r8922 - in trunk/BOOK: . general/prog introduction/welcome postlfs/security server/major

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Fri Oct 28 11:57:20 PDT 2011


Author: bdubbs
Date: 2011-10-28 12:57:13 -0600 (Fri, 28 Oct 2011)
New Revision: 8922

Modified:
   trunk/BOOK/general.ent
   trunk/BOOK/general/prog/python.xml
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/postlfs/security/firewalling.xml
   trunk/BOOK/server/major/vsftpd.xml
Log:
Update to to vsftpd-2.3.4.
Tweak firewall instructions.
Touchup Python instructions.


Modified: trunk/BOOK/general/prog/python.xml
===================================================================
--- trunk/BOOK/general/prog/python.xml	2011-10-26 21:50:06 UTC (rev 8921)
+++ trunk/BOOK/general/prog/python.xml	2011-10-28 18:57:13 UTC (rev 8922)
@@ -5,7 +5,7 @@
   %general-entities;
 
   <!ENTITY python-download-http "http://www.python.org/ftp/python/&Python-version;/Python-&Python-version;.tar.xz">
-  <!ENTITY python-download-ftp  "&gentoo-ftp-repo;/Python-&Python-version;.tar.bz2">
+  <!ENTITY python-download-ftp  "&gentoo-ftp-repo;/Python-&Python-version;.tar.xz">
   <!ENTITY python-md5sum        "3720ce9460597e49264bbb63b48b946d">
   <!ENTITY python-size          "8.5 MB">
   <!ENTITY python-buildsize     "141 MB (23MB for the test suite)">
@@ -65,12 +65,12 @@
     </itemizedlist>
 
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
-    <itemizedlist spacing='compact'>
-      <listitem>
+    <!--<itemizedlist spacing='compact'>
+       <listitem>
         <para>Required patch: <ulink
         url="&patch-root;/Python-&Python-version;-bdb_4.8-1.patch"/></para>
-      </listitem>
-    </itemizedlist>
+      </listitem> 
+    </itemizedlist>-->
 
     <itemizedlist spacing='compact'>
       <title>Optional HTML Documentation</title>

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2011-10-26 21:50:06 UTC (rev 8921)
+++ trunk/BOOK/general.ent	2011-10-28 18:57:13 UTC (rev 8922)
@@ -3,7 +3,7 @@
 $Date$
 -->
 
-<!ENTITY day          "26">                   <!-- Always 2 digits -->
+<!ENTITY day          "28">                   <!-- Always 2 digits -->
 <!ENTITY month        "10">                   <!-- Always 2 digits -->
 <!ENTITY year         "2011">
 <!ENTITY copyrightdate "2001-&year;">
@@ -55,7 +55,7 @@
 <!ENTITY lfs-vim-version              "7.3">
 <!-- End LFS versions -->
 
-<!ENTITY blfs-bootscripts-version     "20111026">
+<!ENTITY blfs-bootscripts-version     "20111028">
 <!ENTITY blfs-bootscripts-download    "&downloads-root;/blfs-bootscripts-&blfs-bootscripts-version;.tar.bz2">
 
 <!ENTITY blfs-wiki                    "http://wiki.&lfs-domainname;/blfs/wiki">
@@ -484,7 +484,7 @@
 <!-- openssh (chapter 18) -->
 <!ENTITY proftpd-version              "1.3.0">
 <!-- samba3 (chapter 18) -->
-<!ENTITY vsftpd-version               "2.0.5">
+<!ENTITY vsftpd-version               "2.3.4">
 <!ENTITY xinetd-version               "2.3.14">
 
 <!-- Chapter 22 -->

Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2011-10-26 21:50:06 UTC (rev 8921)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2011-10-28 18:57:13 UTC (rev 8922)
@@ -45,6 +45,15 @@
       <para>October 26th, 2011</para>
       <itemizedlist>
         <listitem>
+          <para>[bdubbs] - Updated to vsftpd-2.3.4.</para>
+        </listitem>
+      </itemizedlist>
+    </listitem>
+
+    <listitem>
+      <para>October 26th, 2011</para>
+      <itemizedlist>
+        <listitem>
           <para>[bdubbs] - Update to subversion-1.7.1.</para>
         </listitem>
         <listitem>

Modified: trunk/BOOK/postlfs/security/firewalling.xml
===================================================================
--- trunk/BOOK/postlfs/security/firewalling.xml	2011-10-26 21:50:06 UTC (rev 8921)
+++ trunk/BOOK/postlfs/security/firewalling.xml	2011-10-28 18:57:13 UTC (rev 8922)
@@ -202,9 +202,9 @@
 echo 1 > /proc/sys/net/ipv4/tcp_syncookies
 
 # Disable ICMP Redirect Acceptance
-echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
+echo 0 > /proc/sys/net/ipv4/conf/default/accept_redirects
 
-# Don't send Redirect Messages
+# Do not send Redirect Messages
 echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
 echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
 
@@ -330,11 +330,11 @@
 echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
 
 # Don¹t send Redirect Messages
-echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
+echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
 
 # Drop Spoofed Packets coming in on an interface where responses
 # would result in the reply going out a different interface.
-echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
+echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
 
 # Log packets with impossible addresses.
 echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
@@ -374,8 +374,8 @@
 
 # Log everything for debugging
 # (last of all rules, but before policy rules)
-iptables -A INPUT   -j LOG --log-prefix "FIREWALL:INPUT  "
-iptables -A FORWARD -j LOG --log-prefix "FIREWALL:FORWARD"
+iptables -A INPUT   -j LOG --log-prefix "FIREWALL:INPUT "
+iptables -A FORWARD -j LOG --log-prefix "FIREWALL:FORWARD "
 iptables -A OUTPUT  -j LOG --log-prefix "FIREWALL:OUTPUT "
 
 # Enable IP Forwarding
@@ -497,7 +497,7 @@
           network scans):</para>
 
 <screen><literal>iptables -I INPUT -p tcp -m state --state INVALID \
-  -j LOG --log-prefix "FIREWALL:INVALID"
+  -j LOG --log-prefix "FIREWALL:INVALID "
 iptables -I INPUT -p tcp -m state --state INVALID -j DROP</literal></screen>
 
         </listitem>

Modified: trunk/BOOK/server/major/vsftpd.xml
===================================================================
--- trunk/BOOK/server/major/vsftpd.xml	2011-10-26 21:50:06 UTC (rev 8921)
+++ trunk/BOOK/server/major/vsftpd.xml	2011-10-28 18:57:13 UTC (rev 8922)
@@ -5,10 +5,10 @@
   %general-entities;
 
   <!ENTITY vsftpd-download-http " ">
-  <!ENTITY vsftpd-download-ftp  "ftp://vsftpd.beasts.org/users/cevans/vsftpd-&vsftpd-version;.tar.gz">
-  <!ENTITY vsftpd-md5sum        "146062e8b2f93af43ff6c2c770feea94">
-  <!ENTITY vsftpd-size          "152 KB">
-  <!ENTITY vsftpd-buildsize     "1.5 MB">
+  <!ENTITY vsftpd-download-ftp  "https://security.appspot.com/downloads//vsftpd-&vsftpd-version;.tar.gz">
+  <!ENTITY vsftpd-md5sum        "2ea5d19978710527bb7444d93b67767a">
+  <!ENTITY vsftpd-size          "188 KB">
+  <!ENTITY vsftpd-buildsize     "1.8 MB">
   <!ENTITY vsftpd-time          "less than 0.1 SBU">
 ]>
 
@@ -33,6 +33,8 @@
     secure and very small FTP daemon. This is useful for serving files
     over a network.</para>
 
+    &lfs70_checked;
+
     <bridgehead renderas="sect3">Package Information</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>
@@ -77,13 +79,17 @@
     users, and groups with the following commands:</para>
 
 <screen role="root"><userinput>install -v -d -m 0755 /var/ftp/empty &&
-install -v -d -m 0755 /home/ftp &&
-groupadd -g 47 vsftpd &&
-useradd -d /dev/null -c "vsftpd User" -g vsftpd -s /bin/false \
-        -u 47 vsftpd &&
-groupadd -g 45 ftp &&
-useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false -u 45 ftp</userinput></screen>
+install -v -d -m 0755 /home/ftp      &&
+groupadd -g 47 vsftpd                &&
+groupadd -g 45 ftp                   &&
+useradd -c "vsftpd User"  -d /dev/null -g vsftpd -s /bin/false -u 47 vsftpd &&
+useradd -c anonymous_user -d /home/ftp -g ftp    -s /bin/false -u 45 ftp</userinput></screen>
 
+    <para>If you did not install the optional <application>libcap2</application> package,
+    run the following to avoid a build error:</para>
+
+<screen><userinput>sed -i -e 's:#define VSF_SYSDEP_HAVE_LIBCAP|//&|' sysdeputil.c</userinput></screen>
+
     <para>Build <application>vsftpd</application> as an unprivileged user
     using the following command:</para>
 
@@ -95,10 +101,10 @@
     user and install <application>vsftpd</application> with the following
     commands:</para>
 
-<screen><userinput>install -v -m 755 vsftpd /usr/sbin/vsftpd &&
-install -v -m 644 vsftpd.8 /usr/share/man/man8 &&
+<screen><userinput>install -v -m 755 vsftpd        /usr/sbin/vsftpd    &&
+install -v -m 644 vsftpd.8      /usr/share/man/man8 &&
 install -v -m 644 vsftpd.conf.5 /usr/share/man/man5 &&
-install -v -m 644 vsftpd.conf /etc</userinput></screen>
+install -v -m 644 vsftpd.conf   /etc</userinput></screen>
 
   </sect2>
 




More information about the blfs-book mailing list