authorPatrice Clement <>2015-10-23 08:31:53 +0000
committerPatrice Clement <>2015-10-23 08:32:34 +0000
commit85c4bf6fd5e57b0927330638ef071c71f1f5a64e (patch)
parentwww-client/chromium: backport fix for bug #562590 by W. Trevor King to M47 (diff)
www-misc/shellinabox: Initial import. Fixes bug 343765.
Package-Manager: portage- Signed-off-by: Patrice Clement <>
5 files changed, 261 insertions, 0 deletions
+DIST 328195 SHA256 0a3572268b7f42e402cd2fc48ca1f9d1dad6d27d6209ca19923a60f4ee5cb5f8 SHA512 a036131d48d7e1b2e69e128d509a755978bbeb13ebac82212b225d3b0eafea8420ecbb830ea85a75e870814bf20c446ca1642fe59da516f74e0e439a3a41fe24 WHIRLPOOL 903195402af196b55dafcf7f261bc291c5fdd690c3a40ca09578c58d307a6b75e38bbb5316995708e078a6bab6a36de1e2ae9722142bf97b948de2c1dbcf2e52
+# conf.d file for shellinaboxd
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+# Options available (copied from the man page):
+# Sometimes, it is not necessary to replace the entire style sheet using the
+# --static-file option. But instead a small incremental change should be made to
+# the visual appearance of the terminal. The --css option provides a means to
+# append additional style rules to the end of the default styles.css sheet. More
+# than one --css option can be given on the same command line.
+# You shouldn't need to change this value
+# unless you want to load your own style sheets.
+# If built with SSL/TLS support enabled, the daemon will look in SIAB_CERT_DIR for any
+# certificates. If unspecified, this defaults to the current working directory.
+# If the browser negotiated a Server Name Identification the daemon will look for
+# a matching certificate-SERVERNAME.pem file. This allows for virtual hosting
+# of multiple server names on the same IP address and port.
+# If no SNI handshake took place, it falls back on using the certificate in the
+# certificate.pem file.
+# The administrator should make sure that there are matching certificates for
+# each of the virtual hosts on this server, and that there is a generic certifi‐
+# cate.pem file.
+# If no suitable certificate is installed, shellinaboxd will attempt to invoke
+# /usr/bin/openssl and create a new self-signed certificate. This only
+# succeeds if, after dropping privileges, shellinaboxd has write
+# permissions for SIAB_CERT_DIR.
+# Most browsers show a warning message when encountering a self-signed
+# certificate and then allow the user the option of accepting the certificate.
+# Due to this usability problem, and due to the perceived security
+# implications, the use of auto-generated self-signed certificates is intended
+# for testing or in intranet deployments, only.
+# By default, shellinaboxd redirectes all incoming HTTP requests to their
+# equivalent HTTPS URLs. If promoting of connections to encrypted SSL/TLS
+# sessions is undesired, this behavior can be disabled.
+# This option is also useful during testing or for deployment in trusted
+# intranets, if SSL certificates are unavailable.
+# SIAB_DISABLE_SSL and SIAB_CERT_DIR are mutually exclusive options.
+# Add this option to SIAB_OPTS if you don't want SSL support.
+# Default port to listen on.
+# Run shellinabox as this user.
+# Run shellinabox as this group.
+# Default service to launch
+# Do not add both SIAB_CSS_DIR or SIAB_CERT_DIR to SIAB_OPTS.
+# Default setup turns off SSL.
+SIAB_OPTS="${SIAB_DISABLE_SSL} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}"
+# Uncomment this line to activate SSL.
+# SIAB_OPTS="--cert=${SIAB_CERT_DIR} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}"
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+depend() {
+ use net
+start_pre() {
+ function my_join() { local IFS="${1}"; shift; echo "$*"; }
+ if [[ -n ${SIAB_CSS_DIR} ]]; then
+ # This code searches SIAB_CSS_DIR for CSS files
+ # and formats the --user-css option accordingly.
+ local CSS_FILES=( "${SIAB_CSS_DIR}"/*.css )
+ local SIAB_CSS_FILES=()
+ for _CSS in "${CSS_FILES[@]}"; do
+ _BASE="$(basename ${_CSS})"
+ _NAME="${_BASE%%\.css}"
+ _NAME="${_NAME//-/_}"
+ _NAME="${_NAME^}"
+ # These are the default style sheets. Don't load them.
+ [[ ${_NAME} =~ ^(Print|Styles).*? ]] && continue
+ SIAB_CSS_FILES+=("\"${_NAME}\":-${_CSS}")
+ done
+ # The 1st one, which the default one, must be turned on using a + sign.
+ SIAB_CSS_FILES[0]=$(sed 's#:-#:+#' <<< ${SIAB_CSS_FILES[0]})
+ command_args="${command_args} --user-css=$(my_join , "${SIAB_CSS_FILES[@]}")"
+ fi
+ return 0
+start() {
+ ebegin "Starting ${my_daemon}"
+ start-stop-daemon \
+ --start \
+ --background \
+ --pidfile ${pidfile} \
+ --make-pidfile \
+ --exec ${command} \
+ -- ${command_args}
+ eend $?
+stop() {
+ ebegin "Stopping ${my_daemon}"
+ start-stop-daemon \
+ --stop \
+ --pidfile ${pidfile}
+ eend $?
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "">
+ <herd>shell-tools</herd>
+ <maintainer>
+ <email></email>
+ <name>Patrice Clement</name>
+ </maintainer>
+ <use>
+ <flag name="ssl">Enable SSL support.</flag>
+ <flag name="pam">Enable PAM support.</flag>
+ </use>
+ <upstream>
+ <remote-id type="github">shellinabox/shellinabox</remote-id>
+ </upstream>
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+inherit user autotools-utils
+DESCRIPTION="Web server that can export arbitrary command line tools to a web based terminal emulator"
+SRC_URI="${PN}/${PN}/archive/v${PV}.zip -> ${P}.zip"
+KEYWORDS="~amd64 ~ppc ~ppc64 ~x86"
+IUSE="+ssl +pam"
+ ssl? ( dev-libs/openssl:0= )
+ pam? ( virtual/pam )"
+shellinbox_gen_ssl_setup() {
+ read -r -d '' SIAB_SSL_SETUP << EOF
+openssl genrsa -des3 -out server.key 1024
+openssl req -new -key server.key -out server.csr
+cp server.key
+openssl rsa -in -out server.key
+openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
+cat server.crt server.key > certificate.pem
+pkg_setup() {
+ enewgroup "${SIAB_DAEMON}"
+ enewuser "${SIAB_DAEMON}" -1 -1 -1 "${SIAB_DAEMON}"
+src_configure() {
+ local myeconf="--disable-runtime-loading"
+ econf \
+ $(use_enable ssl) \
+ $(use_enable pam) \
+ "${myeconf}"
+src_install() {
+ emake DESTDIR="${D}" install || die
+ # make installs the binary in bin.
+ rm -rf "${D}/usr/bin" || die
+ # whereas it should put it in sbin.
+ dosbin "${SIAB_DAEMON}"
+ # Install init+conf files.
+ newinitd "${FILESDIR}/${SIAB_DAEMON}.init" "${SIAB_DAEMON}"
+ newconfd "${FILESDIR}/${SIAB_DAEMON}.conf" "${SIAB_DAEMON}"
+ # Install CSS files.
+ insinto "/usr/share/${PN}-resources"
+ doins -r "${PN}"/*.css
+ if use ssl; then
+ # Create directory where SSL certificates will be generated.
+ dodir "${SIAB_CERT_DIR}"
+ # Generate set up variable.
+ shellinbox_gen_ssl_setup
+ # Dump it in a bash script.
+ echo "#!/usr/bin/env bash" > "${D}/${SIAB_SSL_BASH}" ||die
+ echo "${SIAB_SSL_SETUP}" >> "${D}/${SIAB_SSL_BASH}" || die
+ chmod +x "${D}/${SIAB_SSL_BASH}" || die
+ fi
+pkg_postinst() {
+ ewarn
+ ewarn "The default configuration expose a login shell"
+ ewarn "with SSL disabled on the localhost interface only."
+ ewarn
+ if use ssl; then
+ shellinbox_gen_ssl_setup
+ einfo
+ einfo "To generate self-signed SSL certificates"
+ einfo "please read the following procedure"
+ einfo "explained here:"
+ einfo
+ einfo "${SIAB_SSL_SETUP}"
+ einfo
+ einfo "This walkthrough has been written in ${SIAB_SSL_BASH} for your convenience."
+ einfo "Make sure to execute this script."
+ einfo
+ fi