[ipfire-3.x.git] / tftp / patches / tftp-0.42-tftpboot.patch

diff -up tftp-hpa-0.48/tftp-xinetd.tftpboot tftp-hpa-0.48/tftp-xinetd
--- tftp-hpa-0.48/tftp-xinetd.tftpboot	2007-01-31 00:51:05.000000000 +0100
+++ tftp-hpa-0.48/tftp-xinetd	2008-05-20 12:05:53.000000000 +0200
@@ -10,7 +10,7 @@ service tftp
 	wait			= yes
 	user			= root
 	server			= /usr/sbin/in.tftpd
-	server_args		= -s /tftpboot
+	server_args		= -s /var/lib/tftpboot
 	disable			= yes
 	per_source		= 11
 	cps			= 100 2
diff -up tftp-hpa-0.48/README.security.tftpboot tftp-hpa-0.48/README.security
--- tftp-hpa-0.48/README.security.tftpboot	2008-05-29 17:36:32.000000000 +0200
+++ tftp-hpa-0.48/README.security	2008-05-29 17:37:21.000000000 +0200
@@ -17,10 +17,10 @@ probably the following:
 
 1. Create a separate "tftpd" user and group only used for tftpd;
 2. Have all your boot files in a single directory tree (usually called 
-   /tftpboot).
-3. Specify "-p -u tftpd -s /tftpboot" on the tftpd command line; if
+   /var/lib/tftpboot).
+3. Specify "-p -u tftpd -s /var/lib/tftpboot" on the tftpd command line; if
    you want clients to be able to create files use
-   "-p -c -U 002 -u tftpd -s /tftpboot" (replace 002 with whatever
+   "-p -c -U 002 -u tftpd -s /var/lib/tftpboot" (replace 002 with whatever
    umask is appropriate for your setup.)
 
 	       =======================================
@@ -40,12 +40,12 @@ directly.  Thus, if your /etc/inetd.conf
 line):
 
 tftp	dgram	udp	wait	root	/usr/sbin/tcpd
-/usr/sbin/in.tftpd -s /tftpboot -r blksize
+/usr/sbin/in.tftpd -s /var/lib/tftpboot -r blksize
 
 ... it's better to change to ...
 
 tftp	dgram	udp	wait	root	/usr/sbin/in.tftpd
-in.tftpd -s /tftpboot -r blksize
+in.tftpd -s /var/lib/tftpboot -r blksize
 
 You should make sure that you are using "wait" option in tftpd; you
 also need to have tftpd spawned as root in order for chroot (-s) to
diff -up tftp-hpa-0.48/tftpd/sample.rules.tftpboot tftp-hpa-0.48/tftpd/sample.rules
--- tftp-hpa-0.48/tftpd/sample.rules.tftpboot	2008-05-29 17:38:46.000000000 +0200
+++ tftp-hpa-0.48/tftpd/sample.rules	2008-05-29 17:38:05.000000000 +0200
@@ -30,5 +30,5 @@ rg	\\		/		# Convert backslashes to slash
 rg	\#		@		# Convert hash marks to @ signs
 rg	/../		/..no../	# Convert /../ to /..no../
 e	^ok/				# These are always ok
-r	^[^/]		/tftpboot/\0	# Convert non-absolute files
+r	^[^/]		/var/lib/tftpboot/\0	# Convert non-absolute files
 a	\.pvt$				# Reject requests for private files
Commit	Line	Data
5a0e9616 SS	1	diff -up tftp-hpa-0.48/tftp-xinetd.tftpboot tftp-hpa-0.48/tftp-xinetd
	2	--- tftp-hpa-0.48/tftp-xinetd.tftpboot 2007-01-31 00:51:05.000000000 +0100
	3	+++ tftp-hpa-0.48/tftp-xinetd 2008-05-20 12:05:53.000000000 +0200
	4	@@ -10,7 +10,7 @@ service tftp
	5	wait = yes
	6	user = root
	7	server = /usr/sbin/in.tftpd
	8	- server_args = -s /tftpboot
	9	+ server_args = -s /var/lib/tftpboot
	10	disable = yes
	11	per_source = 11
	12	cps = 100 2
	13	diff -up tftp-hpa-0.48/README.security.tftpboot tftp-hpa-0.48/README.security
	14	--- tftp-hpa-0.48/README.security.tftpboot 2008-05-29 17:36:32.000000000 +0200
	15	+++ tftp-hpa-0.48/README.security 2008-05-29 17:37:21.000000000 +0200
	16	@@ -17,10 +17,10 @@ probably the following:
	17
	18	1. Create a separate "tftpd" user and group only used for tftpd;
	19	2. Have all your boot files in a single directory tree (usually called
	20	- /tftpboot).
	21	-3. Specify "-p -u tftpd -s /tftpboot" on the tftpd command line; if
	22	+ /var/lib/tftpboot).
	23	+3. Specify "-p -u tftpd -s /var/lib/tftpboot" on the tftpd command line; if
	24	you want clients to be able to create files use
	25	- "-p -c -U 002 -u tftpd -s /tftpboot" (replace 002 with whatever
	26	+ "-p -c -U 002 -u tftpd -s /var/lib/tftpboot" (replace 002 with whatever
	27	umask is appropriate for your setup.)
	28
	29	=======================================
	30	@@ -40,12 +40,12 @@ directly. Thus, if your /etc/inetd.conf
	31	line):
	32
	33	tftp dgram udp wait root /usr/sbin/tcpd
	34	-/usr/sbin/in.tftpd -s /tftpboot -r blksize
	35	+/usr/sbin/in.tftpd -s /var/lib/tftpboot -r blksize
	36
	37	... it's better to change to ...
	38
	39	tftp dgram udp wait root /usr/sbin/in.tftpd
	40	-in.tftpd -s /tftpboot -r blksize
	41	+in.tftpd -s /var/lib/tftpboot -r blksize
	42
	43	You should make sure that you are using "wait" option in tftpd; you
	44	also need to have tftpd spawned as root in order for chroot (-s) to
	45	diff -up tftp-hpa-0.48/tftpd/sample.rules.tftpboot tftp-hpa-0.48/tftpd/sample.rules
	46	--- tftp-hpa-0.48/tftpd/sample.rules.tftpboot 2008-05-29 17:38:46.000000000 +0200
	47	+++ tftp-hpa-0.48/tftpd/sample.rules 2008-05-29 17:38:05.000000000 +0200
	48	@@ -30,5 +30,5 @@ rg \\ / # Convert backslashes to slash
	49	rg \# @ # Convert hash marks to @ signs
	50	rg /../ /..no../ # Convert /../ to /..no../
	51	e ^ok/ # These are always ok
	52	-r ^[^/] /tftpboot/\0 # Convert non-absolute files
	53	+r ^[^/] /var/lib/tftpboot/\0 # Convert non-absolute files
	54	a \.pvt$ # Reject requests for private files