Date: Wed, 21 Apr 2004 13:55:53 -0700 (PDT) From: nigmatyc <enispam@noos.fr> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/65860: [New Port] shell/rssh Message-ID: <200404212055.i3LKtrs7034497@www.freebsd.org> Resent-Message-ID: <200404212100.i3LL0VeC008185@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 65860 >Category: ports >Synopsis: [New Port] shell/rssh >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Apr 21 14:00:31 PDT 2004 >Closed-Date: >Last-Modified: >Originator: nigmatyc >Release: FreeBSD 5.2.1-RELEASE-p4 i386 >Organization: >Environment: FreeBSD toaster.open-coder.org 5.2.1-RELEASE-p4 FreeBSD 5.2.1-RELEASE-p4 #0: Wed Apr 14 13:25:08 CEST 2004 enigmatyc@toaster.open-coder.org:/usr/obj/usr/src/sys/TOASTER i386 >Description: It is a shell that allow only the use of scp and/or sftp. For exemple, if you host an arch repository and want a lot of security (sftp), you can give this account to the commiters. >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # rssh # rssh/distinfo # rssh/Makefile # rssh/files # rssh/files/patch-util.c # rssh/pkg-descr # rssh/pkg-plist # echo c - rssh mkdir -p rssh > /dev/null 2>&1 echo x - rssh/distinfo sed 's/^X//' >rssh/distinfo << 'END-of-rssh/distinfo' XMD5 (rssh-2.1.1.tar.gz) = d5260ad91fe71ba28ecb310892cc4139 XSIZE (rssh-2.1.1.tar.gz) = 88858 END-of-rssh/distinfo echo x - rssh/Makefile sed 's/^X//' >rssh/Makefile << 'END-of-rssh/Makefile' X# New ports collection makefile for: rssh X# Date created: Fri Apr 16 02:04:33 CEST 2004 X# Whom: enigmatyc X# X# $FreeBSD$ X# X XPORTNAME= rssh XPORTVERSION= 2.1.1 XCATEGORIES= shells XMASTER_SITES= http://heanet.dl.sourceforge.net/sourceforge/rssh/ X XMAINTAINER= enigmatyc@laposte.net XCOMMENT= a Restricted Secure SHell only for sftp or/and scp X XMAN1= rssh.1 X XGNU_CONFIGURE= Yes X X.include <bsd.port.mk> END-of-rssh/Makefile echo c - rssh/files mkdir -p rssh/files > /dev/null 2>&1 echo x - rssh/files/patch-util.c sed 's/^X//' >rssh/files/patch-util.c << 'END-of-rssh/files/patch-util.c' X--- util.c.orig Mon Jul 7 20:41:29 2003 X+++ util.c Fri Apr 16 01:28:16 2004 X@@ -1,9 +1,9 @@ X /* X * util.c - utility functions for rssh X- * X+ * X * Copyright 2003 Derek D. Martin ( code at pizzashack dot org ). X * X- * This program is licensed under a BSD-style license, as follows: X+ * This program is licensed under a BSD-style license, as follows: X * X * Redistribution and use in source and binary forms, with or without X * modification, are permitted provided that the following conditions X@@ -66,10 +66,10 @@ X extern char *username; X extern char *progname; X X-/* X+/* X * build_arg_vector() - return a pointer to a vector of strings which X * represent the arguments of the command to execv(). X- */ X+ */ X char **build_arg_vector( char *str, size_t reserve ) X { X X@@ -77,18 +77,18 @@ X int retc; X X result.we_offs = reserve; X- if ( (retc = wordexp(str, &result, WRDE_NOCMD|WRDE_DOOFFS)) ){ X+ if ( (retc = wordexp(str, &result, WRDE_NOCMD|WRDE_DOOFS)) ){ X log_set_priority(LOG_ERR); X switch( retc ){ X case WRDE_BADCHAR: X case WRDE_CMDSUB: X- fprintf(stderr, "%s: bad characters in arguments\n", X+ fprintf(stderr, "%s: bad characters in arguments\n", X progname); X log_msg("user %s used bad chars in command", X username); X break; X default: X- fprintf(stderr, "%s: error expanding arguments\n", X+ fprintf(stderr, "%s: error expanding arguments\n", X progname); X log_msg("error expanding arguments for user %s", X username); X@@ -105,7 +105,7 @@ X X log_set_priority(LOG_ERR); X /* determine which commands are usable for error message */ X- if ( (flags & (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP)) == X+ if ( (flags & (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP)) == X (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP) ) X cmd = " to scp or sftp"; X else if ( flags & RSSH_ALLOW_SCP ) X@@ -147,7 +147,7 @@ X len = strlen(PATH_SFTP_SERVER); X if ( cl_len < len ) len = cl_len; X /* check to see if cl starts with an allowed command */ X- if ( !(strncmp(cl, PATH_SFTP_SERVER, len)) && X+ if ( !(strncmp(cl, PATH_SFTP_SERVER, len)) && X (isspace(cl[len]) || cl[len] == '\0') && X opts->shell_flags & RSSH_ALLOW_SFTP ) X return PATH_SFTP_SERVER; X@@ -155,7 +155,7 @@ X len = 3; X /* if cl_len is less than 3, then it's not a valid command */ X if ( cl_len < 3 ) return NULL; X- if ( !(strncmp(cl, "scp", len)) && X+ if ( !(strncmp(cl, "scp", len)) && X (isspace(cl[len])) && X opts->shell_flags & RSSH_ALLOW_SCP ){ X return PATH_SCP; X@@ -183,7 +183,7 @@ X len--; X } X if ( (strncmp(root, path, len)) ) return NULL; X- X+ X /* X * path[len] is the first character of path which is not part of root. X * If it is not '/' then we chopped path off in the middle of a path X@@ -223,7 +223,7 @@ X * them. Returns the bits in the bool pointers of the X * same name, and returns FALSE if the bits are not valid X */ X-int validate_access( const char *temp, bool *allow_sftp, X+int validate_access( const char *temp, bool *allow_sftp, X bool *allow_scp ) X { X char scp[2]; END-of-rssh/files/patch-util.c echo x - rssh/pkg-descr sed 's/^X//' >rssh/pkg-descr << 'END-of-rssh/pkg-descr' Xrssh is a Restricted Secure SHell that allow only the use of sftp or scp. XIt could be use when you need an account (and a valid shell) in order to Xexecute sftp or scp but when you don't want to give the possibility to log Xin to this user. X XFor more valid information go on : Xwww.pizzashack.org/rssh/index.shtml X XEnjoy ! XFreeBSD is great ! X X-- Xenigmatyc <enigmatyc@laposte.net> END-of-rssh/pkg-descr echo x - rssh/pkg-plist sed 's/^X//' >rssh/pkg-plist << 'END-of-rssh/pkg-plist' Xbin/rssh Xetc/rssh.conf Xlibexec/rssh_chroot_helper END-of-rssh/pkg-plist exit >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200404212055.i3LKtrs7034497>