summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2015-08-08 13:49:04 -0700
committerRobin H. Johnson <robbat2@gentoo.org>2015-08-08 17:38:18 -0700
commit56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch)
tree3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-misc/oidentd/files
downloadgentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz
gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2
gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip
proj/gentoo: Initial commit
This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'net-misc/oidentd/files')
-rw-r--r--net-misc/oidentd/files/oidentd-2.0.7-confd4
-rw-r--r--net-misc/oidentd/files/oidentd-2.0.7-init41
-rw-r--r--net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch17
-rw-r--r--net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch43
-rw-r--r--net-misc/oidentd/files/oidentd.conf22
-rw-r--r--net-misc/oidentd/files/oidentd.service9
-rw-r--r--net-misc/oidentd/files/oidentd.socket10
-rw-r--r--net-misc/oidentd/files/oidentd_at.service7
-rw-r--r--net-misc/oidentd/files/oidentd_masq.conf10
9 files changed, 163 insertions, 0 deletions
diff --git a/net-misc/oidentd/files/oidentd-2.0.7-confd b/net-misc/oidentd/files/oidentd-2.0.7-confd
new file mode 100644
index 000000000000..3116889e67e2
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.7-confd
@@ -0,0 +1,4 @@
+# oidentd start-up options
+USER="nobody"
+GROUP="nobody"
+OPTIONS=""
diff --git a/net-misc/oidentd/files/oidentd-2.0.7-init b/net-misc/oidentd/files/oidentd-2.0.7-init
new file mode 100644
index 000000000000..7d501b985df8
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.7-init
@@ -0,0 +1,41 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ need net
+}
+
+check_config() {
+ if [ -z "${USER}" ]
+ then
+ eerror "Please set \$USER in /etc/conf.d/oidentd!"
+ return 1
+ fi
+ if [ -z "${GROUP}" ]
+ then
+ eerror "Please set \$GROUP in /etc/conf.d/oidentd!"
+ return 1
+ fi
+
+ if [ "$(sysctl -n security.bsd.see_other_uids 2>/dev/null)" = "0" ]; then
+ eerror "${SVCNAME} cannot work if the sysctl security.bsd.see_other_uids is 0"
+ return 1
+ fi
+}
+
+
+start() {
+ check_config || return 1
+ ebegin "Starting oidentd"
+ OPTIONS="${OPTIONS} -u ${USER} -g ${GROUP}"
+ start-stop-daemon --start --quiet --exec /usr/sbin/oidentd -- $OPTIONS
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping oidentd"
+ start-stop-daemon --stop --quiet --exec /usr/sbin/oidentd
+ eend $?
+}
diff --git a/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch
new file mode 100644
index 000000000000..b3b0e5100337
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch
@@ -0,0 +1,17 @@
+Patch to bind to ipv6 socket as well
+Patch supplied by Fabian Knittel <fabian.knittel@avona.com>
+--- oidentd-2.0.8//src/oidentd_inet_util.c 2006-05-22 02:31:19.000000000 +0200
++++ oidentd-2.0.8.new//src/oidentd_inet_util.c 2010-03-01 20:26:11.000000000 +0100
+@@ -60,6 +60,12 @@
+ #ifdef WANT_IPV6
+ case AF_INET6:
+ SIN6(ai->ai_addr)->sin6_port = listen_port;
++
++ if (setsockopt(listenfd, IPPROTO_IPV6, IPV6_V6ONLY, &one,
++ sizeof(one)) != 0) {
++ debug("setsockopt IPV6_V6ONLY: %s", strerror(errno));
++ return (-1);
++ }
+ break;
+ #endif
+
diff --git a/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch
new file mode 100644
index 000000000000..191e9b95e64d
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch
@@ -0,0 +1,43 @@
+--- oidentd.orig/src/kernel/linux.c 2006-05-22 06:58:53.000000000 +0300
++++ oidentd-2.0.8/src/kernel/linux.c 2007-07-11 21:28:56.000000000 +0300
+@@ -48,6 +48,7 @@
+ #define CFILE6 "/proc/net/tcp6"
+ #define MASQFILE "/proc/net/ip_masquerade"
+ #define CONNTRACK "/proc/net/ip_conntrack"
++#define NFCONNTRACK "/proc/net/nf_conntrack"
+
+ static int netlink_sock;
+ extern struct sockaddr_storage proxy;
+@@ -82,7 +83,15 @@
+ debug("fopen: %s: %s", CONNTRACK, strerror(errno));
+ return false;
+ }
+- masq_fp = fopen("/dev/null", "r");
++
++ masq_fp = fopen(NFCONNTRACK, "r");
++ if (masq_fp == NULL) {
++ if (errno != ENOENT) {
++ debug("fopen: %s: %s", NFCONNTRACK, strerror(errno));
++ return false;
++ }
++ masq_fp = fopen("/dev/null", "r");
++ }
+ }
+
+ netfilter = true;
+@@ -367,6 +376,15 @@
+ &nport_temp, &mport_temp);
+ }
+
++ if (ret != 21) {
++ ret = sscanf(buf,
++ "%*15s %*d %15s %*d %*d ESTABLISHED src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d packets=%*d bytes=%*d src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d",
++ proto, &l1, &l2, &l3, &l4, &r1, &r2, &r3, &r4,
++ &masq_lport_temp, &masq_fport_temp,
++ &nl1, &nl2, &nl3, &nl4, &nr1, &nr2, &nr3, &nr4,
++ &nport_temp, &mport_temp);
++ }
++
+ if (ret != 21)
+ continue;
+
diff --git a/net-misc/oidentd/files/oidentd.conf b/net-misc/oidentd/files/oidentd.conf
new file mode 100644
index 000000000000..03b28d827802
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd.conf
@@ -0,0 +1,22 @@
+# Configuration for oidentd
+# see oidentd.conf(5)
+#
+default {
+ default {
+ deny spoof
+ deny spoof_all
+ deny spoof_privport
+ allow random
+ allow random_numeric
+ allow numeric
+ deny hide
+ }
+}
+
+# you may want to hide root connections
+#user "root" {
+# default {
+# force reply "UNKNOWN"
+# }
+#}
+
diff --git a/net-misc/oidentd/files/oidentd.service b/net-misc/oidentd/files/oidentd.service
new file mode 100644
index 000000000000..bf159d855b8d
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=TCP/IP IDENT protocol server
+
+[Service]
+ExecStart=/usr/sbin/oidentd -i -S -u nobody -g nobody
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/oidentd/files/oidentd.socket b/net-misc/oidentd/files/oidentd.socket
new file mode 100644
index 000000000000..63df7036e543
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Ident (RFC 1413) socket
+Conflicts=oidentd.service
+
+[Socket]
+ListenStream=113
+Accept=yes
+
+[Install]
+WantedBy=sockets.target
diff --git a/net-misc/oidentd/files/oidentd_at.service b/net-misc/oidentd/files/oidentd_at.service
new file mode 100644
index 000000000000..ac03a94d6c8a
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd_at.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Ident (RFC 1413) per-connection server
+
+[Service]
+ExecStart=/usr/sbin/oidentd -I -S -u nobody -g nobody
+ExecReload=/bin/kill -HUP $MAINPID
+StandardInput=socket
diff --git a/net-misc/oidentd/files/oidentd_masq.conf b/net-misc/oidentd/files/oidentd_masq.conf
new file mode 100644
index 000000000000..6811288ff4cf
--- /dev/null
+++ b/net-misc/oidentd/files/oidentd_masq.conf
@@ -0,0 +1,10 @@
+# oident masquarded connections configuration
+
+# use this file if your host is masquarading connections for several
+# hosts and you want to return a reply based on the hostname of
+# the originating machine
+# add "-f" to OIDENT_OPTIONS in /etc/conf.d/oidentd if you want
+# to forward ident requests to the real host
+
+# add hosts in the following format, see oidentd_masq.conf(5) for details:
+# <ip or host>[/mask] <username> <os>