From 5b80bfd7bffd4c20d80b7c70a7130529e9a755dd Mon Sep 17 00:00:00 2001 From: ToshikazuOhiwa Date: Mon, 30 Mar 2020 09:24:26 +0900 Subject: agl-basesystem --- .../vsftpd/files/change-secure_chroot_dir.patch | 62 ++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch (limited to 'external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch') diff --git a/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch b/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch new file mode 100644 index 00000000..b69de1d1 --- /dev/null +++ b/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/files/change-secure_chroot_dir.patch @@ -0,0 +1,62 @@ +From ce2be5d4967445828d5ae9d9462cfaa78ae03c73 Mon Sep 17 00:00:00 2001 +From: Ming Liu +Date: Wed, 18 Sep 2013 09:44:20 +0800 +Subject: [PATCH] vsftpd: change default value of secure_chroot_dir + +Upstream-Status: Pending + +Change secure_chroot_dir pointing to a volatile directory. + +Signed-off-by: Ming Liu + +--- + INSTALL | 6 +++--- + tunables.c | 2 +- + vsftpd.conf.5 | 2 +- + 3 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/INSTALL b/INSTALL +index 4f811aa..427122a 100644 +--- a/INSTALL ++++ b/INSTALL +@@ -27,11 +27,11 @@ user in case it does not already exist. e.g.: + [root@localhost root]# useradd nobody + useradd: user nobody exists + +-2b) vsftpd needs the (empty) directory /usr/share/empty in the default ++2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default + configuration. Add this directory in case it does not already exist. e.g.: + +-[root@localhost root]# mkdir /usr/share/empty/ +-mkdir: cannot create directory `/usr/share/empty': File exists ++[root@localhost root]# mkdir /var/run/vsftpd/empty/ ++mkdir: cannot create directory `/var/run/vsftpd/empty': File exists + + 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a + valid home directory (which is NOT owned or writable by the user "ftp"). +diff --git a/tunables.c b/tunables.c +index 284a10d..8c63c3f 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -254,7 +254,7 @@ tunables_load_defaults() + /* -rw------- */ + tunable_chown_upload_mode = 0600; + +- install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir); ++ install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir); + install_str_setting("ftp", &tunable_ftp_username); + install_str_setting("root", &tunable_chown_username); + install_str_setting("/var/log/xferlog", &tunable_xferlog_file); +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index fcc6022..e4ffdee 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -969,7 +969,7 @@ This option should be the name of a directory which is empty. Also, the + directory should not be writable by the ftp user. This directory is used + as a secure chroot() jail at times vsftpd does not require filesystem access. + +-Default: /usr/share/empty ++Default: /var/run/vsftpd/empty + .TP + .B ssl_ciphers + This option can be used to select which SSL ciphers vsftpd will allow for -- cgit 1.2.3-korg