Need recommendation on FTP package

[dpalme]

It appears that Proftpd is now marked as broken, so I need to install a new ftp package....any suggestions on one that is easy to maintain?

 

[dave]

Try ftp/pure-ftpd - it's a good one. It has loads of features and is easy to setup. Specifically, I liked it for its support atomic uploads, which makes it good for editing web sites, which is what I used it for. I don't use it anymore, because I no longer allow FTP at all, but I used it for a long time, and it always did the job.

More: http://www.pureftpd.org/

 

[SirDice]

It was only broken on SPARC. Update your ports, it has been "unbroken".

http://www.freebsd.org/cgi/cvsweb.cgi/ports/ftp/proftpd/Makefile

 

[vermaden]

@dpalme

If You want something secure and simple then try ftp/vsftpd.

 

[dpalme]

I just updated my ports collection with portsnap fetch, portsnap extract, portsnap update and its still showing as broken.

 

[Ogham]

I just updated my ports collection with portsnap fetch, portsnap extract, portsnap update and its still showing as broken.

It does seem to be ok according to http://www.freshports.org/ftp/proftpd/

There are also -stable packages for the latest version on the ftp mirrors (I only checked amd64 and i386).

 

[dpalme]

well I have updated the ports collection multiple times and it still shows the old broken version of proftpd.

 

[SirDice]

Can you post the exact error message you're getting when you try to build it?

 

[dpalme]

www# make clean install
===>  Cleaning for proftpd-1.3.4a_3
===>  proftpd-1.3.4a_3 is marked as broken: __FreeBSD_libc_enter_restricted_mode is not supported.
*** Error code 1

Stop in /usr/ports/ftp/proftpd.
www#

 

[SirDice]

You seem to be missing FreeBSD-SA-11:07.chroot.

Is your base system up to date?

 

[dpalme]

I updated the ports tree with the portsnap commands but it never updates this port beyond this version.

Suggestions?

 

[dpalme]

OS level:

FreeBSD www 7.1-RELEASE-p5 FreeBSD 7.1-RELEASE-p5 #0: Wed May  6 18:10:51 PDT 2009     [emaildeleted[/email]:/usr/obj/usr/src/sys/GENERIC  i386

 

[chatwizrd]

Im pretty sure your 7.1 FreeBSD is extremely outdated and no longer supported. You should considering moving to 8.x or 9.x.

 

[dpalme]

Can that be done from remote?

 

[dpalme]

I updated the OS per http://security.freebsd.org/advisories/FreeBSD-SA-11:07.chroot.asc

However proftpd still won't install and gives me the same reason as before.

 

[chatwizrd]

Did you do the binary patch via [CMD="freebsd-update"][/CMD] or did you patch the source code?

 

[chatwizrd]

Ugh it cut out my command.

Did you update with # freebsd-update.

 

[dpalme]

Binary

 

[dpalme]

FreeBSD www 7.1-RELEASE-p15 FreeBSD 7.1-RELEASE-p15 #0: Tue Nov  9 05:59:11 UTC 2010     [email]root@i386-builder.daemonology.net[/email]:/usr/obj/usr/src/sys/GENERIC  i386

 

[chatwizrd]

Are you sure you ran the # freebsd-update install after # freebsd-update fetch.

It was supposed to update /usr/include/unistd.h with a new API which is what it is checking for.

If this command does not return 1 then something isn't right:

[CMD="#"]grep -c '__FreeBSD_libc_enter_restricted_mode' /usr/include/unistd.h[/CMD]

 

[dpalme]

Yes I ran install after the fetch. your command returns a 0 and here is what is returned when I run fetch:

www# freebsd-update fetch
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 7.1-RELEASE from update4.FreeBSD.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

No updates needed to update system to 7.1-RELEASE-p16.

WARNING: FreeBSD 7.1-RELEASE-p15 HAS PASSED ITS END-OF-LIFE DATE.
Any security issues discovered after Mon Jan 31 17:00:00 MST 2011
will not have been corrected.
www#

 

[chatwizrd]

Oh based on that warning I would guess it never applied this patch. This patch was recently released in 2012.

You should start by reading the handbook on how to upgrade to newer release of FreeBSD.

 

[dpalme]

Ok,
We got another box up with freebsd 9:

FreeBSD www 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan  3 07:46:30 UTC 2012     [email]root@farrell.cse.buffalo.edu[/email]:/usr/obj/usr/src/sys/GENERIC  amd64

I installed the portmaster(8) port so I can update all the ports before I start transferring our data....but I ran into an issue that maybe you can help with. On the old box all I had to do to run portmaster(8) was literally type in portmaster.....this new box won't do that, I have to type /usr/local/sbin/portmaster -L
Is there a way to make it so I don't have to do that?

 

[dpalme]

One final question, how do I make sure that I keep the box updated on the OS but without getting myself out there on the bleeding edge?

 

[SirDice]

On the old box all I had to do to run portmaster(8) was literally type in portmaster.....this new box won't do that, I have to type /usr/local/sbin/portmaster -L
Is there a way to make it so I don't have to do that?

If you installed something new, run rehash. Then it'll work as you expected.

One final question, how do I make sure that I keep the box updated on the OS but without getting myself out there on the bleeding edge?

Stick to 9.0-RELEASE. You'll be fine for the next couple of years. When 9.1 comes out you can upgrade to that without issues.

Sign up for the freebsd-security-notifications@ mailing list. If there's a security patch available you'll be notified.