[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Debian-sf-devel] [Patch #274] Chroot removed and anonftp fix
From: |
nobody |
Subject: |
[Debian-sf-devel] [Patch #274] Chroot removed and anonftp fix |
Date: |
Wed, 24 Apr 2002 12:59:00 -0400 |
Patch #274 has been updated.
Project:
Category: None
Status: Postponed
Summary: Chroot removed and anonftp fix
Follow-Ups:
Date: 2002-Apr-23 01:20
By: osvaldsson
Comment:
Removed all Chroot stuff.
Removed download dir and fixed that into the anonftp dir so that the project
files could both be downloaded through ftp and http.
I also fixed the anon-ftp login.
I put the cvsroot as /cvsroot as changing that means a lot more recoding and
text editing, if that is to be then it has to be a sepperate phase.
I also removed hardcoded paths where I could in the code I was editing.
-------------------------------------------------------
Date: 2002-Apr-23 19:03
By: ru2def
Comment:
please elaborate the reason for this patch ... i'm not seeing why this would be
beneficial? (not that i really have any say in the package, i'm just trying to
understand :) ... the chroot'd envrionment allows for greater security of your
user accounts, the FTP server (can't get to system files), etc... also makes it
easy to put all SF user accounts on their own partition, or separate
partitions, without mucking about in /home (which is more for *local* users)
... also makes offsite backup more convenient (just tar up the chroot space) ...
-------------------------------------------------------
Date: 2002-Apr-23 21:45
By: osvaldsson
Comment:
This patch was submited after a discussion with the maintainers.
The ftp server is still chrooted.
The current setup breaks the CVS access and the anonftp didn't point at
anything at all.
The only thing the current setup did was chroot the anoncvs access, and has
seperate upload dirs for each user, I don't think that is necesary and having
all users upload to a common upload dir (unable to change files, just upload)
wich is btw. in its own chroot within proftpd like the anonftp doesn't affect
security at all.
Did you look at the patch at all?
-------------------------------------------------------
Date: 2002-Apr-24 18:59
By: lo-lan-do
Comment:
I'm going to postpone this patch for now, for two reasons:
- first, this patch is not compliant with the Debian Policy
(http://www.debian.org/doc/debian-policy/), in particular Section 10.1 (I'm
referring to the /cvsroot directory). Changing the CVS repository location to
/var/lib/sourceforge/cvsroot could do the trick, but then there's the
documentation to update in www/cvs/index.php.
- second, there's no upgrade path. That's something we absolutely must
provide: a newer package must be able to install over an older package so that
the older one is "mutated" into the newer one. In particular, I'm thinking of
moving the users' homes and the CVS repositories.
I will try to fix these issues, but it you happen to do it before I can manage
to, then I'll apply an updated patch. Be aware that I won't apply this patch
"as is".
-------------------------------------------------------
-------------------------------------------------------
For more info, visit:
http://savannah.gnu.org/patch/?func=detailpatch&patch_id=274&group_id=259