Mail archive
alpine-aports

Re: [alpine-aports] [PATCH 1/3] testing/tinyssh: new aport

From: Natanael Copa <n_at_tanael.org>
Date: Wed, 15 Jul 2015 22:15:40 +0200

On Wed, 15 Jul 2015 16:53:20 +0000
Stuart Cardall <developer_at_it-offshore.co.uk> wrote:

> tinyssh is a small ssh server which is secure by default http://tinyssh.org/
>
> It only accepts logins via key, uses secure cryptography & does NOT depend on
> OpenSSL.
> ---
> testing/tinyssh/APKBUILD | 64 ++++++++++++++++++++++++++++++++++++
> testing/tinyssh/tinyssh.confd | 8 +++++
> testing/tinyssh/tinyssh.initd | 43 ++++++++++++++++++++++++
> testing/tinyssh/tinyssh.post-install | 4 +++
> 4 files changed, 119 insertions(+)
> create mode 100644 testing/tinyssh/APKBUILD
> create mode 100644 testing/tinyssh/tinyssh.confd
> create mode 100644 testing/tinyssh/tinyssh.initd
> create mode 100644 testing/tinyssh/tinyssh.post-install
>
> diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
> new file mode 100644
> index 0000000..c7537a3
> --- /dev/null
> +++ b/testing/tinyssh/APKBUILD
> _at_@ -0,0 +1,64 @@
> +# Contributor: Stuart Cardall <developer_at_it-offshore.co.uk>
> +# Maintainer: Stuart Cardall <developer_at_it-offshore.co.uk>
> +pkgname=tinyssh
> +pkgver=20150501
> +pkgrel=0
> +pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on OpenSSL)"
> +url="http://tinyssh.org/"
> +arch="all"
> +license="CC0 1.0"
> +subpackages="$pkgname-doc"
> +source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
> + $pkgname.initd
> + $pkgname.confd
> + "
> +
> +_builddir="$srcdir"/$pkgname-$pkgver
> +prepare() {
> + local i
> + cd "$_builddir"
> + for i in $source; do
> + case $i in
> + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
> + esac
> + done
> +}
> +
> +build() {
> + cd "$_builddir"
> + make || return 1
> +}
> +
> +package() {
> + cd "$_builddir"
> + make install DESTDIR="${pkgdir}" || return 1
> + mkdir -p "$pkgdir"/etc/$pkgname
> + install -m755 -D "$srcdir"/$pkgname.initd \
> + "$pkgdir"/etc/init.d/tinysshd || return 1
> + install -m644 -D "$srcdir"/$pkgname.confd \
> + "$pkgdir"/etc/conf.d/tinysshd || return 1
> + # post-install message
> + mkdir -p "$pkgdir/usr/share/doc/$pkgname"
> + cat > $pkgdir/usr/share/doc/$pkgname/README.alpine <<EOF
> +TinySSH can be run in 3 different ways:
> +--------------------------------------
> +(1) /etc/init.d/tinysshd (requires tcpserver & takes care of key generation)
> +
> +(2) via inetd (you will need to 'tinysshd-makekeys <dir>' manually):
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/sshkeys' >> /etc/inetd.conf
> +rc-service inetd start
> +
> +(3) Using runit with either (1) or (2)
> +EOF
> +}
> +
> +md5sums="0e8b4add3fa6c4481e7b8159aca75b2f tinyssh-20150501.tar.bz2
> +78ec724804035bae29e1c47abec737d8 tinyssh.initd
> +83e705f0f71db5ae0d8530edafa63497 tinyssh.confd"
> +sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470 tinyssh-20150501.tar.bz2
> +b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c tinyssh.initd
> +c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774 tinyssh.confd"
> +sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe tinyssh-20150501.tar.bz2
> +d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478 tinyssh.initd
> +4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9 tinyssh.confd"
> diff --git a/testing/tinyssh/tinyssh.confd b/testing/tinyssh/tinyssh.confd
> new file mode 100644
> index 0000000..d7ba22a
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.confd
> _at_@ -0,0 +1,8 @@
> +# TinySSH conf.d file for Alpine Linux
> +
> +# Specify daemon options here:
> +# OPTIONS="-l -v"
> +
> +# override config directory / port here:
> +# CONFDIR=/etc/tinyssh
> +# PORT=22
> diff --git a/testing/tinyssh/tinyssh.initd b/testing/tinyssh/tinyssh.initd
> new file mode 100644
> index 0000000..364ffb2
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.initd
> _at_@ -0,0 +1,43 @@
> +#!/sbin/openrc-run
> +# Alpine Linux init.d for TinySSH
> +# Copyright 2015 Stuart Cardall (developer_at_it-offshore.co.uk)
> +# Distributed under the terms of the GNU General Public License, v2 or later #
> +
> +name=tinysshd
> +daemon=/usr/sbin/$name
> +keygen=$daemon-makekey
> +CONFDIR=${CONFDIR:-/etc/tinyssh}
> +keydir=${CONFDIR}/sshkeys
> +OPTIONS=${OPTIONS:-\-v -l}
> +PORT=${PORT:-22}
> +pidfile=/var/run/$name.pid
> +server_opts="-HRDl0 0.0.0.0 ${PORT} $daemon ${OPTIONS} $keydir"
> +
> +depend() {
> + use net
> + after logger firewall
> +}
> +
> +checkconfig() {
> + checkpath --directory ${CONFDIR}
> + eval $keygen $keydir 2>/dev/null
> + # tinyssh also runs from inetd without tcpserver
> + if [ ! -f /usr/bin/tcpserver ]; then
> + apk add --quiet ucspi-tcp
> + fi

I don't like installing packages from an init.d script. Better exit
with error if something is wrong.

Or even better, have a subpackage called tcpserver-tinyssh or
tinyssh-initscript which provides the init.d script and depends on
ucspi-tcp.

> +}
> +
> +start() {
> + checkconfig
> + ebegin "Starting ${name}"
> + start-stop-daemon --start --make-pidfile --background --pidfile $pidfile \
> + --exec tcpserver -- $server_opts
> + eend $?
> +}
> +
> +stop() {
> + ebegin "Stopping ${name}"
> + start-stop-daemon --stop --quiet \
> + --pidfile $pidfile
> + eend $?
> +}
> diff --git a/testing/tinyssh/tinyssh.post-install b/testing/tinyssh/tinyssh.post-install
> new file mode 100644
> index 0000000..33ba55b
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.post-install
> _at_@ -0,0 +1,4 @@
> +#!/bin/sh
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/keys' >> /etc/inetd.conf
> +

What do you think will happen if I want use the tcpserver method with
init.d script for tinyssh but want run inetd.conf for other purposes?

I think we should just delete the post-install script...


-nc


---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed Jul 15 2015 - 22:15:40 GMT