diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2012-05-15 18:31:08 +0000 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2012-05-15 18:31:08 +0000 |
| commit | c48212b41b66bad21e68abab9c286d6df38e2b9a (patch) | |
| tree | 8eac9e94a7d0b9f7017d7a337b9bc4322c5ca861 /sys-apps/rsbac-admin | |
| parent | http://my.opera.com/desktopteam/blog/2012/05/15/new-opera-12-snapshot (diff) | |
| download | gentoo-2-c48212b41b66bad21e68abab9c286d6df38e2b9a.tar.gz gentoo-2-c48212b41b66bad21e68abab9c286d6df38e2b9a.tar.bz2 gentoo-2-c48212b41b66bad21e68abab9c286d6df38e2b9a.zip | |
Remove automatic addition of security user, reintroduce deprecated rklogd, bug #415511
(Portage version: 2.1.10.49/cvs/Linux x86_64)
Diffstat (limited to 'sys-apps/rsbac-admin')
| -rw-r--r-- | sys-apps/rsbac-admin/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-apps/rsbac-admin/files/rklogd | 32 | ||||
| -rw-r--r-- | sys-apps/rsbac-admin/metadata.xml | 3 | ||||
| -rw-r--r-- | sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild | 71 |
4 files changed, 115 insertions, 0 deletions
diff --git a/sys-apps/rsbac-admin/ChangeLog b/sys-apps/rsbac-admin/ChangeLog index d3077828c66b..a4f59ea1af5c 100644 --- a/sys-apps/rsbac-admin/ChangeLog +++ b/sys-apps/rsbac-admin/ChangeLog @@ -1,4 +1,13 @@ +# ChangeLog for sys-apps/rsbac-admin +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/rsbac-admin/ChangeLog,v 1.41 2012/05/15 18:31:08 blueness Exp $ +*rsbac-admin-1.4.6-r1 (15 May 2012) + + 15 May 2012; Anthony G. Basile <blueness@gentoo.org> + +rsbac-admin-1.4.6-r1.ebuild, +files/rklogd: + Remove automatic addition of security user + Reintroduce deprecated rklogd, bug #415511 *rsbac-admin-1.4.6 (07 Jan 2012) diff --git a/sys-apps/rsbac-admin/files/rklogd b/sys-apps/rsbac-admin/files/rklogd new file mode 100644 index 000000000000..657055eb6b74 --- /dev/null +++ b/sys-apps/rsbac-admin/files/rklogd @@ -0,0 +1,32 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/rsbac-admin/files/rklogd,v 1.1 2012/05/15 18:31:08 blueness Exp $ + +daemon="rklogd" +rsbac_info="/proc/rsbac-info" + +start() { + ebegin "Starting rklogd" + + local ret + if [ -d "${rsbac_info}" ]; then + if [ -f $(which run-jail) ]; then + $(which run-jail) $deamon start-stop-daemon --start --exec $(which ${deamon}) + else + start-stop-daemon --start --exec $(which ${deamon}) + fi + ret = $? + else + ewarn "No rsbac-info directory avaible." + ret = 1 + fi + + eend $ret +} + +stop() { + ebegin "Stopping rklogd" + start-stop-daemon --stop --exec $(which ${deamon}) + eend $? +} diff --git a/sys-apps/rsbac-admin/metadata.xml b/sys-apps/rsbac-admin/metadata.xml index b7f395284f49..cb485827c1ce 100644 --- a/sys-apps/rsbac-admin/metadata.xml +++ b/sys-apps/rsbac-admin/metadata.xml @@ -9,4 +9,7 @@ <longdescription lang="en"> Administrative tool for RSBAC system </longdescription> + <use> + <flag name="rklogd">Enabled deprecated RSBAC kernel logger</flag> + </use> </pkgmetadata> diff --git a/sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild b/sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild new file mode 100644 index 000000000000..3d1e5264661f --- /dev/null +++ b/sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/rsbac-admin/rsbac-admin-1.4.6-r1.ebuild,v 1.1 2012/05/15 18:31:08 blueness Exp $ + +EAPI="4" + +inherit multilib toolchain-funcs + +DESCRIPTION="Rule Set Based Access Control (RSBAC) Admin Tools" +HOMEPAGE="http://www.rsbac.org/" +SRC_URI="http://www.rsbac.org/dl.php?file=code/${PV}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +# using rklogd is deprecated but offer the option since it is fully removed +# from source +IUSE="pam rklogd" + +DEPEND=" + dev-util/dialog + pam? ( sys-libs/pam ) + sys-apps/baselayout + >=sys-libs/ncurses-5.2" + +RDEPEND="${DEPEND}" + +src_compile() { + local rsbacmakeargs="libs tools" + use rklogd && rsbacmakeargs="${rsbacmakeargs} rklogd" + use pam && rsbacmakeargs="${rsbacmakeargs} pam nss" + emake PREFIX=/usr LIBDIR=/$(get_libdir) ${rsbacmakeargs} +} + +src_install() { + local rsbacinstallargs="headers-install libs-install tools-install" + use rklogd && rsbacinstallargs="${rsbacinstallargs} rklogd-install" + use pam && rsbacinstallargs="${rsbacinstallargs} pam-install nss-install" + emake PREFIX=/usr LIBDIR=/$(get_libdir) DESTDIR="${D}" ${rsbacinstallargs} + + use rklogd && doinitd "${FILESDIR}"/rklogd + + insinto /etc + doins "${FILESDIR}"/rsbac.conf + + #FHS compliance + dodir /usr/$(get_libdir) + mv "${D}"/$(get_libdir)/librsbac.{,l}a "${D}"/usr/$(get_libdir) + mv "${D}"/$(get_libdir)/libnss_rsbac.{,l}a "${D}"/usr/$(get_libdir) + gen_usr_ldscript librsbac.so + gen_usr_ldscript libnss_rsbac.so +} + +pkg_postinst() { + einfo "********************************************************************************" + einfo "You have to add a security user to your system if you have not already done so." + einfo "The name could be 'secoff' or 'security' and, if you did not change the default" + einfo "uid in the RSBAC kernel configuration, then the following will work:" + einfo + einfo " groupadd -g 400 security" + einfo " useradd -g 400 -u 400 security" + einfo + einfo "We suggest you run a separate copy of syslog-ng (for example) to log RSBAC" + einfo "messages as user 'audit' (uid 404) instead of using the deprecated rklogd." + einfo "See" + einfo + einfo " http://www.rsbac.org/documentation/administration_examples/syslog-ng" + einfo + einfo "for more information." + einfo "********************************************************************************" +} |