Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 19 Feb 2003 13:08:54 -0800 (PST)
From:      Adam <jettea46@yahoo.com>
To:        freebsd-bugs@freebsd.org
Subject:   scponly port
Message-ID:  <20030219210854.92509.qmail@web21002.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help 
I've updated the scponly shell, but currently can't
use send-pr to send it in. Would someone kindly do
this for me? Below I've included a majority of the
text that I would actually be sending in send-pr if my
mail was configured to do so.

Sorry for the length...



To: FreeBSD-gnats-submit@freebsd.org
From: Adam Jette <ajette@chilisystems.com>
Reply-To: Adam <ajette@chilisystems.com>
Cc:
X-send-pr-version: 3.113
X-GNATS-Notify:


>Submitter-Id:    current-users
>Originator:    Adam
>Organization:    nada
>Confidential:    no
>Synopsis:    Update port:shells/scponly update
version + chroot
>Severity:    non-critical
>Priority:    low
>Category:    ports
>Class:     change-request
>Release:    FreeBSD 4.7-STABLE i386
>Environment:
System: FreeBSD hugsForEveryone 4.7-STABLE FreeBSD
4.7-STABLE #0: Fri Feb 7 13:59:39 EST 2003
ajette@hugsForEveryone:/usr/src/sys/compile/GENERIC
i386
>Description:
    Scponly has been updated to 3.5, which is not
reflected in the ports.
        Furthermore, it was not possible via make
options to configure scponly
        for the chrooted functionality it does
actually possess.
>How-To-Repeat:
    N/A
>Fix:

--- shar.scponly begins here ---
#
# The scponly port was out of date by a bit. The main
reason
# for the updated port however was the lack of support
that
# previously existed for the chrooted version of
scponly.
# Libraries and programs it relied upon do not exist
# on FreeBSD. Thus, the configure, configure.in, and
# setup_chroot.sh.in had to be modified.
#
# This archive contains:
#
# scponly
# scponly/Makefile
# scponly/distinfo
# scponly/pkg-comment
# scponly/pkg-descr
# scponly/pkg-plist
# scponly/files
# scponly/files/patch-cb
# scponly/files/patch-aa
# scponly/files/patch-ba
# scponly/files/patch-ca
#
echo c - scponly
mkdir -p scponly > /dev/null 2>&1
echo x - scponly/Makefile
sed 's/^X//' >scponly/Makefile <<
'END-of-scponly/Makefile'
X# New ports collection makefile for:    scponly
X# Date created:                2003/02/19
X# Whom:                 ajette@chilisystems.com
X#
X# $FreeBSD: ports/shells/scponly/Makefile,v 1.2
2003/01/03 18:15:43 ijliao Exp $
X#
X
XPORTNAME= scponly
XPORTVERSION= 3.5
XCATEGORIES= shells
XMASTER_SITES= http://www.sublimation.org/scponly/
XEXTRACT_SUFX= .tgz
X
XMAINTAINER= ajette@chilisystems.com
X
XMAN8= scponly.8
X
XGNU_CONFIGURE= yes
X
X# Lets configure the setup_chroot script and build
binary
X.if defined(CHROOT)
XCONFIGURE_ARGS+= --enable-chrooted-binary
X.endif
X
X# Eh, I'm paranoid by default
X.if !defined(NOTPARANOID)
XCONFIGURE_ARGS+= --disable-wildcards
--disable-winscp-compat
X.endif
X
X.include <bsd.port.mk>
END-of-scponly/Makefile
echo x - scponly/distinfo
sed 's/^X//' >scponly/distinfo <<
'END-of-scponly/distinfo'
XMD5 (scponly-3.5.tgz) =
2204faf6a661a0405d4f8fe249a5f736
END-of-scponly/distinfo
echo x - scponly/pkg-comment
sed 's/^X//' >scponly/pkg-comment <<
'END-of-scponly/pkg-comment'
XA tiny shell which only permits scp and sftp
END-of-scponly/pkg-comment
echo x - scponly/pkg-descr
sed 's/^X//' >scponly/pkg-descr <<
'END-of-scponly/pkg-descr'
X[Excerpted from the README:]  "scponly" is an
alternative "shell" (of sorts)
Xfor system administrators who would like to provide
access to remote users to
Xboth read and write local files without providing any
remote execution
Xprivileges.  Functionally, it is best described as a
wrapper to the
Xtried-and-true ssh suite.
X
Xscponly validates remote requests by examining the
third argument passed to the
Xshell upon login.  (The first argument is the shell
itself, and the second is
X-c.)  The only commands allowed are "scp",
"sftp-server" and "ls". Arguments
Xto these commands are passed along unmolested.
X
X- chroot: scponly can chroot to the user's home
directory (or any
Xother directory the user has permissions for),
disallowing access
Xto the rest of the filesystem.
X
XWWW: http://www.sublimation.org/scponly/
X
XNote: To build a chroot jail for a user, run the
setup_chroot.sh script in the source directory. It
should be configured to work after "make"ing.
X
X- Adam Jette <ajette@chilisystems.com>
END-of-scponly/pkg-descr
echo x - scponly/pkg-plist
sed 's/^X//' >scponly/pkg-plist <<
'END-of-scponly/pkg-plist'
Xbin/scponly
Xetc/scponly/debuglevel
X@dirrm etc/scponly
END-of-scponly/pkg-plist
echo c - scponly/files
mkdir -p scponly/files > /dev/null 2>&1
echo x - scponly/files/patch-cb
sed 's/^X//' >scponly/files/patch-cb <<
'END-of-scponly/files/patch-cb'
X*** setup_chroot.sh.in.orig    Wed Feb 19 10:14:50
2003
X--- setup_chroot.sh.in    Wed Feb 19 10:15:02 2003
X***************
X*** 128,140 ****
X
X  if [ $? -ne 0 ]; then
X      fail "if this user exists, remove it and try
again"
X  fi
X
X! chown 0.0 $targetdir
X  if [ -d $targetdir/.ssh ]; then
X!     chown 0.0 $targetdir/.ssh
X  fi
X     
X
X  if [ ! -d $targetdir/incoming ]; then
X      echo -e "\ncreating  $targetdir/incoming
directory for uploading files"
X--- 128,140 ----
X
X  if [ $? -ne 0 ]; then
X      fail "if this user exists, remove it and try
again"
X  fi
X
X! chown 0:0 $targetdir
X  if [ -d $targetdir/.ssh ]; then
X!     chown 0:0 $targetdir/.ssh
X  fi
X     
X
X  if [ ! -d $targetdir/incoming ]; then
X      echo -e "\ncreating  $targetdir/incoming
directory for uploading files"
END-of-scponly/files/patch-cb
echo x - scponly/files/patch-aa
sed 's/^X//' >scponly/files/patch-aa <<
'END-of-scponly/files/patch-aa'
X*** configure.old    Wed Feb 19 09:48:09 2003
X--- configure    Tue Feb 18 18:17:12 2003
X***************
X*** 2357,2366 ****
X--- 2357,2405 ----
X  else
X    echo "$as_me:$LINENO: result: no" >&5
X  echo "${ECHO_T}no" >&6
X  fi
X
X+ # Get pw as an alternate adduser
X+ set dummy pw; ac_word=$2
X+ echo "$as_me:$LINENO: checking for $ac_word" >&5
X+ echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
X+ if test "${ac_cv_path_PROG_PW+set}" = set; then
X+   echo $ECHO_N "(cached) $ECHO_C" >&6
X+ else
X+   case $PROG_PW in
X+   [\\/]* | ?:[\\/]*)
X+   ac_cv_path_PROG_PW="$PROG_PW" # Let the user
override the test with a path.
X+   ;;
X+   *)
X+   as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
X+ for as_dir in $PATH
X+ do
X+   IFS=$as_save_IFS
X+   test -z "$as_dir" && as_dir=.
X+   for ac_exec_ext in '' $ac_executable_extensions;
do
X+   if $as_executable_p
"$as_dir/$ac_word$ac_exec_ext"; then
X+    
ac_cv_path_PROG_PW="$as_dir/$ac_word$ac_exec_ext"
X+     echo "$as_me:$LINENO: found
$as_dir/$ac_word$ac_exec_ext" >&5
X+     break 2
X+   fi
X+ done
X+ done
X+
X+   ;;
X+ esac
X+ fi
X+ PROG_PW=$ac_cv_path_PROG_PW
X+
X+ if test -n "$PROG_PW"; then
X+   echo "$as_me:$LINENO: result: $PROG_PW" >&5
X+ echo "${ECHO_T}$PROG_PW" >&6
X+ else
X+   echo "$as_me:$LINENO: result: no" >&5
X+ echo "${ECHO_T}no" >&6
X+ fi
X+
X  # Extract the first word of "pwd_mkdb", so it can
be a program name with args.
X  set dummy pwd_mkdb; ac_word=$2
X  echo "$as_me:$LINENO: checking for $ac_word" >&5
X  echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
X  if test "${ac_cv_path_PROG_PWD_MKDB+set}" = set;
then
X***************
X*** 4980,4989 ****
X--- 5019,5029 ----
X  s,@PROG_CUT@,$PROG_CUT,;t t
X  s,@PROG_GREP@,$PROG_GREP,;t t
X  s,@PROG_SORT@,$PROG_SORT,;t t
X  s,@PROG_LDD@,$PROG_LDD,;t t
X  s,@PROG_USERADD@,$PROG_USERADD,;t t
X+ s,@PROG_PW@,$PROG_PW,;t t
X  s,@PROG_PWD_MKDB@,$PROG_PWD_MKDB,;t t
X  s,@CHROOTED_NAME@,$CHROOTED_NAME,;t t
X 
s,@scponly_PROG_SFTP_SERVER@,$scponly_PROG_SFTP_SERVER,;t
t
X  s,@scponly_PROG_LS@,$scponly_PROG_LS,;t t
X  s,@scponly_PROG_SCP@,$scponly_PROG_SCP,;t t
END-of-scponly/files/patch-aa
echo x - scponly/files/patch-ba
sed 's/^X//' >scponly/files/patch-ba <<
'END-of-scponly/files/patch-ba'
X*** configure.in.old    Wed Feb 19 09:50:31 2003
X--- configure.in    Wed Feb 19 09:50:12 2003
X***************
X*** 42,51 ****
X--- 42,52 ----
X  AC_PATH_PROG(PROG_CUT, cut)
X  AC_PATH_PROG(PROG_GREP, grep)
X  AC_PATH_PROG(PROG_SORT, sort)
X  AC_PATH_PROG(PROG_LDD, ldd)
X  AC_PATH_PROG(PROG_USERADD, useradd)
X+ AC_PATH_PROG(PROG_PW, pw)
X  AC_PATH_PROG(PROG_PWD_MKDB, pwd_mkdb)
X
X  dnl Features wanted for this installation:
X  dnl Command-line args to ./configure
X  dnl Call options "--disable-foo" if they default to
on,
END-of-scponly/files/patch-ba
echo x - scponly/files/patch-ca
sed 's/^X//' >scponly/files/patch-ca <<
'END-of-scponly/files/patch-ca'
X*** setup_chroot.sh.in.old    Wed Feb 19 09:51:25
2003
X--- setup_chroot.sh.in    Tue Feb 18 18:15:46 2003
X***************
X*** 14,32 ****
X
X  # the following is a list of binaries that will be
staged in the target dir
X  BINARIES=`@PROG_GREP@ '#define PROG_' config.h |
@PROG_CUT@ -f2 -d\" | @PROG_GREP@ -v ^cd$`
X
X  # a function to display a failure message and then
exit
X! function fail {
X      echo -e $@
X      exit 1
X  }
X
X  # "get with default" function
X  # this function prompts the user with a query and
default reply
X  # it returns the user reply
X! function getwd {
X      query="$1"
X      default="$2"
X      echo -en "$query [$default]" | cat >&2
X      read response
X      if [ x$response = "x" ]; then
X--- 14,32 ----
X
X  # the following is a list of binaries that will be
staged in the target dir
X  BINARIES=`@PROG_GREP@ '#define PROG_' config.h |
@PROG_CUT@ -f2 -d\" | @PROG_GREP@ -v ^cd$`
X
X  # a function to display a failure message and then
exit
X! fail() {
X      echo -e $@
X      exit 1
X  }
X
X  # "get with default" function
X  # this function prompts the user with a query and
default reply
X  # it returns the user reply
X! getwd() {
X      query="$1"
X      default="$2"
X      echo -en "$query [$default]" | cat >&2
X      read response
X      if [ x$response = "x" ]; then
X***************
X*** 36,46 ****
X  }
X
X  # "get yes no" function
X  # this function prompts the user with a query and
will continue to do so
X  # until they reply with either "y" or "n"
X! function getyn {
X      query="$@"
X      echo -en $query | cat >&2
X      read response
X      while [ x$response != "xy" -a x$response !=
"xn" ]; do
X          echo -e "\n'y' or 'n' only please...\n" |
cat >&2
X--- 36,46 ----
X  }
X
X  # "get yes no" function
X  # this function prompts the user with a query and
will continue to do so
X  # until they reply with either "y" or "n"
X! getyn() {
X      query="$@"
X      echo -en $query | cat >&2
X      read response
X      while [ x$response != "xy" -a x$response !=
"xn" ]; do
X          echo -e "\n'y' or 'n' only please...\n" |
cat >&2
X***************
X*** 53,64 ****
X  if [ x@PROG_LDD@ = x ]; then
X      echo "this script requires the program ldd to
determine which"
X      fail "shared libraries to copy into your
chrooted dir..."
X  fi
X  if [ x@PROG_USERADD@ = x ]; then
X!     echo "this script requires the program useradd
to add your"
X      fail "chrooted scponly user."
X  fi
X
X  # we need to be root
X  if [ `id -u` != "0" ]; then
X      fail "you must be root to run this script\n"
X--- 53,66 ----
X  if [ x@PROG_LDD@ = x ]; then
X      echo "this script requires the program ldd to
determine which"
X      fail "shared libraries to copy into your
chrooted dir..."
X  fi
X  if [ x@PROG_USERADD@ = x ]; then
X!     if [ x@PROG_PW@ = x ]; then
X!     echo "this script requires the program useradd
or pw to add your"
X      fail "chrooted scponly user."
X+     fi
X  fi
X
X  # we need to be root
X  if [ `id -u` != "0" ]; then
X      fail "you must be root to run this script\n"
X***************
X*** 97,109 ****
X--- 99,114 ----
X  LIB_LIST=`@PROG_LDD@ $BINARIES 2> /dev/null |
@PROG_CUT@ -f2 -d\> | @PROG_CUT@ -f1 -d\( |
@PROG_GREP@ "^ " | @PROG_SORT@ -u`
X  if [ -f /usr/libexec/ld.so ]; then
X      LIB_LIST="$LIB_LIST /usr/libexec/ld.so"
X  else if [ -f /lib/ld-linux.so.2 ]; then
X          LIB_LIST="$LIB_LIST /lib/ld-linux.so.2"
X+ else if [ -f /usr/libexec/ld-elf.so.1 ]; then
X+         LIB_LIST="$LIB_LIST
/usr/libexec/ld-elf.so.1"
X      else
X          fail i cant find your equivalent of ld.so
X      fi
X+     fi
X  fi
X
X  /bin/ls /lib/libnss_compat*
X  if [ $? -eq 0 ]; then
X      LIB_LIST="$LIB_LIST /lib/libnss_compat*
/lib/ld.so"
X***************
X*** 113,123 ****
X      for lib in $LIB_LIST; do
X          @INSTALL@ $lib $targetdir/$lib
X      done
X  fi
X
X! @PROG_USERADD@ -d "$targetdir" -s
"@prefix@/sbin/@CHROOTED_NAME@" $targetuser
X  if [ $? -ne 0 ]; then
X      fail "if this user exists, remove it and try
again"
X  fi
X
X  chown 0.0 $targetdir
X--- 118,133 ----
X      for lib in $LIB_LIST; do
X          @INSTALL@ $lib $targetdir/$lib
X      done
X  fi
X
X! if [ x@PROG_USERADD@ != x ]; then
X!     @PROG_USERADD@ -d "$targetdir" -s
"@prefix@/sbin/@CHROOTED_NAME@" $targetuser
X! else
X!     @PROG_PW@ useradd $targetuser -d "$targetdir"
-s "/usr/local/sbin/scponlyc"
X! fi
X!
X  if [ $? -ne 0 ]; then
X      fail "if this user exists, remove it and try
again"
X  fi
X
X  chown 0.0 $targetdir
END-of-scponly/files/patch-ca
exit
--- shar.scponly ends here ---


__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030219210854.92509.qmail>