Date: Wed, 12 Mar 2008 15:58:03 -0400 (EDT) From: "Philip M. Gollucci" <pgollucci@p6m7g8.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: rushani@FreeBSD.org Subject: ports/121651: shells/scponly: [PATCH]: update 4.6 -> 4.8 Message-ID: <200803121958.m2CJw309046646@piccollo.p6m7g8.net> Resent-Message-ID: <200803122020.m2CKK3Dh085399@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 121651
>Category: ports
>Synopsis: shells/scponly: [PATCH]: update 4.6 -> 4.8
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Mar 12 20:20:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Philip M. Gollucci
>Release: FreeBSD 8.0-CURRENT i386
>Organization:
Riderway Inc.
>Environment:
System: FreeBSD piccollo.p6m7g8.net 8.0-CURRENT FreeBSD 8.0-CURRENT #1: Sun Mar 2 09:48:59 EST 2008 root@krillin.p6m7g8.net:/usr/obj/usr/src/sys/PICCOLLO i386
>Description:
Makefile:
1) Variable /etc/shells into ETCSHELLS
2) Use SF Macro
3) Remove files/patch-helper.c (these options are allowed by default now)
a) remove PATCH_STRIP
4) Make setup chroot cage instructions cut and pasteable
5) Add secondary category security
6) Add USE_RC_SUBR
pkg-descr:
1) Update URL (previous redirects to this)
files/scponlyc.in:
1) Convert to RCng style
2) Bug Fix: mount_devfs is not mount -t devfs dev /foo
3) Add a 'stop' to umount devfs systems
ports/UPDATING
1) Add note about USE_RC_SUBR
>How-To-Repeat:
>Fix:
--- shells_scponly.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/shells/scponly/Makefile,v
retrieving revision 1.28
diff -u -r1.28 Makefile
--- Makefile 3 Oct 2007 13:07:55 -0000 1.28
+++ Makefile 12 Mar 2008 19:42:56 -0000
@@ -70,11 +70,10 @@
# to be installed.
PORTNAME= scponly
-PORTVERSION= 4.6
-PORTREVISION= 3
-CATEGORIES= shells
+PORTVERSION= 4.8
+CATEGORIES= shells security
MASTER_SITES= http://www.sublimation.org/scponly/ \
- ${MASTER_SITE_SOURCEFORGE}
+ SF
MASTER_SITE_SUBDIR= scponly
EXTRACT_SUFX= .tgz
@@ -83,9 +82,9 @@
MAN8= scponly.8
-GNU_CONFIGURE= yes
+USE_RC_SUR= scponlyc
-PATCH_STRIP= -p1
+GNU_CONFIGURE= yes
OPTIONS= SCPONLY_WILDCARDS "wildcards processing" on \
SCPONLY_GFTP "gftp compatibility" on \
@@ -156,6 +155,8 @@
CONFIGURE_ARGS+=--enable-winscp-compat
.endif
+ETCSHELLS=/etc/shells
+
pre-everything::
@${ECHO_MSG} "From scponly 4.2, scp & WinSCP compatibilities are not"
@${ECHO_MSG} "enabled by default. To enable those compatibilities,"
@@ -166,22 +167,22 @@
@${ECHO_MSG} ""
post-install:
- @${ECHO_MSG} "Updating /etc/shells"
- @${CP} /etc/shells /etc/shells.bak
- @(${GREP} -v ${PREFIX}/bin/scponly /etc/shells.bak; \
- ${ECHO_CMD} ${PREFIX}/bin/scponly) > /etc/shells
- @${RM} /etc/shells.bak
+ @${ECHO_MSG} "Updating ${ETCSHELLS}"
+ @${CP} ${ETCSHELLS} ${ETCSHELLS}.bak
+ @(${GREP} -v ${PREFIX}/bin/scponly ${ETCSHELLS}.bak; \
+ ${ECHO_CMD} ${PREFIX}/bin/scponly) > ${ETCSHELLS}
+ @${RM} ${ETCSHELLS}.bak
.if defined(WITH_SCPONLY_CHROOT)
- @${CP} /etc/shells /etc/shells.bak
- @(${GREP} -v ${PREFIX}/sbin/scponlyc /etc/shells.bak; \
- ${ECHO_CMD} ${PREFIX}/sbin/scponlyc) > /etc/shells
- @${RM} /etc/shells.bak
+ @${CP} ${ETCSHELLS} ${ETCSHELLS}.bak
+ @(${GREP} -v ${PREFIX}/sbin/scponlyc ${ETCSHELLS}.bak; \
+ ${ECHO_CMD} ${PREFIX}/sbin/scponlyc) > ${ETCSHELLS}
+ @${RM} ${ETCSHELLS}.bak
@${MKDIR} ${EXAMPLESDIR}
@${INSTALL_SCRIPT} ${WRKSRC}/setup_chroot.sh ${EXAMPLESDIR}
@${INSTALL_DATA} ${WRKSRC}/config.h ${EXAMPLESDIR}
@${ECHO_MSG} ""
@${ECHO_MSG} "To setup chroot cage, run following command:"
- @${ECHO_MSG} " cd ${EXAMPLESDIR}/ && ${SH} setup_chroot.sh"
+ @${ECHO_MSG} " cd ${EXAMPLESDIR} && sudo ./setup_chroot.sh"
@${ECHO_MSG} ""
.endif
.if !defined(NOPORTDOCS)
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/shells/scponly/distinfo,v
retrieving revision 1.14
diff -u -r1.14 distinfo
--- distinfo 3 Jun 2006 02:59:04 -0000 1.14
+++ distinfo 12 Mar 2008 18:33:43 -0000
@@ -1,3 +1,3 @@
-MD5 (scponly-4.6.tgz) = 0425cb868cadd026851238452f1db907
-SHA256 (scponly-4.6.tgz) = dfa5a334d66150289a391aea4dc00d1b039c644fd1c628bdeddaa7b0710e01a7
-SIZE (scponly-4.6.tgz) = 96578
+MD5 (scponly-4.8.tgz) = 139ac9abd7f3b8dbc5c5520745318f8a
+SHA256 (scponly-4.8.tgz) = 1693dd678355749c5d9e48ecdd4628dbfe71d82955afde950ee8d88b5adc01cf
+SIZE (scponly-4.8.tgz) = 101687
Index: pkg-descr
===================================================================
RCS file: /home/ncvs/ports/shells/scponly/pkg-descr,v
retrieving revision 1.2
diff -u -r1.2 pkg-descr
--- pkg-descr 3 Jan 2003 18:15:43 -0000 1.2
+++ pkg-descr 12 Mar 2008 18:37:51 -0000
@@ -9,6 +9,6 @@
-c.) The only commands allowed are "scp", "sftp-server" and "ls". Arguments
to these commands are passed along unmolested.
-WWW: http://www.sublimation.org/scponly/
+WWW: http://sublimation.org/scponly/wiki/index.php/Main_Page
---Ken McGlothlen (mcglk@artlogix.com)
Index: files/scponlyc.in
===================================================================
RCS file: /home/ncvs/ports/shells/scponly/files/scponlyc.in,v
retrieving revision 1.1
diff -u -r1.1 scponlyc.in
--- files/scponlyc.in 3 Oct 2007 13:07:09 -0000 1.1
+++ files/scponlyc.in 12 Mar 2008 19:33:41 -0000
@@ -1,56 +1,79 @@
#!/bin/sh
+#
+# $FreeBSD$
+#
-ETCSHELLS="${ETCSHELLS:-/etc/shells}"
-ETCPASSWD="${ETCPASSWD:-/etc/passwd}"
+# PROVIDE: scponlyc
+# REQUIRE: LOGIN cleanvar
+# KEYWORD: shutdown
-# script to create devfs filesystems at boot time for scponlyc
-# chroot'ed users. We will read ${ETCSHELLS} to determine
-# where scponlyc is installed. Then we'll iterate through
-# each user in ${ETCPASSWD} to find users whose shell is set to
-# scponlyc. For each such user found, we will create a
-# minimal devfs under ~/dev.
+# Add the following lines to /etc/rc.conf to enable scponly:
+# spconlyc_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable scponly
+# scponlyc_shells (str): Set to "/etc/shells" by default.
+# scponlyc_passwd (str): Set to "/etc/passwd" by default.
+
+. %%RC_SUBR%%
+
+scponlyc_shells="${scponlyc_shells:-/etc/shells}"
+scponlyc_passwd="${scponlyc_passwd:-/etc/passwd}"
+
+name="scponlyc"
+rcvar=`set_rcvar`
+
+start_cmd="scponlyc_startcmd"
+stop_cmd="scponlyc_stopcmd"
+
+required_files="$scponlyc_shells $scponlyc_passwd"
+
+scponlyc=%%PREFIX%%/sbin/scponlyc
make_devfs() {
# $1 is the user name whose home directory needs a minimal
# devfs created. If ~/dev exists, it will be deleted.
eval DEV="~$1/dev"
- while /sbin/umount "${DEV}" 2>/dev/null; do :; done
+ while umount "${DEV}" 2>/dev/null; do :; done
rm -rf "${DEV}"
mkdir -p "${DEV}"
- if /sbin/mount_devfs devfs "${DEV}"; then
- /sbin/devfs -m "${DEV}" rule -s 1 applyset && \
- /sbin/devfs -m "${DEV}" rule -s 2 applyset || \
- /sbin/umount "${DEV}" 2>/dev/null
+ if mount -t devfs dev "${DEV}"; then
+ devfs -m "${DEV}" rule -s 1 applyset && \
+ devfs -m "${DEV}" rule -s 2 applyset || \
+ umount "${DEV}" 2>/dev/null
+ fi
+}
+
+users_configured() {
+
+ if [ `grep -c "/scponlyc$" ${scponlyc_shells} 2>/dev/null` -ne 1 ]; then
+ exit 1
fi
}
+scponlyc_startcmd() {
-scponlyc_startup() {
- # $1 is the path to the /etc/passwd file
+ users_configured
- grep "^[^#]*:.*:.*:.*:.*:.*:${SCPONLYC}$" < "$1" |
- /usr/bin/awk -F: {'print $1'} |
+ grep "^[^#]*:.*:.*:.*:.*:.*:${scponlyc}$" ${scponlyc_passwd} |
+ awk -F: {'print $1'} |
while read USER; do
+ echo "${USER}/dev"
make_devfs "${USER}"
done
}
-SCPONLYC=`/usr/bin/grep "/scponlyc$" ${ETCSHELLS} 2>/dev/null | /usr/bin/tail -1`
+scponlyc_stopcmd() {
+
+ users_configured
-if [ "x${SCPONLYC}" = "x" ]; then
- echo scponlyc is not defined in ${ETCSHELLS} >&2
- exit 1
-fi
-
-case "$1" in
-start)
- scponlyc_startup "${ETCPASSWD}"
- echo -n ' scponlyc'
- ;;
-*)
- echo "Usage: `basename $0` start" >&2
- ;;
-esac
+ grep "^[^#]*:.*:.*:.*:.*:.*:${scponlyc}$" ${scponlyc_passwd} |
+ awk -F: {'print $1'} |
+ while read USER; do
+ echo "${USER}/dev"
+ eval DEV="~${USER}/dev"
+ umount ${DEV} 2>/dev/null
+ done
+}
-exit 0
+load_rc_config $name
+run_rc_command "$1"
--- shells_scponly.diff ends here ---
--- UPDATING.diff begins here ---
Index: UPDATING
===================================================================
RCS file: /home/ncvs/ports/UPDATING,v
retrieving revision 1.593
diff -u -r1.593 UPDATING
--- UPDATING 5 Mar 2008 23:59:00 -0000 1.593
+++ UPDATING 12 Mar 2008 19:54:33 -0000
@@ -6,6 +6,17 @@
time you update your ports collection, before attempting any port
upgrades.
+20080312:
+ AFFECTS: users of shells/scponly
+ AUTHOR: pgollucci@p6m7g8.com
+
+ Updated to 4.8. The rc.d script has been converted to the RCng framework.
+
+ if you use the chrooted version you must now do:
+ echo "scponlyc_enable="YES" >> /etc/rc.conf
+
+ See ${PREFIX}/etc/rc.d/scponlyc for other tunables.
+
20080306:
AFFECTS: users of mail/dovecot
AUTHOR: ehaupt@FreeBSD.org
--- UPDATING.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200803121958.m2CJw309046646>