diff --git a/pure-ftpd-with-tls-init.service b/pure-ftpd-with-tls-init.service new file mode 100644 index 0000000..aab2191 --- /dev/null +++ b/pure-ftpd-with-tls-init.service @@ -0,0 +1,10 @@ +[Unit] +Description=One-time configuration for pure-ftpd + +ConditionPathExists=|!/etc/pki/pure-ftpd/pure-ftpd.pem + +[Service] +Type=oneshot +RemainAfterExit=no + +ExecStart=/usr/bin/sscg --ca-file /etc/pki/pure-ftpd/ca.crt --cert-file /etc/pki/pure-ftpd/pure-ftpd.pem --cert-key-file /etc/pki/pure-ftpd/pure-ftpd.pem diff --git a/pure-ftpd-with-tls.service b/pure-ftpd-with-tls.service new file mode 100644 index 0000000..95d982c --- /dev/null +++ b/pure-ftpd-with-tls.service @@ -0,0 +1,12 @@ +[Unit] +Description=Pure-FTPd FTP server +After=syslog.target network.target pure-ftpd-init.service +Requires=pure-ftpd-init.service + +[Service] +Type=forking +PIDFile=/var/run/pure-ftpd.pid +ExecStart=/usr/sbin/pure-ftpd /etc/pure-ftpd/pure-ftpd.conf --daemonize + +[Install] +WantedBy=multi-user.target diff --git a/pure-ftpd.spec b/pure-ftpd.spec index 6dd3e26..b76e3ae 100644 --- a/pure-ftpd.spec +++ b/pure-ftpd.spec @@ -1,6 +1,6 @@ Name: pure-ftpd Version: 1.0.46 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Lightweight, fast and secure FTP server Group: System Environment/Daemons @@ -14,6 +14,8 @@ Source4: pure-ftpd.pure-ftpwho.pam Source5: pure-ftpd.pure-ftpwho.consoleapp Source6: pure-ftpd.README.SELinux Source7: pure-ftpd.pureftpd.te +Source8: pure-ftpd-with-tls-init.service +Source9: pure-ftpd-with-tls.service Patch0: 0001-modify-pam.patch Patch1: 0002-fedora-specific-config-file.patch Patch2: 0003-Allow-having-both-options-and-config-file-on-command.patch @@ -32,6 +34,7 @@ Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units Requires: logrotate, usermode +%{!?_without_tls:Requires: sscg} %description @@ -131,8 +134,13 @@ install -p -m 644 man/pure-statsdecode.8 $RPM_BUILD_ROOT%{_mandir}/man8 install -p -m 644 man/pure-quotacheck.8 $RPM_BUILD_ROOT%{_mandir}/man8 install -p -m 644 man/pure-authd.8 $RPM_BUILD_ROOT%{_mandir}/man8 -# Init script -install -p -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/%{name}.service +# Systemd services +%if 0%{!?_without_tls:1} +install -p -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_unitdir}/pure-ftpd-init.service +install -p -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_unitdir}/pure-ftpd.service +%else +install -p -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/pure-ftpd.service +%endif # Pam install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d @@ -170,14 +178,6 @@ install -p -m 644 pureftpd.schema $RPM_BUILD_ROOT%{_docdir}/%{name} %post %systemd_post pure-ftpd.service -%if 0%{!?_without_tls:1} -# TLS Certificate -if [ ! -f %{_sysconfdir}/pki/%{name}/%{name}.pem ]; then - %{_bindir}/make-dummy-cert \ - %{_sysconfdir}/pki/%{name}/%{name}.pem -fi -%endif - %preun %systemd_preun pure-ftpd.service @@ -226,7 +226,12 @@ fi %doc pureftpd.schema %{_bindir}/pure-* %{_sbindir}/pure-* -%{_unitdir}/%{name}.service +%if 0%{!?_without_tls:1} + %{_unitdir}/pure-ftpd-init.service + %{_unitdir}/pure-ftpd.service +%else + %{_unitdir}/pure-ftpd.service +%endif %config(noreplace) %{_sysconfdir}/%{name} %config(noreplace) %{_sysconfdir}/pam.d/%{name} %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} @@ -244,6 +249,11 @@ fi %changelog +* Wed Oct 25 2017 Ondřej Lysoněk - 1.0.46-3 +- Generate the TLS certificate using sscg in an initialization systemd service +- This is required by +- https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup + * Thu Sep 14 2017 Ondřej Lysoněk - 1.0.46-2 - Fix loading the configuration file - Drop unsupported UseFtpUsers option from configuration file