SOURCES: pure-ftpd-additionalgid.patch (NEW) - new; additional group only f...

arekm arekm at pld-linux.org
Tue Feb 3 15:52:30 CET 2009 

Author: arekm                        Date: Tue Feb  3 14:52:30 2009 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- new; additional group only for non-unix users (initgroups() has precedence over this settings)

---- Files affected:
SOURCES:
   pure-ftpd-additionalgid.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/pure-ftpd-additionalgid.patch
diff -u /dev/null SOURCES/pure-ftpd-additionalgid.patch:1.1
--- /dev/null	Tue Feb  3 15:52:31 2009
+++ SOURCES/pure-ftpd-additionalgid.patch	Tue Feb  3 15:52:24 2009
@@ -0,0 +1,96 @@
+diff -ur pure-ftpd-1.0.21/pure-config/pure-config.h pure-ftpd-1.0.21.new/pure-config/pure-config.h
+--- pure-ftpd-1.0.21/pure-config/pure-config.h	2005-06-18 12:39:55.000000000 +0200
++++ pure-ftpd-1.0.21.new/pure-config/pure-config.h	2009-02-03 15:00:10.358021471 +0100
+@@ -82,6 +82,7 @@
+ {	NULL,		'\0', /* 'I' */	"MaxIdleTime",			CFG_STR,			(void*) &opt[I],	0 },
+ {	NULL,		'\0', /* 'k' */	"MaxDiskUsage",			CFG_STR,			(void*) &opt[I],	0 },
+ {	NULL,		'\0', /* 'a' */	"TrustedGID",			CFG_STR,			(void*) &opt[I],	0 },
++{	NULL,		'\0', /* '2' */	"AdditionalGID",		CFG_STR,			(void*) &opt[I],	0 },
+ {	NULL,		'\0', /* 'c' */	"MaxClientsNumber",		CFG_STR,			(void*) &opt[I],	0 },
+ {	NULL,		'\0', /* 'C' */	"MaxClientsPerIP",		CFG_STR,			(void*) &opt[I],	0 },
+ {	NULL,		'\0', /* 'm' */	"MaxLoad",			CFG_STR,			(void*) &opt[I],	0 },
+@@ -153,6 +154,7 @@
+ 	{	"-I",	"--maxidletime="		},
+ 	{	"-k",	"--maxdiskusage="		},
+ 	{	"-a",	"--trustedgid="			},
++	{	"-2",	"--additionalgid="		},
+ 	{	"-c",	"--maxclientsnumber="		},
+ 	{	"-C",	"--maxclientsperip="		},
+ 	{	"-m",	"--maxload="			},
+diff -ur pure-ftpd-1.0.21/src/ftpd.c pure-ftpd-1.0.21.new/src/ftpd.c
+--- pure-ftpd-1.0.21/src/ftpd.c	2009-02-03 15:37:58.538020766 +0100
++++ pure-ftpd-1.0.21.new/src/ftpd.c	2009-02-03 15:41:41.582021928 +0100
+@@ -1104,7 +1104,10 @@
+ {
+ #ifndef NON_ROOT_FTP
+ # ifdef HAVE_SETGROUPS
+-    if (setgroups(1U, &gid) != 0) {
++    gid_t gids[2];
++    gids[0] = gid;
++    gids[1] = chroot_additionalgid;
++    if (setgroups(want_additionalgid ? 2L : 1L, gids) != 0) {
+         return -1;
+     }
+ # else
+@@ -5078,6 +5081,19 @@
+             no_truncate = 1;
+             break;
+         }
++        case '2': {
++            const char *nptr;
++            char *endptr;
++
++            nptr = optarg;
++            endptr = NULL;
++            chroot_additionalgid = strtoul(nptr, &endptr, 0);
++            if (!nptr || !*nptr || !endptr || *endptr) {
++                die(421, LOG_ERR, MSG_CONF_ERR ": " MSG_ILLEGAL_TRUSTED_GID " (XXX: additional): %s" , optarg);
++            }
++	    want_additionalgid = 1;
++            break;
++        }
+         case '4': {
+             bypass_ipv6 = 1;
+             break;
+diff -ur pure-ftpd-1.0.21/src/ftpd_p.h pure-ftpd-1.0.21.new/src/ftpd_p.h
+--- pure-ftpd-1.0.21/src/ftpd_p.h	2006-02-06 22:57:21.000000000 +0100
++++ pure-ftpd-1.0.21.new/src/ftpd_p.h	2009-02-03 15:35:47.946311240 +0100
+@@ -60,7 +60,7 @@
+ };
+ 
+ static const char *GETOPT_OPTIONS =
+-    "0146"
++    "012:46"
+ #ifdef WITH_RFC2640
+     "8:9:"
+ #endif
+@@ -112,6 +112,7 @@
+ static struct option long_options[] = {
+     { "notruncate", 0, NULL, '0' },    
+     { "logpid", 0, NULL, '1' },
++    { "additionalgid", 1, NULL, '2' },
+     { "ipv4only", 0, NULL, '4' },
+     { "ipv6only", 0, NULL, '6' },    
+ #ifdef WITH_RFC2640
+diff -ur pure-ftpd-1.0.21/src/globals.h pure-ftpd-1.0.21.new/src/globals.h
+--- pure-ftpd-1.0.21/src/globals.h	2006-02-15 09:55:00.000000000 +0100
++++ pure-ftpd-1.0.21.new/src/globals.h	2009-02-03 15:13:13.234021509 +0100
+@@ -37,6 +37,8 @@
+ GLOBAL0(signed char userchroot);                /* don't chroot() by default for regular users */
+ GLOBAL0(signed char chrooted);                     /* if we already chroot()ed */
+ GLOBAL0(uid_t chroot_trustedgid);
++GLOBAL(int want_additionalgid, 0);
++GLOBAL0(gid_t chroot_additionalgid);
+ GLOBAL0(signed char broken_client_compat);         /* don't enable workarounds by default */
+ GLOBAL0(uid_t warez);                    /* don't guard against warez */
+ GLOBAL0(signed char debug);                        /* don't give debug output */
+--- pure/configuration-file/pure-config.pl.in~	2009-02-03 15:47:24.346020364 +0100
++++ pure/configuration-file/pure-config.pl.in	2009-02-03 15:48:34.678184463 +0100
+@@ -64,6 +64,7 @@
+ my %numeric_switch_for = (
+ 	MaxIdleTime		=> "-I",
+ 	MaxDiskUsage		=> "-k",
++	AdditionalGID		=> "-2",
+ 	TrustedGID		=> "-a",
+ 	MaxClientsNumber	=> "-c",
+ 	MaxClientsPerIP		=> "-C",
================================================================

More information about the pld-cvs-commit mailing list