~alpine/aports

7 4

[alpine-aports]

Stuart Cardall <developer@it-offshore.co.uk>
Details
Message ID
<1436979202-54739-1-git-send-email-developer@it-offshore.co.uk>
Sender timestamp
1436979199
DKIM signature
missing
Download raw message
8 years ago 
Dropbear doesn't use secure cryptography & tinyssh is a secure equivalent
that does NOT depend on OpenSSL. In testing both use around 500k of RAM.
Out of the box Tinyssh uses all of the secure settings you need to configure
manually with openssh: http://tinyurl.com/oynxrrr

Using runit / socklog together you don't need logrotate. Tested with nginx
& ssh on remote LXC containers as an alternative to services on Docker.



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---

[alpine-aports] [PATCH 1/3] testing/tinyssh: new aport

Stuart Cardall <developer@it-offshore.co.uk>
Details
Message ID
<1436979202-54739-2-git-send-email-developer@it-offshore.co.uk>
In-Reply-To
<1436979202-54739-1-git-send-email-developer@it-offshore.co.uk> (view parent)
Sender timestamp
1436979200
DKIM signature
missing
Download raw message
8 years ago
Patch: +119 -0 
tinyssh is a small ssh server which is secure by default http://tinyssh.org/

It only accepts logins via key, uses secure cryptography & does NOT depend on
OpenSSL.
---
 testing/tinyssh/APKBUILD             | 64 ++++++++++++++++++++++++++++++++++++
 testing/tinyssh/tinyssh.confd        |  8 +++++
 testing/tinyssh/tinyssh.initd        | 43 ++++++++++++++++++++++++
 testing/tinyssh/tinyssh.post-install |  4 +++
 4 files changed, 119 insertions(+)
 create mode 100644 testing/tinyssh/APKBUILD
 create mode 100644 testing/tinyssh/tinyssh.confd
 create mode 100644 testing/tinyssh/tinyssh.initd
 create mode 100644 testing/tinyssh/tinyssh.post-install

diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
new file mode 100644
index 0000000..c7537a3
--- /dev/null
+++ b/testing/tinyssh/APKBUILD
@@ -0,0 +1,64 @@
# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
pkgname=tinyssh
pkgver=20150501
pkgrel=0
pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on OpenSSL)"
url="http://tinyssh.org/"
arch="all"
license="CC0 1.0"
subpackages="$pkgname-doc"
source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
	$pkgname.initd
	$pkgname.confd
	"

_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
	local i
	cd "$_builddir"
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
		esac
	done
}

build() {
	cd "$_builddir"
	make || return 1
}

package() {
	cd "$_builddir"
	make install DESTDIR="${pkgdir}" || return 1
	mkdir -p "$pkgdir"/etc/$pkgname
	install -m755 -D "$srcdir"/$pkgname.initd \
		"$pkgdir"/etc/init.d/tinysshd || return 1
	install -m644 -D "$srcdir"/$pkgname.confd \
		"$pkgdir"/etc/conf.d/tinysshd || return 1
	# post-install message
        mkdir -p "$pkgdir/usr/share/doc/$pkgname"
        cat > $pkgdir/usr/share/doc/$pkgname/README.alpine <<EOF
TinySSH can be run in 3 different ways:
--------------------------------------
(1) /etc/init.d/tinysshd (requires tcpserver & takes care of key generation)

(2) via inetd (you will need to 'tinysshd-makekeys <dir>' manually):

echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/sshkeys' >> /etc/inetd.conf
rc-service inetd start

(3) Using runit with either (1) or (2)
EOF
}

md5sums="0e8b4add3fa6c4481e7b8159aca75b2f  tinyssh-20150501.tar.bz2
78ec724804035bae29e1c47abec737d8  tinyssh.initd
83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470  tinyssh-20150501.tar.bz2
b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c  tinyssh.initd
c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774  tinyssh.confd"
sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe  tinyssh-20150501.tar.bz2
d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478  tinyssh.initd
4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9  tinyssh.confd"
diff --git a/testing/tinyssh/tinyssh.confd b/testing/tinyssh/tinyssh.confd
new file mode 100644
index 0000000..d7ba22a
--- /dev/null
+++ b/testing/tinyssh/tinyssh.confd
@@ -0,0 +1,8 @@
# TinySSH conf.d file for Alpine Linux

# Specify daemon options here:
# OPTIONS="-l -v"

# override config directory / port here:
# CONFDIR=/etc/tinyssh
# PORT=22
diff --git a/testing/tinyssh/tinyssh.initd b/testing/tinyssh/tinyssh.initd
new file mode 100644
index 0000000..364ffb2
--- /dev/null
+++ b/testing/tinyssh/tinyssh.initd
@@ -0,0 +1,43 @@
#!/sbin/openrc-run
# Alpine Linux init.d for TinySSH
# Copyright 2015 Stuart Cardall (developer@it-offshore.co.uk)
# Distributed under the terms of the GNU General Public License, v2 or later #

name=tinysshd
daemon=/usr/sbin/$name
keygen=$daemon-makekey
CONFDIR=${CONFDIR:-/etc/tinyssh}
keydir=${CONFDIR}/sshkeys
OPTIONS=${OPTIONS:-\-v -l}
PORT=${PORT:-22}
pidfile=/var/run/$name.pid
server_opts="-HRDl0 0.0.0.0 ${PORT} $daemon ${OPTIONS} $keydir"

depend() {
        use net
        after logger firewall
}

checkconfig() {
	checkpath --directory ${CONFDIR}
	eval $keygen $keydir 2>/dev/null
	# tinyssh also runs from inetd without tcpserver
        if [ ! -f /usr/bin/tcpserver ]; then
                apk add --quiet ucspi-tcp
        fi
}

start() {
	checkconfig
	ebegin "Starting ${name}"
		start-stop-daemon --start --make-pidfile --background --pidfile $pidfile \
			--exec tcpserver -- $server_opts
	eend $?
}

stop() {
	ebegin "Stopping ${name}"
		start-stop-daemon --stop --quiet \
			--pidfile $pidfile
	eend $?
}
diff --git a/testing/tinyssh/tinyssh.post-install b/testing/tinyssh/tinyssh.post-install
new file mode 100644
index 0000000..33ba55b
--- /dev/null
+++ b/testing/tinyssh/tinyssh.post-install
@@ -0,0 +1,4 @@
#!/bin/sh

echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/keys' >> /etc/inetd.conf

-- 
2.4.5



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---

[alpine-aports] [PATCH 2/3] testing/runit: add init script & README.alpine

Stuart Cardall <developer@it-offshore.co.uk>
Details
Message ID
<1436979202-54739-3-git-send-email-developer@it-offshore.co.uk>
In-Reply-To
<1436979202-54739-1-git-send-email-developer@it-offshore.co.uk> (view parent)
Sender timestamp
1436979201
DKIM signature
missing
Download raw message
8 years ago
Patch: +69 -4 
this makes runit a bit simpler to use. It is great in LXC.
---
 testing/runit/APKBUILD      | 22 ++++++++++++++++++----
 testing/runit/README.alpine | 39 +++++++++++++++++++++++++++++++++++++++
 testing/runit/runit.initd   | 12 ++++++++++++
 3 files changed, 69 insertions(+), 4 deletions(-)
 create mode 100644 testing/runit/README.alpine
 create mode 100644 testing/runit/runit.initd

diff --git a/testing/runit/APKBUILD b/testing/runit/APKBUILD
index 5872b0d..c484d6e 100644
--- a/testing/runit/APKBUILD
+++ b/testing/runit/APKBUILD
@@ -1,5 +1,5 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer:
# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
pkgname=runit
pkgver=2.1.2
pkgrel=0
@@ -14,6 +14,8 @@ install=""
subpackages="$pkgname-doc"
source="http://smarden.org/runit/runit-$pkgver.tar.gz
	run-service-dir.patch
	README.alpine
	$pkgname.initd
	"

_builddir="$srcdir"/admin/runit-$pkgver/src
@@ -42,11 +44,23 @@ package() {
	done
	install -d "$pkgdir"/usr/share/man/man8
	cd .. && cp -rf man/* "$pkgdir"/usr/share/man/man8/
	install -m755 -D "$srcdir"/$pkgname.initd \
                "$pkgdir"/etc/init.d/runitd || return 1
	install -Dm644 "$srcdir"/README.alpine \
                "$pkgdir"/usr/share/doc/$pkgname/README.alpine || return 1
	mkdir -p "$pkgdir"/etc/service
	mkdir -p "$pkgdir"/etc/sv
}

md5sums="6c985fbfe3a34608eb3c53dc719172c4  runit-2.1.2.tar.gz
dc4e4b469451497e37cb295136a9b23b  run-service-dir.patch"
dc4e4b469451497e37cb295136a9b23b  run-service-dir.patch
6ad1a147996f44854152dc8e650035ce  README.alpine
5399d00c9d611116ae697437dfc48527  runit.initd"
sha256sums="6fd0160cb0cf1207de4e66754b6d39750cff14bb0aa66ab49490992c0c47ba18  runit-2.1.2.tar.gz
4f4df10f35cd103d7cab27d34f4586f2099b4c5a4e007bdc8299196434744c77  run-service-dir.patch"
4f4df10f35cd103d7cab27d34f4586f2099b4c5a4e007bdc8299196434744c77  run-service-dir.patch
1869a548fda50efeebad59d7178fe6b4fafca8b16067213c258e7e1e21d56e3e  README.alpine
5b1c05d674fbe863800c1d4ef03aaaa6b466d02297801ef759b126911c50f3a4  runit.initd"
sha512sums="a18773ebf1aa22305dd89ed67363165b9fcf86c192b2be4e268d08005dd82d51265160c637abe072f2f2e378c4b315a75bd3d3e602c3e75bdd451a3b0190f8cf  runit-2.1.2.tar.gz
195102ea27119700d13279a4265e730ea4d682293b52b5a036481057100de9e7865f77f96d027f4d8e774901beaa7f1f3818e17451d359d1be31cc3759db9646  run-service-dir.patch"
195102ea27119700d13279a4265e730ea4d682293b52b5a036481057100de9e7865f77f96d027f4d8e774901beaa7f1f3818e17451d359d1be31cc3759db9646  run-service-dir.patch
f6a5ffa9ea9c0e6c76afd92412b5a14ad76695855808274b21c1c0009248019b77b780b4d3d0040c8c3cc4529fc58cdfebec6ea46a9c98ce40df6b4be9ea53bb  README.alpine
6f2f2c861f931ce95de791c138e854f7e5ea22c67c81b9ddb146aec07caecdc4ea366075a5ad18372947c58b290fa5186f35345ec6c1451a4d702dd695da1251  runit.initd"
diff --git a/testing/runit/README.alpine b/testing/runit/README.alpine
new file mode 100644
index 0000000..fe9141c
--- /dev/null
+++ b/testing/runit/README.alpine
@@ -0,0 +1,39 @@
For service supervision with runit:

(1) add scripts into /etc/sv/<service>/run

------------------------------
Example: /etc/sv/nginx/run   |
------------------------------
#!/bin/sh
mkdir -p /tmp/nginx
exec /usr/sbin/nginx
------------------------------
Example: /etc/sv/ssh/run     |
------------------------------
#!/bin/sh
set -e
ssh-keygen -A
exec /usr/sbin/sshd -D
------------------------------
Example: /etc/sv/tinyssh/run |
---------------------------------------------------------------------------------
#!/bin/sh
PORT=22
mkdir -p /etc/tinyssh
/usr/sbin/tinysshd-makekey /etc/tinyssh/keys 2>/dev/null
exec tcpserver -HRDl0 0.0.0.0 $PORT /usr/sbin/tinysshd -v -l /etc/tinyssh/sshkeys
---------------------------------------------------------------------------------

(2) set permissions:

chmod 700 /etc/sv/<service>/run

(3) symlink the script directory to the service directory:

ln -s /etc/sv/nginx /etc/service/nginx

==========================================================

The socklog package by the same author can provide logging
with built in log rotation & also be managed by runit.
diff --git a/testing/runit/runit.initd b/testing/runit/runit.initd
new file mode 100644
index 0000000..59fd4a4
--- /dev/null
+++ b/testing/runit/runit.initd
@@ -0,0 +1,12 @@
#!/sbin/openrc-run

command="/sbin/runsvdir"
command_args="/etc/service"
pidfile="/run/${SVCNAME}.pid"
command_background="true"
description="starts and monitors a collection of runsv(8) processes"
retry="SIGHUP/5"

depend() {
    need localmount
}
-- 
2.4.5



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---

[alpine-aports] [PATCH 3/3] testing/socklog: add post-install script

Stuart Cardall <developer@it-offshore.co.uk>
Details
Message ID
<1436979202-54739-4-git-send-email-developer@it-offshore.co.uk>
In-Reply-To
<1436979202-54739-1-git-send-email-developer@it-offshore.co.uk> (view parent)
Sender timestamp
1436979202
DKIM signature
missing
Download raw message
8 years ago
Patch: +22 -1 
This sets up logging with runit (tested with logs from tinyssh).
---
 testing/socklog/APKBUILD             |  2 +-
 testing/socklog/socklog.post-install | 21 +++++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 testing/socklog/socklog.post-install

diff --git a/testing/socklog/APKBUILD b/testing/socklog/APKBUILD
index 66706ea..708035a 100644
--- a/testing/socklog/APKBUILD
+++ b/testing/socklog/APKBUILD
@@ -7,7 +7,7 @@ pkgdesc="System and kernel logging services for runit"
url="http://smarden.org/socklog/"
arch="all"
license="BSD"
makedepends="$depends_dev"
install="$pkgname.post-install"
subpackages="$pkgname-doc"
source="http://smarden.org/$pkgname/$pkgname-$pkgver.tar.gz"

diff --git a/testing/socklog/socklog.post-install b/testing/socklog/socklog.post-install
new file mode 100644
index 0000000..9cfa37f
--- /dev/null
+++ b/testing/socklog/socklog.post-install
@@ -0,0 +1,21 @@
#!/bin/sh
# Alpine Linux post-install script for socklog
# Copyright 2015 Stuart Cardall (developer@it-offshore.co.uk)
# Distributed under the terms of the GNU General Public License, v2 or later #

adduser -S -H -h /var/empty -D -s /sbin/nologin log 2>/dev/null
if [ ! -d /etc/sv/socklog-unix ]; then
	socklog-conf unix nobody log
	mkdir -p /etc/service
	ln -s /etc/sv/socklog-unix /etc/service/
fi

if [ ! -f /etc/sv/socklog-unix/run ]; then
cat > /etc/sv/socklog-unix/run <<EOF
#!/bin/sh
/etc/init.d/syslog stop &>/dev/null
exec 2>&1
exec chpst -Unobody socklog unix /dev/log
EOF
fi

-- 
2.4.5



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---

Re: [alpine-aports] [PATCH 1/3] testing/tinyssh: new aport

Bartłomiej Piotrowski <b@bpiotrowski.pl>
Details
Message ID
<20150715190142.16141929@wallander>
In-Reply-To
<1436979202-54739-2-git-send-email-developer@it-offshore.co.uk> (view parent)
Sender timestamp
1436979702
DKIM signature
missing
Download raw message
8 years ago 
On Wed, 15 Jul 2015 16:53:20 +0000
Stuart Cardall <developer@it-offshore.co.uk> wrote:
> tinyssh is a small ssh server which is secure by default
> http://tinyssh.org/
> 
> It only accepts logins via key, uses secure cryptography & does NOT
> depend on OpenSSL.
> ---
>  testing/tinyssh/APKBUILD             | 64
> ++++++++++++++++++++++++++++++++++++
> testing/tinyssh/tinyssh.confd        |  8 +++++
> testing/tinyssh/tinyssh.initd        | 43 ++++++++++++++++++++++++
> testing/tinyssh/tinyssh.post-install |  4 +++ 4 files changed, 119
> insertions(+) create mode 100644 testing/tinyssh/APKBUILD
>  create mode 100644 testing/tinyssh/tinyssh.confd
>  create mode 100644 testing/tinyssh/tinyssh.initd
>  create mode 100644 testing/tinyssh/tinyssh.post-install
> 
> diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
> new file mode 100644
> index 0000000..c7537a3
> --- /dev/null
> +++ b/testing/tinyssh/APKBUILD
> @@ -0,0 +1,64 @@
> +# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
> +# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
> +pkgname=tinyssh
> +pkgver=20150501
> +pkgrel=0
> +pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on
> OpenSSL)" +url="http://tinyssh.org/"
> +arch="all"
> +license="CC0 1.0"
> +subpackages="$pkgname-doc"
> +source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
> +	$pkgname.initd
> +	$pkgname.confd
> +	"
> +
> +_builddir="$srcdir"/$pkgname-$pkgver
> +prepare() {
> +	local i
> +	cd "$_builddir"
> +	for i in $source; do
> +		case $i in
> +		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return
> 1;;
> +		esac
> +	done
> +}
> +
> +build() {
> +	cd "$_builddir"
> +	make || return 1
> +}
> +
> +package() {
> +	cd "$_builddir"
> +	make install DESTDIR="${pkgdir}" || return 1
> +	mkdir -p "$pkgdir"/etc/$pkgname
> +	install -m755 -D "$srcdir"/$pkgname.initd \
> +		"$pkgdir"/etc/init.d/tinysshd || return 1
> +	install -m644 -D "$srcdir"/$pkgname.confd \
> +		"$pkgdir"/etc/conf.d/tinysshd || return 1
> +	# post-install message
> +        mkdir -p "$pkgdir/usr/share/doc/$pkgname"
> +        cat > $pkgdir/usr/share/doc/$pkgname/README.alpine <<EOF
> +TinySSH can be run in 3 different ways:
> +--------------------------------------
> +(1) /etc/init.d/tinysshd (requires tcpserver & takes care of key
> generation) +
> +(2) via inetd (you will need to 'tinysshd-makekeys <dir>' manually):
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l
> -v /etc/tinyssh/sshkeys' >> /etc/inetd.conf +rc-service inetd start
> +
> +(3) Using runit with either (1) or (2)
> +EOF
> +}
> +
> +md5sums="0e8b4add3fa6c4481e7b8159aca75b2f  tinyssh-20150501.tar.bz2
> +78ec724804035bae29e1c47abec737d8  tinyssh.initd
> +83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
> +sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470
> tinyssh-20150501.tar.bz2
> +b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c
> tinyssh.initd
> +c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774
> tinyssh.confd"
> +sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe
> tinyssh-20150501.tar.bz2
> +d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478
> tinyssh.initd
> +4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9
> tinyssh.confd" diff --git a/testing/tinyssh/tinyssh.confd
> b/testing/tinyssh/tinyssh.confd new file mode 100644 index
> 0000000..d7ba22a --- /dev/null +++ b/testing/tinyssh/tinyssh.confd @@
> -0,0 +1,8 @@ +# TinySSH conf.d file for Alpine Linux + +# Specify
> daemon options here: +# OPTIONS="-l -v"
> +
> +# override config directory / port here:
> +# CONFDIR=/etc/tinyssh
> +# PORT=22
> diff --git a/testing/tinyssh/tinyssh.initd
> b/testing/tinyssh/tinyssh.initd new file mode 100644
> index 0000000..364ffb2
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.initd
> @@ -0,0 +1,43 @@
> +#!/sbin/openrc-run
> +# Alpine Linux init.d for TinySSH
> +# Copyright 2015 Stuart Cardall (developer@it-offshore.co.uk)
> +# Distributed under the terms of the GNU General Public License, v2
> or later # +
> +name=tinysshd
> +daemon=/usr/sbin/$name
> +keygen=$daemon-makekey
> +CONFDIR=${CONFDIR:-/etc/tinyssh}
> +keydir=${CONFDIR}/sshkeys
> +OPTIONS=${OPTIONS:-\-v -l}
> +PORT=${PORT:-22}
> +pidfile=/var/run/$name.pid
> +server_opts="-HRDl0 0.0.0.0 ${PORT} $daemon ${OPTIONS} $keydir"
> +
> +depend() {
> +        use net
> +        after logger firewall
> +}
> +
> +checkconfig() {
> +	checkpath --directory ${CONFDIR}
> +	eval $keygen $keydir 2>/dev/null
> +	# tinyssh also runs from inetd without tcpserver
> +        if [ ! -f /usr/bin/tcpserver ]; then
> +                apk add --quiet ucspi-tcp
> +        fi
> +}
> +
> +start() {
> +	checkconfig
> +	ebegin "Starting ${name}"
> +		start-stop-daemon --start --make-pidfile
> --background --pidfile $pidfile \
> +			--exec tcpserver -- $server_opts
> +	eend $?
> +}
> +
> +stop() {
> +	ebegin "Stopping ${name}"
> +		start-stop-daemon --stop --quiet \
> +			--pidfile $pidfile
> +	eend $?
> +}
> diff --git a/testing/tinyssh/tinyssh.post-install
> b/testing/tinyssh/tinyssh.post-install new file mode 100644
> index 0000000..33ba55b
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.post-install
> @@ -0,0 +1,4 @@
> +#!/bin/sh
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l
> -v /etc/tinyssh/keys' >> /etc/inetd.conf +

Is it still developed? No commits since March.

BP

Re: [alpine-aports] [PATCH 1/3] testing/tinyssh: new aport

IT Developer <developer@it-offshore.co.uk>
Details
Message ID
<55A6A281.6080104@it-offshore.co.uk>
In-Reply-To
<20150715190142.16141929@wallander> (view parent)
Sender timestamp
1436983937
DKIM signature
missing
Download raw message
8 years ago 
This builds using the release from the authors website (1st May)
http://mojzis.com/software/tinyssh/tinyssh-20150501.tar.bz2 (not the
github repo).

From the author's website <http://tinyssh.org/>:

Project timelime

    experimental: 2014.01.01 - 2014.12.31 (experimentation)
    alpha: expected 2015.01.01 - 2015.12.31 (not ready for production
use, ready for testing)
    beta: expected 2016.01.01 - ????.??.?? (ready for production use)
    stable: expected ????.??.?? - (ready for production use - including
post-quantum crypto)

It does not have SCP but it works just fine with Midnight Commander for
transferring files.

Stuart.


On 15/07/15 18:01, Bartłomiej Piotrowski wrote:
> On Wed, 15 Jul 2015 16:53:20 +0000
> Stuart Cardall <developer@it-offshore.co.uk> wrote:
>> tinyssh is a small ssh server which is secure by default
>> http://tinyssh.org/
>>
>> It only accepts logins via key, uses secure cryptography & does NOT
>> depend on OpenSSL.
>> ---
>>  testing/tinyssh/APKBUILD             | 64
>> ++++++++++++++++++++++++++++++++++++
>> testing/tinyssh/tinyssh.confd        |  8 +++++
>> testing/tinyssh/tinyssh.initd        | 43 ++++++++++++++++++++++++
>> testing/tinyssh/tinyssh.post-install |  4 +++ 4 files changed, 119
>> insertions(+) create mode 100644 testing/tinyssh/APKBUILD
>>  create mode 100644 testing/tinyssh/tinyssh.confd
>>  create mode 100644 testing/tinyssh/tinyssh.initd
>>  create mode 100644 testing/tinyssh/tinyssh.post-install
>>
>> diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
>> new file mode 100644
>> index 0000000..c7537a3
>> --- /dev/null
>> +++ b/testing/tinyssh/APKBUILD
>> @@ -0,0 +1,64 @@
>> +# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
>> +# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
>> +pkgname=tinyssh
>> +pkgver=20150501
>> +pkgrel=0
>> +pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on
>> OpenSSL)" +url="http://tinyssh.org/"
>> +arch="all"
>> +license="CC0 1.0"
>> +subpackages="$pkgname-doc"
>> +source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
>> +	$pkgname.initd
>> +	$pkgname.confd
>> +	"
>> +
>> +_builddir="$srcdir"/$pkgname-$pkgver
>> +prepare() {
>> +	local i
>> +	cd "$_builddir"
>> +	for i in $source; do
>> +		case $i in
>> +		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return
>> 1;;
>> +		esac
>> +	done
>> +}
>> +
>> +build() {
>> +	cd "$_builddir"
>> +	make || return 1
>> +}
>> +
>> +package() {
>> +	cd "$_builddir"
>> +	make install DESTDIR="${pkgdir}" || return 1
>> +	mkdir -p "$pkgdir"/etc/$pkgname
>> +	install -m755 -D "$srcdir"/$pkgname.initd \
>> +		"$pkgdir"/etc/init.d/tinysshd || return 1
>> +	install -m644 -D "$srcdir"/$pkgname.confd \
>> +		"$pkgdir"/etc/conf.d/tinysshd || return 1
>> +	# post-install message
>> +        mkdir -p "$pkgdir/usr/share/doc/$pkgname"
>> +        cat > $pkgdir/usr/share/doc/$pkgname/README.alpine <<EOF
>> +TinySSH can be run in 3 different ways:
>> +--------------------------------------
>> +(1) /etc/init.d/tinysshd (requires tcpserver & takes care of key
>> generation) +
>> +(2) via inetd (you will need to 'tinysshd-makekeys <dir>' manually):
>> +
>> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l
>> -v /etc/tinyssh/sshkeys' >> /etc/inetd.conf +rc-service inetd start
>> +
>> +(3) Using runit with either (1) or (2)
>> +EOF
>> +}
>> +
>> +md5sums="0e8b4add3fa6c4481e7b8159aca75b2f  tinyssh-20150501.tar.bz2
>> +78ec724804035bae29e1c47abec737d8  tinyssh.initd
>> +83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
>> +sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470
>> tinyssh-20150501.tar.bz2
>> +b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c
>> tinyssh.initd
>> +c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774
>> tinyssh.confd"
>> +sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe
>> tinyssh-20150501.tar.bz2
>> +d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478
>> tinyssh.initd
>> +4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9
>> tinyssh.confd" diff --git a/testing/tinyssh/tinyssh.confd
>> b/testing/tinyssh/tinyssh.confd new file mode 100644 index
>> 0000000..d7ba22a --- /dev/null +++ b/testing/tinyssh/tinyssh.confd @@
>> -0,0 +1,8 @@ +# TinySSH conf.d file for Alpine Linux + +# Specify
>> daemon options here: +# OPTIONS="-l -v"
>> +
>> +# override config directory / port here:
>> +# CONFDIR=/etc/tinyssh
>> +# PORT=22
>> diff --git a/testing/tinyssh/tinyssh.initd
>> b/testing/tinyssh/tinyssh.initd new file mode 100644
>> index 0000000..364ffb2
>> --- /dev/null
>> +++ b/testing/tinyssh/tinyssh.initd
>> @@ -0,0 +1,43 @@
>> +#!/sbin/openrc-run
>> +# Alpine Linux init.d for TinySSH
>> +# Copyright 2015 Stuart Cardall (developer@it-offshore.co.uk)
>> +# Distributed under the terms of the GNU General Public License, v2
>> or later # +
>> +name=tinysshd
>> +daemon=/usr/sbin/$name
>> +keygen=$daemon-makekey
>> +CONFDIR=${CONFDIR:-/etc/tinyssh}
>> +keydir=${CONFDIR}/sshkeys
>> +OPTIONS=${OPTIONS:-\-v -l}
>> +PORT=${PORT:-22}
>> +pidfile=/var/run/$name.pid
>> +server_opts="-HRDl0 0.0.0.0 ${PORT} $daemon ${OPTIONS} $keydir"
>> +
>> +depend() {
>> +        use net
>> +        after logger firewall
>> +}
>> +
>> +checkconfig() {
>> +	checkpath --directory ${CONFDIR}
>> +	eval $keygen $keydir 2>/dev/null
>> +	# tinyssh also runs from inetd without tcpserver
>> +        if [ ! -f /usr/bin/tcpserver ]; then
>> +                apk add --quiet ucspi-tcp
>> +        fi
>> +}
>> +
>> +start() {
>> +	checkconfig
>> +	ebegin "Starting ${name}"
>> +		start-stop-daemon --start --make-pidfile
>> --background --pidfile $pidfile \
>> +			--exec tcpserver -- $server_opts
>> +	eend $?
>> +}
>> +
>> +stop() {
>> +	ebegin "Stopping ${name}"
>> +		start-stop-daemon --stop --quiet \
>> +			--pidfile $pidfile
>> +	eend $?
>> +}
>> diff --git a/testing/tinyssh/tinyssh.post-install
>> b/testing/tinyssh/tinyssh.post-install new file mode 100644
>> index 0000000..33ba55b
>> --- /dev/null
>> +++ b/testing/tinyssh/tinyssh.post-install
>> @@ -0,0 +1,4 @@
>> +#!/bin/sh
>> +
>> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l
>> -v /etc/tinyssh/keys' >> /etc/inetd.conf +
> Is it still developed? No commits since March.
>
> BP

Re: [alpine-aports] [PATCH 1/3] testing/tinyssh: new aport

Bartłomiej Piotrowski <b@bpiotrowski.pl>
Details
Message ID
<20150715210744.7cdf6982@wallander>
In-Reply-To
<55A6A281.6080104@it-offshore.co.uk> (view parent)
Sender timestamp
1436987264
DKIM signature
missing
Download raw message
8 years ago 
On Wed, 15 Jul 2015 19:12:17 +0100
IT Developer <developer@it-offshore.co.uk> wrote:
> This builds using the release from the authors website (1st May)
> http://mojzis.com/software/tinyssh/tinyssh-20150501.tar.bz2 (not the
> github repo).
> 
> From the author's website <http://tinyssh.org/>:
> 
> Project timelime
> 
>     experimental: 2014.01.01 - 2014.12.31 (experimentation)
>     alpha: expected 2015.01.01 - 2015.12.31 (not ready for production
> use, ready for testing)
>     beta: expected 2016.01.01 - ????.??.?? (ready for production use)
>     stable: expected ????.??.?? - (ready for production use -
> including post-quantum crypto)
> 
> It does not have SCP but it works just fine with Midnight Commander
> for transferring files.
> 
> Stuart.
> 
> 
> On 15/07/15 18:01, Bartłomiej Piotrowski wrote:
> > On Wed, 15 Jul 2015 16:53:20 +0000
> > Stuart Cardall <developer@it-offshore.co.uk> wrote:
> >> tinyssh is a small ssh server which is secure by default
> >> http://tinyssh.org/
> >>
> >> It only accepts logins via key, uses secure cryptography & does NOT
> >> depend on OpenSSL.
> >> ---
> >>  testing/tinyssh/APKBUILD             | 64
> >> ++++++++++++++++++++++++++++++++++++
> >> testing/tinyssh/tinyssh.confd        |  8 +++++
> >> testing/tinyssh/tinyssh.initd        | 43 ++++++++++++++++++++++++
> >> testing/tinyssh/tinyssh.post-install |  4 +++ 4 files changed, 119
> >> insertions(+) create mode 100644 testing/tinyssh/APKBUILD
> >>  create mode 100644 testing/tinyssh/tinyssh.confd
> >>  create mode 100644 testing/tinyssh/tinyssh.initd
> >>  create mode 100644 testing/tinyssh/tinyssh.post-install
> >>
> >> diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
> >> new file mode 100644
> >> index 0000000..c7537a3
> >> --- /dev/null
> >> +++ b/testing/tinyssh/APKBUILD
> >> @@ -0,0 +1,64 @@
> >> +# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
> >> +# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
> >> +pkgname=tinyssh
> >> +pkgver=20150501
> >> +pkgrel=0
> >> +pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on
> >> OpenSSL)" +url="http://tinyssh.org/"
> >> +arch="all"
> >> +license="CC0 1.0"
> >> +subpackages="$pkgname-doc"
> >> +source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
> >> +	$pkgname.initd
> >> +	$pkgname.confd
> >> +	"
> >> +
> >> +_builddir="$srcdir"/$pkgname-$pkgver
> >> +prepare() {
> >> +	local i
> >> +	cd "$_builddir"
> >> +	for i in $source; do
> >> +		case $i in
> >> +		*.patch) msg $i; patch -p1 -i "$srcdir"/$i ||
> >> return 1;;
> >> +		esac
> >> +	done
> >> +}
> >> +
> >> +build() {
> >> +	cd "$_builddir"
> >> +	make || return 1
> >> +}
> >> +
> >> +package() {
> >> +	cd "$_builddir"
> >> +	make install DESTDIR="${pkgdir}" || return 1
> >> +	mkdir -p "$pkgdir"/etc/$pkgname
> >> +	install -m755 -D "$srcdir"/$pkgname.initd \
> >> +		"$pkgdir"/etc/init.d/tinysshd || return 1
> >> +	install -m644 -D "$srcdir"/$pkgname.confd \
> >> +		"$pkgdir"/etc/conf.d/tinysshd || return 1
> >> +	# post-install message
> >> +        mkdir -p "$pkgdir/usr/share/doc/$pkgname"
> >> +        cat > $pkgdir/usr/share/doc/$pkgname/README.alpine <<EOF
> >> +TinySSH can be run in 3 different ways:
> >> +--------------------------------------
> >> +(1) /etc/init.d/tinysshd (requires tcpserver & takes care of key
> >> generation) +
> >> +(2) via inetd (you will need to 'tinysshd-makekeys <dir>'
> >> manually): +
> >> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l
> >> -v /etc/tinyssh/sshkeys' >> /etc/inetd.conf +rc-service inetd start
> >> +
> >> +(3) Using runit with either (1) or (2)
> >> +EOF
> >> +}
> >> +
> >> +md5sums="0e8b4add3fa6c4481e7b8159aca75b2f
> >> tinyssh-20150501.tar.bz2 +78ec724804035bae29e1c47abec737d8
> >> tinyssh.initd +83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
> >> +sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470
> >> tinyssh-20150501.tar.bz2
> >> +b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c
> >> tinyssh.initd
> >> +c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774
> >> tinyssh.confd"
> >> +sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe
> >> tinyssh-20150501.tar.bz2
> >> +d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478
> >> tinyssh.initd
> >> +4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9
> >> tinyssh.confd" diff --git a/testing/tinyssh/tinyssh.confd
> >> b/testing/tinyssh/tinyssh.confd new file mode 100644 index
> >> 0000000..d7ba22a --- /dev/null +++ b/testing/tinyssh/tinyssh.confd
> >> @@ -0,0 +1,8 @@ +# TinySSH conf.d file for Alpine Linux + +#
> >> Specify daemon options here: +# OPTIONS="-l -v"
> >> +
> >> +# override config directory / port here:
> >> +# CONFDIR=/etc/tinyssh
> >> +# PORT=22
> >> diff --git a/testing/tinyssh/tinyssh.initd
> >> b/testing/tinyssh/tinyssh.initd new file mode 100644
> >> index 0000000..364ffb2
> >> --- /dev/null
> >> +++ b/testing/tinyssh/tinyssh.initd
> >> @@ -0,0 +1,43 @@
> >> +#!/sbin/openrc-run
> >> +# Alpine Linux init.d for TinySSH
> >> +# Copyright 2015 Stuart Cardall (developer@it-offshore.co.uk)
> >> +# Distributed under the terms of the GNU General Public License,
> >> v2 or later # +
> >> +name=tinysshd
> >> +daemon=/usr/sbin/$name
> >> +keygen=$daemon-makekey
> >> +CONFDIR=${CONFDIR:-/etc/tinyssh}
> >> +keydir=${CONFDIR}/sshkeys
> >> +OPTIONS=${OPTIONS:-\-v -l}
> >> +PORT=${PORT:-22}
> >> +pidfile=/var/run/$name.pid
> >> +server_opts="-HRDl0 0.0.0.0 ${PORT} $daemon ${OPTIONS} $keydir"
> >> +
> >> +depend() {
> >> +        use net
> >> +        after logger firewall
> >> +}
> >> +
> >> +checkconfig() {
> >> +	checkpath --directory ${CONFDIR}
> >> +	eval $keygen $keydir 2>/dev/null
> >> +	# tinyssh also runs from inetd without tcpserver
> >> +        if [ ! -f /usr/bin/tcpserver ]; then
> >> +                apk add --quiet ucspi-tcp
> >> +        fi
> >> +}
> >> +
> >> +start() {
> >> +	checkconfig
> >> +	ebegin "Starting ${name}"
> >> +		start-stop-daemon --start --make-pidfile
> >> --background --pidfile $pidfile \
> >> +			--exec tcpserver -- $server_opts
> >> +	eend $?
> >> +}
> >> +
> >> +stop() {
> >> +	ebegin "Stopping ${name}"
> >> +		start-stop-daemon --stop --quiet \
> >> +			--pidfile $pidfile
> >> +	eend $?
> >> +}
> >> diff --git a/testing/tinyssh/tinyssh.post-install
> >> b/testing/tinyssh/tinyssh.post-install new file mode 100644
> >> index 0000000..33ba55b
> >> --- /dev/null
> >> +++ b/testing/tinyssh/tinyssh.post-install
> >> @@ -0,0 +1,4 @@
> >> +#!/bin/sh
> >> +
> >> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l
> >> -v /etc/tinyssh/keys' >> /etc/inetd.conf +
> > Is it still developed? No commits since March.
> >
> > BP
> 

I don't understand the purpose of the git repository linked on upstream
website if it doesn't correspond to "release" tarball. I'm leaving the
decision to Natanael.

BP

Re: [alpine-aports] [PATCH 1/3] testing/tinyssh: new aport

Natanael Copa <n@tanael.org>
Details
Message ID
<20150715221540.28b5dbcc@ncopa-laptop>
In-Reply-To
<1436979202-54739-2-git-send-email-developer@it-offshore.co.uk> (view parent)
Sender timestamp
1436991340
DKIM signature
missing
Download raw message
8 years ago 
On Wed, 15 Jul 2015 16:53:20 +0000
Stuart Cardall <developer@it-offshore.co.uk> wrote:

> tinyssh is a small ssh server which is secure by default http://tinyssh.org/
> 
> It only accepts logins via key, uses secure cryptography & does NOT depend on
> OpenSSL.
> ---
>  testing/tinyssh/APKBUILD             | 64 ++++++++++++++++++++++++++++++++++++
>  testing/tinyssh/tinyssh.confd        |  8 +++++
>  testing/tinyssh/tinyssh.initd        | 43 ++++++++++++++++++++++++
>  testing/tinyssh/tinyssh.post-install |  4 +++
>  4 files changed, 119 insertions(+)
>  create mode 100644 testing/tinyssh/APKBUILD
>  create mode 100644 testing/tinyssh/tinyssh.confd
>  create mode 100644 testing/tinyssh/tinyssh.initd
>  create mode 100644 testing/tinyssh/tinyssh.post-install
> 
> diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
> new file mode 100644
> index 0000000..c7537a3
> --- /dev/null
> +++ b/testing/tinyssh/APKBUILD
> @@ -0,0 +1,64 @@
> +# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
> +# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
> +pkgname=tinyssh
> +pkgver=20150501
> +pkgrel=0
> +pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on OpenSSL)"
> +url="http://tinyssh.org/"
> +arch="all"
> +license="CC0 1.0"
> +subpackages="$pkgname-doc"
> +source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
> +	$pkgname.initd
> +	$pkgname.confd
> +	"
> +
> +_builddir="$srcdir"/$pkgname-$pkgver
> +prepare() {
> +	local i
> +	cd "$_builddir"
> +	for i in $source; do
> +		case $i in
> +		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
> +		esac
> +	done
> +}
> +
> +build() {
> +	cd "$_builddir"
> +	make || return 1
> +}
> +
> +package() {
> +	cd "$_builddir"
> +	make install DESTDIR="${pkgdir}" || return 1
> +	mkdir -p "$pkgdir"/etc/$pkgname
> +	install -m755 -D "$srcdir"/$pkgname.initd \
> +		"$pkgdir"/etc/init.d/tinysshd || return 1
> +	install -m644 -D "$srcdir"/$pkgname.confd \
> +		"$pkgdir"/etc/conf.d/tinysshd || return 1
> +	# post-install message
> +        mkdir -p "$pkgdir/usr/share/doc/$pkgname"
> +        cat > $pkgdir/usr/share/doc/$pkgname/README.alpine <<EOF
> +TinySSH can be run in 3 different ways:
> +--------------------------------------
> +(1) /etc/init.d/tinysshd (requires tcpserver & takes care of key generation)
> +
> +(2) via inetd (you will need to 'tinysshd-makekeys <dir>' manually):
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/sshkeys' >> /etc/inetd.conf
> +rc-service inetd start
> +
> +(3) Using runit with either (1) or (2)
> +EOF
> +}
> +
> +md5sums="0e8b4add3fa6c4481e7b8159aca75b2f  tinyssh-20150501.tar.bz2
> +78ec724804035bae29e1c47abec737d8  tinyssh.initd
> +83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
> +sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470  tinyssh-20150501.tar.bz2
> +b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c  tinyssh.initd
> +c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774  tinyssh.confd"
> +sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe  tinyssh-20150501.tar.bz2
> +d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478  tinyssh.initd
> +4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9  tinyssh.confd"
> diff --git a/testing/tinyssh/tinyssh.confd b/testing/tinyssh/tinyssh.confd
> new file mode 100644
> index 0000000..d7ba22a
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.confd
> @@ -0,0 +1,8 @@
> +# TinySSH conf.d file for Alpine Linux
> +
> +# Specify daemon options here:
> +# OPTIONS="-l -v"
> +
> +# override config directory / port here:
> +# CONFDIR=/etc/tinyssh
> +# PORT=22
> diff --git a/testing/tinyssh/tinyssh.initd b/testing/tinyssh/tinyssh.initd
> new file mode 100644
> index 0000000..364ffb2
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.initd
> @@ -0,0 +1,43 @@
> +#!/sbin/openrc-run
> +# Alpine Linux init.d for TinySSH
> +# Copyright 2015 Stuart Cardall (developer@it-offshore.co.uk)
> +# Distributed under the terms of the GNU General Public License, v2 or later #
> +
> +name=tinysshd
> +daemon=/usr/sbin/$name
> +keygen=$daemon-makekey
> +CONFDIR=${CONFDIR:-/etc/tinyssh}
> +keydir=${CONFDIR}/sshkeys
> +OPTIONS=${OPTIONS:-\-v -l}
> +PORT=${PORT:-22}
> +pidfile=/var/run/$name.pid
> +server_opts="-HRDl0 0.0.0.0 ${PORT} $daemon ${OPTIONS} $keydir"
> +
> +depend() {
> +        use net
> +        after logger firewall
> +}
> +
> +checkconfig() {
> +	checkpath --directory ${CONFDIR}
> +	eval $keygen $keydir 2>/dev/null
> +	# tinyssh also runs from inetd without tcpserver
> +        if [ ! -f /usr/bin/tcpserver ]; then
> +                apk add --quiet ucspi-tcp
> +        fi

I don't like installing packages from an init.d script. Better exit
with error if something is wrong.

Or even better, have a subpackage called tcpserver-tinyssh or
tinyssh-initscript which provides the init.d script and depends on
ucspi-tcp.

> +}
> +
> +start() {
> +	checkconfig
> +	ebegin "Starting ${name}"
> +		start-stop-daemon --start --make-pidfile --background --pidfile $pidfile \
> +			--exec tcpserver -- $server_opts
> +	eend $?
> +}
> +
> +stop() {
> +	ebegin "Stopping ${name}"
> +		start-stop-daemon --stop --quiet \
> +			--pidfile $pidfile
> +	eend $?
> +}
> diff --git a/testing/tinyssh/tinyssh.post-install b/testing/tinyssh/tinyssh.post-install
> new file mode 100644
> index 0000000..33ba55b
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.post-install
> @@ -0,0 +1,4 @@
> +#!/bin/sh
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/keys' >> /etc/inetd.conf
> +

What do you think will happen if I want use the tcpserver method with
init.d script for tinyssh but want run inetd.conf for other purposes?

I think we should just delete the post-install script...


-nc


---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)