Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 106355 - ftpd daemons in a SELinux environment
Summary: ftpd daemons in a SELinux environment
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gustavo Felisberto (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-09-18 04:20 UTC by petre rodan (RETIRED)
Modified: 2005-09-19 05:00 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description petre rodan (RETIRED) gentoo-dev 2005-09-18 04:20:21 UTC 
please be so kind and add the following selinux info to any present or future
net-ftp/pure-ftpd and net-ftp/vsftpd ebuilds:

IUSE="selinux"
RDEPEND=" selinux? ( sec-policy/selinux-ftpd )"

I can modify current ebuilds if you wish.

thanks,
peter
Comment 1 Roy Marples (RETIRED) gentoo-dev 2005-09-18 05:04:59 UTC 
Wouldn't a better place be net-ft/ftpbase if sec-policy/selinux-ftpd is generic
as that would cover proftpd as well ....
Comment 2 petre rodan (RETIRED) gentoo-dev 2005-09-18 08:25:48 UTC 
Roy, I really dislike that idea. 
only the supported ftp daemons should have that RDEPEND on the policy and not
some generic ebuild that today happens to be used by those ftp daemons.

so pretty please fix net-ftp/pure-ftpd and net-ftp/vsftpd and not net-ftp/ftpbase ;)

as a related subject, personally I use vsftpd with a customized pam.d file so I
find the ftpbase ebuild completely redundant. maybe tomorrow someone will feel
the same about it and slash it into oblivion =). 
erm, enough day dreaming.
Comment 3 Roy Marples (RETIRED) gentoo-dev 2005-09-19 03:17:20 UTC 
(In reply to comment #2)
> Roy, I really dislike that idea. 
> only the supported ftp daemons should have that RDEPEND on the policy and not
> some generic ebuild that today happens to be used by those ftp daemons.
> 
> so pretty please fix net-ftp/pure-ftpd and net-ftp/vsftpd and not
net-ftp/ftpbase ;)

OK. Can you provide a policy for net-ftp/proftpd as well? It would be silly not
to support probably the most popular ftpd ;) (even though I use vsftpd myself - heh)

> as a related subject, personally I use vsftpd with a customized pam.d file so I
> find the ftpbase ebuild completely redundant. maybe tomorrow someone will feel
> the same about it and slash it into oblivion =). 
> erm, enough day dreaming.

What, have the the same code for checking ftp user, creating home dir and
installing pam.d/ftp and /etc/ftpusers in 3 ebuilds thus causing file conflicts?
I don't think so ...... :P
Comment 4 Roy Marples (RETIRED) gentoo-dev 2005-09-19 03:20:20 UTC 
Erm, does this require version bumps?
Comment 5 petre rodan (RETIRED) gentoo-dev 2005-09-19 04:23:11 UTC 
> Erm, does this require version bumps?
no version bump is needed because of this change.

please modify the ftp daemon ebuild itself, not ftpbase.
currently proftpd, vsftpd and pure-ftpd are supported by that policy. nothing
more, nothing less. so if tomorrow you'll add foo-ftpd to portage it will not be
supported automagically.

> What, have the the same code for checking ftp user, creating home dir and
> installing pam.d/ftp and /etc/ftpusers in 3 ebuilds thus causing file conflicts?

heh.
you mean conflicts like bug #100783 bug #101306 bug #102180 bug #105431 bug
#104724 bug #102479
lol :)

/me apologizes for the bad joke
/me hides
Comment 6 Roy Marples (RETIRED) gentoo-dev 2005-09-19 05:00:16 UTC 
OK, all vsftpd and pure-ftpd ebuilds have been updated.