blob: d68b289252250c795b1c02efcc1946772e7d2673 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit systemd toolchain-funcs
DESCRIPTION="Very Secure FTP Daemon written with speed, size and security in mind"
HOMEPAGE="http://vsftpd.beasts.org/"
SRC_URI="http://security.appspot.com/downloads/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86"
IUSE="caps pam tcpd ssl selinux xinetd"
DEPEND="caps? ( >=sys-libs/libcap-2 )
pam? ( sys-libs/pam )
!pam? ( virtual/libcrypt:= )
tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
ssl? ( dev-libs/openssl:0= )"
RDEPEND="${DEPEND}
net-ftp/ftpbase
selinux? ( sec-policy/selinux-ftp )
xinetd? ( sys-apps/xinetd )"
PATCHES=(
# kerberos patch. bug #335980
"${FILESDIR}/${PN}-2.3.2-kerberos.patch"
# Patch the source, config and the manpage to use /etc/vsftpd/
"${FILESDIR}/${PN}-2.3.5-gentoo.patch"
# Fix building without the libcap
"${FILESDIR}/${PN}-2.1.0-caps.patch"
# Fix building on alpha. Bug #405829
"${FILESDIR}/${PN}-3.0.2-alpha.patch"
# Bug #335977
"${FILESDIR}"/${PN}-3.0.0-Makefile.patch
# Bug #450536
"${FILESDIR}"/${PN}-3.0.2-remove-legacy-cap.patch
# Bug #630704
"${FILESDIR}"/${PN}-3.0.3-sparc.patch
# https://bugs.gentoo.org/443898
#"${FILESDIR}"/vsftpd-disable-seccomp-sandbox.patch
)
src_prepare() {
# Configure vsftpd build defaults
if use tcpd ; then
echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h || die
fi
if use ssl ; then
echo "#define VSF_BUILD_SSL" >> builddefs.h || die
fi
if ! use pam; then
echo "#undef VSF_BUILD_PAM" >> builddefs.h || die
fi
# Ensure that we don't link against libcap unless asked
if ! use caps ; then
sed -i '/^#define VSF_SYSDEP_HAVE_LIBCAP$/ d' sysdeputil.c || die
eapply "${FILESDIR}"/${PN}-3.0.4-dont-link-caps.patch
fi
# Let portage control stripping
sed -i '/^LINK[[:space:]]*=[[:space:]]*/ s/-Wl,-s//' Makefile || die
default
}
src_compile() {
# Override LIBS variable. Bug #508192
LIBS=
use caps && LIBS+=" -lcap"
if use pam; then
LIBS+=" -lpam"
else
LIBS+=" -lcrypt"
fi
use tcpd && LIBS+=" -lwrap"
use ssl && LIBS+=" -lssl -lcrypto"
tc-export CC
CFLAGS="${CFLAGS}" emake LIBS="${LIBS}"
}
src_install() {
into /usr
doman ${PN}.conf.5 ${PN}.8
dosbin ${PN}
dodoc AUDIT BENCHMARKS BUGS Changelog FAQ \
README README.security REWARD SIZE \
SPEED TODO TUNING
newdoc ${PN}.conf ${PN}.conf.example
docinto security
dodoc SECURITY/*
docinto examples
dodoc -r EXAMPLE/*
insinto /etc/${PN}
newins ${PN}.conf{,.example}
insinto /etc/logrotate.d
newins "${FILESDIR}"/${PN}.logrotate ${PN}
if use xinetd ; then
insinto /etc/xinetd.d
newins "${FILESDIR}"/${PN}.xinetd ${PN}
fi
newinitd "${FILESDIR}"/${PN}.init ${PN}
keepdir /usr/share/${PN}/empty
exeinto /usr/libexec
doexe "${FILESDIR}"/vsftpd-checkconfig.sh
systemd_dounit "${FILESDIR}"/${PN}.service
systemd_newunit "${FILESDIR}"/${PN}_at.service "${PN}@.service"
systemd_dounit "${FILESDIR}"/${PN}.socket
}
pkg_preinst() {
# If we use xinetd, then we set listen=NO
# so that our default config works under xinetd - fixes #78347
if use xinetd ; then
sed -i 's/listen=YES/listen=NO/g' "${D}"/etc/${PN}/${PN}.conf.example || die
fi
}
pkg_postinst() {
einfo "vsftpd openRC init script can now be multiplexed."
einfo "The default init script forces /etc/vsftpd/vsftpd.conf to exist."
einfo "If you symlink the init script to another one, say vsftpd.foo"
einfo "then that uses /etc/vsftpd/foo.conf instead."
einfo
einfo "Example:"
einfo " cd /etc/init.d"
einfo " ln -s vsftpd vsftpd.foo"
einfo "You can now treat vsftpd.foo like any other service"
}
|
GitWeb