1 |
commit: 659586d4582fb7aa91d69ab8e7a2276af755b052 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Sep 6 01:01:02 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Sep 6 01:01:02 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=659586d4 |
7 |
|
8 |
sys-apps/rsbac-admin: initial resurrection |
9 |
|
10 |
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535) |
11 |
|
12 |
--- |
13 |
sys-apps/rsbac-admin/ChangeLog | 8 +++ |
14 |
sys-apps/rsbac-admin/Manifest | 16 ++++++ |
15 |
sys-apps/rsbac-admin/files/nsswitch.conf | 24 ++++++++ |
16 |
sys-apps/rsbac-admin/files/rsbac.conf | 8 +++ |
17 |
sys-apps/rsbac-admin/metadata.xml | 12 ++++ |
18 |
sys-apps/rsbac-admin/rsbac-admin-1.4.5.ebuild | 73 +++++++++++++++++++++++++ |
19 |
6 files changed, 141 insertions(+), 0 deletions(-) |
20 |
|
21 |
diff --git a/sys-apps/rsbac-admin/ChangeLog b/sys-apps/rsbac-admin/ChangeLog |
22 |
new file mode 100644 |
23 |
index 0000000..95b2114 |
24 |
--- /dev/null |
25 |
+++ b/sys-apps/rsbac-admin/ChangeLog |
26 |
@@ -0,0 +1,8 @@ |
27 |
+ |
28 |
+ |
29 |
+*rsbac-admin-1.4.5 (06 Sep 2011) |
30 |
+ |
31 |
+ 06 Sep 2011; Anthony G. Basile <blueness@g.o> |
32 |
+ +rsbac-admin-1.4.5.ebuild, +metadata.xml: |
33 |
+ Initial resurrection |
34 |
+ |
35 |
|
36 |
diff --git a/sys-apps/rsbac-admin/Manifest b/sys-apps/rsbac-admin/Manifest |
37 |
new file mode 100644 |
38 |
index 0000000..f09e6c7 |
39 |
--- /dev/null |
40 |
+++ b/sys-apps/rsbac-admin/Manifest |
41 |
@@ -0,0 +1,16 @@ |
42 |
+-----BEGIN PGP SIGNED MESSAGE----- |
43 |
+Hash: SHA256 |
44 |
+ |
45 |
+AUX nsswitch.conf 487 RMD160 b45ed6660f60c6b3fbee2218d250e27f7746a2d1 SHA1 ff7f331e26b5008b1665c8a1857eef924d511e76 SHA256 a92f145853fab10e1110b2ff3607a411a6fb4b4b97927d391e788e0bff019954 |
46 |
+AUX rsbac.conf 209 RMD160 fb3ae78191f308ef488832eb844c6f3c7c3ccedf SHA1 82fc8195e237d749cd86650699d0ee172f7ddc18 SHA256 7ce39c310463001cffb2f8db01c8ff5154abdbede48a7e5c7b7a0252c8a80c19 |
47 |
+DIST rsbac-admin-1.4.5.tar.bz2 310327 RMD160 9b9322889f5a8e445a0c9dfd9abab2afe9b357b8 SHA1 6cc98ceaf7606fdefd942253c71b45da9ede1004 SHA256 9a0af540337b46f59ed9382e6e8909d742bffab920d3e819a12b0ddba9427c42 |
48 |
+EBUILD rsbac-admin-1.4.5.ebuild 2204 RMD160 71d4b274abbdce6812fbbddc16302df713daf9cb SHA1 f16ece31095d9cb34abd8cc523923be7c5d0fe80 SHA256 368528ed053b635d2b461aa092036abf9cd50b45cde5d6915d60da4fa526ab84 |
49 |
+MISC ChangeLog 159 RMD160 faa6a5ea24bd59bb7ec2866c1eed01599443ca14 SHA1 67e1d52896eaa7ab5063910a75a438cd7447ac29 SHA256 45c760af87513910544b4b5b180adaa937352945f9521d9aad84aea77e36ad34 |
50 |
+MISC metadata.xml 349 RMD160 74c5b7d98c48912b9e8114a27122085890f2b4f0 SHA1 a0bebf1fca1f7d2c2caba50e49016fb9049f4c4e SHA256 8ee9c6d3ede9f9980227d67737a2b2d5a73eaa1594aa945790566ea5703ce807 |
51 |
+-----BEGIN PGP SIGNATURE----- |
52 |
+Version: GnuPG v2.0.17 (GNU/Linux) |
53 |
+ |
54 |
+iEYEAREIAAYFAk5lcM4ACgkQl5yvQNBFVTWGtwCcD+dWyfOKrzoeHsG5uLqSk2eF |
55 |
+i20AnjyfVb9UUKDSnqPOOAcSxo2f/Lzg |
56 |
+=wZAT |
57 |
+-----END PGP SIGNATURE----- |
58 |
|
59 |
diff --git a/sys-apps/rsbac-admin/files/nsswitch.conf b/sys-apps/rsbac-admin/files/nsswitch.conf |
60 |
new file mode 100644 |
61 |
index 0000000..43c5b17 |
62 |
--- /dev/null |
63 |
+++ b/sys-apps/rsbac-admin/files/nsswitch.conf |
64 |
@@ -0,0 +1,24 @@ |
65 |
+# /etc/nsswitch.conf: |
66 |
+ |
67 |
+passwd: compat rsbac [NOTFOUND=continue SUCCESS=continue] |
68 |
+shadow: compat rsbac |
69 |
+group: compat rsbac [NOTFOUND=continue SUCCESS=continue] |
70 |
+ |
71 |
+# passwd: db files nis |
72 |
+# shadow: db files nis |
73 |
+# group: db files nis |
74 |
+ |
75 |
+hosts: files dns |
76 |
+networks: files dns |
77 |
+ |
78 |
+services: db files |
79 |
+protocols: db files |
80 |
+rpc: db files |
81 |
+ethers: db files |
82 |
+ |
83 |
+netmasks: files |
84 |
+netgroup: files |
85 |
+bootparams: files |
86 |
+ |
87 |
+automount: files |
88 |
+aliases: files |
89 |
|
90 |
diff --git a/sys-apps/rsbac-admin/files/rsbac.conf b/sys-apps/rsbac-admin/files/rsbac.conf |
91 |
new file mode 100644 |
92 |
index 0000000..e646c00 |
93 |
--- /dev/null |
94 |
+++ b/sys-apps/rsbac-admin/files/rsbac.conf |
95 |
@@ -0,0 +1,8 @@ |
96 |
+# RSBAC menu configuration |
97 |
+# Thu Jun 17 01:36:19 CEST 2004 |
98 |
+RSBACMOD="PAX DAZ FF RC ACL AUTH CAP JAIL RES " |
99 |
+DIALOG="dialog" |
100 |
+# RSBACLANG is not set |
101 |
+TMPDIR="/tmp" |
102 |
+# RSBACPATH is not set |
103 |
+# RSBACLOGFILE is not set |
104 |
|
105 |
diff --git a/sys-apps/rsbac-admin/metadata.xml b/sys-apps/rsbac-admin/metadata.xml |
106 |
new file mode 100644 |
107 |
index 0000000..b7f3952 |
108 |
--- /dev/null |
109 |
+++ b/sys-apps/rsbac-admin/metadata.xml |
110 |
@@ -0,0 +1,12 @@ |
111 |
+<?xml version="1.0" encoding="UTF-8"?> |
112 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
113 |
+<pkgmetadata> |
114 |
+ <herd>hardened</herd> |
115 |
+ <maintainer> |
116 |
+ <email>blueness@g.o</email> |
117 |
+ <name>Anthony G. Basile</name> |
118 |
+ </maintainer> |
119 |
+ <longdescription lang="en"> |
120 |
+ Administrative tool for RSBAC system |
121 |
+ </longdescription> |
122 |
+</pkgmetadata> |
123 |
|
124 |
diff --git a/sys-apps/rsbac-admin/rsbac-admin-1.4.5.ebuild b/sys-apps/rsbac-admin/rsbac-admin-1.4.5.ebuild |
125 |
new file mode 100644 |
126 |
index 0000000..2ed6f3e |
127 |
--- /dev/null |
128 |
+++ b/sys-apps/rsbac-admin/rsbac-admin-1.4.5.ebuild |
129 |
@@ -0,0 +1,73 @@ |
130 |
+# Copyright 1999-2011 Gentoo Foundation |
131 |
+# Distributed under the terms of the GNU General Public License v2 |
132 |
+# $Header: $ |
133 |
+ |
134 |
+EAPI=4 |
135 |
+ |
136 |
+inherit eutils libtool multilib toolchain-funcs |
137 |
+ |
138 |
+DESCRIPTION="Rule Set Based Access Control (RSBAC) Admin Tools" |
139 |
+HOMEPAGE="http://www.rsbac.org/" |
140 |
+SRC_URI="http://www.rsbac.org/dl.php?file=code/1.4.5/${P}.tar.bz2" |
141 |
+ |
142 |
+LICENSE="GPL-2" |
143 |
+SLOT="0" |
144 |
+KEYWORDS="~amd64 ~x86" |
145 |
+IUSE="pam" |
146 |
+ |
147 |
+DEPEND="dev-util/dialog |
148 |
+ pam? ( sys-libs/pam ) |
149 |
+ sys-apps/baselayout" |
150 |
+ |
151 |
+RDEPEND=">=sys-libs/ncurses-5.2" |
152 |
+ |
153 |
+src_compile() { |
154 |
+ local rsbacmakeargs |
155 |
+ rsbacmakeargs="libs tools" |
156 |
+ use pam && { |
157 |
+ rsbacmakeargs="${makeargs} pam nss" |
158 |
+ } |
159 |
+ emake PREFIX=/usr LIBDIR=/$(get_libdir) ${rsbacmakeargs} || die "cannot build (${rsbacmakeargs})" |
160 |
+} |
161 |
+ |
162 |
+src_install() { |
163 |
+ local rsabacinstallargs |
164 |
+ rsbacinstallargs="headers-install libs-install tools-install" |
165 |
+ use pam && { |
166 |
+ rsbacinstallargs="${rsbacinstallargs} pam-install nss-install" |
167 |
+ } |
168 |
+ make PREFIX=/usr LIBDIR=/$(get_libdir) DESTDIR=${D} ${rsbacinstallargs} || \ |
169 |
+ die "cannot install (${rsbacinstallargs})" |
170 |
+ insinto /etc |
171 |
+ doins ${FILESDIR}/rsbac.conf |
172 |
+ doins ${FILESDIR}/nsswitch.conf |
173 |
+ dodir /secoff |
174 |
+ keepdir /secoff |
175 |
+ dodir /var/log/rsbac |
176 |
+ keepdir /var/log/rsbac |
177 |
+ #FHS compliance |
178 |
+ dodir /usr/$(get_libdir) |
179 |
+ mv ${D}/$(get_libdir)/librsbac.{,l}a ${D}/usr/$(get_libdir) |
180 |
+ mv ${D}/$(get_libdir)/libnss_rsbac.{,l}a ${D}/usr/$(get_libdir) |
181 |
+ gen_usr_ldscript librsbac.so |
182 |
+ gen_usr_ldscript libnss_rsbac.so |
183 |
+} |
184 |
+ |
185 |
+pkg_postinst() { |
186 |
+ enewgroup secoff 400 || die "problem adding group secoff" |
187 |
+ enewuser secoff 400 /bin/bash /secoff secoff || \ |
188 |
+ die "problem adding user secoff" |
189 |
+ enewgroup audit 404 || die "problem adding group audit" |
190 |
+ enewuser audit 404 -1 /dev/null audit || \ |
191 |
+ die "problem adding user audit" |
192 |
+ |
193 |
+ chmod 700 /secoff /var/log/rsbac || \ |
194 |
+ die "problem changing permissions of /secoff and/or /secoff/log" |
195 |
+ chown secoff:secoff -R /secoff || \ |
196 |
+ die "problem changing ownership of /secoff" |
197 |
+ |
198 |
+ einfo "It is suggested to run (for example) a separate copy of syslog-ng to" |
199 |
+ einfo "log RSBAC messages, as user audit (uid 404) instead of using the deprecated" |
200 |
+ einfo "rklogd. See http://www.rsbac.org/documentation/administration_examples/syslog-ng" |
201 |
+ einfo "for more information." |
202 |
+} |