SOURCES: pure-ftpd-additionalgid.patch (NEW) - new; additional group only f...
arekm
arekm at pld-linux.org
Tue Feb 3 15:52:30 CET 2009
Author: arekm Date: Tue Feb 3 14:52:30 2009 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- new; additional group only for non-unix users (initgroups() has precedence over this settings)
---- Files affected:
SOURCES:
pure-ftpd-additionalgid.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/pure-ftpd-additionalgid.patch
diff -u /dev/null SOURCES/pure-ftpd-additionalgid.patch:1.1
--- /dev/null Tue Feb 3 15:52:31 2009
+++ SOURCES/pure-ftpd-additionalgid.patch Tue Feb 3 15:52:24 2009
@@ -0,0 +1,96 @@
+diff -ur pure-ftpd-1.0.21/pure-config/pure-config.h pure-ftpd-1.0.21.new/pure-config/pure-config.h
+--- pure-ftpd-1.0.21/pure-config/pure-config.h 2005-06-18 12:39:55.000000000 +0200
++++ pure-ftpd-1.0.21.new/pure-config/pure-config.h 2009-02-03 15:00:10.358021471 +0100
+@@ -82,6 +82,7 @@
+ { NULL, '\0', /* 'I' */ "MaxIdleTime", CFG_STR, (void*) &opt[I], 0 },
+ { NULL, '\0', /* 'k' */ "MaxDiskUsage", CFG_STR, (void*) &opt[I], 0 },
+ { NULL, '\0', /* 'a' */ "TrustedGID", CFG_STR, (void*) &opt[I], 0 },
++{ NULL, '\0', /* '2' */ "AdditionalGID", CFG_STR, (void*) &opt[I], 0 },
+ { NULL, '\0', /* 'c' */ "MaxClientsNumber", CFG_STR, (void*) &opt[I], 0 },
+ { NULL, '\0', /* 'C' */ "MaxClientsPerIP", CFG_STR, (void*) &opt[I], 0 },
+ { NULL, '\0', /* 'm' */ "MaxLoad", CFG_STR, (void*) &opt[I], 0 },
+@@ -153,6 +154,7 @@
+ { "-I", "--maxidletime=" },
+ { "-k", "--maxdiskusage=" },
+ { "-a", "--trustedgid=" },
++ { "-2", "--additionalgid=" },
+ { "-c", "--maxclientsnumber=" },
+ { "-C", "--maxclientsperip=" },
+ { "-m", "--maxload=" },
+diff -ur pure-ftpd-1.0.21/src/ftpd.c pure-ftpd-1.0.21.new/src/ftpd.c
+--- pure-ftpd-1.0.21/src/ftpd.c 2009-02-03 15:37:58.538020766 +0100
++++ pure-ftpd-1.0.21.new/src/ftpd.c 2009-02-03 15:41:41.582021928 +0100
+@@ -1104,7 +1104,10 @@
+ {
+ #ifndef NON_ROOT_FTP
+ # ifdef HAVE_SETGROUPS
+- if (setgroups(1U, &gid) != 0) {
++ gid_t gids[2];
++ gids[0] = gid;
++ gids[1] = chroot_additionalgid;
++ if (setgroups(want_additionalgid ? 2L : 1L, gids) != 0) {
+ return -1;
+ }
+ # else
+@@ -5078,6 +5081,19 @@
+ no_truncate = 1;
+ break;
+ }
++ case '2': {
++ const char *nptr;
++ char *endptr;
++
++ nptr = optarg;
++ endptr = NULL;
++ chroot_additionalgid = strtoul(nptr, &endptr, 0);
++ if (!nptr || !*nptr || !endptr || *endptr) {
++ die(421, LOG_ERR, MSG_CONF_ERR ": " MSG_ILLEGAL_TRUSTED_GID " (XXX: additional): %s" , optarg);
++ }
++ want_additionalgid = 1;
++ break;
++ }
+ case '4': {
+ bypass_ipv6 = 1;
+ break;
+diff -ur pure-ftpd-1.0.21/src/ftpd_p.h pure-ftpd-1.0.21.new/src/ftpd_p.h
+--- pure-ftpd-1.0.21/src/ftpd_p.h 2006-02-06 22:57:21.000000000 +0100
++++ pure-ftpd-1.0.21.new/src/ftpd_p.h 2009-02-03 15:35:47.946311240 +0100
+@@ -60,7 +60,7 @@
+ };
+
+ static const char *GETOPT_OPTIONS =
+- "0146"
++ "012:46"
+ #ifdef WITH_RFC2640
+ "8:9:"
+ #endif
+@@ -112,6 +112,7 @@
+ static struct option long_options[] = {
+ { "notruncate", 0, NULL, '0' },
+ { "logpid", 0, NULL, '1' },
++ { "additionalgid", 1, NULL, '2' },
+ { "ipv4only", 0, NULL, '4' },
+ { "ipv6only", 0, NULL, '6' },
+ #ifdef WITH_RFC2640
+diff -ur pure-ftpd-1.0.21/src/globals.h pure-ftpd-1.0.21.new/src/globals.h
+--- pure-ftpd-1.0.21/src/globals.h 2006-02-15 09:55:00.000000000 +0100
++++ pure-ftpd-1.0.21.new/src/globals.h 2009-02-03 15:13:13.234021509 +0100
+@@ -37,6 +37,8 @@
+ GLOBAL0(signed char userchroot); /* don't chroot() by default for regular users */
+ GLOBAL0(signed char chrooted); /* if we already chroot()ed */
+ GLOBAL0(uid_t chroot_trustedgid);
++GLOBAL(int want_additionalgid, 0);
++GLOBAL0(gid_t chroot_additionalgid);
+ GLOBAL0(signed char broken_client_compat); /* don't enable workarounds by default */
+ GLOBAL0(uid_t warez); /* don't guard against warez */
+ GLOBAL0(signed char debug); /* don't give debug output */
+--- pure/configuration-file/pure-config.pl.in~ 2009-02-03 15:47:24.346020364 +0100
++++ pure/configuration-file/pure-config.pl.in 2009-02-03 15:48:34.678184463 +0100
+@@ -64,6 +64,7 @@
+ my %numeric_switch_for = (
+ MaxIdleTime => "-I",
+ MaxDiskUsage => "-k",
++ AdditionalGID => "-2",
+ TrustedGID => "-a",
+ MaxClientsNumber => "-c",
+ MaxClientsPerIP => "-C",
================================================================
More information about the pld-cvs-commit
mailing list