Add my pure-ftpd ebuild version for less verbose and security reason

8 files changed, 331 insertions, 0 deletions

diff --git a/net-ftp/pure-ftpd/Manifest b/net-ftp/pure-ftpd/Manifest
new file mode 100644
index 00000000..9106ec62
--- /dev/null
+++ b/net-ftp/pure-ftpd/Manifest
@@ -0,0 +1,28 @@
+AUX ftpusers 177 RMD160 dea29606ea28414d714453bd9469b375c077badd SHA1 cb60c318c5a21e6dc79ca34470336bb5a390df03 SHA256 fb5ae1383661d9cfef2ace904e65255d725a4b7df07f2d399228758dd5601d26
+MD5 458b5d7567f55f4257ea1a6bfe3ff150 files/ftpusers 177
+RMD160 dea29606ea28414d714453bd9469b375c077badd files/ftpusers 177
+SHA256 fb5ae1383661d9cfef2ace904e65255d725a4b7df07f2d399228758dd5601d26 files/ftpusers 177
+AUX pure-ftpd-1.0.21-pam.patch 586 RMD160 3246183eb4914dd605c181da17aa02c8e1e99726 SHA1 df99422a026e403ccecfe95ae9a1e13a7138b4d2 SHA256 4eab3ab63c403e02782df0b07d2f83b741b0b07cb10e37046dc2c874682509a6
+MD5 838eccf3bc6e8cd91e86597d844616d0 files/pure-ftpd-1.0.21-pam.patch 586
+RMD160 3246183eb4914dd605c181da17aa02c8e1e99726 files/pure-ftpd-1.0.21-pam.patch 586
+SHA256 4eab3ab63c403e02782df0b07d2f83b741b0b07cb10e37046dc2c874682509a6 files/pure-ftpd-1.0.21-pam.patch 586
+AUX pure-ftpd.conf_d 3378 RMD160 82d5d319b35e1262e8d72cff46c328429e3e3bce SHA1 93c4f65ce1592ad1ccbe8e04250c4cc1c9cdb5f2 SHA256 4361690c4217fd1cdae0c050015629ce6e74046446def2c7d646020d0682a579
+MD5 793ee6af29e0be834c86ee3e51e41153 files/pure-ftpd.conf_d 3378
+RMD160 82d5d319b35e1262e8d72cff46c328429e3e3bce files/pure-ftpd.conf_d 3378
+SHA256 4361690c4217fd1cdae0c050015629ce6e74046446def2c7d646020d0682a579 files/pure-ftpd.conf_d 3378
+AUX pure-ftpd.rc6 1416 RMD160 1e84e6c1a37593f30e09ec1bc4211bec9a0e3d52 SHA1 8c779240dc2e84fa6cdde135ec89438c8f886ef3 SHA256 869d2e984a9d0c785df87b39ed05d6a2b83bc0dab61e91d9a35167f053f7a324
+MD5 d2dd629646cf3b17bdebabc534a69a3c files/pure-ftpd.rc6 1416
+RMD160 1e84e6c1a37593f30e09ec1bc4211bec9a0e3d52 files/pure-ftpd.rc6 1416
+SHA256 869d2e984a9d0c785df87b39ed05d6a2b83bc0dab61e91d9a35167f053f7a324 files/pure-ftpd.rc6 1416
+AUX pure-ftpd.xinetd 247 RMD160 5789f98ffc48dcd5f67ad4777cbc70e158e89de6 SHA1 a698d0145612eb9503612ff2485f7dfcb6487bda SHA256 30e166051c7331c48ab1d948d6deecaa71130aaf3cfdc3ffb99124971b64f80c
+MD5 5672b9b9738ee098d0017d6c47c2b824 files/pure-ftpd.xinetd 247
+RMD160 5789f98ffc48dcd5f67ad4777cbc70e158e89de6 files/pure-ftpd.xinetd 247
+SHA256 30e166051c7331c48ab1d948d6deecaa71130aaf3cfdc3ffb99124971b64f80c files/pure-ftpd.xinetd 247
+DIST pure-ftpd-1.0.21.tar.bz2 476117 RMD160 1ad61243c1f8a8d1055ee839eec0d9117681cf20 SHA1 1405ff2b9b9c3616c4e390eb99779884173a3347 SHA256 f2f03e5bb42325b470b88e8ee7e6014226518b620beb5dd8cf1f07bcdb64559c
+EBUILD pure-ftpd-1.0.21-r1.ebuild 3462 RMD160 1f8528528eabce61188df3236c8e4329ad8354a1 SHA1 ba4895140bb98c200b60397808cb1d907812dcdf SHA256 8349cf958179e0c894230424e55826fb0010c91b7d94e80e9d9926674fc521b0
+MD5 949065e6848069ccc2f790e46c872c0d pure-ftpd-1.0.21-r1.ebuild 3462
+RMD160 1f8528528eabce61188df3236c8e4329ad8354a1 pure-ftpd-1.0.21-r1.ebuild 3462
+SHA256 8349cf958179e0c894230424e55826fb0010c91b7d94e80e9d9926674fc521b0 pure-ftpd-1.0.21-r1.ebuild 3462
+MD5 ae89b1b322a519efee148d4b74e0aa6f files/digest-pure-ftpd-1.0.21-r1 253
+RMD160 e310c21d2ff6e5cdf04497507034ad13496d2e22 files/digest-pure-ftpd-1.0.21-r1 253
+SHA256 8c51d3765557768898da80ab1d4497bb95430c700a76640fe21ce0e89d2cfd1f files/digest-pure-ftpd-1.0.21-r1 253
diff --git a/net-ftp/pure-ftpd/files/digest-pure-ftpd-1.0.21-r1 b/net-ftp/pure-ftpd/files/digest-pure-ftpd-1.0.21-r1
new file mode 100644
index 00000000..400607e6
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/digest-pure-ftpd-1.0.21-r1
@@ -0,0 +1,3 @@
+MD5 ca8a8dbec0cd9c8ea92fc4c37ea9c410 pure-ftpd-1.0.21.tar.bz2 476117
+RMD160 1ad61243c1f8a8d1055ee839eec0d9117681cf20 pure-ftpd-1.0.21.tar.bz2 476117
+SHA256 f2f03e5bb42325b470b88e8ee7e6014226518b620beb5dd8cf1f07bcdb64559c pure-ftpd-1.0.21.tar.bz2 476117
diff --git a/net-ftp/pure-ftpd/files/ftpusers b/net-ftp/pure-ftpd/files/ftpusers
new file mode 100644
index 00000000..df1b69c0
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/ftpusers
@@ -0,0 +1,24 @@
+# /etc/ftpusers: list of users disallowed FTP access.
+# 
+
+daemon
+bin
+sys
+sync
+games
+man
+lp
+mail
+news
+uucp
+proxy
+majordom
+postgres
+www-data
+backup
+msql
+operator
+list
+irc
+nobody
+
diff --git a/net-ftp/pure-ftpd/files/pure-ftpd-1.0.21-pam.patch b/net-ftp/pure-ftpd/files/pure-ftpd-1.0.21-pam.patch
new file mode 100644
index 00000000..fefcf86a
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-ftpd-1.0.21-pam.patch
@@ -0,0 +1,15 @@
+--- src/log_pam.c.original	2006-03-14 23:19:35.000000000 +0000
++++ src/log_pam.c	2006-03-14 23:20:17.000000000 +0000
+@@ -156,10 +156,10 @@
+     result->auth_ok = 0;
+     PAM_password = pass;
+     PAM_username = user;
+-    pam_error = pam_start("pure-ftpd", user, &PAM_conversation, &pamh);
++    pam_error = pam_start("ftp", user, &PAM_conversation, &pamh);
+     PAM_BAIL;
+ # ifdef PAM_TTY
+-    (void) pam_set_item(pamh, PAM_TTY, "pure-ftpd");
++    (void) pam_set_item(pamh, PAM_TTY, "ftp");
+ # endif        
+     /*
+      * PAM doesn't make any distinction between "user not found" and
diff --git a/net-ftp/pure-ftpd/files/pure-ftpd.conf_d b/net-ftp/pure-ftpd/files/pure-ftpd.conf_d
new file mode 100644
index 00000000..bd06bf65
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-ftpd.conf_d
@@ -0,0 +1,82 @@
+# Config file for /etc/init.d/pure-ftpd
+##Comment variables out to disable its features, or change the values in it... ##
+
+## This variable must be uncommented in order for the server to start ##
+#IS_CONFIGURED="yes"
+
+## FTP Server,Port (separated by comma) ##
+## If you prefer host names over IP addresses, it's your choice:
+## SERVER="-S ftp.rtchat.com,21"
+## IPv6 addresses are supported.
+## !!! WARNING !!!
+## Using an invalid IP will result in the server not starting,
+## but reporting a correct start!
+## SERVER="-S 192.168.0.1,21"
+## By default binds to all available IPs.
+SERVER="-S 21"
+
+## Number of simultaneous connections in total, and per IP ##
+MAX_CONN="-c 30"
+MAX_CONN_IP="-C 10"
+
+## Start daemonized in background ##
+DAEMON="-B"
+
+## Don't allow uploads if the partition is more full then this var ##
+DISK_FULL="-k 90%"
+
+## If your FTP server is behind a NAT box, uncomment this ##
+#USE_NAT="-N"
+
+## Authentication mechanisms (others are 'pam', ...) ##
+## Further infos can be found in the README file.
+AUTH="-l unix"
+
+## Change the maximum idle time (in minutes) ##
+## If this variable is not defined, it will default to 15 minutes.
+#TIMEOUT="-I <timeout>'"
+
+## Facility used for syslog logging ##
+## If this variable is not defined, it will default to the 'ftp' facility.
+## Logging can be disabled with '-f none'.
+#LOG="-f <facility>"
+
+## Charset conversion support *experimental* ##
+## Only works if USE "charconv" is enabled (only Pure-FTPd >=1.0.21).
+## Set the charset of the filesystem.
+# CHARCONV="--fscharset <charset>"
+
+## If you want to process each file uploaded through Pure-FTPd, enter the name
+## of the script that should process the files below.
+## man pure-uploadscript to learn more about how to write this script.
+# UPLOADSCRIPT="/path/to/uploadscript"
+
+## Misc. Others ##
+MISC_OTHER="-A -x -j -R -Z"
+
+#
+# Use these inside $MISC_OTHER
+# More can be found on "http://download.pureftpd.org/pub/pure-ftpd/doc/README"
+#
+# -A [ chroot() everyone, but root ]
+# -e [ Only allow anonymous users ]
+# -E [ Only allow authenticated users. Anonymous logins are prohibited. ]
+# -i [ Disallow upload for anonymous users, whatever directory perms are ]
+# -j [ If the home directory of a user doesn't exist, auto-create it ]
+# -M [ Allow anonymous users to create directories. ]
+# -R [ Disallow users (even non-anonymous ones) usage of the CHMOD command ]
+# -x [ In  normal  operation mode, authenticated users can read/write
+#	files beginning with a dot ('.'). Anonymous users can't, for security reasons
+#	(like changing banners or a forgotten .rhosts). When '-x' is used, authenticated
+#	users can download dot-files, but not overwrite/create  them,  even  if they own
+#	them. ]
+# -X [ This  flag  is  identical  to  the  previous one (writing
+#       dot-files is prohibited), but in addition, users can't even *read* files and
+#       directories beginning with a dot (like "cd .ssh"). ]
+# -D [ List files beginning with a dot ('.') even when the client doesn't
+#      append the '-a' option to the list command. A workaround for badly
+#      configured FTP clients. ]
+# -G [ Disallow renaming. ]
+# -d [ Send various debugging messages to the syslog. ONLY for DEBUG ]
+# -F <fortune file> [ Display a fortune cookie on login. Check the README file ]
+# -H [ By default, fully-qualified host names are logged. The '-H' flag avoids host names resolution. ]
diff --git a/net-ftp/pure-ftpd/files/pure-ftpd.rc6 b/net-ftp/pure-ftpd/files/pure-ftpd.rc6
new file mode 100644
index 00000000..86bcae35
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-ftpd.rc6
@@ -0,0 +1,47 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/pure-ftpd/files/pure-ftpd.rc6,v 1.10 2006/09/23 23:12:14 chtekk Exp $
+
+depend() {
+	need net
+}
+
+checkconfig() {
+	if [ -z "$IS_CONFIGURED" ] ; then
+		eerror "You need to setup /etc/conf.d/pure-ftpd first!"
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	UPSCRIPT=""
+	if [ -n "$UPLOADSCRIPT" ] ; then
+		UPSCRIPT="--uploadscript"
+	fi
+	ebegin "Starting Pure-FTPd"
+	start-stop-daemon --start --quiet --make-pidfile --pidfile /var/run/pure-ftpd.pid --exec /usr/sbin/pure-ftpd -- $SERVER $MAX_CONN $MAX_CONN_IP $DAEMON $DISK_FULL $USE_NAT $AUTH $LOG $TIMEOUT $CHARCONV $MISC_OTHER $UPSCRIPT
+	result=$?
+	if [ $result -ne 0 ] ; then
+		eend 1 "Could not launch Pure-FTPd"
+	else
+		eend $result
+		if [ -n "$UPLOADSCRIPT" ] ; then
+			ebegin "Starting Pure-FTPd upload script"
+			start-stop-daemon --start --quiet --make-pidfile --pidfile /var/run/pure-uploadscript.pid --exec /usr/sbin/pure-uploadscript -- -B -r $UPLOADSCRIPT
+			eend $?
+		fi
+	fi
+}
+
+stop() {
+	ebegin "Stopping Pure-FTPd"
+	start-stop-daemon --stop --retry 20 --quiet --pidfile /var/run/pure-ftpd.pid
+	eend $?
+	if [ -n "$UPLOADSCRIPT" ] ; then
+		ebegin "Stopping Pure-FTPd upload script"
+		start-stop-daemon --stop --retry 20 --quiet --pidfile /var/run/pure-uploadscript.pid
+		eend $?
+	fi
+}
diff --git a/net-ftp/pure-ftpd/files/pure-ftpd.xinetd b/net-ftp/pure-ftpd/files/pure-ftpd.xinetd
new file mode 100644
index 00000000..11022e6f
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-ftpd.xinetd
@@ -0,0 +1,13 @@
+#
+# Pure-FTPd FTP daemon - http://www.pureftpd.org
+#
+service ftp
+{
+       socket_type	= stream
+       wait		= no
+       user		= root
+       server		= /usr/sbin/pure-ftpd
+       server_args	= -s -a 42
+       protocol		= tcp
+       disable		= yes
+}
diff --git a/net-ftp/pure-ftpd/pure-ftpd-1.0.21-r1.ebuild b/net-ftp/pure-ftpd/pure-ftpd-1.0.21-r1.ebuild
new file mode 100644
index 00000000..c6eaaadd
--- /dev/null
+++ b/net-ftp/pure-ftpd/pure-ftpd-1.0.21-r1.ebuild
@@ -0,0 +1,119 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/pure-ftpd/pure-ftpd-1.0.21-r1.ebuild,v 1.13 2007/08/02 15:55:22 uberlord Exp $
+
+inherit eutils confutils
+
+KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd"
+
+DESCRIPTION="Fast, production-quality, standard-conformant FTP server."
+HOMEPAGE="http://www.pureftpd.org/"
+SRC_URI="ftp://ftp.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2"
+
+LICENSE="BSD"
+SLOT="0"
+
+IUSE="caps charconv ldap mysql noiplog pam paranoidmsg postgres selinux ssl vchroot xinetd"
+
+DEPEND="caps? ( sys-libs/libcap )
+		charconv? ( virtual/libiconv )
+		ldap? ( >=net-nds/openldap-2.0.25 )
+		mysql? ( virtual/mysql )
+		pam? ( virtual/pam )
+		postgres? ( >=dev-db/postgresql-7.2.2 )
+		ssl? ( >=dev-libs/openssl-0.9.6g )
+		xinetd? ( sys-apps/xinetd )"
+
+RDEPEND="${DEPEND}
+		net-ftp/ftpbase
+		selinux? ( sec-policy/selinux-ftpd )"
+
+src_unpack() {
+	unpack ${A}
+
+	cd "${S}"
+
+	epatch "${FILESDIR}/${P}-pam.patch"
+}
+
+src_compile() {
+	# adjust max user length to something more appropriate
+	# for virtual hosts. See bug #62472 for details.
+	sed -e "s:# define MAX_USER_LENGTH 32U:# define MAX_USER_LENGTH 127U:" -i "${S}/src/ftpd.h" || die "sed failed"
+
+	local my_conf=""
+
+	# Let's configure the USE-enabled stuff
+	enable_extension_without	"capabilities"	"caps"
+	enable_extension_with		"rfc2640"		"charconv"		0
+	enable_extension_with		"ldap"			"ldap"			0
+	enable_extension_with		"mysql"			"mysql"			0
+	enable_extension_with		"pam"			"pam"			0
+	enable_extension_with		"paranoidmsg"	"paranoidmsg"	0
+	enable_extension_with		"pgsql"			"postgres"		0
+	enable_extension_with		"tls"			"ssl"			0
+	enable_extension_with		"virtualchroot"	"vchroot"		0
+	enable_extension_without	"inetd"			"xinetd"
+
+	# noiplog is a negative flag, we don't want that enabled by default,
+	# so we handle it manually, as confutils can't do that
+	use noiplog && my_conf="${my_conf} --without-iplogging"
+
+	econf \
+		--with-altlog \
+		--with-cookie \
+		--with-diraliases \
+		--with-extauth \
+		--with-ftpwho \
+		--with-language=${PUREFTPD_LANG:=english} \
+		--with-largefile \
+		--with-peruserlimits \
+		--with-privsep \
+		--with-puredb \
+		--with-quotas \
+		--with-ratios \
+		--with-throttling \
+		--with-uploadscript \
+		--with-virtualhosts \
+		--without-banner \
+		${my_conf} || die "econf failed"
+
+	emake || die "emake failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+
+	dodoc AUTHORS CONTACT ChangeLog FAQ HISTORY INSTALL README* NEWS
+
+	newconfd "${FILESDIR}/pure-ftpd.conf_d" pure-ftpd
+
+	newinitd "${FILESDIR}/pure-ftpd.rc6" pure-ftpd
+
+	if use xinetd ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}/pure-ftpd.xinetd" pure-ftpd
+	fi
+
+	if use ldap ; then
+		insinto /etc/openldap/schema
+		doins pureftpd.schema
+		insinto /etc/openldap
+		insopts -m 0600
+		doins pureftpd-ldap.conf
+	fi
+}
+
+pkg_postinst() {
+	elog
+	elog "Before starting Pure-FTPd, you have to edit the /etc/conf.d/pure-ftpd file!"
+	elog
+	ewarn "It's *really* important to read the README provided with Pure-FTPd!"
+	ewarn "Check out http://download.pureftpd.org/pub/pure-ftpd/doc/README for general info"
+	ewarn "and http://download.pureftpd.org/pub/pure-ftpd/doc/README.TLS for SSL/TLS info."
+	ewarn
+	if use charconv ; then
+		ewarn "Charset conversion is an *experimental* feature!"
+		ewarn "Remember to set a valid charset for your filesystem in the configuration!"
+	fi
+}