summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBertrand Jacquin <beber@meleeweb.net>2013-05-28 20:50:27 +0200
committerBertrand Jacquin <beber@meleeweb.net>2013-05-28 23:30:14 +0200
commit199d754a696c67bec366116a297525c7b793d812 (patch)
treee796791ff40f29d50f6fb0986bfa19d58cd57d57
parentdev-libs/libgcrypt: update SRC_URI to only use thirdpartymirrors (diff)
downloadportage-199d754a696c67bec366116a297525c7b793d812.tar.xz
delete old net-misc/scponly (remove --with-default-chdir="/")
-rw-r--r--net-misc/scponly/Manifest4
-rw-r--r--net-misc/scponly/files/scponly-4.8-gcc4.4.0.patch15
-rw-r--r--net-misc/scponly/files/scponly-4.8-rsync.patch212
-rw-r--r--net-misc/scponly/scponly-4.8-r4.ebuild299
4 files changed, 0 insertions, 530 deletions
diff --git a/net-misc/scponly/Manifest b/net-misc/scponly/Manifest
deleted file mode 100644
index 6be8deb4..00000000
--- a/net-misc/scponly/Manifest
+++ /dev/null
@@ -1,4 +0,0 @@
-AUX scponly-4.8-gcc4.4.0.patch 571 RMD160 acb834c4fba11b7f412c930b74ffba6782acf579 SHA1 6b1e6dc884121709d0490dd8b37507826ee1779a SHA256 bf89c4b56552654140c93b5cf3090370c24ee20e5870f0cf0df76218e52e15b2
-AUX scponly-4.8-rsync.patch 7838 RMD160 fc7464eeab781ed51ba85b8120489e10b9db1442 SHA1 992e58ddc5ea7334cf9b72324a96f149b298c210 SHA256 bfab1408ad8cfdfd8fc7f9b583c57a5c6b73be36cb3955db46e4c892acd7e55e
-DIST scponly-4.8.tgz 101687 RMD160 de6b58fcb8108d42a1576c69003e9136b9417869 SHA1 154de34901ce22fd9d406f6e02cddc440c435afc SHA256 1693dd678355749c5d9e48ecdd4628dbfe71d82955afde950ee8d88b5adc01cf
-EBUILD scponly-4.8-r4.ebuild 9070 RMD160 51830293482a2b0bc70568bd270c91d391638ea6 SHA1 e43c4b4f7683ffb9be074939fef52e0b1d174a91 SHA256 5c4be4b1f38db95ae1d6a8ce57d5088c716694dd254be9336466081a3a69cb12
diff --git a/net-misc/scponly/files/scponly-4.8-gcc4.4.0.patch b/net-misc/scponly/files/scponly-4.8-gcc4.4.0.patch
deleted file mode 100644
index d08ce28b..00000000
--- a/net-misc/scponly/files/scponly-4.8-gcc4.4.0.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- helper.c.orig 2009-05-11 00:33:08.000000000 -0600
-+++ helper.c 2009-05-11 00:39:59.000000000 -0600
-@@ -259,11 +259,11 @@
- PROG_RSYNC, logstamp());
- return 1;
- }
- #endif /* RSYNC_COMPAT */
-
--#elif /* HAVE_GETOPT */
-+#else /* HAVE_GETOPT */
- /*
- * make sure that processing doesn't continue if we can't validate a rsync check
- * and if the getopt flag is set.
- */
- syslog(LOG_ERR, "a getopt() argument check could not be performed for %s, recompile scponly without support for %s or rebuild scponly with getopt", av[0], av[0]);
diff --git a/net-misc/scponly/files/scponly-4.8-rsync.patch b/net-misc/scponly/files/scponly-4.8-rsync.patch
deleted file mode 100644
index 40ca5e44..00000000
--- a/net-misc/scponly/files/scponly-4.8-rsync.patch
+++ /dev/null
@@ -1,212 +0,0 @@
-diff -Naur scponly-4.8.orig/CHANGELOG scponly-4.8/CHANGELOG
---- scponly-4.8.orig/CHANGELOG 2008-01-15 15:26:13.000000000 +0900
-+++ scponly-4.8/CHANGELOG 2009-03-18 21:29:48.000000000 +0900
-@@ -1,3 +1,9 @@
-+CVS
-+ Update the SECURITY document to include a reference to /etc/popt and ~/.popt as
-+ they relate to rsync.
-+ Fix for rsync-3.0 which now uses a short -e option, with an optional argument as
-+ a server side option indicating protocol compatibility.
-+
- scponly v4.8 - jan 14 2008
- fix support for quota and passwd when running within the chroot (exec pre-chroot)
- disallow rsync and svnserve from being run as daemons that listen on a port
-diff -Naur scponly-4.8.orig/SECURITY scponly-4.8/SECURITY
---- scponly-4.8.orig/SECURITY 2008-01-15 15:26:13.000000000 +0900
-+++ scponly-4.8/SECURITY 2009-03-18 21:29:48.000000000 +0900
-@@ -28,6 +28,10 @@
-
- svn, svnserve, rsync, and unison
-
-+ Note specifically that rsync uses popt for parsing command line arguments
-+ and popt explicitly checks /etc/popt and $HOME/.popt for aliases. Thus,
-+ users can likely bypass argument checking for rsync.
-+
- 4) Make sure that all files required for the chroot have the IMMUTABLE and
- UNDELETABLE bits set. Other bits might also be prudent. See: man 1 chattr.
-
-@@ -39,13 +43,16 @@
- ~/.ssh, ~/.unison, ~/.subversion
-
- NOTE: depending on file permissions in the above, ssh, unison, and
-- subversion may not work correctly.
-+ subversion may not work correctly. Also note that the location of the
-+ above directories is sometimes system dependent, so please check the
-+ documentation specific to your system.
-
- 7) Make sure that every directory the users have write permissions to are
- on a filesystem that is mounted NODEV, NOEXEC. Eg. Make sure that they
- cannot execute files that they have permissions to upload. They should
- also not need permissions to create any devices. If the user can't execute
-- any files that he has access to upload, then you need not worry about the
-+ any files that he has access to upload and the executable files on the
-+ system are not considered harmful, then you need not worry about the
- security problems referencing svn/svnserve above!
-
- 8) Monitor your logs! If you start to see something funny, odd, or strange in
-diff -Naur scponly-4.8.orig/helper.c scponly-4.8/helper.c
---- scponly-4.8.orig/helper.c 2008-01-15 15:26:13.000000000 +0900
-+++ scponly-4.8/helper.c 2009-03-18 21:29:48.000000000 +0900
-@@ -6,17 +6,15 @@
- #include <sys/types.h> /* for stat, getpwuid */
- #include <sys/stat.h> /* for stat */
- #include <unistd.h> /* for exit, access, getpwuid, execve, getopt */
--#ifdef HAVE_GETOPT_H
--#include <getopt.h> /* for getopt */
--#endif
- #include <errno.h> /* for debugging */
- #include <pwd.h> /* to get username for config parsing */
- #include <time.h> /* time */
- #include <libgen.h> /* basename */
- #include <stdlib.h> /* realloc */
- #include <syslog.h>
--#include "scponly.h"
-+
- #include "config.h"
-+#include "scponly.h" /* includes getopt */
-
- #ifdef HAVE_GLOB
- #include <glob.h> /* for glob() */
-@@ -26,6 +24,11 @@
- #endif
- #endif
-
-+#ifdef RSYNC_COMPAT
-+#define RSYNC_ARG_SERVER 0x01
-+#define RSYNC_ARG_EXECUTE 0x02
-+#endif
-+
- #define MAX(x,y) ( ( x > y ) ? x : y )
- #define MIN(x,y) ( ( x < y ) ? x : y )
-
-@@ -164,6 +167,13 @@
- int ch;
- int ac=0;
- int longopt_index = 0;
-+#ifdef RSYNC_COMPAT
-+ /*
-+ * bitwise flag: 0x01 = server, 0x02 = -e.
-+ * Thus 0x03 is allowed and 0x01 is allowed, but 0x02 is not allowed
-+ */
-+ int rsync_flags = 0;
-+#endif /* RSYNC_COMPAT */
-
- while (cmdarg != NULL)
- {
-@@ -207,7 +217,7 @@
- * otherwise, try a glibc-style reset of the global getopt vars
- */
- optind=0;
--#endif
-+#endif /* HAVE_OPTRESET */
- /*
- * tell getopt to only be strict if the 'opts' is well defined
- */
-@@ -216,28 +226,49 @@
-
- debug(LOG_DEBUG, "getopt processing returned '%c' (%s)", ch, logstamp());
-
-+#ifdef RSYNC_COMPAT
-+ if (exact_match(cmdarg->name, PROG_RSYNC) && (ch == 's' || ch == 'e')) {
-+ if (ch == 's')
-+ rsync_flags |= RSYNC_ARG_SERVER;
-+ else
-+ /* -e */
-+ rsync_flags |= RSYNC_ARG_EXECUTE;
-+ debug(LOG_DEBUG, "rsync_flags are now set to: %0x", rsync_flags);
-+ }
-+ else
-+#endif /* RSYNC_COMPAT */
-+
- /* if the character is found in badarg, then it's not a permitted option */
- if (cmdarg->badarg != NULL && (strchr(cmdarg->badarg, ch) != NULL))
- {
- syslog(LOG_ERR, "option '%c' or a related long option is not permitted for use with %s (arg was %s) (%s))",
-- ch, cmdarg->name, optarg, logstamp());
-+ ch, cmdarg->name, (optarg!=NULL ? optarg : "<NULL>"), logstamp());
- return 1;
- }
- else if (cmdarg->strict && ch == '?')
- {
- syslog(LOG_ERR, "an unrecognized option was encountered while processing cmd %s (arg was %s) (%s))",
-- cmdarg->name, optarg, logstamp());
-+ cmdarg->name, (optarg!=NULL ? optarg : "<NULL>"), logstamp());
- return 1;
- }
- }
--#elif
-+#ifdef RSYNC_COMPAT
-+ /* it's not safe if the execute flag was set and server was not set */
-+ if ((rsync_flags & RSYNC_ARG_EXECUTE) != 0 && (rsync_flags & RSYNC_ARG_SERVER) == 0) {
-+ syslog(LOG_ERR, "option 'e' is not allowed unless '--server' is also set with cmd %s (%s)",
-+ PROG_RSYNC, logstamp());
-+ return 1;
-+ }
-+#endif /* RSYNC_COMPAT */
-+
-+#elif /* HAVE_GETOPT */
- /*
- * make sure that processing doesn't continue if we can't validate a rsync check
- * and if the getopt flag is set.
- */
- syslog(LOG_ERR, "a getopt() argument check could not be performed for %s, recompile scponly without support for %s or rebuild scponly with getopt", av[0], av[0]);
- return 1;
--#endif
-+#endif /* HAVE_GETOPT */
- }
- else
- /*
-diff -Naur scponly-4.8.orig/scponly.c scponly-4.8/scponly.c
---- scponly-4.8.orig/scponly.c 2008-01-15 15:28:24.000000000 +0900
-+++ scponly-4.8/scponly.c 2009-03-18 21:29:48.000000000 +0900
-@@ -91,16 +91,18 @@
-
- #ifdef RSYNC_COMPAT
- struct option rsync_longopts[] = {
-+ /* options we need to know about that are safe */
-+ {"server", 0, 0, (int)'s'},
- /* I use 'e' for val here because that's what's listed in cmd_arg_t->badarg */
-- {"rsh", 1, 0, (int)'e'},
-+ {"rsh", 1, 0, (int)'r'},
- /* the following are disabled because they use daemon mode */
-- {"daemon", 0, 0, (int)'e'},
-- {"rsync-path", 1, 0, (int)'e'},
-- {"address", 1, 0, (int)'e'},
-- {"port", 1, 0, (int)'e'},
-- {"sockopts", 1, 0, (int)'e'},
-- {"config", 1, 0, (int)'e'},
-- {"no-detach", 0, 0, (int)'e'},
-+ {"daemon", 0, 0, (int)'d'},
-+ {"rsync-path", 1, 0, (int)'d'},
-+ {"address", 1, 0, (int)'d'},
-+ {"port", 1, 0, (int)'d'},
-+ {"sockopts", 1, 0, (int)'d'},
-+ {"config", 1, 0, (int)'d'},
-+ {"no-detach", 0, 0, (int)'d'},
- { NULL, 0, NULL, 0 },
- };
- #endif
-@@ -157,7 +159,7 @@
- { PROG_SCP, 1, 1, "SoF", "dfl:prtvBCc:i:P:q1246S:o:F:", empty_longopts },
- #endif
- #ifdef RSYNC_COMPAT
-- { PROG_RSYNC, 1, 0, "e", "e:", rsync_longopts },
-+ { PROG_RSYNC, 1, 0, "rde", "e::", rsync_longopts },
- #endif
- #ifdef UNISON_COMPAT
- { PROG_UNISON, 0, 0, "-rshcmd", NULL, empty_longopts },
-diff -Naur scponly-4.8.orig/scponly.h scponly-4.8/scponly.h
---- scponly-4.8.orig/scponly.h 2008-01-15 15:26:13.000000000 +0900
-+++ scponly-4.8/scponly.h 2009-03-18 21:29:48.000000000 +0900
-@@ -1,6 +1,9 @@
- #include <stdio.h> /* FILENAME_MAX */
--#include <getopt.h> /* struct option */
--#include "config.h"
-+#include "config.h" /* include before most other files */
-+
-+#ifdef HAVE_GETOPT_H
-+#include <getopt.h> /* for struct option for getopt */
-+#endif
-
- #define MAX_USERNAME 32
- #define MAX_REQUEST (1024) /* any request exceeding this is truncated */
diff --git a/net-misc/scponly/scponly-4.8-r4.ebuild b/net-misc/scponly/scponly-4.8-r4.ebuild
deleted file mode 100644
index 31d37c98..00000000
--- a/net-misc/scponly/scponly-4.8-r4.ebuild
+++ /dev/null
@@ -1,299 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/scponly/scponly-4.8-r4.ebuild,v 1.5 2010/04/11 11:16:27 nixnut Exp $
-
-EAPI="1"
-inherit eutils multilib toolchain-funcs
-
-DESCRIPTION="A tiny pseudoshell which only permits scp and sftp"
-HOMEPAGE="http://www.sublimation.org/scponly/"
-SRC_URI="mirror://sourceforge/scponly/${P}.tgz"
-
-LICENSE="as-is"
-SLOT="0"
-KEYWORDS="amd64 ~mips ppc sparc x86"
-IUSE="+sftp scp winscp gftp rsync unison subversion wildcards quota passwd logging"
-
-RDEPEND="sys-apps/sed
- net-misc/openssh
- quota? ( sys-fs/quota )
- !mips? ( passwd? ( sys-apps/shadow ) )
- rsync? ( net-misc/rsync )
- !mips? ( unison? ( net-misc/unison ) )
- subversion? ( dev-vcs/subversion )"
-DEPEND="${RDEPEND}"
-
-myuser="scponly"
-myhome="/home/${myuser}"
-mysubdir="/pub"
-
-pkg_setup() {
- if use mips; then
- if use unison || use passwd; then
- eerror
- eerror "unison and passwd use-flags are not supported on mips yet!"
- die "unsupported use-flags for your arch"
- fi
- fi
-
- if use unison; then
- if [ ! -e "${ROOT}usr/bin/unison" ]; then
- eerror
- eerror "please run 'eselect unison set <version>' first!"
- die "can't find /usr/bin/unison"
- fi
- fi
-
- if ! use subversion && ! use unison && ! use rsync && \
- ! use sftp && ! use scp && ! use winscp; then
- eerror
- eerror "you have to enable at least one of the following use-flags:"
- eerror "sftp scp winscp rsync unison subversion"
- die "your build will quite useless without any compatibility mode"
- fi
-
- if use subversion || use unison || use rsync || use wildcards || use scp || use winscp; then
- ewarn
- ewarn "NOTE THE FOLLOWING SECURITY RISKS:"
- ewarn
- if use wildcards; then
- ewarn "-- by enabling wildcards, there is a slightly higher chance of an exploit"
- fi
- if use scp || use winscp; then
- ewarn "-- by enabling scp and/or winscp compatibility, more programs will need"
- ewarn " to be installed in the chroot which increases the risk."
- fi
- if use subversion; then
- ewarn "-- CAUTION: by enabling subversion the user WILL BE ABLE TO EXECUTE"
- ewarn " SCRIPTS OR PROGRAMS INDIRECTLY! svn and svnserve will try to execute"
- ewarn " pre-commit, post-commit hooks, as well as a few others. These files"
- ewarn " have specific filenames at specific locations relative to the svn"
- ewarn " repository root. Thus, unless you are *very* careful about security,"
- ewarn " the user WILL BE ABLE TO EXECUTE SCRIPTS OR PROGRAMS INDIRECTLY!"
- ewarn " This can be prevented by a careful configuration."
- fi
- if use subversion || use unison || use rsync; then
- ewarn "-- The following programs use configuration files that might allow the"
- ewarn " user to bypass security restrictions placed on command line arguments:"
- ewarn " svn, svnserve, rsync, unison"
- fi
- ewarn
- ewarn "please read /usr/share/doc/${PF}/SECURITY* after install!"
- ewarn
- ebeep 5
- fi
-}
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- epatch "${FILESDIR}/${P}-rsync.patch"
- # bug #269242
- epatch "${FILESDIR}/${P}-gcc4.4.0.patch"
-}
-
-src_compile() {
- CFLAGS="${CFLAGS} ${LDFLAGS}" econf \
- --with-sftp-server="/usr/$(get_libdir)/misc/sftp-server" \
- --disable-restrictive-names \
- --enable-chrooted-binary \
- --enable-chroot-checkdir \
- $(use_enable winscp winscp-compat) \
- $(use_enable gftp gftp-compat) \
- $(use_enable scp scp-compat) \
- $(use_enable sftp sftp) \
- $(use_enable quota quota-compat) \
- $(use_enable passwd passwd-compat) \
- $(use_enable rsync rsync-compat) \
- $(use_enable unison unison-compat) \
- $(use_enable subversion svn-compat) \
- $(use_enable subversion svnserv-compat) \
- $(use_enable logging sftp-logging-compat) \
- $(use_enable wildcards wildcards) \
- || die "econf failed"
- emake CC=$(tc-getCC) || die "emake failed"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die
-
- dodoc AUTHOR BUILDING-JAILS.TXT CHANGELOG CONTRIB README SECURITY TODO
-
- # don't compress setup-script, so it is usable if necessary
- insinto /usr/share/doc/${PF}/chroot
- doins setup_chroot.sh config.h
-}
-
-pkg_postinst() {
- elog
- elog "You might want to run"
- elog " emerge --config =${CATEGORY}/${PF}"
- elog "to setup the chroot. Otherwise you will have to setup chroot manually."
- elog
- elog "Please read the docs in /usr/share/doc/${PF} for more informations!"
- elog
-
- # two slashes ('//') are used by scponlyc to determine the chroot point.
- enewgroup "${myuser}"
- enewuser "${myuser}" -1 /usr/sbin/scponlyc "${myhome}//" "${myuser}"
-}
-
-pkg_config() {
- # pkg_postinst is based on ${S}/setup_chroot.sh.
-
- einfo "Collecting binaries and libraries..."
-
- # Binaries launched in sftp compat mode
- if built_with_use =${CATEGORY}/${PF} sftp; then
- BINARIES="/usr/$(get_libdir)/misc/sftp-server"
- fi
-
- # Binaries launched by vanilla- and WinSCP modes
- if built_with_use =${CATEGORY}/${PF} scp || \
- built_with_use =${CATEGORY}/${PF} winscp; then
- BINARIES="${BINARIES} /usr/bin/scp /bin/ls /bin/rm /bin/ln /bin/mv"
- BINARIES="${BINARIES} /bin/chmod /bin/chown /bin/chgrp /bin/mkdir /bin/rmdir"
- fi
-
- # Binaries launched in WinSCP compatibility mode
- if built_with_use =${CATEGORY}/${PF} winscp; then
- BINARIES="${BINARIES} /bin/pwd /bin/groups /usr/bin/id /bin/echo"
- fi
-
- # Rsync compatability mode
- if built_with_use =${CATEGORY}/${PF} rsync; then
- BINARIES="${BINARIES} /usr/bin/rsync"
- fi
-
- # Unison compatability mode
- if built_with_use =${CATEGORY}/${PF} unison; then
- BINARIES="${BINARIES} /usr/bin/unison"
- fi
-
- # subversion cli/svnserv compatibility
- if built_with_use =${CATEGORY}/${PF} subversion; then
- BINARIES="${BINARIES} /usr/bin/svn /usr/bin/svnserve"
- fi
-
- # passwd compatibility
- if built_with_use =${CATEGORY}/${PF} passwd; then
- BINARIES="${BINARIES} /bin/passwd"
- fi
-
- # quota compatibility
- if built_with_use =${CATEGORY}/${PF} quota; then
- BINARIES="${BINARIES} /usr/bin/quota"
- fi
-
- # build lib dependencies
- LIB_LIST=$(ldd ${BINARIES} | sed -n 's:.* => \(/[^ ]\+\).*:\1:p' | sort -u)
-
- # search and add ld*.so
- for LIB in /$(get_libdir)/ld.so /libexec/ld-elf.so /libexec/ld-elf.so.1 \
- /usr/libexec/ld.so /$(get_libdir)/ld-linux*.so.2 /usr/libexec/ld-elf.so.1; do
- [ -f "${LIB}" ] && LIB_LIST="${LIB_LIST} ${LIB}"
- done
-
- # search and add libnss_*.so
- for LIB in /$(get_libdir)/libnss_{compat,files}*.so.*; do
- [ -f "${LIB}" ] && LIB_LIST="${LIB_LIST} ${LIB}"
- done
-
- # create base dirs
- if [ ! -d "${myhome}" ]; then
- einfo "Creating ${myhome}"
- install -o0 -g0 -m0755 -d "${myhome}"
- else
- einfo "Setting owner for ${myhome}"
- chown 0:0 "${myhome}"
- fi
-
- if [ ! -d "${myhome}/etc" ]; then
- einfo "Creating ${myhome}/etc"
- install -o0 -g0 -m0755 -d "${myhome}/etc"
- fi
-
- if [ ! -d "${myhome}/$(get_libdir)" ]; then
- einfo "Creating ${myhome}/$(get_libdir)"
- install -o0 -g0 -m0755 -d "${myhome}/$(get_libdir)"
- fi
-
- if [ ! -e "${myhome}/lib" ]; then
- einfo "Creating ${myhome}/lib"
- ln -snf $(get_libdir) "${myhome}/lib"
- fi
-
- if [ ! -d "${myhome}/usr/$(get_libdir)" ]; then
- einfo "Creating ${myhome}/usr/$(get_libdir)"
- install -o0 -g0 -m0755 -d "${myhome}/usr/$(get_libdir)"
- fi
-
- if [ ! -e "${myhome}/usr/lib" ]; then
- einfo "Creating ${myhome}/usr/lib"
- ln -snf $(get_libdir) "${myhome}/usr/lib"
- fi
-
- if [ ! -d "${myhome}${mysubdir}" ]; then
- einfo "Creating ${myhome}${mysubdir} directory for uploading files"
- install -o${myuser} -g${myuser} -m0755 -d "${myhome}${mysubdir}"
- fi
-
- # create /dev/null (Bug 135505)
- if [ ! -e "${myhome}/dev/null" ]; then
- install -o0 -g0 -m0755 -d "${myhome}/dev"
- mknod -m0777 "${myhome}/dev/null" c 1 3
- fi
-
- # install binaries
- for BIN in ${BINARIES}; do
- einfo "Install ${BIN}"
- install -o0 -g0 -m0755 -d "${myhome}$(dirname ${BIN})"
- if [ "${BIN}" = "/bin/passwd" ]; then # needs suid
- install -p -o0 -g0 -m04711 "${BIN}" "${myhome}/${BIN}"
- else
- install -p -o0 -g0 -m0755 "${BIN}" "${myhome}/${BIN}"
- fi
- done
-
- # install libs
- for LIB in ${LIB_LIST}; do
- einfo "Install ${LIB}"
- install -o0 -g0 -m0755 -d "${myhome}$(dirname ${LIB})"
- install -p -o0 -g0 -m0755 "${LIB}" "${myhome}/${LIB}"
- done
-
- # create ld.so.conf
- einfo "Creating /etc/ld.so.conf"
- for LIB in ${LIB_LIST}; do
- dirname ${LIB}
- done | sort -u | while read DIR; do
- if ! grep 2>/dev/null -q "^${DIR}$" "${myhome}/etc/ld.so.conf"; then
- echo "${DIR}" >> "${myhome}/etc/ld.so.conf"
- fi
- done
- ldconfig -r "${myhome}"
-
- # update shells
- einfo "Updating /etc/shells"
- grep 2>/dev/null -q "^/usr/bin/scponly$" /etc/shells \
- || echo "/usr/bin/scponly" >> /etc/shells
-
- grep 2>/dev/null -q "^/usr/sbin/scponlyc$" /etc/shells \
- || echo "/usr/sbin/scponlyc" >> /etc/shells
-
- # create /etc/passwd
- if [ ! -e "${myhome}/etc/passwd" ]; then
- (
- echo "root:x:0:0:root:/:/bin/sh"
- sed -n "s|^\(${myuser}:[^:]*:[^:]*:[^:]*:[^:]*:\).*|\1${mysubdir}:/bin/sh|p" /etc/passwd
- ) > "${myhome}/etc/passwd"
- fi
-
- # create /etc/group
- if [ ! -e "${myhome}/etc/group" ]; then
- (
- echo "root:x:0:"
- sed -n "s|^\(${myuser}:[^:]*:[^:]*:\).*|\1|p" /etc/group
- ) > "${myhome}/etc/group"
- fi
-}