X-Original-To: alpine-aports@mail.alpinelinux.org
Delivered-To: alpine-aports@mail.alpinelinux.org
Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1])
	by mail.alpinelinux.org (Postfix) with ESMTP id 519C9DC055F;
	Wed, 15 Jul 2015 20:15:57 +0000 (UTC)
Received: from ncopa-laptop (unknown [79.160.13.130])
	(using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: n@tanael.org)
	by mail.alpinelinux.org (Postfix) with ESMTPSA id ACBC7DC0210;
	Wed, 15 Jul 2015 20:15:55 +0000 (UTC)
Date: Wed, 15 Jul 2015 22:15:40 +0200
From: Natanael Copa <n@tanael.org>
To: Stuart Cardall <developer@it-offshore.co.uk>
Cc: alpine-aports@lists.alpinelinux.org
Subject: Re: [alpine-aports] [PATCH 1/3] testing/tinyssh: new aport
Message-ID: <20150715221540.28b5dbcc@ncopa-laptop>
In-Reply-To: <1436979202-54739-2-git-send-email-developer@it-offshore.co.uk>
References: <1436979202-54739-1-git-send-email-developer@it-offshore.co.uk>
	<1436979202-54739-2-git-send-email-developer@it-offshore.co.uk>
X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; x86_64-alpine-linux-musl)
X-Mailinglist: alpine-aports
Precedence: list
List-Id: Alpine Development <alpine-aports.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-aports+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-aports@lists.alpinelinux.org>
List-Help: <mailto:alpine-aports+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-aports+subscribe@lists.alpinelinux.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV using ClamSMTP

On Wed, 15 Jul 2015 16:53:20 +0000
Stuart Cardall <developer@it-offshore.co.uk> wrote:

> tinyssh is a small ssh server which is secure by default http://tinyssh.org/
> 
> It only accepts logins via key, uses secure cryptography & does NOT depend on
> OpenSSL.
> ---
>  testing/tinyssh/APKBUILD             | 64 ++++++++++++++++++++++++++++++++++++
>  testing/tinyssh/tinyssh.confd        |  8 +++++
>  testing/tinyssh/tinyssh.initd        | 43 ++++++++++++++++++++++++
>  testing/tinyssh/tinyssh.post-install |  4 +++
>  4 files changed, 119 insertions(+)
>  create mode 100644 testing/tinyssh/APKBUILD
>  create mode 100644 testing/tinyssh/tinyssh.confd
>  create mode 100644 testing/tinyssh/tinyssh.initd
>  create mode 100644 testing/tinyssh/tinyssh.post-install
> 
> diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
> new file mode 100644
> index 0000000..c7537a3
> --- /dev/null
> +++ b/testing/tinyssh/APKBUILD
> @@ -0,0 +1,64 @@
> +# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
> +# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
> +pkgname=tinyssh
> +pkgver=20150501
> +pkgrel=0
> +pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on OpenSSL)"
> +url="http://tinyssh.org/"
> +arch="all"
> +license="CC0 1.0"
> +subpackages="$pkgname-doc"
> +source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
> +	$pkgname.initd
> +	$pkgname.confd
> +	"
> +
> +_builddir="$srcdir"/$pkgname-$pkgver
> +prepare() {
> +	local i
> +	cd "$_builddir"
> +	for i in $source; do
> +		case $i in
> +		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
> +		esac
> +	done
> +}
> +
> +build() {
> +	cd "$_builddir"
> +	make || return 1
> +}
> +
> +package() {
> +	cd "$_builddir"
> +	make install DESTDIR="${pkgdir}" || return 1
> +	mkdir -p "$pkgdir"/etc/$pkgname
> +	install -m755 -D "$srcdir"/$pkgname.initd \
> +		"$pkgdir"/etc/init.d/tinysshd || return 1
> +	install -m644 -D "$srcdir"/$pkgname.confd \
> +		"$pkgdir"/etc/conf.d/tinysshd || return 1
> +	# post-install message
> +        mkdir -p "$pkgdir/usr/share/doc/$pkgname"
> +        cat > $pkgdir/usr/share/doc/$pkgname/README.alpine <<EOF
> +TinySSH can be run in 3 different ways:
> +--------------------------------------
> +(1) /etc/init.d/tinysshd (requires tcpserver & takes care of key generation)
> +
> +(2) via inetd (you will need to 'tinysshd-makekeys <dir>' manually):
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/sshkeys' >> /etc/inetd.conf
> +rc-service inetd start
> +
> +(3) Using runit with either (1) or (2)
> +EOF
> +}
> +
> +md5sums="0e8b4add3fa6c4481e7b8159aca75b2f  tinyssh-20150501.tar.bz2
> +78ec724804035bae29e1c47abec737d8  tinyssh.initd
> +83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
> +sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470  tinyssh-20150501.tar.bz2
> +b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c  tinyssh.initd
> +c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774  tinyssh.confd"
> +sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe  tinyssh-20150501.tar.bz2
> +d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478  tinyssh.initd
> +4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9  tinyssh.confd"
> diff --git a/testing/tinyssh/tinyssh.confd b/testing/tinyssh/tinyssh.confd
> new file mode 100644
> index 0000000..d7ba22a
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.confd
> @@ -0,0 +1,8 @@
> +# TinySSH conf.d file for Alpine Linux
> +
> +# Specify daemon options here:
> +# OPTIONS="-l -v"
> +
> +# override config directory / port here:
> +# CONFDIR=/etc/tinyssh
> +# PORT=22
> diff --git a/testing/tinyssh/tinyssh.initd b/testing/tinyssh/tinyssh.initd
> new file mode 100644
> index 0000000..364ffb2
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.initd
> @@ -0,0 +1,43 @@
> +#!/sbin/openrc-run
> +# Alpine Linux init.d for TinySSH
> +# Copyright 2015 Stuart Cardall (developer@it-offshore.co.uk)
> +# Distributed under the terms of the GNU General Public License, v2 or later #
> +
> +name=tinysshd
> +daemon=/usr/sbin/$name
> +keygen=$daemon-makekey
> +CONFDIR=${CONFDIR:-/etc/tinyssh}
> +keydir=${CONFDIR}/sshkeys
> +OPTIONS=${OPTIONS:-\-v -l}
> +PORT=${PORT:-22}
> +pidfile=/var/run/$name.pid
> +server_opts="-HRDl0 0.0.0.0 ${PORT} $daemon ${OPTIONS} $keydir"
> +
> +depend() {
> +        use net
> +        after logger firewall
> +}
> +
> +checkconfig() {
> +	checkpath --directory ${CONFDIR}
> +	eval $keygen $keydir 2>/dev/null
> +	# tinyssh also runs from inetd without tcpserver
> +        if [ ! -f /usr/bin/tcpserver ]; then
> +                apk add --quiet ucspi-tcp
> +        fi

I don't like installing packages from an init.d script. Better exit
with error if something is wrong.

Or even better, have a subpackage called tcpserver-tinyssh or
tinyssh-initscript which provides the init.d script and depends on
ucspi-tcp.

> +}
> +
> +start() {
> +	checkconfig
> +	ebegin "Starting ${name}"
> +		start-stop-daemon --start --make-pidfile --background --pidfile $pidfile \
> +			--exec tcpserver -- $server_opts
> +	eend $?
> +}
> +
> +stop() {
> +	ebegin "Stopping ${name}"
> +		start-stop-daemon --stop --quiet \
> +			--pidfile $pidfile
> +	eend $?
> +}
> diff --git a/testing/tinyssh/tinyssh.post-install b/testing/tinyssh/tinyssh.post-install
> new file mode 100644
> index 0000000..33ba55b
> --- /dev/null
> +++ b/testing/tinyssh/tinyssh.post-install
> @@ -0,0 +1,4 @@
> +#!/bin/sh
> +
> +echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/keys' >> /etc/inetd.conf
> +

What do you think will happen if I want use the tcpserver method with
init.d script for tinyssh but want run inetd.conf for other purposes?

I think we should just delete the post-install script...


-nc


---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---