych
 połączeń...
 
-%package -n openldap-schema-pure-ftpd
-Summary:        Pure-FTPd LDAP schema
-Summary(pl.UTF-8):    Schemat LDAP Pure-FTPd'a
-Group:          Netwrokinf/Daemons
+%package -n openldap-schema-pureftpd
+Summary:       Pure-FTPd LDAP schema
+Summary(pl.UTF-8):     Schemat LDAP dla Pure-FTPd
+Group:         Networking/Daemons
+Requires(post,postun): sed >= 4.0
 Requires:      openldap-servers
+Requires:      sed >= 4.0
+BuildArch:     noarch
 
-%description -n openldap-schema-pure-ftpd
+%description -n openldap-schema-pureftpd
 This package contains an Pure-FTPd openldap schema.
 
-%description -n openldap-schema-pure-ftpd -l pl.UTF-8
+%description -n openldap-schema-pureftpd -l pl.UTF-8
 Ten pakiet zawiera schemat Pure-FTPd pureftpd.schema dla openldapa.
 
 %prep
-%setup -q -a 4
+%setup -q -a 5
 %patch0 -p0
+%patch1 -p1
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
-%{?with_extra:%patch1 -p1}
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+
 %{?with_extra:%patch2 -p1}
 
 %build
-# drop --without-cork for Th
+%{__aclocal} -Im4
+%{__autoconf}
+%{__autoheader}
+%{__automake}
 %configure \
-       --without-cork \
+       CFLAGS="%{rpmcflags} %{rpmcppflags} -DALLOW_DELETION_OF_TEMPORARY_FILES=1 -DALWAYS_SHOW_RESOLVED_SYMLINKS=1" \
+       --disable-silent-rules \
        --with-boring \
        --with-altlog \
        --with-cookie \
@@ -119,7 +138,6 @@ Ten pakiet zawiera schemat Pure-FTPd pureftpd.schema dla openldapa.
        --with-extauth \
        --with-ftpwho \
        --with-language=english \
-       --with-largefile \
        %{!?with_cap:--without-capabilities} \
        %{?with_ldap:--with-ldap} \
        %{?with_mysql:CPPFLAGS="-I%{_includedir}/mysql" --with-mysql} \
@@ -131,10 +149,11 @@ Ten pakiet zawiera schemat Pure-FTPd pureftpd.schema dla openldapa.
        --with-quotas \
        --with-ratios \
        --with-throttling \
-       %{?with_tls:--with-tls --with-certfile=%{_sharedstatedir}/openssl/certs/ftpd.pem} \
+       %{?with_tls:--with-tls --with-certfile=/etc/pure-ftpd/ssl/pure-ftpd.pem} \
        --with-uploadscript \
        --with-virtualchroot \
-       --with-virtualhosts
+       --with-virtualhosts \
+       --with-apparmor
 
 %if %{with extra}
 cd pure-config
@@ -148,26 +167,29 @@ cd pure-config
 
 %install
 rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT/etc/{pam.d,sysconfig,security,rc.d/init.d} \
-       $RPM_BUILD_ROOT{%{_sysconfdir}/vhosts,%{_ftpdir},%{_datadir}/openldap/schema}
+install -d $RPM_BUILD_ROOT/etc/{pam.d,sysconfig,security,rc.d/init.d,%{name}/{certd,authd,conf,ssl}} \
+       $RPM_BUILD_ROOT{%{_sysconfdir}/vhosts,%{_ftpdir},%{schemadir}}
 
 %{__make} install \
        DESTDIR=$RPM_BUILD_ROOT
 
-install %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/%{name}
-install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
+cp -p %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/%{name}
+install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
+cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
 
 %{?with_ldap:install pureftpd-ldap.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-ldap.conf}
 %{?with_mysql:install pureftpd-mysql.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-mysql.conf}
 %{?with_pgsql:install pureftpd-pgsql.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-pgsql.conf}
-install configuration-file/pure-ftpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd.conf
-%{!?with_extra:install configuration-file/pure-config.pl $RPM_BUILD_ROOT%{_sbindir}}
-install pureftpd.schema $RPM_BUILD_ROOT%{_datadir}/openldap/schema/pureftpd.schema
-touch $RPM_BUILD_ROOT/etc/security/blacklist.ftp
+cp -p pureftpd.schema $RPM_BUILD_ROOT%{schemadir}/pureftpd.schema
+
+mv $RPM_BUILD_ROOT%{_sysconfdir}/{pure-ftpd,pureftpd}.conf
+
+touch $RPM_BUILD_ROOT%{_sysconfdir}/{ftpusers,pureftpd-dir-aliases}
+:> $RPM_BUILD_ROOT/etc/pure-ftpd/ssl/dhparams.pem
 
 ln -s vhosts $RPM_BUILD_ROOT%{_sysconfdir}/pure-ftpd
 
-bzip2 -dc %{SOURCE3} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
+bzip2 -dc %{SOURCE4} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
 rm -f $RPM_BUILD_ROOT%{_mandir}/ftpusers-path.diff
 
 %if %{with extra}
@@ -179,23 +201,67 @@ rm -f $RPM_BUILD_ROOT%{_mandir}/ftpusers-path.diff
 rm -rf $RPM_BUILD_ROOT
 
 %post
+if [ ! -s /etc/pure-ftpd/ssl/dhparams.pem ]; then
+       umask 027
+       %{_bindir}/openssl dhparam -out /etc/pure-ftpd/ssl/dhparams.pem 2048 || :
+fi
+
 /sbin/chkconfig --add %{name}
 %service %{name} restart "PureFTPD daemon"
 
+%pre
+%groupadd -g 326 ftpauth
+%useradd -u 326 -d %{_ftpdir} -s /bin/false -c "FTP Auth daemon" -g ftpauth ftpauth
+%groupadd -g 335 ftpcert
+%useradd -u 335 -d %{_ftpdir} -s /bin/false -c "FTP Cert daemon" -g ftpcert ftpcert
+
 %preun
 if [ "$1" = "0" ]; then
        %service %{name} stop
        /sbin/chkconfig --del %{name}
 fi
 
+%postun
+if [ "$1" = "0" ]; then
+       %userremove ftpauth
+       %groupremove ftpauth
+       %userremove ftpcert
+       %groupremove ftpcert
+fi
+
+%post -n openldap-schema-pureftpd
+%openldap_schema_register %{schemadir}/pureftpd.schema -d core
+%service -q ldap restart
+
+%postun -n openldap-schema-pureftpd
+if [ "$1" = "0" ]; then
+       %openldap_schema_unregister %{schemadir}/pureftpd.schema
+       %service -q ldap restart
+fi
+
+%triggerpostun -- %{name} < 1.0.41-2
+%{?with_mysql:sed -i -e 's#MYSQLCrypt[\t ]\+all#MYSQLCrypt    any#gi' $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-mysql.conf}
+%{?with_pgsql:sed -i -e 's#PgSQLCrypt[\t ]\+all#PgSQLCrypt    any#gi' $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd-pgsql.conf}
+sed -i -e 's#SSLCertFile#CertFile#gi' $RPM_BUILD_ROOT%{_sysconfdir}/pureftpd.conf
+exit 0
+
 %files
 %defattr(644,root,root,755)
-%doc AUTHORS ChangeLog CONTACT FAQ HISTORY NEWS README* THANKS pure*.conf pureftpd.schema
+%doc AUTHORS ChangeLog COPYING FAQ HISTORY NEWS README* THANKS pure*.conf pureftpd.schema
 %attr(755,root,root) %{_bindir}/*
 %attr(755,root,root) %{_sbindir}/*
 %attr(754,root,root) /etc/rc.d/init.d/%{name}
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/*
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist.ftp
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/*
+%attr(751,root,root) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}
+%attr(750,root,ftpauth) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/authd
+%attr(750,root,ftpcert) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/certd
+# for future /etc/ftpd -> /etc/pure-ftpd/conf migration
+# %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/conf
+%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %dir /etc/%{name}/ssl
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost /etc/%{name}/ssl/dhparams.pem
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ftpusers
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-dir-aliases
 %{?with_ldap:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-ldap.conf}
 %{?with_mysql:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-mysql.conf}
 %{?with_pgsql:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/pureftpd-pgsql.conf}
@@ -210,5 +276,6 @@ fi
 %lang(pt_BR) %{_mandir}/pt_BR/man5/ftpusers*
 %lang(ru) %{_mandir}/ru/man5/ftpusers*
 
-%files -n openldap-schema-pure-ftpd
-%defattr(644,root,root,755) %{_datadir}/openldap/schema/pureftpd.schema
+%files -n openldap-schema-pureftpd
+%defattr(644,root,root,755)
+%{schemadir}/pureftpd.schema