Patrick Williams | b48b7b4 | 2016-08-17 15:04:38 -0500 | [diff] [blame^] | 1 | vsftpd: change default value of secure_chroot_dir |
| 2 | |
| 3 | Upstream-Status: Pending |
| 4 | |
| 5 | Change secure_chroot_dir pointing to a volatile directory. |
| 6 | |
| 7 | Signed-off-by: Ming Liu <ming.liu@windriver.com> |
| 8 | --- |
| 9 | INSTALL | 6 +++--- |
| 10 | tunables.c | 2 +- |
| 11 | vsftpd.conf.5 | 2 +- |
| 12 | 3 files changed, 5 insertions(+), 5 deletions(-) |
| 13 | |
| 14 | diff -urpN a/INSTALL b/INSTALL |
| 15 | --- a/INSTALL 2013-09-13 10:23:57.504972397 +0800 |
| 16 | +++ b/INSTALL 2013-09-13 10:25:25.664971779 +0800 |
| 17 | @@ -27,11 +27,11 @@ user in case it does not already exist. |
| 18 | [root@localhost root]# useradd nobody |
| 19 | useradd: user nobody exists |
| 20 | |
| 21 | -2b) vsftpd needs the (empty) directory /usr/share/empty in the default |
| 22 | +2b) vsftpd needs the (empty) directory /var/run/vsftpd/empty in the default |
| 23 | configuration. Add this directory in case it does not already exist. e.g.: |
| 24 | |
| 25 | -[root@localhost root]# mkdir /usr/share/empty/ |
| 26 | -mkdir: cannot create directory `/usr/share/empty': File exists |
| 27 | +[root@localhost root]# mkdir /var/run/vsftpd/empty/ |
| 28 | +mkdir: cannot create directory `/var/run/vsftpd/empty': File exists |
| 29 | |
| 30 | 2c) For anonymous FTP, you will need the user "ftp" to exist, and have a |
| 31 | valid home directory (which is NOT owned or writable by the user "ftp"). |
| 32 | diff -urpN a/tunables.c b/tunables.c |
| 33 | --- a/tunables.c 2013-09-13 10:26:29.554972817 +0800 |
| 34 | +++ b/tunables.c 2013-09-13 10:27:18.104972210 +0800 |
| 35 | @@ -254,7 +254,7 @@ tunables_load_defaults() |
| 36 | /* -rw------- */ |
| 37 | tunable_chown_upload_mode = 0600; |
| 38 | |
| 39 | - install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir); |
| 40 | + install_str_setting("/var/run/vsftpd/empty", &tunable_secure_chroot_dir); |
| 41 | install_str_setting("ftp", &tunable_ftp_username); |
| 42 | install_str_setting("root", &tunable_chown_username); |
| 43 | install_str_setting("/var/log/xferlog", &tunable_xferlog_file); |
| 44 | diff -urpN a/vsftpd.conf.5 b/vsftpd.conf.5 |
| 45 | --- a/vsftpd.conf.5 2013-09-13 10:09:33.774972462 +0800 |
| 46 | +++ b/vsftpd.conf.5 2013-09-13 10:10:41.914971989 +0800 |
| 47 | @@ -969,7 +969,7 @@ This option should be the name of a dire |
| 48 | directory should not be writable by the ftp user. This directory is used |
| 49 | as a secure chroot() jail at times vsftpd does not require filesystem access. |
| 50 | |
| 51 | -Default: /usr/share/empty |
| 52 | +Default: /var/run/vsftpd/empty |
| 53 | .TP |
| 54 | .B ssl_ciphers |
| 55 | This option can be used to select which SSL ciphers vsftpd will allow for |