New init script which allows for running multiple vsftpd daemons with

  different config files - works like net.ethx scripts, #97140

  Punted unused pam files.

  Patch now updates the default vsftpd.conf for using /etc/vsftpd instead
  of maintaining our own config.
(Portage version: 2.0.53_rc5)

8 files changed, 367 insertions, 23 deletions

diff --git a/net-ftp/vsftpd/ChangeLog b/net-ftp/vsftpd/ChangeLog
index 95d6ea8e0cdc..9defc8ce465b 100644
--- a/net-ftp/vsftpd/ChangeLog
+++ b/net-ftp/vsftpd/ChangeLog
@@ -1,6 +1,19 @@
 # ChangeLog for net-ftp/vsftpd
 # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/ChangeLog,v 1.63 2005/10/02 23:02:59 matsuu Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/ChangeLog,v 1.64 2005/10/20 09:50:44 uberlord Exp $
+
+*vsftpd-2.0.3-r2 (20 Oct 2005)
+
+  20 Oct 2005; Roy Marples <uberlord@gentoo.org>
+  +files/vsftpd-2.0.3-gentoo.patch, +files/vsftpd.init, -files/vsftpd.pam,
+  -files/vsftpd.pam-include, +vsftpd-2.0.3-r2.ebuild:
+  New init script which allows for running multiple vsftpd daemons with
+  different config files - works like net.ethx scripts, #97140
+
+  Punted unused pam files.
+
+  Patch now updates the default vsftpd.conf for using /etc/vsftpd instead
+  of maintaining our own config.
 
   02 Oct 2005; MATSUU Takuto <matsuu@gentoo.org> vsftpd-2.0.3-r1.ebuild:
   Stable on sh
diff --git a/net-ftp/vsftpd/Manifest b/net-ftp/vsftpd/Manifest
index a22b7c75043e..d002dc9f2d0e 100644
--- a/net-ftp/vsftpd/Manifest
+++ b/net-ftp/vsftpd/Manifest
@@ -1,12 +1,14 @@
-MD5 dc7c446f859492b83b73eb59ee07e560 vsftpd-2.0.3-r1.ebuild 2032
-MD5 8641a983a6eb2c7a6ecd8060b8506ab5 ChangeLog 8730
-MD5 0451b23327c004752edf415e25931d07 metadata.xml 344
+MD5 5c0e57ac891c3f5bd649d75e897bbc67 ChangeLog 9212
+MD5 c3af0a9f9ed1ea8eb162da439b88bf78 files/digest-vsftpd-2.0.3-r1 64
+MD5 c3af0a9f9ed1ea8eb162da439b88bf78 files/digest-vsftpd-2.0.3-r2 64
 MD5 5a140ccd0017f39fe3c63e6a29e1abcd files/ftpusers 365
-MD5 a61f83e896d2058a22f9fb3d2b2b1b25 files/vsftpd.conf.d 294
+MD5 10727329a1de642694a73e3655774015 files/vsftpd-2.0.3-gentoo.diff 5598
+MD5 2008f701278d9e59c755433c8e987606 files/vsftpd-2.0.3-gentoo.patch 7128
 MD5 d0f6c4bc146ade78fdcc3ecc94ffece2 files/vsftpd.conf 3842
+MD5 a61f83e896d2058a22f9fb3d2b2b1b25 files/vsftpd.conf.d 294
+MD5 f1636ab0eb3c09f0d3de72cee0ef313c files/vsftpd.init 1630
 MD5 b0551ddc57103f1dcca71524691540a0 files/vsftpd.init.d 1038
-MD5 10727329a1de642694a73e3655774015 files/vsftpd-2.0.3-gentoo.diff 5598
 MD5 8578d5c3f50e7b090ba023dfa626ec89 files/vsftpd.xinetd 432
-MD5 e4a0ae5ba000a0e22576618d76760957 files/vsftpd.pam-include 340
-MD5 c3af0a9f9ed1ea8eb162da439b88bf78 files/digest-vsftpd-2.0.3-r1 64
-MD5 2ed3e6179c0660f4b836fc5e21611740 files/vsftpd.pam 408
+MD5 0451b23327c004752edf415e25931d07 metadata.xml 344
+MD5 dc7c446f859492b83b73eb59ee07e560 vsftpd-2.0.3-r1.ebuild 2032
+MD5 65f6782b10a1698e0d1c43e5b29eb394 vsftpd-2.0.3-r2.ebuild 2408
diff --git a/net-ftp/vsftpd/files/digest-vsftpd-2.0.3-r2 b/net-ftp/vsftpd/files/digest-vsftpd-2.0.3-r2
new file mode 100644
index 000000000000..24cabb401608
--- /dev/null
+++ b/net-ftp/vsftpd/files/digest-vsftpd-2.0.3-r2
@@ -0,0 +1 @@
+MD5 74936cbd8e8251deb1cd99c5fb18b6f8 vsftpd-2.0.3.tar.gz 153266
diff --git a/net-ftp/vsftpd/files/vsftpd-2.0.3-gentoo.patch b/net-ftp/vsftpd/files/vsftpd-2.0.3-gentoo.patch
new file mode 100644
index 000000000000..eaf913c1651f
--- /dev/null
+++ b/net-ftp/vsftpd/files/vsftpd-2.0.3-gentoo.patch
@@ -0,0 +1,193 @@
+diff --unified defs.h defs.h
+--- defs.h	2004-06-04 16:37:29.000000000 +0200
++++ defs.h	2004-09-24 11:36:16.443227600 +0200
+@@ -1,7 +1,7 @@
+ #ifndef VSF_DEFS_H
+ #define VSF_DEFS_H
+ 
+-#define VSFTP_DEFAULT_CONFIG    "/etc/vsftpd.conf"
++#define VSFTP_DEFAULT_CONFIG    "/etc/vsftpd/vsftpd.conf"
+ 
+ #define VSFTP_COMMAND_FD        0
+ 
+--- tunables.c.orig	2005-06-08 11:29:01.261176985 +0100
++++ tunables.c	2005-06-08 11:30:33.521084952 +0100
+@@ -89,7 +89,7 @@
+ unsigned int tunable_max_per_ip = 0;
+ unsigned int tunable_trans_chunk_size = 0;
+ 
+-const char* tunable_secure_chroot_dir = "/usr/share/empty";
++const char* tunable_secure_chroot_dir = "/usr/share/vsftpd/empty";
+ const char* tunable_ftp_username = "ftp";
+ const char* tunable_chown_username = "root";
+ const char* tunable_xferlog_file = "/var/log/xferlog";
+@@ -97,11 +97,11 @@
+ const char* tunable_message_file = ".message";
+ const char* tunable_nopriv_user = "nobody";
+ const char* tunable_ftpd_banner = 0;
+-const char* tunable_banned_email_file = "/etc/vsftpd.banned_emails";
+-const char* tunable_chroot_list_file = "/etc/vsftpd.chroot_list";
++const char* tunable_banned_email_file = "/etc/vsftpd/banned_emails";
++const char* tunable_chroot_list_file = "/etc/vsftpd/chroot_list";
+ const char* tunable_pam_service_name = "ftp";
+ const char* tunable_guest_username = "ftp";
+-const char* tunable_userlist_file = "/etc/vsftpd.user_list";
++const char* tunable_userlist_file = "/etc/vsftpd/user_list";
+ const char* tunable_anon_root = 0;
+ const char* tunable_local_root = 0;
+ const char* tunable_banner_file = 0;
+@@ -113,7 +113,7 @@
+ const char* tunable_hide_file = 0;
+ const char* tunable_deny_file = 0;
+ const char* tunable_user_sub_token = 0;
+-const char* tunable_email_password_file = "/etc/vsftpd.email_passwords";
++const char* tunable_email_password_file = "/etc/vsftpd/email_passwords";
+ const char* tunable_rsa_cert_file = "/usr/share/ssl/certs/vsftpd.pem";
+ const char* tunable_dsa_cert_file = 0;
+ const char* tunable_ssl_ciphers = "DES-CBC3-SHA";
+--- vsftpd.8.orig	2005-06-08 12:12:51.753585388 +0100
++++ vsftpd.8	2005-06-08 12:13:21.411085181 +0100
+@@ -21,7 +21,7 @@
+ recommended. It is activated by setting
+ .Pa listen=YES
+ in
+-.Pa /etc/vsftpd.conf .
++.Pa /etc/vsftpd/vsftpd.conf .
+ Direct execution of the
+ .Nm vsftpd
+ binary will then launch the FTP service ready for immediate client connections.
+@@ -29,6 +29,6 @@
+ An optional
+ .Op configuration file
+ may be given on the command line.  The default configuration file is
+-.Pa /etc/vsftpd.conf .
++.Pa /etc/vsftpd/vsftpd.conf .
+ .Sh SEE ALSO
+ .Xr vsftpd.conf 5
+--- vsftpd.conf.5.orig	2005-06-08 12:13:29.831523597 +0100
++++ vsftpd.conf.5	2005-06-08 12:15:04.012059074 +0100
+@@ -4,7 +4,7 @@
+ .SH DESCRIPTION
+ vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
+ default, vsftpd looks for this file at the location
+-.BR /etc/vsftpd.conf .
++.BR /etc/vsftpd/vsftpd.conf .
+ However, you may override this by specifying a command line argument to
+ vsftpd. The command line argument is the pathname of the configuration file
+ for vsftpd. This behaviour is useful because you may wish to use an advanced
+@@ -136,7 +136,7 @@
+ different if chroot_local_user is set to YES. In this case, the list becomes
+ a list of users which are NOT to be placed in a chroot() jail.
+ By default, the file containing this list is
+-/etc/vsftpd.chroot_list, but you may override this with the
++/etc/vsftpd/chroot_list, but you may override this with the
+ .BR chroot_list_file
+ setting.
+ 
+@@ -164,7 +164,7 @@
+ .B deny_email_enable
+ If activated, you may provide a list of anonymous password e-mail responses
+ which cause login to be denied. By default, the file containing this list is
+-/etc/vsftpd.banned_emails, but you may override this with the
++/etc/vsftpd/banned_emails, but you may override this with the
+ .BR banned_email_file
+ setting.
+ 
+@@ -371,7 +371,7 @@
+ file specified by the
+ .BR email_password_file
+ setting. The file format is one password per line, no extra whitespace. The
+-default filename is /etc/vsftpd.email_passwords.
++default filename is /etc/vsftpd/email_passwords.
+ 
+ Default: NO
+ .TP
+@@ -651,7 +651,7 @@
+ .BR deny_email_enable
+ is enabled.
+ 
+-Default: /etc/vsftpd.banned_emails
++Default: /etc/vsftpd/banned_emails
+ .TP
+ .B banner_file
+ This option is the name of a file containing text to display when someone
+@@ -680,7 +680,7 @@
+ is enabled, then the list file becomes a list of users to NOT place in a
+ chroot() jail.
+ 
+-Default: /etc/vsftpd.chroot_list
++Default: /etc/vsftpd/chroot_list
+ .TP
+ .B cmds_allowed
+ This options specifies a comma separated list of allowed FTP commands (post
+@@ -732,7 +732,7 @@
+ .BR secure_email_list_enable
+ setting.
+ 
+-Default: /etc/vsftpd.email_passwords
++Default: /etc/vsftpd/email_passwords
+ .TP
+ .B ftp_username
+ This is the name of the user we use for handling anonymous FTP. The home
+@@ -852,10 +852,10 @@
+ with an example. If you set
+ .BR user_config_dir
+ to be
+-.BR /etc/vsftpd_user_conf
++.BR /etc/vsftpd/user_conf
+ and then log on as the user "chris", then vsftpd will apply the settings in
+ the file
+-.BR /etc/vsftpd_user_conf/chris
++.BR /etc/vsftpd/user_conf/chris
+ for the duration of the session. The format of this file is as detailed in
+ this manual page! PLEASE NOTE that not all settings are effective on a
+ per-user basis. For example, many settings only prior to the user's session
+@@ -891,7 +891,7 @@
+ .BR userlist_enable
+ option is active.
+ 
+-Default: /etc/vsftpd.user_list
++Default: /etc/vsftpd/user_list
+ .TP
+ .B vsftpd_log_file
+ This option is the name of the file to which we write the vsftpd style
+--- vsftpd.conf.orig	2005-10-20 07:53:27.857892494 +0100
++++ vsftpd.conf	2005-10-20 09:44:04.631292771 +0100
+@@ -1,4 +1,4 @@
+-# Example config file /etc/vsftpd.conf
++# Example config file /etc/vsftpd/vsftpd.conf
+ #
+ # The default compiled in settings are fairly paranoid. This sample file
+ # loosens things up a bit, to make the ftp daemon more usable.
+@@ -8,6 +8,10 @@
+ # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
+ # capabilities.
+ #
++# Listen on IPv4. xinet users must set NO or comment out
++# otherwise it must be set YES
++listen=YES
++#
+ # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
+ anonymous_enable=YES
+ #
+@@ -88,18 +92,17 @@
+ # useful for combatting certain DoS attacks.
+ #deny_email_enable=YES
+ # (default follows)
+-#banned_email_file=/etc/vsftpd.banned_emails
++#banned_email_file=/etc/vsftpd/banned_emails
+ #
+ # You may specify an explicit list of local users to chroot() to their home
+ # directory. If chroot_local_user is YES, then this list becomes a list of
+ # users to NOT chroot().
+ #chroot_list_enable=YES
+ # (default follows)
+-#chroot_list_file=/etc/vsftpd.chroot_list
++#chroot_list_file=/etc/vsftpd/chroot_list
+ #
+ # You may activate the "-R" option to the builtin ls. This is disabled by
+ # default to avoid remote users being able to cause excessive I/O on large
+ # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
+ # the presence of the "-R" option, so there is a strong case for enabling it.
+ #ls_recurse_enable=YES
+-
diff --git a/net-ftp/vsftpd/files/vsftpd.init b/net-ftp/vsftpd/files/vsftpd.init
new file mode 100644
index 000000000000..ba20ef50fcff
--- /dev/null
+++ b/net-ftp/vsftpd/files/vsftpd.init
@@ -0,0 +1,62 @@
+#!/sbin/runscript
+# Copyright 2003-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License, v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.init,v 1.1 2005/10/20 09:50:44 uberlord Exp $
+
+VSFTPD_CONF="${VSFTPD_CONF:-/etc/vsftpd/vsftpd.conf}"
+VSFTPD_NAME="${myservice##*.}"
+if [[ -n ${VSFTPD_NAME} && ${myservice} != "vsftpd" ]]; then
+    VSFTPD_PID="/var/run/vsftpd.${VSFTPD_NAME}.pid"
+else
+    VSFTPD_PID="/var/run/vsftpd.pid"
+fi
+
+depend() {
+	need net
+	use dns logger
+}
+
+checkconfig() {
+	if [[ ! -e ${VSFTPD_CONF} ]] ; then
+		eerror "Please setup ${VSFTPD_CONF} before starting vsftpd"
+		eerror "There are sample configurations in /usr/share/doc/vsftpd"
+		return 1
+	fi
+
+	if egrep -iq "^ *background *= *yes" "${VSFTPD_CONF}" ; then
+		eerror "${VSFTPD_CONF} must not set background=YES"
+		return 1
+	fi
+
+	local has_ip=false has_ipv6=false ip_error=true
+	egrep -iq "^ *listen *= *yes" "${VSFTPD_CONF}" && has_ip=true
+	egrep -iq "^ *listen_ipv6 *= *yes" "${VSFTPD_CONF}" && has_ipv6=true
+	if ${has_ip} && ! ${has_ipv6} ; then
+		ip_error=false
+	elif ! ${has_ip} && ${has_ipv6} ; then
+		ip_error=false
+	fi
+	if ${ip_error} ; then
+		eerror "${VSFTPD_CONF} must contain listen=YES or listen_ipv6=YES"
+		eerror "but not both"
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting vsftpd"
+	start-stop-daemon --start --exec /usr/sbin/vsftpd \
+		--background --make-pidfile --pidfile "${VSFTPD_PID}" \
+		-- "${VSFTPD_CONF}"
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping vsftpd"
+	start-stop-daemon --stop --exec /usr/sbin/vsftpd \
+		--pidfile "${VSFTPD_PID}"
+	eend $?
+}
+
+# vim: ts=4
diff --git a/net-ftp/vsftpd/files/vsftpd.pam b/net-ftp/vsftpd/files/vsftpd.pam
deleted file mode 100644
index 58d1add480f6..000000000000
--- a/net-ftp/vsftpd/files/vsftpd.pam
+++ /dev/null
@@ -1,7 +0,0 @@
-#%PAM-1.0
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.pam,v 1.5 2005/06/07 23:04:57 uberlord Exp $
-auth     required   pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
-auth     required   pam_stack.so service=system-auth
-auth     required   pam_shells.so
-account  required   pam_stack.so service=system-auth
-session  required   pam_stack.so service=system-auth
diff --git a/net-ftp/vsftpd/files/vsftpd.pam-include b/net-ftp/vsftpd/files/vsftpd.pam-include
deleted file mode 100644
index 8ecb27573e61..000000000000
--- a/net-ftp/vsftpd/files/vsftpd.pam-include
+++ /dev/null
@@ -1,7 +0,0 @@
-#%PAM-1.0
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.pam-include,v 1.1 2005/06/07 18:34:17 uberlord Exp $
-auth     required	pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
-auth     include	system-auth
-auth     required	pam_shells.so
-account  include	system-auth
-session  include	system-auth
diff --git a/net-ftp/vsftpd/vsftpd-2.0.3-r2.ebuild b/net-ftp/vsftpd/vsftpd-2.0.3-r2.ebuild
new file mode 100644
index 000000000000..72e7a337aae8
--- /dev/null
+++ b/net-ftp/vsftpd/vsftpd-2.0.3-r2.ebuild
@@ -0,0 +1,87 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/vsftpd-2.0.3-r2.ebuild,v 1.1 2005/10/20 09:50:44 uberlord Exp $
+
+inherit flag-o-matic eutils
+
+DESCRIPTION="Very Secure FTP Daemon written with speed, size and security in mind"
+HOMEPAGE="http://vsftpd.beasts.org/"
+SRC_URI="ftp://vsftpd.beasts.org/users/cevans/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="pam tcpd ssl selinux xinetd"
+
+DEPEND="pam? ( || ( virtual/pam sys-libs/pam ) )
+	tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
+	ssl? ( >=dev-libs/openssl-0.9.7d )"
+RDEPEND="${DEPEND}
+	net-ftp/ftpbase
+	selinux? ( sec-policy/selinux-ftpd )
+	xinetd? ( sys-apps/xinetd )"
+
+src_unpack() {
+	unpack "${A}" || die
+	cd "${S}" || die
+
+	use tcpd && echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h
+	use ssl && echo "#define VSF_BUILD_SSL" >> builddefs.h
+	use pam || echo "#undef VSF_BUILD_PAM" >> builddefs.h
+
+	# Patch the source, config and the manpage to use /etc/vsftpd/
+	epatch "${FILESDIR}/vsftpd-2.0.3-gentoo.patch"
+}
+
+src_compile() {
+	emake CFLAGS="${CFLAGS}" || die
+}
+
+src_install() {
+	into /usr
+	doman vsftpd.conf.5 vsftpd.8
+	dosbin vsftpd
+
+	dodoc AUDIT BENCHMARKS BUGS Changelog FAQ INSTALL \
+		LICENSE README README.security REWARD SIZE \
+		SPEED TODO TUNING
+	newdoc vsftpd.conf vsftpd.conf.example
+
+	docinto security
+	dodoc SECURITY/*
+
+	insinto "/usr/share/doc/${PF}/examples"
+	doins -r EXAMPLE/*
+
+	insinto /etc/vsftpd
+	newins vsftpd.conf vsftpd.conf.example
+
+	if use xinetd ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}/vsftpd.xinetd" vsftpd
+	fi
+
+	newinitd "${FILESDIR}/vsftpd.init" vsftpd
+
+	keepdir /usr/share/vsftpd/empty
+}
+
+pkg_preinst() {
+	# If we use xinetd, then we comment out listen=YES
+	# so that our default config works under xinetd - fixes #78347
+	if use xinetd ; then
+		sed -i '/\listen=YES/s/^/#/g' ${IMAGE}/etc/vsftpd/vsftpd.conf.example
+	fi
+}
+
+pkg_postinst() {
+	einfo "vsftpd init script can now be multiplexed."
+	einfo "The default init script forces /etc/vsftpd/vsftpd.conf to exist."
+	einfo "If you symlink the init script to another one, say vsftpd.foo"
+	einfo "then that uses /etc/vsftpd/foo.conf instead."
+	einfo
+	einfo "Example:"
+	einfo "   cd /etc/init.d"
+	einfo "   ln -s vsftpd vsftpd.foo"
+	einfo "You can now treat vsftpd.foo like any other service"
+}