You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
196 lines
5.8 KiB
196 lines
5.8 KiB
# Copyright 1999-2011 Gentoo Foundation
|
|
# Distributed under the terms of the GNU General Public License v2
|
|
# $Header: /var/cvsroot/gentoo-x86/net-proxy/sshproxy/sshproxy-0.6.0_beta2-r1.ebuild,v 1.4 2011/04/05 21:46:43 arfrever Exp $
|
|
|
|
EAPI="3"
|
|
PYTHON_DEPEND="2"
|
|
|
|
inherit distutils eutils
|
|
|
|
DESCRIPTION="sshproxy is an ssh gateway to apply ACLs on ssh connections"
|
|
HOMEPAGE="http://sshproxy-project.org/"
|
|
SRC_URI="http://sshproxy-project.org/download/${P}.tar.gz"
|
|
|
|
LICENSE="GPL-2"
|
|
SLOT="0"
|
|
KEYWORDS="~amd64 ~x86"
|
|
|
|
IUSE="client-only mysql minimal"
|
|
# mysql: install the mysql_db backend driver
|
|
# minimal: do not install extra plugins
|
|
# client-only: install only the client wrappers
|
|
|
|
DEPEND="!client-only? (
|
|
>=dev-python/paramiko-1.6.2
|
|
mysql? ( >=dev-python/mysql-python-1.2.0 )
|
|
)"
|
|
RDEPEND="${DEPEND}
|
|
net-misc/openssh"
|
|
|
|
pkg_setup() {
|
|
python_set_active_version 2
|
|
python_pkg_setup
|
|
|
|
enewgroup sshproxy
|
|
enewuser sshproxy -1 -1 /var/lib/sshproxy sshproxy
|
|
}
|
|
|
|
src_prepare() {
|
|
# avoid conflicts with net-misc/putty and net-misc/pssh
|
|
# by renaming pscp and pssh scripts (#248193 and #278794)
|
|
epatch "${FILESDIR}"/${P}-rename-wrappers.patch
|
|
sed -i -e 's/pscp/spscp/g;s/pssh/spssh/g' doc/* && \
|
|
mv bin/pssh bin/spssh && \
|
|
mv bin/pscp bin/spscp && \
|
|
mv doc/pscp.1 doc/spscp.1 && \
|
|
mv doc/pssh.1 doc/spssh.1 || die "failed to rename pscp or pssh files"
|
|
ewarn "For avoiding conflicts with net-misc/putty and net-misc/pssh,"
|
|
ewarn "pscp and pssh scripts have been renamed as spscp respectively spssh."
|
|
}
|
|
|
|
src_install () {
|
|
dobin bin/spssh
|
|
dobin bin/spscp
|
|
if ! use client-only; then
|
|
distutils_src_install
|
|
|
|
diropts -o sshproxy -g sshproxy -m0750
|
|
keepdir /var/lib/sshproxy
|
|
keepdir /var/log/sshproxy
|
|
|
|
# Create a default sshproxy.ini
|
|
dodir /etc/sshproxy
|
|
insopts -o root -g sshproxy -m0600
|
|
insinto /etc/sshproxy
|
|
doins "${FILESDIR}/sshproxy.ini"
|
|
local BLOWFISH_SECRET=$(printf "%04hX%04hX%04hX%04hX\n" ${RANDOM} ${RANDOM} ${RANDOM} ${RANDOM})
|
|
sed -i -e "s/%BLOWFISH_SECRET%/${BLOWFISH_SECRET}/" \
|
|
-e "s/%HOSTNAME%/${HOSTNAME}/" \
|
|
"${D}/etc/sshproxy/sshproxy.ini"
|
|
|
|
insopts -o sshproxy -g sshproxy -m0600
|
|
rm -rf "${D}/usr/lib/sshproxy/spexpect"
|
|
if use minimal; then
|
|
local p
|
|
for p in acl_funcs console_extra logusers; do
|
|
rm -rf "${D}/usr/lib/sshproxy/${p}"
|
|
done
|
|
else
|
|
keepdir /var/log/sshproxy/logusers
|
|
{ # initialize a reasonable value for the logusers plugin
|
|
echo
|
|
echo "[logusers]"
|
|
echo "logdir = /var/log/sshproxy/logusers"
|
|
echo
|
|
} >> "${D}/etc/sshproxy/sshproxy.ini"
|
|
fi
|
|
|
|
# init/conf files for sshproxy daemon
|
|
newinitd "${FILESDIR}/sshproxyd.initd" sshproxyd
|
|
newconfd "${FILESDIR}/sshproxyd.confd" sshproxyd
|
|
|
|
# install manpages
|
|
doman doc/spscp.1
|
|
doman doc/spssh.1
|
|
if ! use client-only; then
|
|
doman doc/sshproxy.ini.5
|
|
doman doc/sshproxy-setup.8
|
|
doman doc/sshproxyd.8
|
|
fi
|
|
|
|
if use mysql; then
|
|
insinto /usr/share/sshproxy/mysql_db
|
|
doins misc/mysql_db.sql
|
|
doins misc/sshproxy-mysql-user.sql
|
|
else
|
|
rm -rf "${D}/usr/lib/sshproxy/mysql_db"
|
|
sed -i -e 's/[ \t]\+mysql//' \
|
|
"${D}/etc/init.d/sshproxyd"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
pkg_postinst () {
|
|
echo
|
|
einfo "Don't forget to set the following environment variables"
|
|
einfo " SSHPROXY_HOST (default to localhost)"
|
|
einfo " SSHPROXY_PORT (default to 2242)"
|
|
einfo " SSHPROXY_USER (default to \$USER)"
|
|
einfo "for each sshproxy user."
|
|
if ! use client-only; then
|
|
distutils_pkg_postinst
|
|
|
|
echo
|
|
einfo "If this is your first installation, run"
|
|
einfo " emerge --config =${CATEGORY}/${PF}"
|
|
einfo "to initialize the backend and configure sshproxy."
|
|
echo
|
|
einfo "There is no need to install sshproxy on a client machine."
|
|
einfo "You can connect to a SSH server using this proxy by running"
|
|
einfo " ssh -tp PROXY_PORT PROXY_USER@PROXY_HOST -- REMOTE_USER@REMOTE_HOST"
|
|
fi
|
|
}
|
|
|
|
pkg_config() {
|
|
if [[ -d "${ROOT}/usr/lib/sshproxy/mysql_db" ]]; then
|
|
local PASSWD=$(printf "%04hX%04hX%04hX%04hX\n" ${RANDOM} ${RANDOM} ${RANDOM} ${RANDOM})
|
|
local SHARE="${ROOT}/usr/share/sshproxy/mysql_db"
|
|
local DB_HOST DB_PORT
|
|
read -p "Enter the MySQL host (default localhost): " DB_HOST
|
|
[[ -n "${DB_HOST}" ]] || DB_HOST=localhost
|
|
read -p "Enter the MySQL port (default 3306): " DB_PORT
|
|
[[ -n "${DB_PORT}" ]] || DB_PORT=3306
|
|
|
|
ewarn "When prompted for a password, enter your MySQL root password"
|
|
ewarn
|
|
|
|
if mysql -h ${DB_HOST} -P ${DB_PORT} -u root -p <<EOF ; then
|
|
CREATE DATABASE sshproxy;
|
|
USE sshproxy;
|
|
$(sed -e "s/sshproxypw/${PASSWD}/g" "${SHARE}/sshproxy-mysql-user.sql")
|
|
$(<"${SHARE}/mysql_db.sql")
|
|
EOF
|
|
|
|
{
|
|
echo
|
|
echo "[client_db.mysql]"
|
|
echo "host = ${DB_HOST}"
|
|
echo "password = ${PASSWD}"
|
|
echo "db = sshproxy"
|
|
echo "user = sshproxy"
|
|
echo "port = ${DB_PORT}"
|
|
echo
|
|
echo "[acl_db.mysql]"
|
|
echo "host = ${DB_HOST}"
|
|
echo "password = ${PASSWD}"
|
|
echo "db = sshproxy"
|
|
echo "user = sshproxy"
|
|
echo "port = ${DB_PORT}"
|
|
echo
|
|
echo "[site_db.mysql]"
|
|
echo "host = ${DB_HOST}"
|
|
echo "password = ${PASSWD}"
|
|
echo "db = sshproxy"
|
|
echo "user = sshproxy"
|
|
echo "port = ${DB_PORT}"
|
|
} >> "${ROOT}/etc/sshproxy/sshproxy.ini"
|
|
|
|
sed -i -e 's/^\(\(acl\|client\|site\)_db = \)ini_db/\1mysql_db/g' \
|
|
"${ROOT}/etc/sshproxy/sshproxy.ini"
|
|
grep -q "^plugin_list .* mysql_db" \
|
|
"${ROOT}/etc/sshproxy/sshproxy.ini" || \
|
|
sed -i -e 's/^\(plugin_list = .*\)$/\1 mysql_db/g' \
|
|
"${ROOT}/etc/sshproxy/sshproxy.ini"
|
|
else
|
|
ewarn "Failed to create MySQL database!"
|
|
ewarn "If the database already existed and you want to replace it,"
|
|
ewarn "hit Ctrl-C now and drop the old database by running the command:"
|
|
ewarn " /usr/bin/mysqladmin -h ${DB_HOST} -P ${DB_PORT} -u root -p drop sshproxy"
|
|
read -p "Hit Ctrl-C to stop the procedure or Enter to continue " key
|
|
fi
|
|
fi
|
|
|
|
INITD_STARTUP="/etc/init.d/sshproxyd start" chroot "${ROOT}" \
|
|
sshproxy-setup -u sshproxy -c /etc/sshproxy
|
|
}
|