diff options
author | Pav Lucistnik <pav@FreeBSD.org> | 2008-04-03 14:14:28 +0000 |
---|---|---|
committer | Pav Lucistnik <pav@FreeBSD.org> | 2008-04-03 14:14:28 +0000 |
commit | 1c286a97e0887207c3d2d1ce2bb87be4b828aec7 (patch) | |
tree | c1f6e55f05472aa62065886d10f81393d9356034 | |
parent | Update to 1.02 (diff) |
- Update to 4.8
PR: ports/121651
Submitted by: Philip M. Gollucci <pgollucci@p6m7g8.com>
Approved by: maintainer timeout (rushani; 3 weeks)
-rw-r--r-- | shells/scponly/Makefile | 11 | ||||
-rw-r--r-- | shells/scponly/distinfo | 6 | ||||
-rw-r--r-- | shells/scponly/files/patch-helper.c | 97 | ||||
-rw-r--r-- | shells/scponly/files/scponlyc.in | 81 | ||||
-rw-r--r-- | shells/scponly/pkg-descr | 2 |
5 files changed, 61 insertions, 136 deletions
diff --git a/shells/scponly/Makefile b/shells/scponly/Makefile index 875785585139..f711f83ee38c 100644 --- a/shells/scponly/Makefile +++ b/shells/scponly/Makefile @@ -70,11 +70,10 @@ # to be installed. PORTNAME= scponly -PORTVERSION= 4.6 -PORTREVISION= 3 -CATEGORIES= shells +PORTVERSION= 4.8 +CATEGORIES= shells security MASTER_SITES= http://www.sublimation.org/scponly/ \ - ${MASTER_SITE_SOURCEFORGE} + SF MASTER_SITE_SUBDIR= scponly EXTRACT_SUFX= .tgz @@ -83,9 +82,9 @@ COMMENT= A tiny shell that only permits scp and sftp MAN8= scponly.8 -GNU_CONFIGURE= yes +USE_RC_SUR= scponlyc -PATCH_STRIP= -p1 +GNU_CONFIGURE= yes OPTIONS= SCPONLY_WILDCARDS "wildcards processing" on \ SCPONLY_GFTP "gftp compatibility" on \ diff --git a/shells/scponly/distinfo b/shells/scponly/distinfo index 6b8db552aae8..2b739182a14c 100644 --- a/shells/scponly/distinfo +++ b/shells/scponly/distinfo @@ -1,3 +1,3 @@ -MD5 (scponly-4.6.tgz) = 0425cb868cadd026851238452f1db907 -SHA256 (scponly-4.6.tgz) = dfa5a334d66150289a391aea4dc00d1b039c644fd1c628bdeddaa7b0710e01a7 -SIZE (scponly-4.6.tgz) = 96578 +MD5 (scponly-4.8.tgz) = 139ac9abd7f3b8dbc5c5520745318f8a +SHA256 (scponly-4.8.tgz) = 1693dd678355749c5d9e48ecdd4628dbfe71d82955afde950ee8d88b5adc01cf +SIZE (scponly-4.8.tgz) = 101687 diff --git a/shells/scponly/files/patch-helper.c b/shells/scponly/files/patch-helper.c deleted file mode 100644 index 875de04fc1ce..000000000000 --- a/shells/scponly/files/patch-helper.c +++ /dev/null @@ -1,97 +0,0 @@ ---- scponly-4.6/helper.c.orig Tue Jan 31 22:04:16 2006 -+++ scponly-4.6/helper.c Thu Mar 23 00:53:01 2006 -@@ -133,6 +133,78 @@ - char **tmpptr=av; - int ch; - int ac=0; -+ char **av2 = NULL; -+ -+ /* -+ * first count the arguments in the vector -+ */ -+ tmpptr=av; -+ while (*tmpptr!=NULL) -+ { -+ *tmpptr++; -+ ac++; -+ } -+ -+#ifdef PROG_RSYNC -+ if (exact_match(PROG_RSYNC, av[0])) -+ { -+ /* -+ * these are the long opts (beginning "--") which we -+ * allow for rsync -+ */ -+ char *permitted_long_opts[] = { -+ "--server", -+ "--sender", -+ "--delete", -+ NULL /* last element must be NULL */ -+ }; -+ -+ /* -+ * make a copy of the args excluding any permitted long -+ * options -+ */ -+ int i, j; -+ av2 = malloc(ac * sizeof *av2); -+ av2[0] = av[0]; -+ for (i = 1, j = 1; i < ac; ++i) -+ { -+ if (0 == strncmp(av[i], "--", 2)) -+ { -+ char **p; -+ /* -+ * test against permitted opts -+ */ -+ for (p = permitted_long_opts; *p; ++p) -+ { -+ if (exact_match(av[i], *p)) -+ break; -+ } -+ -+ if (*p) -+ { -+ /* -+ * permitted; skip this one -+ */ -+ continue; -+ } -+ else -+ { -+ /* -+ * no match -+ */ -+ syslog(LOG_ERR, "option %s is not permitted for use with %s (%s)", -+ av[i], cmdarg->name, logstamp()); -+ return 1; -+ } -+ } -+ av2[j++] = av[i]; -+ -+ } -+ av2[j] = NULL; -+ ac = j; -+ av = av2; -+ } -+#endif /* PROG_RSYNC */ - - while (cmdarg != NULL) - { -@@ -151,15 +223,6 @@ - */ - if (1 == cmdarg->getoptflag) - { -- /* -- * first count the arguments in the vector -- */ -- tmpptr=av; -- while (*tmpptr!=NULL) -- { -- *tmpptr++; -- ac++; -- } - /* - * now use getopt to look for our problem option - */ diff --git a/shells/scponly/files/scponlyc.in b/shells/scponly/files/scponlyc.in index 69b65dd08f6f..6f9d48e4aaef 100644 --- a/shells/scponly/files/scponlyc.in +++ b/shells/scponly/files/scponlyc.in @@ -1,14 +1,32 @@ #!/bin/sh +# +# $FreeBSD$ +# -ETCSHELLS="${ETCSHELLS:-/etc/shells}" -ETCPASSWD="${ETCPASSWD:-/etc/passwd}" +# PROVIDE: scponlyc +# REQUIRE: LOGIN cleanvar +# KEYWORD: shutdown -# script to create devfs filesystems at boot time for scponlyc -# chroot'ed users. We will read ${ETCSHELLS} to determine -# where scponlyc is installed. Then we'll iterate through -# each user in ${ETCPASSWD} to find users whose shell is set to -# scponlyc. For each such user found, we will create a -# minimal devfs under ~/dev. +# Add the following lines to /etc/rc.conf to enable scponly: +# spconlyc_enable (bool): Set to "NO" by default. +# Set it to "YES" to enable scponly +# scponlyc_shells (str): Set to "/etc/shells" by default. +# scponlyc_passwd (str): Set to "/etc/passwd" by default. + +. %%RC_SUBR%% + +scponlyc_shells="${scponlyc_shells:-/etc/shells}" +scponlyc_passwd="${scponlyc_passwd:-/etc/passwd}" + +name="scponlyc" +rcvar=`set_rcvar` + +start_cmd="scponlyc_startcmd" +stop_cmd="scponlyc_stopcmd" + +required_files="$scponlyc_shells $scponlyc_passwd" + +scponlyc=%%PREFIX%%/sbin/scponlyc make_devfs() { # $1 is the user name whose home directory needs a minimal @@ -16,41 +34,46 @@ make_devfs() { eval DEV="~$1/dev" while /sbin/umount "${DEV}" 2>/dev/null; do :; done - rm -rf "${DEV}" - mkdir -p "${DEV}" - if /sbin/mount_devfs devfs "${DEV}"; then + /bin/rm -rf "${DEV}" + /bin/mkdir -p "${DEV}" + if /sbin/mount -t devfs dev "${DEV}"; then /sbin/devfs -m "${DEV}" rule -s 1 applyset && \ /sbin/devfs -m "${DEV}" rule -s 2 applyset || \ /sbin/umount "${DEV}" 2>/dev/null fi } +users_configured() { + + if [ `/usr/bin/grep -c "/scponlyc$" ${scponlyc_shells} 2>/dev/null` -ne 1 ]; then + exit 1 + fi +} + +scponlyc_startcmd() { -scponlyc_startup() { - # $1 is the path to the /etc/passwd file + users_configured - grep "^[^#]*:.*:.*:.*:.*:.*:${SCPONLYC}$" < "$1" | + /usr/bin/grep "^[^#]*:.*:.*:.*:.*:.*:${scponlyc}$" ${scponlyc_passwd} | /usr/bin/awk -F: {'print $1'} | while read USER; do + /bin/echo "${USER}/dev" make_devfs "${USER}" done } -SCPONLYC=`/usr/bin/grep "/scponlyc$" ${ETCSHELLS} 2>/dev/null | /usr/bin/tail -1` +scponlyc_stopcmd() { -if [ "x${SCPONLYC}" = "x" ]; then - echo scponlyc is not defined in ${ETCSHELLS} >&2 - exit 1 -fi + users_configured -case "$1" in -start) - scponlyc_startup "${ETCPASSWD}" - echo -n ' scponlyc' - ;; -*) - echo "Usage: `basename $0` start" >&2 - ;; -esac + /usr/bin/grep "^[^#]*:.*:.*:.*:.*:.*:${scponlyc}$" ${scponlyc_passwd} | + /usr/bin/awk -F: {'print $1'} | + while read USER; do + /bin/echo "${USER}/dev" + eval DEV="~${USER}/dev" + /sbin/umount ${DEV} 2>/dev/null + done +} -exit 0 +load_rc_config $name +run_rc_command "$1" diff --git a/shells/scponly/pkg-descr b/shells/scponly/pkg-descr index 34bff16b4ced..1667a93fd055 100644 --- a/shells/scponly/pkg-descr +++ b/shells/scponly/pkg-descr @@ -9,6 +9,6 @@ shell upon login. (The first argument is the shell itself, and the second is -c.) The only commands allowed are "scp", "sftp-server" and "ls". Arguments to these commands are passed along unmolested. -WWW: http://www.sublimation.org/scponly/ +WWW: http://sublimation.org/scponly/wiki/index.php/Main_Page ---Ken McGlothlen (mcglk@artlogix.com) |