diff options
| author |   Matsuu Takuto <matsuu@gentoo.org> | 2004-12-02 15:30:22 +0000 |
|---|---|---|
| committer | Matsuu Takuto <matsuu@gentoo.org> | 2004-12-02 15:30:22 +0000 |
| commit | ff9828bd1df2fdfe8ff6305e9714561d4a97dfb6 (patch) | |
| tree | d080684876c20cf30394a938863a0131f24db6db /net-misc/scponly | |
| parent | merge some local cross-compile updates (Manifest recommit) (diff) | |
| download | gentoo-2-ff9828bd1df2fdfe8ff6305e9714561d4a97dfb6.tar.gz gentoo-2-ff9828bd1df2fdfe8ff6305e9714561d4a97dfb6.tar.bz2 gentoo-2-ff9828bd1df2fdfe8ff6305e9714561d4a97dfb6.zip | |
security bump. bug 72815.
Diffstat (limited to 'net-misc/scponly')
| -rw-r--r-- | net-misc/scponly/ChangeLog | 7 | ||||
| -rw-r--r-- | net-misc/scponly/Manifest | 2 | ||||
| -rw-r--r-- | net-misc/scponly/files/digest-scponly-4.0 | 1 | ||||
| -rw-r--r-- | net-misc/scponly/scponly-4.0.ebuild | 107 |
4 files changed, 116 insertions, 1 deletions
diff --git a/net-misc/scponly/ChangeLog b/net-misc/scponly/ChangeLog index 4dbb6669fe38..418b1fea8ae5 100644 --- a/net-misc/scponly/ChangeLog +++ b/net-misc/scponly/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-misc/scponly # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/scponly/ChangeLog,v 1.12 2004/10/31 14:49:56 matsuu Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/scponly/ChangeLog,v 1.13 2004/12/02 15:30:22 matsuu Exp $ + +*scponly-4.0 (03 Dec 2004) + + 03 Dec 2004; MATSUU Takuto <matsuu@gentoo.org> +scponly-4.0.ebuild: + security bump - bug 72815 31 Oct 2004; MATSUU Takuto <matsuu@gentoo.org> scponly-3.11-r2.ebuild, -scponly-3.7.ebuild, -scponly-3.8.ebuild: diff --git a/net-misc/scponly/Manifest b/net-misc/scponly/Manifest index ee8a72c4952e..095c5a8ae525 100644 --- a/net-misc/scponly/Manifest +++ b/net-misc/scponly/Manifest @@ -1,4 +1,6 @@ +MD5 26d8ac53738a875ed8564d4a099cc53a scponly-4.0.ebuild 3073 MD5 e8351ad8c6e76a8b538676e19940e5c7 scponly-3.11-r2.ebuild 3142 MD5 f54d9da22b4c711bd1fc28fad6d597f8 ChangeLog 1904 MD5 e10a0da4fac2882942ffa8360ccdd921 metadata.xml 201 MD5 e4d07123d938d81c26fa0f70de4b6a8d files/digest-scponly-3.11-r2 60 +MD5 a1f6bee0be7b749e155d9ec945ce31a4 files/digest-scponly-4.0 59 diff --git a/net-misc/scponly/files/digest-scponly-4.0 b/net-misc/scponly/files/digest-scponly-4.0 new file mode 100644 index 000000000000..537377f1bde1 --- /dev/null +++ b/net-misc/scponly/files/digest-scponly-4.0 @@ -0,0 +1 @@ +MD5 1706732945996865ed0cccd440b64fc1 scponly-4.0.tgz 85053 diff --git a/net-misc/scponly/scponly-4.0.ebuild b/net-misc/scponly/scponly-4.0.ebuild new file mode 100644 index 000000000000..deb7078f6bb3 --- /dev/null +++ b/net-misc/scponly/scponly-4.0.ebuild @@ -0,0 +1,107 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/scponly/scponly-4.0.ebuild,v 1.1 2004/12/02 15:30:22 matsuu Exp $ + +inherit eutils + +DESCRIPTION="A tiny pseudoshell which only permits scp and sftp" +HOMEPAGE="http://www.sublimation.org/scponly/" +SRC_URI="http://www.sublimation.org/scponly/${P}.tgz" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="x86 amd64 ~sparc ~ppc" +IUSE="" + +DEPEND="virtual/libc + net-misc/openssh" + +src_compile() { + PATH="${PATH}:/usr/lib/misc" \ + econf \ + --enable-rsync-compat \ + --enable-chrooted-binary \ + || die "./configure failed" + emake || die +} + +src_install() { + make prefix=${D}/usr \ + mandir=${D}/usr/share/man \ + CONFDIR=${D}/etc/scponly \ + install || die + + dodoc AUTHOR CHANGELOG CONTRIB README TODO +} + +pkg_postinst() { + # pkg_postinst is based on ${S}/setup_chroot.sh. + + local myuser="scponly" + local myhome="/home/${myuser}" + + einfo "Updating /etc/shells" + { grep -v "^/usr/bin/scponly$" /etc/shells; + echo "/usr/bin/scponly" + } > ${T}/shells + mv -f ${T}/shells /etc/shells + + { grep -v "^/usr/sbin/scponlyc$" /etc/shells; + echo "/usr/sbin/scponlyc" + } > ${T}/shells + mv -f ${T}/shells /etc/shells + + BINARIES="/usr/lib/misc/sftp-server /bin/ls /usr/bin/scp /bin/rm /bin/ln /bin/mv /bin/chmod /bin/chown /bin/chgrp /bin/mkdir /bin/rmdir /bin/pwd /bin/groups /usr/bin/ld /bin/echo /usr/bin/rsync" + LIB_LIST=`/usr/bin/ldd $BINARIES 2> /dev/null | /bin/cut -f2 -d\> | /bin/cut -f1 -d\( | /bin/grep "^ " | /bin/sort -u` + LDSO_LIST="/lib/ld.so /libexec/ld-elf.so /libexec/ld-elf.so.1 /usr/libexec/ld.so /lib/ld-linux.so.2 /usr/libexec/ld-elf.so.1" + for lib in $LDSO_LIST; do + if [ -f $lib ]; then + LIB_LIST="$LIB_LIST $lib" + fi + done + /bin/ls /lib/libnss_compat* > /dev/null 2>&1 + if [ $? -eq 0 ]; then + LIB_LIST="$LIB_LIST /lib/libnss_compat*" + fi + + ldconfig + LIB_LIST="$LIB_LIST /etc/ld.so.cache /etc/ld.so.conf" + + enewgroup ${myuser} + enewuser ${myuser} -1 /usr/sbin/scponlyc ${myhome} ${myuser} + if [ ! -d ${myhome} ]; then + /bin/install -c -d ${myhome} + /bin/chmod 755 ${myhome} + fi + if [ ! -d ${myhome} ]; then + /bin/install -c -d ${myhome}/etc + /bin/chown 0:0 ${myhome}/etc + /bin/chmod 755 ${myhome}/etc + fi + for bin in $BINARIES; do + /bin/install -c -d ${myhome}/`/bin/dirname $bin` + /bin/install -c $bin ${myhome}/$bin + done + for lib in $LIB_LIST; do + /bin/install -c -d ${myhome}/`/bin/dirname $lib` + /bin/install -c $lib ${myhome}/$lib + done + + /bin/chown 0:0 ${myhome} + if [ -d ${myhome}/.ssh ]; then + /bin/chown 0:0 ${myhome}/.ssh + fi + + if [ ! -d ${myhome}/incoming ]; then + einfo "creating ${myhome}/incoming directory for uploading files" + /bin/install -c -o ${myuser} -d ${myhome}/incoming + fi + /bin/chown $myuser:$myuser ${myhome}/incoming + + grep "^${myuser}" /etc/passwd > ${myhome}/etc/passwd + + einfo "" + einfo "if you experience a warning with winscp regarding groups, please install" + einfo "the provided hacked out fake groups program into your chroot, like so:" + einfo "cp groups ${myhome}/bin/groups" +} |