Added rsync USE flag and security info, bug #201726.

Package-Manager: portage-2.1.3.19
author: Matsuu Takuto <matsuu@gentoo.org> 2007-12-11 16:18:49 +0000
committer: Matsuu Takuto <matsuu@gentoo.org> 2007-12-11 16:18:49 +0000
commit: 9e3f56867c5d82d4f6657d98f828997934f4c8f4 (patch)
tree: a8aa8c98459a2b663211234629519fe4890d2abf /net-misc/scponly
parent: Stable for HPPA (bug #201956). (diff)
download: historical-9e3f56867c5d82d4f6657d98f828997934f4c8f4.tar.gz
historical-9e3f56867c5d82d4f6657d98f828997934f4c8f4.tar.bz2
historical-9e3f56867c5d82d4f6657d98f828997934f4c8f4.zip
5 files changed, 250 insertions, 5 deletions
diff --git a/net-misc/scponly/ChangeLog b/net-misc/scponly/ChangeLog
index f5bcac634376..e150a0a7631e 100644
--- a/net-misc/scponly/ChangeLog
+++ b/net-misc/scponly/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-misc/scponly
 # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/scponly/ChangeLog,v 1.30 2007/08/23 05:11:32 kumba Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/scponly/ChangeLog,v 1.31 2007/12/11 16:18:48 matsuu Exp $
+
+*scponly-4.6-r3 (11 Dec 2007)
+
+  11 Dec 2007; MATSUU Takuto <matsuu@gentoo.org> +files/SECURITY,
+  +scponly-4.6-r3.ebuild:
+  Added rsync USE flag.
+  Added security info in pkg_setup. bug #201726.
 
   23 Aug 2007; Joshua Kinard <kumba@gentoo.org> scponly-4.6-r2.ebuild:
   Marked unstable on mips, per #189008.
diff --git a/net-misc/scponly/Manifest b/net-misc/scponly/Manifest
index 1555775b2ffb..0384e7280017 100644
--- a/net-misc/scponly/Manifest
+++ b/net-misc/scponly/Manifest
@@ -1,3 +1,7 @@
+AUX SECURITY 2778 RMD160 18b9574c6be23bf61393399af72340af03362146 SHA1 273d990e6559d7f7859616746794134e4df053f3 SHA256 6f9ddec95e684fae5c3bdb8bb0e5a72bfeaedb8d400f0a3aee61fdb7f6d64456
+MD5 648d43000da0a7f2fb4dd994d1c3d92c files/SECURITY 2778
+RMD160 18b9574c6be23bf61393399af72340af03362146 files/SECURITY 2778
+SHA256 6f9ddec95e684fae5c3bdb8bb0e5a72bfeaedb8d400f0a3aee61fdb7f6d64456 files/SECURITY 2778
 AUX scponly-4.3-getopt.patch 616 RMD160 18320020a662291ad3530a3c3bae1d9931e0f225 SHA1 95298edb73afafa0dcda07c170dd3d502c775707 SHA256 fbd37908b2d45d11e7556d750ebee7fddb624789e2276a72f386ac1d062af9b4
 MD5 c6b771b0da5de88d90f4715e2fe69e85 files/scponly-4.3-getopt.patch 616
 RMD160 18320020a662291ad3530a3c3bae1d9931e0f225 files/scponly-4.3-getopt.patch 616
@@ -20,10 +24,14 @@ EBUILD scponly-4.6-r2.ebuild 4022 RMD160 7077a218e40494d68e65bed1075818182fede14
 MD5 d0b5b22758315ceb05d1dd381aed243b scponly-4.6-r2.ebuild 4022
 RMD160 7077a218e40494d68e65bed1075818182fede147 scponly-4.6-r2.ebuild 4022
 SHA256 23bdfcd5557e256c08294026b23d9a6091326f7cea18a4fa01ea7f422b2318d3 scponly-4.6-r2.ebuild 4022
-MISC ChangeLog 4364 RMD160 2084038179f2969768f04c8dd3da778ac201f4d8 SHA1 735c713e490afdf5c2042a7ae7980196ffdf7f21 SHA256 8daaa343bf06fbf162154280b0dc649b2dc6345bc9095b627d4a0e146c19fb1a
-MD5 ab029aef5dd9a160dfcc7f635950ee27 ChangeLog 4364
-RMD160 2084038179f2969768f04c8dd3da778ac201f4d8 ChangeLog 4364
-SHA256 8daaa343bf06fbf162154280b0dc649b2dc6345bc9095b627d4a0e146c19fb1a ChangeLog 4364
+EBUILD scponly-4.6-r3.ebuild 4388 RMD160 fc1ffdd432d888bb1e61e0d5bf43065e81adf6b2 SHA1 ed82c25205891d8d74609388c1455accd6e47242 SHA256 cadf20398a10976e37a79e384095dffe9e1c74892f21aa1ebdd65d234acaec20
+MD5 321278f54dc1b884d359a9f754ac57a4 scponly-4.6-r3.ebuild 4388
+RMD160 fc1ffdd432d888bb1e61e0d5bf43065e81adf6b2 scponly-4.6-r3.ebuild 4388
+SHA256 cadf20398a10976e37a79e384095dffe9e1c74892f21aa1ebdd65d234acaec20 scponly-4.6-r3.ebuild 4388
+MISC ChangeLog 4562 RMD160 8c404fef2ba7453683243ba4613fa8e6ba4fbdc5 SHA1 e8dd0a863b08c730d0e2f41c7a401025ec73d782 SHA256 bf737d8ab367f1645c1608fb03b80288796da7a3746ef86015764dbb710b1940
+MD5 363700b426718b6f02cf21154cfd92f4 ChangeLog 4562
+RMD160 8c404fef2ba7453683243ba4613fa8e6ba4fbdc5 ChangeLog 4562
+SHA256 bf737d8ab367f1645c1608fb03b80288796da7a3746ef86015764dbb710b1940 ChangeLog 4562
 MISC metadata.xml 222 RMD160 23efe87c16ebc9fbeb91e894ab372cc3bb66bc49 SHA1 a5d1e2317ae207bbd664aebe986687948fdd984a SHA256 38ef3457fd14e6872985f0e100fde79d0b8a9dbc4fc39ceef780c8c5abc5f337
 MD5 ae35aecf3e681586ace5f8c15866aed7 metadata.xml 222
 RMD160 23efe87c16ebc9fbeb91e894ab372cc3bb66bc49 metadata.xml 222
@@ -37,3 +45,6 @@ SHA256 b0f8518cea81ae04a0fcf666acf00ec50e751579462104854362e3112eb4adac files/di
 MD5 1608ee46d01cebc4e9702f6eb819d184 files/digest-scponly-4.6-r2 223
 RMD160 d66fccafddfaf4df2cf951828b83c14ef666a7dc files/digest-scponly-4.6-r2 223
 SHA256 b0f8518cea81ae04a0fcf666acf00ec50e751579462104854362e3112eb4adac files/digest-scponly-4.6-r2 223
+MD5 1608ee46d01cebc4e9702f6eb819d184 files/digest-scponly-4.6-r3 223
+RMD160 d66fccafddfaf4df2cf951828b83c14ef666a7dc files/digest-scponly-4.6-r3 223
+SHA256 b0f8518cea81ae04a0fcf666acf00ec50e751579462104854362e3112eb4adac files/digest-scponly-4.6-r3 223
diff --git a/net-misc/scponly/files/SECURITY b/net-misc/scponly/files/SECURITY
new file mode 100644
index 000000000000..a1f6c9c8c71c
--- /dev/null
+++ b/net-misc/scponly/files/SECURITY
@@ -0,0 +1,63 @@
+SECURITY
+
+Here are a few important things to know about security and scponly.  This is a
+brief attempt to document what should be done to correctly secure scponly.
+
+1) Configure scponly to use a chroot
+
+2) Configure scponly to use as few extra options and services as possible.  If
+   possible, try to use something similar to the following:
+
+   ./configure --disable-wildcards --enable-chrooted-binary \
+   --disable-gftp-compat --with-sftp-server=/path/to/sftp-server
+
+3) NOTE THE FOLLOWING SECURITY RISKS:
+
+   -- by enabling wildcards, there is a slightly higher chance of an exploit
+   -- by enabling scp and/or scp compatibility, more programs will need to be
+      installed in the chroot which increases the risk
+   -- CAUTION: by enabling svn/svnserve the user WILL BE ABLE TO EXECUTE
+      SCRIPTS OR PROGRAMS INDIRECTLY!  svn and svnserve will try to execute
+      pre-commit, post-commit hooks, as well as a few others.  These files
+      have specific filenames at specific locations relative to the svn
+      repository root.  Thus, unless you are *very* careful about security,
+      the user WILL BE ABLE TO EXECUTE SCRIPTS OR PROGRAMS INDIRECTLY!  This
+      can be prevented by a careful configuration.
+   -- The following programs use configuration files that might allow the user
+      to bypass security restrictions placed on command line arguments:
+
+	  svn, svnserve, rsync, and unison
+
+4) Make sure that all files required for the chroot have the IMMUTABLE and
+   UNDELETABLE bits set.  Other bits might also be prudent. See: man 1 chattr.
+
+5) Only put files in the chroot that are absolutely essential to its
+   functionality.
+
+6) Make sure the following directories are locked down appropriately:
+
+   ~/.ssh, ~/.unison, ~/.subversion
+
+   NOTE: depending on file permissions in the above, ssh, unison, and
+   subversion may not work correctly.
+
+7) Make sure that every directory the users have write permissions to are
+   on a filesystem that is mounted NODEV, NOEXEC.  Eg. Make sure that they
+   cannot execute files that they have permissions to upload.  They should
+   also not need permissions to create any devices.  If the user can't execute
+   any files that he has access to upload, then you need not worry about the
+   security problems referencing svn/svnserve above!
+
+8) Monitor your logs!  If you start to see something funny, odd, or strange in
+   the logs, please let us know so that we can investigate and make sure any
+   problems are resolved.
+
+9) Stay up-to-date with the scponly installs.  We don't have releases too
+   often, but the changes we do make are usually important!
+
+10) Enjoy!
+
+Lastly, if you have other suggestions and thoughts that would help secure an
+scponly install, please send them to us!
+
+Thanks for using scponly!
diff --git a/net-misc/scponly/files/digest-scponly-4.6-r3 b/net-misc/scponly/files/digest-scponly-4.6-r3
new file mode 100644
index 000000000000..7db9b807bbdd
--- /dev/null
+++ b/net-misc/scponly/files/digest-scponly-4.6-r3
@@ -0,0 +1,3 @@
+MD5 0425cb868cadd026851238452f1db907 scponly-4.6.tgz 96578
+RMD160 c30d4b02314b53dce54d2f3f8e531c18792c7f60 scponly-4.6.tgz 96578
+SHA256 dfa5a334d66150289a391aea4dc00d1b039c644fd1c628bdeddaa7b0710e01a7 scponly-4.6.tgz 96578
diff --git a/net-misc/scponly/scponly-4.6-r3.ebuild b/net-misc/scponly/scponly-4.6-r3.ebuild
new file mode 100644
index 000000000000..ea3d57691a06
--- /dev/null
+++ b/net-misc/scponly/scponly-4.6-r3.ebuild
@@ -0,0 +1,161 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/scponly/scponly-4.6-r3.ebuild,v 1.1 2007/12/11 16:18:48 matsuu Exp $
+
+inherit eutils
+
+DESCRIPTION="A tiny pseudoshell which only permits scp and sftp"
+HOMEPAGE="http://www.sublimation.org/scponly/"
+SRC_URI="http://www.sublimation.org/scponly/${P}.tgz"
+
+LICENSE="as-is"
+SLOT="0"
+KEYWORDS="~amd64 ~mips ~ppc ~sparc ~x86"
+IUSE="rsync subversion"
+
+DEPEND="virtual/libc
+	net-misc/openssh
+	rsync? ( net-misc/rsync )
+	subversion? ( dev-util/subversion )"
+
+myuser="scponly"
+myhome="/home/${myuser}"
+
+pkg_setup() {
+	if use subversion || use rsync ; then
+		ewarn
+		ewarn "read the \"${FILESDIR}/SECURITY\" document before enabling 'rsync' or 'subversion' USE flag"
+		ewarn
+		ebeep 5
+	fi
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	# Bug 125796
+	epatch "${FILESDIR}"/${P}-helper.patch
+}
+
+src_compile() {
+	PATH="${PATH}:/usr/$(get_libdir)/misc" \
+	econf \
+		--enable-chrooted-binary \
+		--enable-scp-compat \
+		--enable-winscp-compat \
+		$(use_enable rsync rsync-compat) \
+		$(use_enable subversion svn-compat) \
+		$(use_enable subversion svnserv-compat) \
+		|| die "./configure failed"
+	emake || die
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die
+
+	dodoc AUTHOR BUILDING-JAILS.TXT CHANGELOG CONTRIB README TODO
+	dodoc "${FILESDIR}"/SECURITY
+	dodoc setup_chroot.sh
+}
+
+pkg_postinst() {
+	elog "You might want to run:"
+	elog "\"emerge --config =${CATEGORY}/${PF}\""
+	elog "to setup the chroot."
+	elog "Otherwise you will have to setup chroot manually."
+
+	# two slashes ('//') are used by scponlyc to determine the chroot point.
+	enewgroup "${myuser}"
+	enewuser "${myuser}" -1 /usr/sbin/scponlyc "${myhome}//" "${myuser}"
+}
+
+pkg_config() {
+	# pkg_postinst is based on ${S}/setup_chroot.sh.
+
+	einfo "Updating /etc/shells"
+	{ grep -v "^/usr/bin/scponly$" /etc/shells;
+	echo "/usr/bin/scponly"
+	} > "${T}"/shells
+	cp "${T}"/shells /etc/shells
+
+	{ grep -v "^/usr/sbin/scponlyc$" /etc/shells;
+	echo "/usr/sbin/scponlyc"
+	} > "${T}"/shells
+	cp "${T}"/shells /etc/shells
+
+	BINARIES="/usr/$(get_libdir)/misc/sftp-server /bin/ls /usr/bin/scp /bin/rm /bin/ln /bin/mv /bin/chmod /bin/chown /bin/chgrp /bin/mkdir /bin/rmdir /bin/pwd /bin/groups /usr/bin/ld /bin/echo"
+	if built_with_use =${CATEGORY}/${PF} rsync; then
+		BINARIES="$BINARIES /usr/bin/rsync"
+	fi
+	if built_with_use =${CATEGORY}/${PF} subversion; then
+	    BINARIES="$BINARIES /usr/bin/svn /usr/bin/svnserve"
+	fi
+	LIB_LIST=`ldd $BINARIES 2> /dev/null | cut -f2 -d\> | cut -f1 -d\( | grep "^[ 	]" | sort -u`
+	LDSO_LIST="/$(get_libdir)/ld.so /libexec/ld-elf.so /libexec/ld-elf.so.1 /usr/libexec/ld.so /$(get_libdir)/ld-linux.so.2 /usr/libexec/ld-elf.so.1"
+	for lib in $LDSO_LIST; do
+		if [ -f $lib ]; then
+		    LIB_LIST="$LIB_LIST $lib"
+		fi
+	done
+	ls /$(get_libdir)/libnss_compat* > /dev/null 2>&1
+	if [ $? -eq 0 ]; then
+	    LIB_LIST="$LIB_LIST /$(get_libdir)/libnss_compat*"
+	fi
+
+	ldconfig
+	LIB_LIST="$LIB_LIST /etc/ld.so.cache /etc/ld.so.conf"
+
+	if [ ! -d ${myhome} ]; then
+		install -c -d ${myhome}
+		chmod 755 ${myhome}
+	fi
+	if [ ! -d ${myhome} ]; then
+		install -c -d ${myhome}/etc
+		chown 0:0 ${myhome}/etc
+		chmod 755 ${myhome}/etc
+	fi
+	if [ ! -d ${myhome}/$(get_libdir) ]; then
+		install -c -d ${myhome}/$(get_libdir)
+		chmod 755 ${myhome}/$(get_libdir)
+	fi
+	if [ ! -d ${myhome}/lib ]; then
+		ln -s $(get_libdir) ${myhome}/lib
+	fi
+	if [ ! -d ${myhome}/usr/$(get_libdir) ]; then
+		install -c -d ${myhome}/usr/$(get_libdir)
+		chmod 755 ${myhome}/usr/$(get_libdir)
+	fi
+	if [ ! -d ${myhome}/usr/lib ]; then
+		ln -s $(get_libdir) ${myhome}/usr/lib
+	fi
+
+	for bin in $BINARIES; do
+		install -c -d ${myhome}/`/bin/dirname $bin`
+		install -c $bin ${myhome}/$bin
+	done
+	for lib in $LIB_LIST; do
+		install -c -d ${myhome}/`/bin/dirname $lib`
+		install -c $lib ${myhome}/$lib
+	done
+
+	chown 0:0 ${myhome}
+	if [ -d ${myhome}/.ssh ]; then
+		chown 0:0 ${myhome}/.ssh
+	fi
+
+	if [ ! -d ${myhome}/incoming ]; then
+		einfo "creating ${myhome}/incoming directory for uploading files"
+		install -c -o ${myuser} -d ${myhome}/incoming
+	fi
+	chown $myuser:$myuser ${myhome}/incoming
+
+	if [ ! -e ${myhome}/etc/passwd ]; then
+		grep "^${myuser}" /etc/passwd > ${myhome}/etc/passwd
+	fi
+
+	# Bug 135505
+	if [ ! -e ${myhome}/dev/null ]; then
+		install -c -d ${myhome}/dev
+		mknod -m 777 ${myhome}/dev/null c 1 3
+	fi
+}
author	Matsuu Takuto <matsuu@gentoo.org>	2007-12-11 16:18:49 +0000
committer	Matsuu Takuto <matsuu@gentoo.org>	2007-12-11 16:18:49 +0000
commit	9e3f56867c5d82d4f6657d98f828997934f4c8f4 (patch)
tree	a8aa8c98459a2b663211234629519fe4890d2abf /net-misc/scponly
parent	Stable for HPPA (bug #201956). (diff)
download	historical-9e3f56867c5d82d4f6657d98f828997934f4c8f4.tar.gz historical-9e3f56867c5d82d4f6657d98f828997934f4c8f4.tar.bz2 historical-9e3f56867c5d82d4f6657d98f828997934f4c8f4.zip