diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /sys-apps/rsbac-admin | |
download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'sys-apps/rsbac-admin')
-rw-r--r-- | sys-apps/rsbac-admin/Manifest | 3 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/files/nsswitch.conf | 24 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/files/rklogd | 32 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/files/rsbac.conf | 8 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/metadata.xml | 15 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild | 71 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/rsbac-admin-1.4.6.ebuild | 69 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/rsbac-admin-1.4.7.ebuild | 71 | ||||
-rw-r--r-- | sys-apps/rsbac-admin/rsbac-admin-1.4.8.ebuild | 71 |
9 files changed, 364 insertions, 0 deletions
diff --git a/sys-apps/rsbac-admin/Manifest b/sys-apps/rsbac-admin/Manifest new file mode 100644 index 000000000000..8a83d9cef250 --- /dev/null +++ b/sys-apps/rsbac-admin/Manifest @@ -0,0 +1,3 @@ +DIST rsbac-admin-1.4.6.tar.bz2 325844 SHA256 5edde3c5f84a3ebca8ff2c1164665dd4386d8cae1e215cd0784b613867ef03c1 +DIST rsbac-admin-1.4.7.tar.xz 267640 SHA256 d9fff603e6d4bd9b70cca3cae626aa1559863a22a8cacf8c1f7a38d91f8f088a SHA512 7ccdd1e9a87ebf5c0739975d58bcc60462d7c59c2b59bd5b0c9cd31b746e7cb90e2890245882f65b202aa61660b36507c6d895632ca12ecf4d626d560fed8901 WHIRLPOOL faad1a9900ba5e3926bf2a8c398cf03a4dc366a78051f800d8116fdd00a20381b9da48896b6cb808c492cd15019fbe0ede701ca92796cdf9ac907b85274f7a10 +DIST rsbac-admin-1.4.8.tar.xz 261512 SHA256 1e34b54702a4c8dfb2fc5d99a034dd7d3d9968e707dc51ac88c773cf9e0de5ed SHA512 4fe147d81f4dfe7a364557d07707ac5e218fbfc5658f2f1b14462edee377f10e778edb4535988210740fc68951cc05ac17bc3949fbae6803f3c25770b4be462e WHIRLPOOL 5caf07862d1dec309ab6978934b1fb007fe1bfaf711b6bf15df3f680103cb392b40a95c28c805ab552d07ccac67d103eea13894057d879b506e913b57bbe3a2f diff --git a/sys-apps/rsbac-admin/files/nsswitch.conf b/sys-apps/rsbac-admin/files/nsswitch.conf new file mode 100644 index 000000000000..43c5b172f0ab --- /dev/null +++ b/sys-apps/rsbac-admin/files/nsswitch.conf @@ -0,0 +1,24 @@ +# /etc/nsswitch.conf: + +passwd: compat rsbac [NOTFOUND=continue SUCCESS=continue] +shadow: compat rsbac +group: compat rsbac [NOTFOUND=continue SUCCESS=continue] + +# passwd: db files nis +# shadow: db files nis +# group: db files nis + +hosts: files dns +networks: files dns + +services: db files +protocols: db files +rpc: db files +ethers: db files + +netmasks: files +netgroup: files +bootparams: files + +automount: files +aliases: files diff --git a/sys-apps/rsbac-admin/files/rklogd b/sys-apps/rsbac-admin/files/rklogd new file mode 100644 index 000000000000..9dd2a6270d49 --- /dev/null +++ b/sys-apps/rsbac-admin/files/rklogd @@ -0,0 +1,32 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +daemon="rklogd" +rsbac_info="/proc/rsbac-info" + +start() { + ebegin "Starting rklogd" + + local ret + if [ -d "${rsbac_info}" ]; then + if type run-jail >/dev/null 2>&1; then + $(which run-jail) $daemon start-stop-daemon --start --exec $(which ${daemon}) + else + start-stop-daemon --start --exec $(which ${daemon}) + fi + ret=$? + else + ewarn "No rsbac-info directory avaible." + ret=1 + fi + + eend $ret +} + +stop() { + ebegin "Stopping rklogd" + start-stop-daemon --stop --exec $(which ${daemon}) + eend $? +} diff --git a/sys-apps/rsbac-admin/files/rsbac.conf b/sys-apps/rsbac-admin/files/rsbac.conf new file mode 100644 index 000000000000..e646c003898a --- /dev/null +++ b/sys-apps/rsbac-admin/files/rsbac.conf @@ -0,0 +1,8 @@ +# RSBAC menu configuration +# Thu Jun 17 01:36:19 CEST 2004 +RSBACMOD="PAX DAZ FF RC ACL AUTH CAP JAIL RES " +DIALOG="dialog" +# RSBACLANG is not set +TMPDIR="/tmp" +# RSBACPATH is not set +# RSBACLOGFILE is not set diff --git a/sys-apps/rsbac-admin/metadata.xml b/sys-apps/rsbac-admin/metadata.xml new file mode 100644 index 000000000000..cb485827c1ce --- /dev/null +++ b/sys-apps/rsbac-admin/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>hardened</herd> + <maintainer> + <email>blueness@gentoo.org</email> + <name>Anthony G. Basile</name> + </maintainer> + <longdescription lang="en"> + Administrative tool for RSBAC system + </longdescription> + <use> + <flag name="rklogd">Enabled deprecated RSBAC kernel logger</flag> + </use> +</pkgmetadata> diff --git a/sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild b/sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild new file mode 100644 index 000000000000..8f5ce2dccb16 --- /dev/null +++ b/sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit multilib toolchain-funcs + +DESCRIPTION="Rule Set Based Access Control (RSBAC) Admin Tools" +HOMEPAGE="http://www.rsbac.org/" +SRC_URI="http://www.rsbac.org/dl.php?file=code/${PV}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +# using rklogd is deprecated but offer the option since it is fully removed +# from source +IUSE="pam rklogd" + +DEPEND=" + dev-util/dialog + pam? ( sys-libs/pam ) + sys-apps/baselayout + >=sys-libs/ncurses-5.2" + +RDEPEND="${DEPEND}" + +src_compile() { + local rsbacmakeargs="libs tools" + use rklogd && rsbacmakeargs="${rsbacmakeargs} rklogd" + use pam && rsbacmakeargs="${rsbacmakeargs} pam nss" + emake PREFIX=/usr LIBDIR=/$(get_libdir) ${rsbacmakeargs} +} + +src_install() { + local rsbacinstallargs="headers-install libs-install tools-install" + use rklogd && rsbacinstallargs="${rsbacinstallargs} rklogd-install" + use pam && rsbacinstallargs="${rsbacinstallargs} pam-install nss-install" + emake PREFIX=/usr LIBDIR=/$(get_libdir) DESTDIR="${D}" ${rsbacinstallargs} + + use rklogd && doinitd "${FILESDIR}"/rklogd + + insinto /etc + doins "${FILESDIR}"/rsbac.conf + + #FHS compliance + dodir /usr/$(get_libdir) + mv "${D}"/$(get_libdir)/librsbac.{,l}a "${D}"/usr/$(get_libdir) + mv "${D}"/$(get_libdir)/libnss_rsbac.{,l}a "${D}"/usr/$(get_libdir) + gen_usr_ldscript librsbac.so + gen_usr_ldscript libnss_rsbac.so +} + +pkg_postinst() { + einfo "********************************************************************************" + einfo "You have to add a security user to your system if you have not already done so." + einfo "The name could be 'secoff' or 'security' and, if you did not change the default" + einfo "uid in the RSBAC kernel configuration, then the following will work:" + einfo + einfo " groupadd -g 400 security" + einfo " useradd -g 400 -u 400 security" + einfo + einfo "We suggest you run a separate copy of syslog-ng (for example) to log RSBAC" + einfo "messages as user 'audit' (uid 404) instead of using the deprecated rklogd." + einfo "See" + einfo + einfo " http://www.rsbac.org/documentation/administration_examples/syslog-ng" + einfo + einfo "for more information." + einfo "********************************************************************************" +} diff --git a/sys-apps/rsbac-admin/rsbac-admin-1.4.6.ebuild b/sys-apps/rsbac-admin/rsbac-admin-1.4.6.ebuild new file mode 100644 index 000000000000..ec800f62cd6a --- /dev/null +++ b/sys-apps/rsbac-admin/rsbac-admin-1.4.6.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit user multilib toolchain-funcs + +DESCRIPTION="Rule Set Based Access Control (RSBAC) Admin Tools" +HOMEPAGE="http://www.rsbac.org/" +SRC_URI="http://www.rsbac.org/dl.php?file=code/${PV}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="pam" + +DEPEND=" + dev-util/dialog + pam? ( sys-libs/pam ) + sys-apps/baselayout" + +RDEPEND=" + ${DEPEND} + >=sys-libs/ncurses-5.2" + +src_compile() { + local rsbacmakeargs="libs tools" + use pam && rsbacmakeargs="${makeargs} pam nss" + emake PREFIX=/usr LIBDIR=/$(get_libdir) ${rsbacmakeargs} +} + +src_install() { + local rsbacinstallargs="headers-install libs-install tools-install" + use pam && rsbacinstallargs="${rsbacinstallargs} pam-install nss-install" + emake PREFIX=/usr LIBDIR=/$(get_libdir) DESTDIR="${D}" ${rsbacinstallargs} + + insinto /etc + doins "${FILESDIR}"/rsbac.conf + doins "${FILESDIR}"/nsswitch.conf + + dodir /secoff + keepdir /secoff + + dodir /var/log/rsbac + keepdir /var/log/rsbac + + #FHS compliance + dodir /usr/$(get_libdir) + mv "${D}"/$(get_libdir)/librsbac.{,l}a "${D}"/usr/$(get_libdir) + mv "${D}"/$(get_libdir)/libnss_rsbac.{,l}a "${D}"/usr/$(get_libdir) + gen_usr_ldscript librsbac.so + gen_usr_ldscript libnss_rsbac.so +} + +pkg_postinst() { + enewgroup secoff 400 + enewuser secoff 400 /bin/bash /secoff secoff + enewgroup audit 404 + enewuser audit 404 -1 /dev/null audit + + chmod 700 /secoff /var/log/rsbac + chown secoff:secoff -R /secoff + + einfo "It is suggested to run (for example) a separate copy of syslog-ng to" + einfo "log RSBAC messages, as user audit (uid 404) instead of using the deprecated" + einfo "rklogd. See http://www.rsbac.org/documentation/administration_examples/syslog-ng" + einfo "for more information." +} diff --git a/sys-apps/rsbac-admin/rsbac-admin-1.4.7.ebuild b/sys-apps/rsbac-admin/rsbac-admin-1.4.7.ebuild new file mode 100644 index 000000000000..90ceb6fefcab --- /dev/null +++ b/sys-apps/rsbac-admin/rsbac-admin-1.4.7.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit multilib toolchain-funcs + +DESCRIPTION="Rule Set Based Access Control (RSBAC) Admin Tools" +HOMEPAGE="http://www.rsbac.org/" +SRC_URI="http://download.rsbac.org/code/${PV}/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +# using rklogd is deprecated but offer the option since it is fully removed +# from source +IUSE="pam rklogd" + +DEPEND=" + dev-util/dialog + pam? ( sys-libs/pam ) + sys-apps/baselayout + >=sys-libs/ncurses-5.2" + +RDEPEND="${DEPEND}" + +src_compile() { + local rsbacmakeargs="libs tools" + use rklogd && rsbacmakeargs="${rsbacmakeargs} rklogd" + use pam && rsbacmakeargs="${rsbacmakeargs} pam nss" + emake PREFIX=/usr LIBDIR=/$(get_libdir) ${rsbacmakeargs} +} + +src_install() { + local rsbacinstallargs="headers-install libs-install tools-install" + use rklogd && rsbacinstallargs="${rsbacinstallargs} rklogd-install" + use pam && rsbacinstallargs="${rsbacinstallargs} pam-install nss-install" + emake PREFIX=/usr LIBDIR=/$(get_libdir) DESTDIR="${D}" ${rsbacinstallargs} + + use rklogd && doinitd "${FILESDIR}"/rklogd + + insinto /etc + doins "${FILESDIR}"/rsbac.conf + + #FHS compliance + dodir /usr/$(get_libdir) + mv "${D}"/$(get_libdir)/librsbac.{,l}a "${D}"/usr/$(get_libdir) + mv "${D}"/$(get_libdir)/libnss_rsbac.{,l}a "${D}"/usr/$(get_libdir) + gen_usr_ldscript librsbac.so + gen_usr_ldscript libnss_rsbac.so +} + +pkg_postinst() { + einfo "********************************************************************************" + einfo "You have to add a security user to your system if you have not already done so." + einfo "The name could be 'secoff' or 'security' and, if you did not change the default" + einfo "uid in the RSBAC kernel configuration, then the following will work:" + einfo + einfo " groupadd -g 400 security" + einfo " useradd -g 400 -u 400 security" + einfo + einfo "We suggest you run a separate copy of syslog-ng (for example) to log RSBAC" + einfo "messages as user 'audit' (uid 404) instead of using the deprecated rklogd." + einfo "See" + einfo + einfo " http://www.rsbac.org/documentation/administration_examples/syslog-ng" + einfo + einfo "for more information." + einfo "********************************************************************************" +} diff --git a/sys-apps/rsbac-admin/rsbac-admin-1.4.8.ebuild b/sys-apps/rsbac-admin/rsbac-admin-1.4.8.ebuild new file mode 100644 index 000000000000..8c985209f283 --- /dev/null +++ b/sys-apps/rsbac-admin/rsbac-admin-1.4.8.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit multilib toolchain-funcs + +DESCRIPTION="Rule Set Based Access Control (RSBAC) Admin Tools" +HOMEPAGE="http://www.rsbac.org/" +SRC_URI="http://download.rsbac.org/code/${PV}/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +# using rklogd is deprecated but offer the option since it is fully removed +# from source +IUSE="pam rklogd" + +DEPEND=" + dev-util/dialog + pam? ( sys-libs/pam ) + sys-apps/baselayout + >=sys-libs/ncurses-5.2" + +RDEPEND="${DEPEND}" + +src_compile() { + local rsbacmakeargs="libs tools" + use rklogd && rsbacmakeargs="${rsbacmakeargs} rklogd" + use pam && rsbacmakeargs="${rsbacmakeargs} pam nss" + emake PREFIX=/usr LIBDIR=/$(get_libdir) ${rsbacmakeargs} +} + +src_install() { + local rsbacinstallargs="headers-install libs-install tools-install" + use rklogd && rsbacinstallargs="${rsbacinstallargs} rklogd-install" + use pam && rsbacinstallargs="${rsbacinstallargs} pam-install nss-install" + emake PREFIX=/usr LIBDIR=/$(get_libdir) DESTDIR="${D}" ${rsbacinstallargs} + + use rklogd && doinitd "${FILESDIR}"/rklogd + + insinto /etc + doins "${FILESDIR}"/rsbac.conf + + #FHS compliance + dodir /usr/$(get_libdir) + mv "${D}"/$(get_libdir)/librsbac.{,l}a "${D}"/usr/$(get_libdir) + mv "${D}"/$(get_libdir)/libnss_rsbac.{,l}a "${D}"/usr/$(get_libdir) + gen_usr_ldscript librsbac.so + gen_usr_ldscript libnss_rsbac.so +} + +pkg_postinst() { + einfo "********************************************************************************" + einfo "You have to add a security user to your system if you have not already done so." + einfo "The name could be 'secoff' or 'security' and, if you did not change the default" + einfo "uid in the RSBAC kernel configuration, then the following will work:" + einfo + einfo " groupadd -g 400 security" + einfo " useradd -g 400 -u 400 security" + einfo + einfo "We suggest you run a separate copy of syslog-ng (for example) to log RSBAC" + einfo "messages as user 'audit' (uid 404) instead of using the deprecated rklogd." + einfo "See" + einfo + einfo " http://www.rsbac.org/documentation/administration_examples/syslog-ng" + einfo + einfo "for more information." + einfo "********************************************************************************" +} |