Date: Tue, 1 Nov 2005 18:31:02 +0100 (CET) From: vaidab <vaidab@phenix.rootshell.be> To: FreeBSD-gnats-submit@FreeBSD.org Cc: vaida.bogdan@gmail.com Subject: ports/88354: New port: security/sud Message-ID: <Pine.LNX.4.62.0511011828110.25226@phenix.rootshell.be> Resent-Message-ID: <200511011740.jA1HeDTe026266@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 88354 >Category: ports >Synopsis: New port: security/sud >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Nov 01 17:40:13 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Vaida Bogdan >Release: FreeBSD 5.4-RELEASE-p8 i386 >Organization: >Environment: System: FreeBSD angelique.ro 5.4-RELEASE-p8 FreeBSD 5.4-RELEASE-p8 #22: Thu Oct 20 09:37:06 UTC 2005 root@angelique.ro:/usr/obj/usr/src/sys/ANGELIQUE i386 >Description: Sud is a daemon to execute interactive and non-interactive processes with special (and customizable) privileges in a nosuid environment. It is based on a client/server model and on the ability to pass file descriptors between processes. >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # sud # sud/pkg-descr # sud/distinfo # sud/Makefile # sud/files # sud/files/pkg-message.in # sud/files/ilogin.1 # sud/files/sud.1 # sud/files/patch-sud.conf.sample # sud/files/patch-sud.conf # sud/files/patch-main.c # sud/files/patch-ilogin.1 # sud/files/patch-sud.1 # sud/pkg-message # echo c - sud mkdir -p sud > /dev/null 2>&1 echo x - sud/pkg-descr sed 's/^X//' >sud/pkg-descr << 'END-of-sud/pkg-descr' XSud is a daemon to execute interactive and non-interactive Xprocesses with special (and customizable) privileges in a Xnosuid environment. It is based on a client/server model Xand on the ability to pass file descriptors between processes. X XWWW: http://sourceforge.net/projects/sud/ X X- bugghy Xbugghy@SAFe-mail.net END-of-sud/pkg-descr echo x - sud/distinfo sed 's/^X//' >sud/distinfo << 'END-of-sud/distinfo' XMD5 (sud-1.3.tar.gz) = f44ca2810ff72b84ad8a10cd62752098 XSIZE (sud-1.3.tar.gz) = 117542 END-of-sud/distinfo echo x - sud/Makefile sed 's/^X//' >sud/Makefile << 'END-of-sud/Makefile' X# New ports collection makefile for: sud X# Date created: 20 Sep 2004 X# Whom: bugghy <bugghy@SAFe-mail.net> X# X# $FreeBSD$ X# X XPORTNAME= sud XPORTVERSION= 1.3 XCATEGORIES= security sysutils XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE} XMASTER_SITE_SUBDIR= ${PORTNAME} X X XMAINTAINER= bugghy@SAFe-mail.net XCOMMENT= Daemon used to execute processes with special privileges in a nosuid environment X XGNU_CONFIGURE= yes X#ONFIGURE_ARGS= --program-prefix=/usr/local XMAN1= sud.1 suz.1 ilogin.1 XMANCOMPRESSED= no XPLIST_FILES= bin/suz sbin/sud sbin/ilogin etc/issue.suz etc/motd.suz etc/sud.conf.sample XPKGMESSAGE= ${WRKDIR}/pkg-message X Xpre-patch: X.for i in ilogin.1 sud.1 X @${SED} -e 's|PREFIX|${PREFIX}|g' ${FILESDIR}/${i} > ${FILESDIR}/patch-${i} X.endfor X @${SED} -e 's|PREFIX|${PREFIX}|g' ${FILESDIR}/pkg-message.in > ${PKGMESSAGE} X Xpost-install: X.if !defined(NOPORTDOCS) X @${INSTALL_MAN} ${WRKSRC}/sud.1 ${MAN1PREFIX}/man/man1 X @${INSTALL_MAN} ${WRKSRC}/suz.1 ${MAN1PREFIX}/man/man1 X @${INSTALL_MAN} ${WRKSRC}/ilogin.1 ${MAN1PREFIX}/man/man1 X.endif X X.for i in issue.suz motd.suz sud.conf sud.conf.sample X.if !exists(${PREFIX}/etc/${i}) X @${INSTALL_DATA} ${WRKSRC}/miscs/${i} ${PREFIX}/etc X.endif X.endfor X @${CAT} ${PKGMESSAGE} X X.include <bsd.port.mk> END-of-sud/Makefile echo c - sud/files mkdir -p sud/files > /dev/null 2>&1 echo x - sud/files/pkg-message.in sed 's/^X//' >sud/files/pkg-message.in << 'END-of-sud/files/pkg-message.in' X X############################################################################# X Copy /usr/local/etc/sud.conf.sample to /usr/local/etc/sud.conf X############################################################################# X X END-of-sud/files/pkg-message.in echo x - sud/files/ilogin.1 sed 's/^X//' >sud/files/ilogin.1 << 'END-of-sud/files/ilogin.1' X--- ilogin.1.orig Sat Sep 18 23:54:31 2004 X+++ ilogin.1 Sat Sep 18 23:54:51 2004 X@@ -6,9 +6,9 @@ X .SH DESCRIPTION X simple root login client used by sud(1) X .SH FILES X-.IP "\fI/etc/issue.suz\fR" X+.IP "\fI/usr/local/etc/issue.suz\fR" X \&\fBilogin\fR issue file X-.IP "\fI/etc/motd.suz\fR" X+.IP "\fI/usr/local/etc/motd.suz\fR" X \&\fBilogin\fR motd file X .SH SEE ALSO X .IP "\fIsud\fR\|(1)" END-of-sud/files/ilogin.1 echo x - sud/files/sud.1 sed 's/^X//' >sud/files/sud.1 << 'END-of-sud/files/sud.1' X--- sud.1.orig Sat Sep 18 23:53:35 2004 X+++ sud.1 Sat Sep 18 23:54:29 2004 X@@ -12,7 +12,7 @@ X mounted with nosuid flag X .PP X you can use your insecure program with root privileges by setting suipfile in X-/etc/sud.conf X+/usr/local/etc/sud.conf X .PP X your client will be authenticated by getting effective credentials via unix X socket X@@ -25,7 +25,7 @@ X The following options are available: X .TP X .B -f \fIconfigfile\fB X-parse configfile (default: /etc/sud.conf) X+parse configfile (default: /usr/local/etc/sud.conf) X .TP X .B -n X do not daemonize X@@ -39,7 +39,7 @@ X .B -v X print version X .SH OPTIONS FOR THE DAEMON X-The following entries are available in /etc/sud.conf in the form options X+The following entries are available in /usr/local/etc/sud.conf in the form options X { entries } X .TP X .B daemonize { yes, no } X@@ -65,7 +65,7 @@ X configuration X you can execute more sud programs by invoking sud with -p and -f options X .SH ENTRIES FOR SERVICES X-The following entries are available in /etc/sud.conf in the form service X+The following entries are available in /usr/local/etc/sud.conf in the form service X { entry = value ... } X There is a special service which can be specified for default entries, X every entry that is not specifed in a particular service will be set to X@@ -165,7 +165,7 @@ X .SH SIGNALS X SIGUSR1, SIGHUP reparse your configuration file X .SH FILES X-.IP "\fI/etc/sud.conf\fR" X+.IP "\fI/usr/local/etc/sud.conf\fR" X \&\fBsud\fR configuration file X .IP "\fI/var/run/sud.pid\fR" X \&\fBsud\fR locking file END-of-sud/files/sud.1 echo x - sud/files/patch-sud.conf.sample sed 's/^X//' >sud/files/patch-sud.conf.sample << 'END-of-sud/files/patch-sud.conf.sample' X--- miscs/sud.conf.sample.orig Sun Sep 19 00:38:29 2004 X+++ miscs/sud.conf.sample Sun Sep 19 00:39:13 2004 X@@ -17,7 +17,7 @@ X # authgroup will be 0 X X ilogin { X- suipfile = /usr/sbin/ilogin X+ suipfile = /usr/local/sbin/ilogin X nclients = 5 X timeout = 1000 X } X@@ -49,7 +49,7 @@ X } X X rootdir { X- suipfile = "/usr/bin/ls -R /root" X+ suipfile = "/bin/ls -R /root" X mode = command X } X END-of-sud/files/patch-sud.conf.sample echo x - sud/files/patch-sud.conf sed 's/^X//' >sud/files/patch-sud.conf << 'END-of-sud/files/patch-sud.conf' X--- miscs/sud.conf.orig Sun Sep 19 00:38:23 2004 X+++ miscs/sud.conf Sun Sep 19 00:38:37 2004 X@@ -1,5 +1,5 @@ X ilogin { X- suipfile = /usr/sbin/ilogin X+ suipfile = /usr/local/sbin/ilogin X sockfile = /var/run/sud.unix X nclients = 5 X timeout = 1000 END-of-sud/files/patch-sud.conf echo x - sud/files/patch-main.c sed 's/^X//' >sud/files/patch-main.c << 'END-of-sud/files/patch-main.c' X--- sud/main.c.orig Sun Sep 19 00:53:20 2004 X+++ sud/main.c Sun Sep 19 00:53:31 2004 X@@ -287,7 +287,7 @@ X fprintf(stderr, "unable to open %s\n", fileconf); X return -1; X } else if (fileconf == NULL) X- (void)openconf("/etc/sud.conf"); X+ (void)openconf("/usr/local/etc/sud.conf"); X X sud_daemonize(); X #ifdef DEBUG END-of-sud/files/patch-main.c echo x - sud/files/patch-ilogin.1 sed 's/^X//' >sud/files/patch-ilogin.1 << 'END-of-sud/files/patch-ilogin.1' X--- ilogin.1.orig Sat Sep 18 23:54:31 2004 X+++ ilogin.1 Sat Sep 18 23:54:51 2004 X@@ -6,9 +6,9 @@ X .SH DESCRIPTION X simple root login client used by sud(1) X .SH FILES X-.IP "\fI/etc/issue.suz\fR" X+.IP "\fI/usr/local/etc/issue.suz\fR" X \&\fBilogin\fR issue file X-.IP "\fI/etc/motd.suz\fR" X+.IP "\fI/usr/local/etc/motd.suz\fR" X \&\fBilogin\fR motd file X .SH SEE ALSO X .IP "\fIsud\fR\|(1)" END-of-sud/files/patch-ilogin.1 echo x - sud/files/patch-sud.1 sed 's/^X//' >sud/files/patch-sud.1 << 'END-of-sud/files/patch-sud.1' X--- sud.1.orig Sat Sep 18 23:53:35 2004 X+++ sud.1 Sat Sep 18 23:54:29 2004 X@@ -12,7 +12,7 @@ X mounted with nosuid flag X .PP X you can use your insecure program with root privileges by setting suipfile in X-/etc/sud.conf X+/usr/local/etc/sud.conf X .PP X your client will be authenticated by getting effective credentials via unix X socket X@@ -25,7 +25,7 @@ X The following options are available: X .TP X .B -f \fIconfigfile\fB X-parse configfile (default: /etc/sud.conf) X+parse configfile (default: /usr/local/etc/sud.conf) X .TP X .B -n X do not daemonize X@@ -39,7 +39,7 @@ X .B -v X print version X .SH OPTIONS FOR THE DAEMON X-The following entries are available in /etc/sud.conf in the form options X+The following entries are available in /usr/local/etc/sud.conf in the form options X { entries } X .TP X .B daemonize { yes, no } X@@ -65,7 +65,7 @@ X configuration X you can execute more sud programs by invoking sud with -p and -f options X .SH ENTRIES FOR SERVICES X-The following entries are available in /etc/sud.conf in the form service X+The following entries are available in /usr/local/etc/sud.conf in the form service X { entry = value ... } X There is a special service which can be specified for default entries, X every entry that is not specifed in a particular service will be set to X@@ -165,7 +165,7 @@ X .SH SIGNALS X SIGUSR1, SIGHUP reparse your configuration file X .SH FILES X-.IP "\fI/etc/sud.conf\fR" X+.IP "\fI/usr/local/etc/sud.conf\fR" X \&\fBsud\fR configuration file X .IP "\fI/var/run/sud.pid\fR" X \&\fBsud\fR locking file END-of-sud/files/patch-sud.1 echo x - sud/pkg-message sed 's/^X//' >sud/pkg-message << 'END-of-sud/pkg-message' X X############################################################################# X Copy /usr/local/etc/sud.conf.sample to /usr/local/etc/sud.conf X############################################################################# X X END-of-sud/pkg-message exit >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.62.0511011828110.25226>