Remove rootlogin and proftp.py
Description
Steps to Reproduce
We currently write many separate files in `src/middlewared/middlewared/etc_files/local/proftpd.py`. Please break them into separate mako files. For example `/etc/ftpusers`. Please also double-check that the proftpd.motd can't be replaced by a `DisplayLogin` directive for the proftp config.
Expected Result
None
Actual Result
None
Environment
None
Hardware Health
None
Error Message (if applicable)
None
Activity
Show:
Mark Grimes July 23, 2024 at 2:43 PM
Removed rootlogin
from the database and as a user configuration option. Moved the configuration functions of the proftpd.py
script into the main mako template and sub templates following the ProFTPD model.
Bug Clerk July 22, 2024 at 9:06 PM
This issue has now been closed. Comments made after this point may not be viewed by the TrueNAS Teams. Please open a new issue if you have found a problem or need to re-engage with the TrueNAS Engineering Teams.
Bug Clerk July 20, 2024 at 4:13 AM
Complete
Pinned fields
Click on the next to a field label to start pinning.
Details
Assignee
Reporter
Andrew Walker
Andrew WalkerFix versions
Components
Priority
Undefined
More fields
Time tracking
Katalon Platform
Linked Test Cases, Katalon Defect Results, Katalon Studio Test Results
Linked Test Cases, Katalon Defect Results, Katalon Studio Test Results
Created May 8, 2024 at 2:45 PM
Updated August 22, 2024 at 12:46 PM
Resolved July 22, 2024 at 9:06 PM
ProFTPD is a comprised of a main daemon and a collection of modules. The configuration is similar, a main configuration file that may include configuration for the modules but are often employ their own module specific configuration file.
TrueNAS currently uses a mako template to generate a main configuration file and a python script to complete other configuration processing. Our goal is to move the work currently performed by the python module into sensible mako templates and to break the main mako template into the module specific templates.
The second primary goal is to remove the
rootlogin
configuration setting. Providing root login is considered a security risk and should not be facilitated.