diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-misc/oidentd/files | |
download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'net-misc/oidentd/files')
-rw-r--r-- | net-misc/oidentd/files/oidentd-2.0.7-confd | 4 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd-2.0.7-init | 41 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch | 17 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch | 43 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd.conf | 22 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd.service | 9 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd.socket | 10 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd_at.service | 7 | ||||
-rw-r--r-- | net-misc/oidentd/files/oidentd_masq.conf | 10 |
9 files changed, 163 insertions, 0 deletions
diff --git a/net-misc/oidentd/files/oidentd-2.0.7-confd b/net-misc/oidentd/files/oidentd-2.0.7-confd new file mode 100644 index 000000000000..3116889e67e2 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.7-confd @@ -0,0 +1,4 @@ +# oidentd start-up options +USER="nobody" +GROUP="nobody" +OPTIONS="" diff --git a/net-misc/oidentd/files/oidentd-2.0.7-init b/net-misc/oidentd/files/oidentd-2.0.7-init new file mode 100644 index 000000000000..7d501b985df8 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.7-init @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +check_config() { + if [ -z "${USER}" ] + then + eerror "Please set \$USER in /etc/conf.d/oidentd!" + return 1 + fi + if [ -z "${GROUP}" ] + then + eerror "Please set \$GROUP in /etc/conf.d/oidentd!" + return 1 + fi + + if [ "$(sysctl -n security.bsd.see_other_uids 2>/dev/null)" = "0" ]; then + eerror "${SVCNAME} cannot work if the sysctl security.bsd.see_other_uids is 0" + return 1 + fi +} + + +start() { + check_config || return 1 + ebegin "Starting oidentd" + OPTIONS="${OPTIONS} -u ${USER} -g ${GROUP}" + start-stop-daemon --start --quiet --exec /usr/sbin/oidentd -- $OPTIONS + eend $? +} + +stop() { + ebegin "Stopping oidentd" + start-stop-daemon --stop --quiet --exec /usr/sbin/oidentd + eend $? +} diff --git a/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch new file mode 100644 index 000000000000..b3b0e5100337 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch @@ -0,0 +1,17 @@ +Patch to bind to ipv6 socket as well +Patch supplied by Fabian Knittel <fabian.knittel@avona.com> +--- oidentd-2.0.8//src/oidentd_inet_util.c 2006-05-22 02:31:19.000000000 +0200 ++++ oidentd-2.0.8.new//src/oidentd_inet_util.c 2010-03-01 20:26:11.000000000 +0100 +@@ -60,6 +60,12 @@ + #ifdef WANT_IPV6 + case AF_INET6: + SIN6(ai->ai_addr)->sin6_port = listen_port; ++ ++ if (setsockopt(listenfd, IPPROTO_IPV6, IPV6_V6ONLY, &one, ++ sizeof(one)) != 0) { ++ debug("setsockopt IPV6_V6ONLY: %s", strerror(errno)); ++ return (-1); ++ } + break; + #endif + diff --git a/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch new file mode 100644 index 000000000000..191e9b95e64d --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch @@ -0,0 +1,43 @@ +--- oidentd.orig/src/kernel/linux.c 2006-05-22 06:58:53.000000000 +0300 ++++ oidentd-2.0.8/src/kernel/linux.c 2007-07-11 21:28:56.000000000 +0300 +@@ -48,6 +48,7 @@ + #define CFILE6 "/proc/net/tcp6" + #define MASQFILE "/proc/net/ip_masquerade" + #define CONNTRACK "/proc/net/ip_conntrack" ++#define NFCONNTRACK "/proc/net/nf_conntrack" + + static int netlink_sock; + extern struct sockaddr_storage proxy; +@@ -82,7 +83,15 @@ + debug("fopen: %s: %s", CONNTRACK, strerror(errno)); + return false; + } +- masq_fp = fopen("/dev/null", "r"); ++ ++ masq_fp = fopen(NFCONNTRACK, "r"); ++ if (masq_fp == NULL) { ++ if (errno != ENOENT) { ++ debug("fopen: %s: %s", NFCONNTRACK, strerror(errno)); ++ return false; ++ } ++ masq_fp = fopen("/dev/null", "r"); ++ } + } + + netfilter = true; +@@ -367,6 +376,15 @@ + &nport_temp, &mport_temp); + } + ++ if (ret != 21) { ++ ret = sscanf(buf, ++ "%*15s %*d %15s %*d %*d ESTABLISHED src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d packets=%*d bytes=%*d src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d", ++ proto, &l1, &l2, &l3, &l4, &r1, &r2, &r3, &r4, ++ &masq_lport_temp, &masq_fport_temp, ++ &nl1, &nl2, &nl3, &nl4, &nr1, &nr2, &nr3, &nr4, ++ &nport_temp, &mport_temp); ++ } ++ + if (ret != 21) + continue; + diff --git a/net-misc/oidentd/files/oidentd.conf b/net-misc/oidentd/files/oidentd.conf new file mode 100644 index 000000000000..03b28d827802 --- /dev/null +++ b/net-misc/oidentd/files/oidentd.conf @@ -0,0 +1,22 @@ +# Configuration for oidentd +# see oidentd.conf(5) +# +default { + default { + deny spoof + deny spoof_all + deny spoof_privport + allow random + allow random_numeric + allow numeric + deny hide + } +} + +# you may want to hide root connections +#user "root" { +# default { +# force reply "UNKNOWN" +# } +#} + diff --git a/net-misc/oidentd/files/oidentd.service b/net-misc/oidentd/files/oidentd.service new file mode 100644 index 000000000000..bf159d855b8d --- /dev/null +++ b/net-misc/oidentd/files/oidentd.service @@ -0,0 +1,9 @@ +[Unit] +Description=TCP/IP IDENT protocol server + +[Service] +ExecStart=/usr/sbin/oidentd -i -S -u nobody -g nobody +ExecReload=/bin/kill -HUP $MAINPID + +[Install] +WantedBy=multi-user.target diff --git a/net-misc/oidentd/files/oidentd.socket b/net-misc/oidentd/files/oidentd.socket new file mode 100644 index 000000000000..63df7036e543 --- /dev/null +++ b/net-misc/oidentd/files/oidentd.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Ident (RFC 1413) socket +Conflicts=oidentd.service + +[Socket] +ListenStream=113 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/net-misc/oidentd/files/oidentd_at.service b/net-misc/oidentd/files/oidentd_at.service new file mode 100644 index 000000000000..ac03a94d6c8a --- /dev/null +++ b/net-misc/oidentd/files/oidentd_at.service @@ -0,0 +1,7 @@ +[Unit] +Description=Ident (RFC 1413) per-connection server + +[Service] +ExecStart=/usr/sbin/oidentd -I -S -u nobody -g nobody +ExecReload=/bin/kill -HUP $MAINPID +StandardInput=socket diff --git a/net-misc/oidentd/files/oidentd_masq.conf b/net-misc/oidentd/files/oidentd_masq.conf new file mode 100644 index 000000000000..6811288ff4cf --- /dev/null +++ b/net-misc/oidentd/files/oidentd_masq.conf @@ -0,0 +1,10 @@ +# oident masquarded connections configuration + +# use this file if your host is masquarading connections for several +# hosts and you want to return a reply based on the hostname of +# the originating machine +# add "-f" to OIDENT_OPTIONS in /etc/conf.d/oidentd if you want +# to forward ident requests to the real host + +# add hosts in the following format, see oidentd_masq.conf(5) for details: +# <ip or host>[/mask] <username> <os> |