[packages/pure-ftpd] - rel 2; support for auth over own script

arekm arekm at pld-linux.org
Thu Sep 24 09:18:02 CEST 2015


commit cc332e9f87e870111bd5574f3ce90b68303550bd
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Thu Sep 24 09:17:55 2015 +0200

    - rel 2; support for auth over own script

 pure-ftpd.init | 65 ++++++++++++++++++++++++++++++++++++++++++----------------
 pure-ftpd.spec | 18 +++++++++++++++-
 2 files changed, 64 insertions(+), 19 deletions(-)
---
diff --git a/pure-ftpd.spec b/pure-ftpd.spec
index 8258d47..6831f9b 100644
--- a/pure-ftpd.spec
+++ b/pure-ftpd.spec
@@ -9,7 +9,7 @@
 %bcond_without	tls		# disable SSL/TLS support
 %bcond_without	cap		# disable capabilities
 
-%define	rel	1
+%define	rel	2
 Summary:	Small, fast and secure FTP server
 Summary(pl.UTF-8):	Mały, szybki i bezpieczny serwer FTP
 Name:		pure-ftpd
@@ -50,6 +50,12 @@ BuildRequires:	pam-devel
 %{?with_pgsql:BuildRequires:	postgresql-devel}
 BuildRequires:	rpmbuild(macros) >= 1.304
 Requires(post,preun):	/sbin/chkconfig
+Requires(postun):	/usr/sbin/groupdel
+Requires(postun):	/usr/sbin/userdel
+Requires(pre):	/bin/id
+Requires(pre):	/usr/bin/getgid
+Requires(pre):	/usr/sbin/groupadd
+Requires(pre):	/usr/sbin/useradd
 Requires:	pam >= 0.79.0
 %{!?with_extra:Requires:	perl-base}
 Requires:	rc-scripts
@@ -190,12 +196,22 @@ rm -rf $RPM_BUILD_ROOT
 /sbin/chkconfig --add %{name}
 %service %{name} restart "PureFTPD daemon"
 
+%pre
+%groupadd -g 326 ftpauth
+%useradd -u 326 -d %{_ftpdir} -s /bin/false -c "FTP Auth daemon" -g ftpauth ftpauth
+
 %preun
 if [ "$1" = "0" ]; then
 	%service %{name} stop
 	/sbin/chkconfig --del %{name}
 fi
 
+%postun
+if [ "$1" = "0" ]; then
+	%userremove ftpauth
+	%groupremove ftpauth
+fi
+
 %post -n openldap-schema-pureftpd
 %openldap_schema_register %{schemadir}/pureftpd.schema -d core
 %service -q ldap restart
diff --git a/pure-ftpd.init b/pure-ftpd.init
index b5f6ca7..17cf9ba 100644
--- a/pure-ftpd.init
+++ b/pure-ftpd.init
@@ -12,6 +12,9 @@
 # Get network config
 . /etc/sysconfig/network
 
+PURE_AUTH_SCRIPT=/etc/ftpd/auth.script
+PURE_AUTH_SOCKET=/var/run/pure-authd/socket
+
 # Get service config
 [ -f /etc/sysconfig/pure-ftpd ] && . /etc/sysconfig/pure-ftpd
 
@@ -40,26 +43,47 @@ fi
 start() {
 	# Check if the service is already running?
 	if [ ! -f /var/lock/subsys/pure-ftpd ]; then
-		msg_starting pure-ftpd
-		rm -f /var/run/pure-ftpd/client*
-		if [ x"$CFG" = "x/usr/sbin/pure-config" ] ; then
-			modprobe -s capability > /dev/null 2>&1
-			daemon /usr/sbin/pure-ftpd \
-				$(/usr/sbin/pure-config -f /etc/ftpd/pureftpd.conf) \
-				--daemonize
-			RETVAL=$?
-		else
-			daemon $CFG /etc/ftpd/pureftpd.conf --daemonize
+		RETVAL=0
+		if [ -x "$PURE_AUTH_SCRIPT" ]; then
+			PURE_AUTH=yes
+			msg_starting pure-authd
+			
+			# 326/326 - authd/authd
+			
+			mkdir -p /var/run/pure-authd
+			chown ftpauth:root /var/run/pure-authd
+			chmod 750 /var/run/pure-authd
+			
+			daemon /usr/sbin/pure-authd --uid 326 --gid 326 --pid /var/run/pure-authd.pid \
+				--run "$PURE_AUTH_SCRIPT" --socket "$PURE_AUTH_SOCKET" --daemonize
 			RETVAL=$?
+			[ $RETVAL -eq 0 ] && chown root:root "$PURE_AUTH_SOCKET" && chmod 700 "$PURE_AUTH_SOCKET"
 		fi
-		
-		if [ -n "$UPLOADSCRIPT" ]; then
-			msg_starting pure-uploadscript
-			UPLOADSCRIPTOPTS="-B -r $UPLOADSCRIPT"
-			[ -n "$UPLOADSCRIPT_UID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -u $UPLOADSCRIPT_UID"
-			[ -n "$UPLOADSCRIPT_GID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -g $UPLOADSCRIPT_GID"
-			daemon /usr/sbin/pure-uploadscript $UPLOADSCRIPTOPTS
-			RETVAL=$(($RETVAL+$?))
+		if [ $RETVAL -eq 0 ]; then
+			msg_starting pure-ftpd
+			rm -f /var/run/pure-ftpd/client*
+			if [ x"$CFG" = "x/usr/sbin/pure-config" ] ; then
+				modprobe -s capability > /dev/null 2>&1
+				daemon /usr/sbin/pure-ftpd \
+					$(/usr/sbin/pure-config -f /etc/ftpd/pureftpd.conf) \
+					$([ "$PURE_AUTH" = "yes" ] && echo "-lextauth:$PURE_AUTH_SOCKET") \
+					--daemonize
+				RETVAL=$?
+			else
+				daemon $CFG /etc/ftpd/pureftpd.conf \
+					$([ "$PURE_AUTH" = "yes" ] && echo "-lextauth:$PURE_AUTH_SOCKET") \
+					--daemonize
+				RETVAL=$?
+			fi
+			
+			if [ -n "$UPLOADSCRIPT" ]; then
+				msg_starting pure-uploadscript
+				UPLOADSCRIPTOPTS="-B -r $UPLOADSCRIPT"
+				[ -n "$UPLOADSCRIPT_UID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -u $UPLOADSCRIPT_UID"
+				[ -n "$UPLOADSCRIPT_GID" ] && UPLOADSCRIPTOPTS="$UPLOADSCRIPTOPTS -g $UPLOADSCRIPT_GID"
+				daemon /usr/sbin/pure-uploadscript $UPLOADSCRIPTOPTS
+				RETVAL=$(($RETVAL+$?))
+			fi
 		fi
 
 		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/pure-ftpd
@@ -76,6 +100,11 @@ stop() {
 		    killproc pure-uploadscript
 		fi
 
+		if [ -x "$PURE_AUTH_SCRIPT" -o -r /var/run/pure-authd.pid ]; then
+			msg_stopping pure-authd
+			killproc pure-authd
+		fi
+
 		msg_stopping pure-ftpd
 		killproc pure-ftpd
 		
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/pure-ftpd.git/commitdiff/cc332e9f87e870111bd5574f3ce90b68303550bd



More information about the pld-cvs-commit mailing list