openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of vsftpd

Dominique Leuenberger (dimstar_suse) accepted request 297784 from

Tomáš Chvátal (scarabeus_iv) about 9 years ago (revision 50)

- Fix hide_file option wrt bnc#927612:
  * vsftpd-path-normalize.patch

Dominique Leuenberger (dimstar_suse) accepted request 294583 from

Tomáš Chvátal (scarabeus_iv) about 9 years ago (revision 49)

- bnc#925963 stat is sometimes run on wrong path and results with
  ENOENT, ensure we sent both dir+file to filter verification:
  * vsftpd-path-normalize.patch

- Update patch bit more for sanity checks. Done by rsassu@suse.de:
  * vsftpd-path-normalize.patch

- Add back patch attempting to fix bnc#900326 bnc#915522 and
  bnc#922538:
  * vsftpd-path-normalize.patch

- Reset filter patch to match fedora, my work will be restarted
  in one-off patch to make the changes stand out. Add rest of
  RH filtering patches:
  * vsftpd-2.2.0-wildchar.patch
  * vsftpd-2.3.4-sqb.patch
  * vsftpd-2.1.0-filter.patch

- Work on the filter patch and split out the normalisation of the
  path to separate str function, currently commented out so I
  avoid huge diffing.
  * vsftpd-2.1.0-filter.patch

Dominique Leuenberger (dimstar_suse) accepted request 287539 from

Tomáš Chvátal (scarabeus_factory) over 9 years ago (revision 48)

- Add service calls for other unit files too
- Udate filter patch to work as expected:
  * vsftpd-2.1.0-filter.patch

  from fedora. bnc#900326 bnc#915522 CVE-2015-1419

Dominique Leuenberger (dimstar_suse) accepted request 267273 from

Tomáš Chvátal (scarabeus_iv) over 9 years ago (revision 47)

- Try to fix deny_file parsing to do more what is expected. Taken
  from fedora. bnc#900326
  * vsftpd-2.1.0-filter.patch

Dominique Leuenberger (dimstar_suse) accepted request 261591 from

Vítězslav Čížek (vitezslav_cizek) over 9 years ago (revision 46)

Stephan Kulow (coolo) accepted request 247114 from

Marcus Meissner (msmeissn) almost 10 years ago (revision 45)

Adrian Schröter (adrianSuSE) committed almost 10 years ago (revision 44)

Split 13.2 from Factory

Stephan Kulow (coolo) accepted request 235383 from

Tomáš Chvátal (scarabeus_factory) about 10 years ago (revision 43)

- Cleanup with spec-cleaner
- Remove conditions about init files as we do not build for < 12.1
  anyway.
- Update the README.SUSE file to describe more the listen option.

- Add socket service for vsftpd to avoid the need for xinetd here.

- Add comment about listen variables for xinetd configuration.
  Fixes bnc#872221.
- Add default configuration as arg to xinetd started vsftpd.
- Updated patch:
  * vsftpd-2.0.4-xinetd.diff

Stephan Kulow (coolo) accepted request 229628 from

Michal Hrusecky (old before rename to _miska_) (-miska-) about 10 years ago (revision 42)

- Move the enabling of timeofday and alarm one level deeper to
  be sure it is whitelisted everytime.
  Also should possibly fix bnc#872215.
- Updated patch:
  * vsftpd-enable-gettimeofday-sec.patch

- Remove forking from service type as it hangs in endless loop.

- Fix warning about dangling symlink on rcvsftpd from rpmlint and
  remove also clean section while at it.

- Add patch to allow gettimeofday and alarm calls with seccomp
  enabled. bnc#870122
- Added patch:
  * vsftpd-enable-gettimeofday-sec.patch

- Specify that the service type is forking

- changed license to SUSE-GPL-2.0-with-openssl-exception
  * suggested by legal team

- add allow_root_squashed_chroot option to enable chroot on nsf
  mounted with squash_root option (fate#311051)
  * vsftpd-root-squashed-chroot.patch (forwarded request 229627 from scarabeus_iv)

Adrian Schröter (adrianSuSE) committed over 10 years ago (revision 41)

Split 13.1 from Factory

Stephan Kulow (coolo) accepted request 183971 from

Marcus Meissner (msmeissn) almost 11 years ago (revision 40)

- build with OPENSSL_NO_SSL_INTERN this hides internal struct
  members or functions that if changed in future openssl versions
  will break the ABI of the calling applications. (forwarded request 183859 from elvigia)

Stephan Kulow (coolo) accepted request 162591 from

Michal Vyskocil (mvyskocil) about 11 years ago (revision 39)

- add vsftpd-enable-dev-log-sendto.patch (bnc#812406#c1)
  * this enabled a sendto on /dev/log socket when syslog is enabled
- provide more verbose explanation about isolate_network and seccomp_sanbox in
  config file template
- don't install init file on openSUSE 13.1+
- drop a build support for SL 10 and older

- add vsftpd-drop-newpid-from-clone.patch (bnc#786024#c38)
  * drop CLONE_NEWPID from clone to enable audit system
- add vsftpd-enable-fcntl-f_setfl.patch (bnc#812406)
  * unconditionally enable F_SETFL patch - might be safe to do (forwarded request 162590 from mvyskocil)

Stephan Kulow (coolo) accepted request 157548 from

Ismail Dönmez (namtrac) about 11 years ago (revision 38)

- add isolate_network and seccomp_sandbox options to template to make them
  easier to find (bnc#786024) (forwarded request 157236 from lnussel)

Stephan Kulow (coolo) accepted request 156829 from

Michal Vyskocil (mvyskocil) over 11 years ago (revision 37)

PLEASE COPY TO 12.3!
- add vsftpd-allow-dev-log-socket.patch (bnc#786024)
  * whitelist /dev/log related socket syscall

Adrian Schröter (adrianSuSE) committed over 11 years ago (revision 36)

Split 12.3 from Factory

Stephan Kulow (coolo) accepted request 145730 from

Michal Vyskocil (mvyskocil) over 11 years ago (revision 35)

Verify GPG signature: Perform build-time offline GPG verification.
Please verify that included keyring matches your needs.
For manipulation with the offline keyring, please use gpg-offline tool from openSUSE:Factory, devel-tools-building or Base:System.
See the man page and/or /usr/share/doc/packages/gpg-offline/PACKAGING.HOWTO.

If you need to build your package for older products and don't want to mess spec file with ifs, please follow PACKAGING.HOWTO:
you can link or aggregate gpg-offline from
devel:tools:building or use following trick with "osc meta prjconf":

--- Cut here ----
%if 0%{?suse_version} <= 1220
Substitute: gpg-offline
%endif

Macros:
%gpg_verify(dnf) \
%if 0%{?suse_version} > 1220\
echo "WARNING: Using %%gpg_verify macro from prjconf, not from gpg-offline package."\
gpg-offline --directory="%{-d:%{-d*}}%{!-d:%{_sourcedir}}" --package="%{-n:%{-n*}}%{!-n:%{name}}""%{-f: %{-f*}}" --verify %{**}\
%else\
echo "WARNING: Dummy prjconf macro. gpg-offline is not available, skipping %{**} GPG signature verification!"\
%endif\
%nil
-----------------
 (forwarded request 143938 from sbrabec)

Stephan Kulow (coolo) accepted request 142032 from

Sascha Peilicke (saschpe) over 11 years ago (revision 34)

- Fix useradd invocation: -o is useless without -u and newer
  versions of pwdutils/shadowutils fail on this now.

Error masked by7 || : (forwarded request 142025 from dimstar)

Stephan Kulow (coolo) accepted request 138998 from

Michal Vyskocil (mvyskocil) over 11 years ago (revision 33)

- update to 3.0.2 (bnc#786024) 
  * Fix some seccomp related build errors on certain CentOS and Debian versions.
  * Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort()
  opens and maps /proc/meminfo but only for larger item counts?
  * Seccomp filter sandbox: deny socket() gracefully for text_userdb_names.
  * Fix various NULL crashes with nonsensical config settings. Noted by Tianyin
  Xu <tixu@cs.ucsd.edu>.
  * Force cast to unsigned char in is* char functions.
  * Fix harmless integer issues in strlist.c.
  * Started on a (possibly ill-advised?) crusade to compile cleanly with
  Wconversion. Decided to suspend the effort half-way through.
  * One more seccomp policy fix: mremap (denied).
  * Support STOU with no filename, uses a STOU. prefix.

Stephan Kulow (coolo) accepted request 131864 from

Michal Vyskocil (mvyskocil) almost 12 years ago (revision 32)

- make seccomp sandbox enabled by default
  * dropped vsftpd-3.0.0-turn-seccomp-sandbox-off.patch

Adrian Schröter (adrianSuSE) committed almost 12 years ago (revision 31)

branched from openSUSE:Factory

Displaying revisions 41 - 60 of 90

Places

Revisions of vsftpd

Places