aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
authorLaurent Bercot <ska-devel@skarnet.org>2018-06-07 18:41:12 +0200
committerNatanael Copa <ncopa@alpinelinux.org>2018-06-25 10:32:55 +0000
commit52513e53a8ee90222e67839065babbf1a2dd3490 (patch)
tree005810f93105574391027f8a3d10e7be58377e2f /main
parentde7b0b39b9f423bab1f300de2fb5fd473eb256c8 (diff)
downloadaports-52513e53a8ee90222e67839065babbf1a2dd3490.tar.bz2
aports-52513e53a8ee90222e67839065babbf1a2dd3490.tar.xz
New package: main/utmps
A secure utmp/wtmp implementation, from skarnet.org.
Diffstat (limited to 'main')
-rw-r--r--main/utmps/APKBUILD63
-rw-r--r--main/utmps/utmpd.run8
-rw-r--r--main/utmps/utmps.initd32
-rw-r--r--main/utmps/utmps.pre-install6
-rw-r--r--main/utmps/utmps.pre-upgrade6
-rw-r--r--main/utmps/wtmpd.run8
6 files changed, 123 insertions, 0 deletions
diff --git a/main/utmps/APKBUILD b/main/utmps/APKBUILD
new file mode 100644
index 0000000000..d3e0b12189
--- /dev/null
+++ b/main/utmps/APKBUILD
@@ -0,0 +1,63 @@
+# Maintainer: Laurent Bercot <ska-devel@skarnet.org>
+# Contributor: Laurent Bercot <ska-devel@skarnet.org>
+pkgname=utmps
+pkgver=0.0.1.0
+pkgrel=0
+pkgdesc="A secure utmp/wtmp implementation"
+url="https://skarnet.org/software/$pkgname/"
+arch="all"
+license="ISC"
+depends="execline s6"
+depends_dev="skalibs-dev"
+makedepends="skalibs-dev"
+options="!check"
+subpackages="$pkgname-dev $pkgname-doc"
+source="https://skarnet.org/software/$pkgname/$pkgname-$pkgver.tar.gz $pkgname.initd utmpd.run wtmpd.run"
+builddir="$srcdir/$pkgname-$pkgver"
+install="$pkgname.pre-install $pkgname.pre-upgrade"
+
+build() {
+ cd "$builddir"
+ ./configure \
+ --enable-shared \
+ --enable-static \
+ --disable-allstatic \
+ --libdir=/usr/lib \
+ --libexecdir="/lib/$pkgname" \
+ --with-dynlib=/lib
+ make
+}
+
+package() {
+ cd "$builddir"
+ make DESTDIR="$pkgdir" install
+ mkdir -p "$pkgdir/etc/init.d" "$pkgdir/var/lib/$pkgname/services/utmpd" "$pkgdir/var/lib/$pkgname/services/wtmpd"
+ cp -f "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname"
+ cp -f "$srcdir/utmpd.run" "$pkgdir/var/lib/$pkgname/services/utmpd/run"
+ echo 3 > "$pkgdir/var/lib/$pkgname/services/utmpd/notification-fd"
+ s6-mkfifodir -g0 -- "$pkgdir/var/lib/$pkgname/services/utmpd/event"
+ cp -f "$srcdir/wtmpd.run" "$pkgdir/var/lib/$pkgname/services/wtmpd/run"
+ echo 3 > "$pkgdir/var/lib/$pkgname/services/wtmpd/notification-fd"
+ s6-mkfifodir -g 0 -- "$pkgdir/var/lib/$pkgname/services/wtmpd/event"
+ chmod 0755 "$pkgdir/etc/init.d/$pkgname" "$pkgdir/var/lib/$pkgname/services/utmpd/run" "$pkgdir/var/lib/$pkgname/services/wtmpd/run"
+ mkdir -m 0700 "$pkgdir/var/lib/$pkgname/services/utmpd/supervise" "$pkgdir/var/lib/$pkgname/services/wtmpd/supervise"
+ dd if=/dev/zero of="$pkgdir/var/lib/$pkgname/services/utmpd/supervise/status" bs=35 count=1
+ dd if=/dev/zero of="$pkgdir/var/lib/$pkgname/services/wtmpd/supervise/status" bs=35 count=1
+}
+
+# Remove this dev() override when musl-dev doesn't own /usr/include/utmpx.h anymore.
+dev() {
+ default_dev
+ rm -f "$subpkgdir/usr/include/utmpx.h"
+}
+
+doc() {
+ default_doc
+ mkdir -p "$subpkgdir/usr/share/doc"
+ cp -a "$builddir/doc" "$subpkgdir/usr/share/doc/$pkgname"
+}
+
+sha512sums="289d745647c01e550b37198c88d6ed5c3a80b3278ff85d6ce4ec066a044877aa7dba85509956dc469169276b606b2d5ac8ea7284b7f043ff798b3c23214ac8a8 utmps-0.0.1.0.tar.gz
+437d0c52ef1ecd23775990225647c2a6ca53691fb5688ffa866a0e6db177a08fe465f2e683e8b98ba668d8ddcd4ffa0fe3939f23ded276f4ca7acaa2553b10e6 utmps.initd
+0ec30284c64c6ea9f25142c5f4a643bd48b137fe85781b650104f5137ffa4dfc35ca7be3e41e3acd3403ebe1d8c5378073afa4e2f3607d3d794fcd9f98ed51c4 utmpd.run
+cba4f2ec3b8f5becf3ae57eecf584745d783046ee6cf5d116322421ad5ffd074d2955da22d31d2b5b1d05f906378aae92f221d2ac95ac21b54a361fbdc0566e7 wtmpd.run"
diff --git a/main/utmps/utmpd.run b/main/utmps/utmpd.run
new file mode 100644
index 0000000000..47bc824a27
--- /dev/null
+++ b/main/utmps/utmpd.run
@@ -0,0 +1,8 @@
+#!/bin/execlineb -P
+
+fdmove -c 2 1
+s6-setuidgid utmp
+cd /run/utmps
+fdmove 1 3
+s6-ipcserver -1 -- .utmpd-socket
+utmps-utmpd
diff --git a/main/utmps/utmps.initd b/main/utmps/utmps.initd
new file mode 100644
index 0000000000..db4570031c
--- /dev/null
+++ b/main/utmps/utmps.initd
@@ -0,0 +1,32 @@
+#!/sbin/openrc-run
+# Copyright 2018 Laurent Bercot
+# Distributed under the terms of the ISC License.
+#
+# OpenRC is only used here to trigger the s6 mechanisms.
+
+depend() {
+ need s6
+}
+
+start() {
+ ebegin "Starting utmpd and wtmpd services"
+ mkdir -p -m 0755 /run/utmps
+ chown utmp:utmp /run/utmps
+
+ # OpenRC has no readiness notification framework, so it can run this before s6 is ready.
+ # To avoid the race (yes, I have hit it), do a polling check here.
+ # If you want to avoid unnecessary delays, switch to a real service manager like s6-rc.
+ until test -e /run/service/.s6-svscan/control ; do sleep 1 ; done
+
+ ln -nsf /var/lib/utmps/services/utmpd /run/service/utmpd
+ ln -nsf /var/lib/utmps/services/wtmpd /run/service/wtmpd
+ s6-svlisten -U -t 5000 -- /var/lib/utmps/services/utmpd /var/lib/utmps/services/wtmpd "" s6-svscanctl -an /run/service
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping utmpd and wtmpd services"
+ rm -f /run/service/utmpd /run/service/wtmpd
+ s6-svlisten -d -t 5000 -- /var/lib/utmps/services/utmpd /var/lib/utmps/services/wtmpd "" s6-svscanctl -an /run/service
+ eend $?
+}
diff --git a/main/utmps/utmps.pre-install b/main/utmps/utmps.pre-install
new file mode 100644
index 0000000000..6db960686c
--- /dev/null
+++ b/main/utmps/utmps.pre-install
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+addgroup -S utmp 2>/dev/null
+adduser -S -D -H -s /bin/false -G utmp -g utmp utmp 2>/dev/null
+echo 'Run "rc-update add s6 default; rc-update add utmps default" to automatically start the utmpd and wtmpd services at boot time.' 1>&2
+exit 0
diff --git a/main/utmps/utmps.pre-upgrade b/main/utmps/utmps.pre-upgrade
new file mode 100644
index 0000000000..6db960686c
--- /dev/null
+++ b/main/utmps/utmps.pre-upgrade
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+addgroup -S utmp 2>/dev/null
+adduser -S -D -H -s /bin/false -G utmp -g utmp utmp 2>/dev/null
+echo 'Run "rc-update add s6 default; rc-update add utmps default" to automatically start the utmpd and wtmpd services at boot time.' 1>&2
+exit 0
diff --git a/main/utmps/wtmpd.run b/main/utmps/wtmpd.run
new file mode 100644
index 0000000000..ab5a40641a
--- /dev/null
+++ b/main/utmps/wtmpd.run
@@ -0,0 +1,8 @@
+#!/bin/execlineb -P
+
+fdmove -c 2 1
+s6-setuidgid utmp
+cd /run/utmps
+fdmove 1 3
+s6-ipcserver -1 -- .wtmpd-socket
+utmps-wtmpd