From cc332e9f87e870111bd5574f3ce90b68303550bd Mon Sep 17 00:00:00 2001 From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= Date: Thu, 24 Sep 2015 09:17:55 +0200 Subject: [PATCH] - rel 2; support for auth over own script --- pure-ftpd.init | 65 ++++++++++++++++++++++++++++++++++++-------------- pure-ftpd.spec | 18 +++++++++++++- 2 files changed, 64 insertions(+), 19 deletions(-) diff --git a/pure-ftpd.init b/pure-ftpd.init index b5f6ca7..17cf9ba 100644 --- a/pure-ftpd.init +++ b/pure-ftpd.init @@ -12,6 +12,9 @@ # Get network config . /etc/sysconfig/network +PURE_AUTH_SCRIPT=/etc/ftpd/auth.script +PURE_AUTH_SOCKET=/var/run/pure-authd/socket + # Get service config [ -f /etc/sysconfig/pure-ftpd ] && . /etc/sysconfig/pure-ftpd @@ -40,26 +43,47 @@ fi start() { # Check if the service is already running? if [ ! -f /var/lock/subsys/pure-ftpd ]; then - msg_starting pure-ftpd - rm -f /var/run/pure-ftpd/client* - if [ x"$CFG" = "x/usr/sbin/pure-config" ] ; then - modprobe -s capability > /dev/null 2>&1 - daemon /usr/sbin/pure-ftpd \ - $(/usr/sbin/pure-config -f /etc/ftpd/pureftpd.conf) \ - --daemonize - RETVAL=$? - else - daemon $CFG /etc/ftpd/pureftpd.conf --daemonize + RETVAL=0 + if [ -x "$PURE_AUTH_SCRIPT" ]; then + PURE_AUTH=yes + msg_starting pure-authd + + # 326/326 - authd/authd + + mkdir -p /var/run/pure-authd + chown ftpauth:root /var/run/pure-authd + chmod 750 /var/run/pure-authd + + daemon /usr/sbin/pure-authd --uid 326 --gid 326 --pid /var/run/pure-authd.pid \ + --run "$PURE_AUTH_SCRIPT" --socket "$PURE_AUTH_SOCKET" --daemonize RETVAL=$? + [ $RETVAL -eq 0 ] && chown root:root "$PURE_AUTH_SOCKET" && chmod 700 "$PURE_AUTH_SOCKET" fi - - if [ -n "$UPLOADSCRIPT" ]; then - msg_starting pure-uploadscript - UPLOADSCRIPTOPTS="-B -r $UPLOADSCRIPT" - [ -n "$UPLOADSCRIPT_UID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -u $UPLOADSCRIPT_UID" - [ -n "$UPLOADSCRIPT_GID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -g $UPLOADSCRIPT_GID" - daemon /usr/sbin/pure-uploadscript $UPLOADSCRIPTOPTS - RETVAL=$(($RETVAL+$?)) + if [ $RETVAL -eq 0 ]; then + msg_starting pure-ftpd + rm -f /var/run/pure-ftpd/client* + if [ x"$CFG" = "x/usr/sbin/pure-config" ] ; then + modprobe -s capability > /dev/null 2>&1 + daemon /usr/sbin/pure-ftpd \ + $(/usr/sbin/pure-config -f /etc/ftpd/pureftpd.conf) \ + $([ "$PURE_AUTH" = "yes" ] && echo "-lextauth:$PURE_AUTH_SOCKET") \ + --daemonize + RETVAL=$? + else + daemon $CFG /etc/ftpd/pureftpd.conf \ + $([ "$PURE_AUTH" = "yes" ] && echo "-lextauth:$PURE_AUTH_SOCKET") \ + --daemonize + RETVAL=$? + fi + + if [ -n "$UPLOADSCRIPT" ]; then + msg_starting pure-uploadscript + UPLOADSCRIPTOPTS="-B -r $UPLOADSCRIPT" + [ -n "$UPLOADSCRIPT_UID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -u $UPLOADSCRIPT_UID" + [ -n "$UPLOADSCRIPT_GID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -g $UPLOADSCRIPT_GID" + daemon /usr/sbin/pure-uploadscript $UPLOADSCRIPTOPTS + RETVAL=$(($RETVAL+$?)) + fi fi [ $RETVAL -eq 0 ] && touch /var/lock/subsys/pure-ftpd @@ -76,6 +100,11 @@ stop() { killproc pure-uploadscript fi + if [ -x "$PURE_AUTH_SCRIPT" -o -r /var/run/pure-authd.pid ]; then + msg_stopping pure-authd + killproc pure-authd + fi + msg_stopping pure-ftpd killproc pure-ftpd diff --git a/pure-ftpd.spec b/pure-ftpd.spec index 8258d47..6831f9b 100644 --- a/pure-ftpd.spec +++ b/pure-ftpd.spec @@ -9,7 +9,7 @@ %bcond_without tls # disable SSL/TLS support %bcond_without cap # disable capabilities -%define rel 1 +%define rel 2 Summary: Small, fast and secure FTP server Summary(pl.UTF-8): Mały, szybki i bezpieczny serwer FTP Name: pure-ftpd @@ -50,6 +50,12 @@ BuildRequires: pam-devel %{?with_pgsql:BuildRequires: postgresql-devel} BuildRequires: rpmbuild(macros) >= 1.304 Requires(post,preun): /sbin/chkconfig +Requires(postun): /usr/sbin/groupdel +Requires(postun): /usr/sbin/userdel +Requires(pre): /bin/id +Requires(pre): /usr/bin/getgid +Requires(pre): /usr/sbin/groupadd +Requires(pre): /usr/sbin/useradd Requires: pam >= 0.79.0 %{!?with_extra:Requires: perl-base} Requires: rc-scripts @@ -190,12 +196,22 @@ rm -rf $RPM_BUILD_ROOT /sbin/chkconfig --add %{name} %service %{name} restart "PureFTPD daemon" +%pre +%groupadd -g 326 ftpauth +%useradd -u 326 -d %{_ftpdir} -s /bin/false -c "FTP Auth daemon" -g ftpauth ftpauth + %preun if [ "$1" = "0" ]; then %service %{name} stop /sbin/chkconfig --del %{name} fi +%postun +if [ "$1" = "0" ]; then + %userremove ftpauth + %groupremove ftpauth +fi + %post -n openldap-schema-pureftpd %openldap_schema_register %{schemadir}/pureftpd.schema -d core %service -q ldap restart -- 2.44.0