diff options
| author | wiz <wiz@pkgsrc.org> | 2006-05-20 23:38:16 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2006-05-20 23:38:16 +0000 |
| commit | ef9b86ababd51f0a08797ce7dd255c8e0556bdf2 (patch) | |
| tree | a2126c71632d983644f81f46c8a6f4218f5a1e25 /devel/cvsd/patches | |
| parent | ebf33f817262cc8b7e09b502a0bb26b9bc0240c5 (diff) | |
| download | pkgsrc-ef9b86ababd51f0a08797ce7dd255c8e0556bdf2.tar.gz | |
Initial import of cvsd, a cvs pserver wrapper that chroots the pserver.
Based on the work by Eric Schnoebelen and virtus@ in pkgsrc-wip.
DESCR:
cvsd is a wrapper program for cvs in pserver mode. It will run 'cvs
pserver' under a special uid/gid in a chroot jail.
cvsd is run as a daemon and is controlled through a configuration
file. It is relatively easy to configure and tools are provided
for easily setting up a rootjail.
This server can be useful if you want to run a public cvs pserver.
You should however be aware of the security limitations of running
a cvs pserver. If you want any kind of authentication you should
really consider using secure shell as a secure authentication
mechanism and transport. Passwords used in cvs pserver are transmitted
in plaintext and this wrapper won't change that.
This server adds a layer of security to cvs. cvs is a very powerful
tool and is capable of running scripts and other things. By running
cvs in a rootjail it is possible to limit the amount of "damage"
cvs can do if it is exploited. It is generally a good idea to run
cvsd without any write permissions to any directory on the system.
Diffstat (limited to 'devel/cvsd/patches')
| -rw-r--r-- | devel/cvsd/patches/patch-aa | 9 | ||||
| -rw-r--r-- | devel/cvsd/patches/patch-ab | 9 | ||||
| -rw-r--r-- | devel/cvsd/patches/patch-ac | 40 | ||||
| -rw-r--r-- | devel/cvsd/patches/patch-ad | 21 |
4 files changed, 79 insertions, 0 deletions
diff --git a/devel/cvsd/patches/patch-aa b/devel/cvsd/patches/patch-aa new file mode 100644 index 00000000000..4db1fa600f4 --- /dev/null +++ b/devel/cvsd/patches/patch-aa @@ -0,0 +1,9 @@ +$NetBSD: patch-aa,v 1.1.1.1 2006/05/20 23:38:16 wiz Exp $ + +--- configure.ac.orig 2004-08-07 23:11:01.000000000 +0300 ++++ configure.ac 2004-09-13 14:25:08.000000000 +0300 +@@ -274,3 +274,3 @@ + # TODO: this should probably be fixed to be nicer +-CONFIGFILE=`eval echo $sysconfdir/cvsd/cvsd.conf | \ ++CONFIGFILE=`eval echo $sysconfdir/cvsd.conf | \ + sed "s%^NONE/%${prefix}/%" | \ diff --git a/devel/cvsd/patches/patch-ab b/devel/cvsd/patches/patch-ab new file mode 100644 index 00000000000..d48517aa950 --- /dev/null +++ b/devel/cvsd/patches/patch-ab @@ -0,0 +1,9 @@ +$NetBSD: patch-ab,v 1.1.1.1 2006/05/20 23:38:16 wiz Exp $ + +--- configure.orig 2004-08-07 23:11:20.000000000 +0300 ++++ configure 2004-09-13 14:25:34.000000000 +0300 +@@ -9983,3 +9983,3 @@ + # TODO: this should probably be fixed to be nicer +-CONFIGFILE=`eval echo $sysconfdir/cvsd/cvsd.conf | \ ++CONFIGFILE=`eval echo $sysconfdir/cvsd.conf | \ + sed "s%^NONE/%${prefix}/%" | \ diff --git a/devel/cvsd/patches/patch-ac b/devel/cvsd/patches/patch-ac new file mode 100644 index 00000000000..f96c70f639a --- /dev/null +++ b/devel/cvsd/patches/patch-ac @@ -0,0 +1,40 @@ +$NetBSD: patch-ac,v 1.1.1.1 2006/05/20 23:38:16 wiz Exp $ + +--- Makefile.in.orig 2005-07-24 09:19:45.000000000 -0500 ++++ Makefile.in +@@ -184,6 +184,8 @@ libdir = @libdir@ + libexecdir = @libexecdir@ + localstatedir = @localstatedir@ + mandir = @mandir@ ++exampledir = $(prefix)/share/examples/@PACKAGE@ ++docdir = $(prefix)/share/doc/@PACKAGE@ + mkdir_p = @mkdir_p@ + oldincludedir = @oldincludedir@ + prefix = @prefix@ +@@ -763,17 +765,19 @@ uninstall-man: uninstall-man5 uninstall- + + + # install configuration files +-install-data-local: install-configfile install-initscript ++install-data-local: install-configfile install-readme ++ ++install-readme: ++ if [ ! -d $(DESTDIR)$(docdir) ]; then \ ++ $(mkinstalldirs) $(DESTDIR)$(docdir); \ ++ fi ++ $(INSTALL_DATA) $(srcdir)/README $(DESTDIR)$(docdir) + + install-configfile: + if [ ! -d $(DESTDIR)$(sysconfdir)/cvsd ]; then \ +- $(mkinstalldirs) $(DESTDIR)$(sysconfdir)/cvsd;\ +- fi +- if [ ! -f $(DESTDIR)$(CONFIGFILE) ]; then \ +- $(INSTALL_DATA) $(srcdir)/cvsd.conf-dist $(DESTDIR)$(CONFIGFILE); \ +- else \ +- echo "$(DESTDIR)$(CONFIGFILE) already exists, install will not overwrite"; \ ++ $(mkinstalldirs) $(DESTDIR)$(sysconfdir);\ + fi ++ $(INSTALL_DATA) $(srcdir)/cvsd.conf-dist $(DESTDIR)$(exampledir)/cvsd.conf.example + + install-initscript: + if [ ! -d $(DESTDIR)$(sysconfdir)/init.d ]; then \ diff --git a/devel/cvsd/patches/patch-ad b/devel/cvsd/patches/patch-ad new file mode 100644 index 00000000000..0dcf2d0673e --- /dev/null +++ b/devel/cvsd/patches/patch-ad @@ -0,0 +1,21 @@ +$NetBSD: patch-ad,v 1.1.1.1 2006/05/20 23:38:16 wiz Exp $ + +--- cvsd-buildroot.in.orig 2004-07-29 22:53:14.000000000 +0300 ++++ cvsd-buildroot.in 2004-09-13 14:26:18.000000000 +0300 +@@ -51,2 +51,4 @@ + EXTRALIBS="$EXTRALIBS /usr/libexec/ld.so" ++# for NetBSD ++EXTRALIBS="$EXTRALIBS /usr/libexec/ld.elf_so /libexec/ld.elf_so" + # for Solaris: +@@ -294,3 +296,3 @@ + +-# for systems with strange password files (OpenBSD) ++# for systems with strange password files (OpenBSD/NetBSD/FreeBSD) + if [ -r /etc/master.passwd ] && [ -r /etc/pwd.db ] && [ -x /usr/sbin/pwd_mkdb ] +@@ -301,3 +303,5 @@ + < "$ROOT/etc/passwd" > "$ROOT/etc/master.passwd" +- /usr/sbin/pwd_mkdb -p -d "$ROOT/etc" "$ROOT/etc/master.passwd" ++ # NetBSD expects -d to be the new root directory. ++ /usr/sbin/pwd_mkdb -p -d "$ROOT/etc" "$ROOT/etc/master.passwd" 2>/dev/null|| \ ++ /usr/sbin/pwd_mkdb -p -d "$ROOT" "$ROOT/etc/master.passwd" 2>/dev/null + echo "done." |