Date: 24 Sep 1997 07:32:36 -0000 From: vanilla@MinJe.com.TW To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: ports/4620: Update xinetd to 2.2.1 Message-ID: <19970924073236.8249.qmail@MinJe.com.TW> Resent-Message-ID: <199709240740.AAA11689@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 4620 >Category: ports >Synopsis: update xinetd to 2.2.1 >Confidential: yes >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Sep 24 00:40:01 PDT 1997 >Last-Modified: >Originator: Vanill I. Shu >Organization: Cray running FreeBSD >Release: FreeBSD 3.0-CURRENT i386 >Environment: >Description: update xinetd to 2.2.1 >How-To-Repeat: >Fix: diff -ruN xinetd.orig/Makefile xinetd/Makefile --- xinetd.orig/Makefile Mon Nov 18 22:13:43 1996 +++ xinetd/Makefile Wed Sep 24 08:08:41 1997 @@ -1,24 +1,24 @@ # New ports collection makefile for: xinetd -# Version required: 2.1.7-freebsd.4 +# Version required: 2.2.1 # Date created: 28 June 1996 # Whom: markm # # $Id: Makefile,v 1.3 1996/11/18 14:13:43 asami Exp $ # -DISTNAME= xinetd.2.1.7.4 +DISTNAME= xinetd-2.2.1 CATEGORIES= security -MASTER_SITES= ftp://ftp.telebase.com/pub/security/ -DISTFILES= xinetd.2.1.7-freebsd.4.tar.gz +MASTER_SITES= ftp://coast.cs.purdue.edu/pub/tools/unix/xinetd/ \ + ${MASTER_SITE_SUNSITE} +MASTER_SITE_SUBDIR= system/network/admin MAINTAINER= markm@FreeBSD.ORG -WRKSRC= ${WRKDIR}/xinetd.2.1.7-freebsd.4 MAN1= xinetd.1 MAN5= xinetd.conf.5 xinetd.log.5 do-build: - cd ${WRKSRC} ; ./compile-src -os freebsd2 -sf has_SB + cd ${WRKSRC} ; ./compile-src -os freebsd2 do-install: cd ${WRKSRC}/xinetd ; make install diff -ruN xinetd.orig/files/md5 xinetd/files/md5 --- xinetd.orig/files/md5 Thu Jul 11 06:18:38 1996 +++ xinetd/files/md5 Mon Sep 22 14:41:24 1997 @@ -1 +1 @@ -MD5 (xinetd.2.1.7-freebsd.4.tar.gz) = f2be3c9013e1100774c10d26715b445b +MD5 (xinetd-2.2.1.tar.gz) = 3c9c75f6738d6923db8919d6a445a3ff diff -ruN xinetd.orig/patches/patch-ab xinetd/patches/patch-ab --- xinetd.orig/patches/patch-ab Thu Jan 1 08:00:00 1970 +++ xinetd/patches/patch-ab Wed Sep 24 04:54:40 1997 @@ -0,0 +1,32 @@ +--- xinetd/Makefile.orig Mon Apr 14 05:29:01 1997 ++++ xinetd/Makefile Wed Sep 24 04:54:21 1997 +@@ -131,7 +131,8 @@ + + XMODE = -m 700 # mode for executables + FMODE = -m 640 # mode for anything but executables +-INSTALL = install -c ++INSTALL_PROGRAM = install -c -s ++INSTALL_DATA = install -c + + LINT_FLAGS = -hbux + PAGER = less +@@ -178,16 +179,16 @@ + rm -f $(OPT_SOURCE) $(OPT_HEADER) + + install: $(PROGRAM) +- $(INSTALL) $(XMODE) $(PROGRAM) $(INSTALLDIR) ++ $(INSTALL_PROGRAM) $(XMODE) $(PROGRAM) $(INSTALLDIR) + + install.man: + if test "$(MANPROGDIR)" ; then \ +- $(INSTALL) $(FMODE) $(MANPROGFILE) $(MANPROGDIR)/$(MANPROGPAGE) ;\ ++ $(INSTALL_DATA) $(FMODE) $(MANPROGFILE) $(MANPROGDIR)/$(MANPROGPAGE) ;\ + fi + if test "$(MANDATADIR)" ; then \ + for i in $(MANDATANAMES) ; do \ + name=$(PROGRAM).$$i ; \ +- $(INSTALL) $(FMODE) $$name.man $(MANDATADIR)/$$name.$(MANDATASECTION);\ ++ $(INSTALL_DATA) $(FMODE) $$name.man $(MANDATADIR)/$$name.$(MANDATASECTION);\ + done ;\ + fi + diff -ruN xinetd.orig/pkg/DESCR xinetd/pkg/DESCR --- xinetd.orig/pkg/DESCR Thu Jul 11 06:18:38 1996 +++ xinetd/pkg/DESCR Mon Sep 22 14:50:54 1997 @@ -8,37 +8,3 @@ Its configuration file has a different format than inetd's one and it understands different signals. However the signal-to-action assignment can be changed. - -It is a lot better than inetd. Here are the reasons: - -1) It can do access control on all services based on: - a. address of remote host - b. time of access - -2) Access control works on all services, whether multi-threaded or - single-threaded and for both the TCP and UDP protocols. All UDP - packets can be checked as well as all TCP connections. - -3) It provides hard reconfiguration: - a. kills servers for services that are no longer in the configuration file - b. kills servers that no longer meet the access control criteria - -4) It can prevent denial-of-access attacks by - a. placing limits on the number of servers for each service (avoids - process table overflows) - b. placing an upper bound on the number of processes it will fork - c. placing limits on the size of log files it creates - -5) Extensive logging abilities: - a. for every server started it can log: - i) the time when the server was started - ii) the remote host address - iii) who was the remote user (if the other end runs a RFC-931/RFC-1413 - server) - iv) how long the server was running - (i, ii and iii can be logged for failed attempts too). - b. for some services, if the access control fails, it can - log information about the attempted access (for example, - it can log the user name and command for the rsh service) - -6) No limit on number of server arguments >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970924073236.8249.qmail>