~alpine/aports

3 3

[PATCH 1/3] testing/gnunet: new aport

xrs =:-) <xrs@mail36.net>
Details
Message ID
<20191006183040.6456-1-xrs@mail36.net>
DKIM signature
missing
Download raw message
Patch: +292 -0
https://gnunet.org
A framework for secure and privacy enhancing peer-to-peer networking
testing/
---
 testing/gnunet/APKBUILD                     | 98 +++++++++++++++++++++
 testing/gnunet/gnunet-system-services.initd | 16 ++++
 testing/gnunet/gnunet-system.conf           |  3 +
 testing/gnunet/gnunet-user-services.initd   | 33 +++++++
 testing/gnunet/gnunet-user.conf             |  3 +
 testing/gnunet/gnunet.post-install          | 40 +++++++++
 testing/gnunet/gnunet.pre-deinstall         | 28 ++++++
 testing/gnunet/gnunet.pre-install           | 17 ++++
 testing/gnunet/gnunet.xsession              | 54 ++++++++++++
 9 files changed, 292 insertions(+)
 create mode 100644 testing/gnunet/APKBUILD
 create mode 100644 testing/gnunet/gnunet-system-services.initd
 create mode 100644 testing/gnunet/gnunet-system.conf
 create mode 100644 testing/gnunet/gnunet-user-services.initd
 create mode 100644 testing/gnunet/gnunet-user.conf
 create mode 100644 testing/gnunet/gnunet.post-install
 create mode 100644 testing/gnunet/gnunet.pre-deinstall
 create mode 100644 testing/gnunet/gnunet.pre-install
 create mode 100644 testing/gnunet/gnunet.xsession

diff --git a/testing/gnunet/APKBUILD b/testing/gnunet/APKBUILD
new file mode 100644
index 0000000000..da2b2dec4f
--- /dev/null
+++ b/testing/gnunet/APKBUILD
@@ -0,0 +1,98 @@
# Contributor: xrs <xrs@mail36.net>
# Maintainer: xrs <xrs@mail36.net>
pkgname=gnunet
pkgver=0.11.6
pkgrel=0
pkgdesc="A framework for secure and privacy enhancing peer-to-peer networking"
url="https://gnunet.org"
arch="all"
license="AGPL-3.0"
depends="libgpg-error libgcrypt nettle unbound-libs gnutls gnutls-utils gnurl
	libgnurl libmicrohttpd openssl libunistring libidn2 nss sqlite zlib
	miniupnpc gmp gettext bash which iptables coreutils sudo"
depends_dev="libgpg-error-dev libgcrypt-dev nettle-dev unbound-dev gnutls-dev
	gnurl-dev libmicrohttpd-dev openssl-dev libunistring-dev libidn2-dev
	nss-dev sqlite-dev zlib-dev miniupnpc-dev gmp-dev gettext"
makedepends="$depends_dev autoconf automake libtool gettext-dev python3
	texlive texinfo"
install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-deinstall"
pkgusers="gnunet"
pkggroups="gnunet gnunetdns"
subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
options="!check suid" # No check because The GNUnet project lacks a good CI at the moment.
source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/gnunet-$pkgver.tar.gz
	gnunet-system.conf
	gnunet-user.conf
	gnunet-system-services.initd
	gnunet-user-services.initd
	gnunet.xsession
	"

prepare() {
	default_prepare
	autoreconf -if # FIXME: See https://bugs.gnunet.org/view.php?id=5902
}

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--localstatedir=/var \
		--enable-logging=verbose
	make
}

check() {
	make DESTDIR="$pkgdir" check
	exit 0
}

package() {
	make DESTDIR="$pkgdir" install

	libexecdir=$pkgdir/usr/lib/gnunet/libexec/
	# Limit access to critical gnunet-helper-dns to group "gnunetdns"
	chgrp gnunetdns $libexecdir/gnunet-helper-dns
	chgrp gnunetdns $libexecdir/gnunet-service-dns
	# Limit access to certain SUID binaries by group "gnunet"
	chgrp gnunet    $libexecdir/gnunet-helper-exit
	chgrp gnunet    $libexecdir/gnunet-helper-vpn
	chgrp gnunet    $libexecdir/gnunet-helper-nat-client
	chgrp gnunet    $libexecdir/gnunet-helper-nat-server
	chmod u+s       $libexecdir/gnunet-helper-exit
	chmod u+s       $libexecdir/gnunet-helper-vpn
	chmod 2750      $libexecdir/gnunet-helper-dns
	chmod 2700      $libexecdir/gnunet-service-dns
	chmod u+s       $libexecdir/gnunet-helper-nat-client
	chmod u+s       $libexecdir/gnunet-helper-nat-server

	install -m644 -D $srcdir/$pkgname-user.conf \
		$pkgdir/etc/skel/.config/$pkgname.conf
	install -m644 -D $srcdir/$pkgname-system.conf \
		$pkgdir/etc/$pkgname.conf
	install -m755 -D $srcdir/$pkgname-system-services.initd \
		$pkgdir/etc/init.d/$pkgname-system-services
	install -m755 -D $srcdir/$pkgname-user-services.initd \
		$pkgdir/etc/init.d/$pkgname-user-services
	install -m755 -D $srcdir/$pkgname.xsession \
		$pkgdir/etc/X11/xinit/xinitrc.d/80-$pkgname-user-services
}

dev() {
	default_dev

	# dev() will move gnunet-config from $pkg to $pkg-dev, but it's an
	# intended part of $pkg.
	install -m755 -D $builddir/src/util/.libs/gnunet-config \
		$pkgdir/usr/bin/gnunet-config
}

sha512sums="1c6ea2ac7280d2edb30df627b79e017d199e93cd3970ce49f3f049abfb1dddfed541118e55766c422edf4a80e140c4eb2cfc681e0d4a1384e39811d024df9278  gnunet-0.11.6.tar.gz
a0f55413ed2c6edd6746a751d92ddac95ba70f20eefb07330817870d749456448f44bba95d245911a00f6078e0c2ac626004e3b764be5e5e049c00626c4c5ac0  gnunet-system.conf
b21112ff16aee771332aa9c33f55b0c7f46fe0266053543241e3efbe25dba56482c0e11112a192eefe59f1c74d2af5d7071b6a4e1e875cfc7e9d55b5fe8a0a33  gnunet-user.conf
96ab78bb48d5fb10f0b34336ad05e73b543c4362c73436ef20b3bb83dff214e997acf38a2ea493b1901bdc37c8877d83cdaebd73a0e50831e2f23413c8edda76  gnunet-system-services.initd
f67252e18c5fd701338653efe4cc14caae9213c1955f690cddec9fd7ad31a22680e931fbe908a1c5a78dc05094e547b2279f9a488f2ed80cc169590ad5ffa064  gnunet-user-services.initd
839a081aca19b863f378db980e6447ad30c6c0ee72fac6e11c65e57e86886d675ebc61069e17f696b6ca868e8ce259cabf80feb90b04b23f3da3c628f7beb915  gnunet.xsession"
diff --git a/testing/gnunet/gnunet-system-services.initd b/testing/gnunet/gnunet-system-services.initd
new file mode 100644
index 0000000000..19248d23e1
--- /dev/null
+++ b/testing/gnunet/gnunet-system-services.initd
@@ -0,0 +1,16 @@
#!/sbin/openrc-run
# Contributor: xrs <xrs@mail36.net>
# Maintainer: xrs <xrs@mail36.net>

name="gnunet-system-service"
description="A secure and privacy enhancing peer-to-peer overlay network"
command="/usr/lib/gnunet/libexec/gnunet-service-arm"
command_args="-c /etc/gnunet.conf"
command_user="gnunet:gnunet"
command_background="yes"
pidfile="/run/${SVCNAME}.pid"

depend() {
	need net
	before gnunet-user-services
}
diff --git a/testing/gnunet/gnunet-system.conf b/testing/gnunet/gnunet-system.conf
new file mode 100644
index 0000000000..303cf5f16d
--- /dev/null
+++ b/testing/gnunet/gnunet-system.conf
@@ -0,0 +1,3 @@
[arm]
START_SYSTEM_SERVICES = YES
START_USER_SERVICES = NO
diff --git a/testing/gnunet/gnunet-user-services.initd b/testing/gnunet/gnunet-user-services.initd
new file mode 100644
index 0000000000..6c960944ea
--- /dev/null
+++ b/testing/gnunet/gnunet-user-services.initd
@@ -0,0 +1,33 @@
#!/sbin/openrc-run
# Contributor: xrs <xrs@mail36.net>
# Maintainer: xrs <xrs@mail36.net>

name="gnunet-user-services"
description="GNUnet user services"
command_background="yes"
pidfile="/run/${SVCNAME}.pid"
users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`

depend() {
	need gnunet-system-services
}

start() {
	for user in $users; do
		if test -z "`ps|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1
		then
			sudo -u $user gnunet-arm \
				-c /home/$user/.config/gnunet.conf -s
		fi
	done
}

stop() {
	for user in $users; do
		if test -n "`ps|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1
		then
			sudo -u $user gnunet-arm \
				-c /home/$user/.config/gnunet.conf -e
		fi
	done
}
diff --git a/testing/gnunet/gnunet-user.conf b/testing/gnunet/gnunet-user.conf
new file mode 100644
index 0000000000..22f1fe37a8
--- /dev/null
+++ b/testing/gnunet/gnunet-user.conf
@@ -0,0 +1,3 @@
[arm]
START_SYSTEM_SERVICES = NO
START_USER_SERVICES = YES
diff --git a/testing/gnunet/gnunet.post-install b/testing/gnunet/gnunet.post-install
new file mode 100644
index 0000000000..f7c19b26fc
--- /dev/null
+++ b/testing/gnunet/gnunet.post-install
@@ -0,0 +1,40 @@
#!/bin/sh

# Enumerate users.
users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`

# Install gnunet.conf for existing users.
for user in $users; do
        install -m644 -o $user -g $user -D /etc/skel/.config/gnunet.conf \
                /home/$user/.config/gnunet.conf
done

# Enable GNS proxy for users, if desired.
echo "Use GNU Name System in Firefox/Chromium by default? [y,N]"
read -r yn
case $yn in
y|Y )
        # Enable GNS proxy for existant users.
        for user in $users; do
                port=$((8000+$(id -u $user)))
                gnunet-config -c /home/$user/.config/gnunet.conf \
                        --rewrite \
                        --section=gns-proxy \
                        --option=IMMEDIATE_START \
                        --value=YES
                gnunet-config -c /home/$user/.config/gnunet.conf \
                        --rewrite \
                        --section=gns-proxy \
                        --option=OPTIONS \
                        --value="-p $port"
        done

        # Enable GNS proxy for future users.
        echo "[gns-proxy]" >> /etc/skel/.config/gnunet.conf
        echo "IMMEDIATE_START = YES" >> /etc/skel/.config/gnunet.conf
        ;;
* )
        ;;
esac

exit 0
diff --git a/testing/gnunet/gnunet.pre-deinstall b/testing/gnunet/gnunet.pre-deinstall
new file mode 100644
index 0000000000..3334c6d677
--- /dev/null
+++ b/testing/gnunet/gnunet.pre-deinstall
@@ -0,0 +1,28 @@
#!/bin/sh

# Remove proxy settings from browser.
users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
for user in $users; do
	gnunet_proxy=`grep -i "gns-proxy" /home/$user/.config/gnunet.conf`
	if [ "$gnunet_proxy" ]; then
		for ffprofile in /home/"$user"/.mozilla/firefox/*.*/; do
			# Reset proxy preferences
			js=$ffprofile/user.js
			if [ -f $js ]; then
				sed -i '/Preferences for using the GNU Name System/d' $js
				sed -i '/network.proxy.socks/d' $js
				sed -i '/network.proxy.socks_port/d' $js
				sed -i '/network.proxy.socks_remote_dns/d' $js
				sed -i '/network.proxy.type/d' $js
			fi
		done

		# Chromium
		profile=/home/$user/.profile
		if [ -f $profile ]; then
			sed -i '/CHROMIUM_USER_FLAGS/d' $profile
		fi
	fi
done

exit 0
diff --git a/testing/gnunet/gnunet.pre-install b/testing/gnunet/gnunet.pre-install
new file mode 100644
index 0000000000..bbb629cb18
--- /dev/null
+++ b/testing/gnunet/gnunet.pre-install
@@ -0,0 +1,17 @@
#!/bin/sh

# Add special group gnunetdns for controlling access to "gnunet-helper-dns".
addgroup -S gnunetdns 2>/dev/null
addgroup -S gnunet 2>/dev/null

# Add system user/group gnunet for system services
adduser -S -h "/var/lib/gnunet" -s /bin/sh \
	-G gnunet -g gnunet gnunet 2>/dev/null

# add users on host system to group "gnunet"
users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
for user in $users; do
	adduser $user gnunet 2>/dev/null
done

exit 0
diff --git a/testing/gnunet/gnunet.xsession b/testing/gnunet/gnunet.xsession
new file mode 100644
index 0000000000..f19d6baf7f
--- /dev/null
+++ b/testing/gnunet/gnunet.xsession
@@ -0,0 +1,54 @@
#!/bin/sh
user=$(whoami)
gnunet_proxy=$(gnunet-config -c /etc/skel/.config/gnunet.conf -s gns-proxy|grep 'IMMEDIATE_START = YES')

# Enable GNS proxy for new users informed by /etc/skel.
if [ "$gnunet_proxy" ]; then

	# Calculate user specific port
	port=$((8000+$(id -u $user)))

	gnunet-config -c /home/$user/.config/gnunet.conf \
		--rewrite \
		--section=gns-proxy \
		--option=OPTIONS \
		--value="-p $port"

	# Firefox
	if [ ! -d  ~/.mozilla/firefox/*.default ];then
		timeout 3s firefox --headless # dirty: create profile if not existent
	fi
	for ffprofile in ~/.mozilla/firefox/*.*/; do
		js=$ffprofile/user.js
		if [ -f $js ]; then
			sed -i '/Preferences for using the GNU Name System/d' $js
			sed -i '/network.proxy.socks/d' $js
			sed -i '/network.proxy.socks_port/d' $js
			sed -i '/network.proxy.socks_remote_dns/d' $js
			sed -i '/network.proxy.type/d' $js
		fi
		echo "// Preferences for using the GNU Name System" >> $js
		echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> $js
		echo "user_pref(\"network.proxy.socks_port\", $port);" >> $js
		echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> $js
		echo "user_pref(\"network.proxy.type\", 1);" >> $js
	done

	# Chromium
	profile=/home/$user/.profile
	if [ -f $profile ]; then
		sed -i '/CHROMIUM_USER_FLAGS/d' $profile
	fi
	echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \
		>> $profile
fi

# Create/Renew GNS certificate authority (CA) per user.
gnunet-gns-proxy-setup-ca

# In case a new user was added and gnunet-user-services has not been 
# restarted afterwards, start user services after login.
if test -z "`ps|grep -v grep|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1
then
	gnunet-arm -c /home/$user/.config/gnunet.conf -s
fi
-- 
2.22.0

[PATCH 3/3] testing/gnurl: new aport

xrs =:-) <xrs@mail36.net>
Details
Message ID
<20191006183040.6456-3-xrs@mail36.net>
In-Reply-To
<20191006183040.6456-1-xrs@mail36.net> (view parent)
DKIM signature
missing
Download raw message
Patch: +77 -0
https://gnunet.org/en/gnurl.html
curl with only HTTP/HTTPS support and GnuTLS
testing/
---
 testing/gnurl/APKBUILD | 77 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 testing/gnurl/APKBUILD

diff --git a/testing/gnurl/APKBUILD b/testing/gnurl/APKBUILD
new file mode 100644
index 0000000000..f14a9bd971
--- /dev/null
+++ b/testing/gnurl/APKBUILD
@@ -0,0 +1,77 @@
# Contributor: xrs <xrs@mail36.net>
# Maintainer: xrs <xrs@mail36.net>
pkgname=gnurl
pkgver=7.65.3
pkgrel=0
pkgdesc="curl with only HTTP/HTTPS support and GnuTLS"
url="https://gnunet.org/en/gnurl.html"
arch="all"
license="MIT"
depends="ca-certificates gnutls libidn2 zlib"
depends_dev="gnutls-dev libidn2-dev zlib-dev"
makedepends="$depends_dev autoconf automake libtool perl pkgconf python3"
subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libgnurl"
source="https://ftp.gnu.org/gnu/gnunet/gnurl-$pkgver.tar.gz"

prepare() {
	default_prepare
	autoreconf -vfi
}

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \
		--prefix=/usr \
		--disable-static \
		--enable-ipv6 \
		--with-gnutls \
		--with-libidn2 \
		--without-libpsl \
		--without-libssh2 \
		--without-libmetalink \
		--without-winidn \
		--without-librtmp \
		--without-nghttp2 \
		--without-nss \
		--without-cyassl \
		--without-polarssl \
		--without-ssl \
		--without-winssl \
		--without-darwinssl \
		--disable-sspi \
		--disable-ntlm-wb \
		--disable-ldap \
		--disable-rtsp \
		--disable-dict \
		--disable-telnet \
		--disable-tftp \
		--disable-pop3 \
		--disable-imap \
		--disable-smtp \
		--disable-gopher \
		--disable-file \
		--disable-ftp \
		--disable-smb \
		--disable-ares
	make
}

check() {
	make -C tests nonflaky-test
}

package() {
	make DESTDIR="$pkgdir" install
}

libgnurl() {
	pkgdesc="curl library with only HTTP/HTTPS support and GnuTLS"

	mkdir -p "$subpkgdir"/usr
	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}


sha512sums="51aa71352dfe2e65dbcf542cb616af1eaa7e80fbc4ddb455a338e74eea245724ac1fa7ff226c418101e8ba298a8f85c2be9e7d9190a57c66e2e8c65d0c5186f8  gnurl-7.65.3.tar.gz"
-- 
2.22.0
Details
Message ID
<20191013165502.C636541686@rage.so36.net>
In-Reply-To
<20191006183040.6456-1-xrs@mail36.net> (view parent)
DKIM signature
missing
Download raw message
Hello guys,

could one of the devs please check this (modified) patch? This is
a new patch after _ikke_ had given me feedback and guided me to
use atools. 

Kind regards,
xrs

On Sun,  6 Oct 2019 20:30:38 +0200
"xrs =:-)" <xrs@mail36.net> wrote:

> https://gnunet.org
> A framework for secure and privacy enhancing peer-to-peer networking
> testing/
> ---
>  testing/gnunet/APKBUILD                     | 98
> +++++++++++++++++++++ testing/gnunet/gnunet-system-services.initd |
> 16 ++++ testing/gnunet/gnunet-system.conf           |  3 +
>  testing/gnunet/gnunet-user-services.initd   | 33 +++++++
>  testing/gnunet/gnunet-user.conf             |  3 +
>  testing/gnunet/gnunet.post-install          | 40 +++++++++
>  testing/gnunet/gnunet.pre-deinstall         | 28 ++++++
>  testing/gnunet/gnunet.pre-install           | 17 ++++
>  testing/gnunet/gnunet.xsession              | 54 ++++++++++++
>  9 files changed, 292 insertions(+)
>  create mode 100644 testing/gnunet/APKBUILD
>  create mode 100644 testing/gnunet/gnunet-system-services.initd
>  create mode 100644 testing/gnunet/gnunet-system.conf
>  create mode 100644 testing/gnunet/gnunet-user-services.initd
>  create mode 100644 testing/gnunet/gnunet-user.conf
>  create mode 100644 testing/gnunet/gnunet.post-install
>  create mode 100644 testing/gnunet/gnunet.pre-deinstall
>  create mode 100644 testing/gnunet/gnunet.pre-install
>  create mode 100644 testing/gnunet/gnunet.xsession
> 
> diff --git a/testing/gnunet/APKBUILD b/testing/gnunet/APKBUILD
> new file mode 100644
> index 0000000000..da2b2dec4f
> --- /dev/null
> +++ b/testing/gnunet/APKBUILD
> @@ -0,0 +1,98 @@
> +# Contributor: xrs <xrs@mail36.net>
> +# Maintainer: xrs <xrs@mail36.net>
> +pkgname=gnunet
> +pkgver=0.11.6
> +pkgrel=0
> +pkgdesc="A framework for secure and privacy enhancing peer-to-peer
> networking" +url="https://gnunet.org"
> +arch="all"
> +license="AGPL-3.0"
> +depends="libgpg-error libgcrypt nettle unbound-libs gnutls
> gnutls-utils gnurl
> +	libgnurl libmicrohttpd openssl libunistring libidn2 nss
> sqlite zlib
> +	miniupnpc gmp gettext bash which iptables coreutils sudo"
> +depends_dev="libgpg-error-dev libgcrypt-dev nettle-dev unbound-dev
> gnutls-dev
> +	gnurl-dev libmicrohttpd-dev openssl-dev libunistring-dev
> libidn2-dev
> +	nss-dev sqlite-dev zlib-dev miniupnpc-dev gmp-dev gettext"
> +makedepends="$depends_dev autoconf automake libtool gettext-dev
> python3
> +	texlive texinfo"
> +install="$pkgname.pre-install $pkgname.post-install
> $pkgname.pre-deinstall" +pkgusers="gnunet"
> +pkggroups="gnunet gnunetdns"
> +subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
> +options="!check suid" # No check because The GNUnet project lacks a
> good CI at the moment.
> +source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/gnunet-$pkgver.tar.gz
> +	gnunet-system.conf
> +	gnunet-user.conf
> +	gnunet-system-services.initd
> +	gnunet-user-services.initd
> +	gnunet.xsession
> +	"
> +
> +prepare() {
> +	default_prepare
> +	autoreconf -if # FIXME: See
> https://bugs.gnunet.org/view.php?id=5902 +}
> +
> +build() {
> +	./configure \
> +		--build=$CBUILD \
> +		--host=$CHOST \
> +		--prefix=/usr \
> +		--sysconfdir=/etc \
> +		--mandir=/usr/share/man \
> +		--localstatedir=/var \
> +		--enable-logging=verbose
> +	make
> +}
> +
> +check() {
> +	make DESTDIR="$pkgdir" check
> +	exit 0
> +}
> +
> +package() {
> +	make DESTDIR="$pkgdir" install
> +
> +	libexecdir=$pkgdir/usr/lib/gnunet/libexec/
> +	# Limit access to critical gnunet-helper-dns to group
> "gnunetdns"
> +	chgrp gnunetdns $libexecdir/gnunet-helper-dns
> +	chgrp gnunetdns $libexecdir/gnunet-service-dns
> +	# Limit access to certain SUID binaries by group "gnunet"
> +	chgrp gnunet    $libexecdir/gnunet-helper-exit
> +	chgrp gnunet    $libexecdir/gnunet-helper-vpn
> +	chgrp gnunet    $libexecdir/gnunet-helper-nat-client
> +	chgrp gnunet    $libexecdir/gnunet-helper-nat-server
> +	chmod u+s       $libexecdir/gnunet-helper-exit
> +	chmod u+s       $libexecdir/gnunet-helper-vpn
> +	chmod 2750      $libexecdir/gnunet-helper-dns
> +	chmod 2700      $libexecdir/gnunet-service-dns
> +	chmod u+s       $libexecdir/gnunet-helper-nat-client
> +	chmod u+s       $libexecdir/gnunet-helper-nat-server
> +
> +	install -m644 -D $srcdir/$pkgname-user.conf \
> +		$pkgdir/etc/skel/.config/$pkgname.conf
> +	install -m644 -D $srcdir/$pkgname-system.conf \
> +		$pkgdir/etc/$pkgname.conf
> +	install -m755 -D $srcdir/$pkgname-system-services.initd \
> +		$pkgdir/etc/init.d/$pkgname-system-services
> +	install -m755 -D $srcdir/$pkgname-user-services.initd \
> +		$pkgdir/etc/init.d/$pkgname-user-services
> +	install -m755 -D $srcdir/$pkgname.xsession \
> +
> $pkgdir/etc/X11/xinit/xinitrc.d/80-$pkgname-user-services +}
> +
> +dev() {
> +	default_dev
> +
> +	# dev() will move gnunet-config from $pkg to $pkg-dev, but
> it's an
> +	# intended part of $pkg.
> +	install -m755 -D $builddir/src/util/.libs/gnunet-config \
> +		$pkgdir/usr/bin/gnunet-config
> +}
> +
> +sha512sums="1c6ea2ac7280d2edb30df627b79e017d199e93cd3970ce49f3f049abfb1dddfed541118e55766c422edf4a80e140c4eb2cfc681e0d4a1384e39811d024df9278
> gnunet-0.11.6.tar.gz
> +a0f55413ed2c6edd6746a751d92ddac95ba70f20eefb07330817870d749456448f44bba95d245911a00f6078e0c2ac626004e3b764be5e5e049c00626c4c5ac0
> gnunet-system.conf
> +b21112ff16aee771332aa9c33f55b0c7f46fe0266053543241e3efbe25dba56482c0e11112a192eefe59f1c74d2af5d7071b6a4e1e875cfc7e9d55b5fe8a0a33
> gnunet-user.conf
> +96ab78bb48d5fb10f0b34336ad05e73b543c4362c73436ef20b3bb83dff214e997acf38a2ea493b1901bdc37c8877d83cdaebd73a0e50831e2f23413c8edda76
> gnunet-system-services.initd
> +f67252e18c5fd701338653efe4cc14caae9213c1955f690cddec9fd7ad31a22680e931fbe908a1c5a78dc05094e547b2279f9a488f2ed80cc169590ad5ffa064
> gnunet-user-services.initd
> +839a081aca19b863f378db980e6447ad30c6c0ee72fac6e11c65e57e86886d675ebc61069e17f696b6ca868e8ce259cabf80feb90b04b23f3da3c628f7beb915
> gnunet.xsession" diff --git
> a/testing/gnunet/gnunet-system-services.initd
> b/testing/gnunet/gnunet-system-services.initd new file mode 100644
> index 0000000000..19248d23e1 --- /dev/null +++
> b/testing/gnunet/gnunet-system-services.initd @@ -0,0 +1,16 @@
> +#!/sbin/openrc-run +# Contributor: xrs <xrs@mail36.net> +#
> Maintainer: xrs <xrs@mail36.net> + +name="gnunet-system-service"
> +description="A secure and privacy enhancing peer-to-peer overlay
> network" +command="/usr/lib/gnunet/libexec/gnunet-service-arm"
> +command_args="-c /etc/gnunet.conf" +command_user="gnunet:gnunet"
> +command_background="yes"
> +pidfile="/run/${SVCNAME}.pid"
> +
> +depend() {
> +	need net
> +	before gnunet-user-services
> +}
> diff --git a/testing/gnunet/gnunet-system.conf
> b/testing/gnunet/gnunet-system.conf new file mode 100644
> index 0000000000..303cf5f16d
> --- /dev/null
> +++ b/testing/gnunet/gnunet-system.conf
> @@ -0,0 +1,3 @@
> +[arm]
> +START_SYSTEM_SERVICES = YES
> +START_USER_SERVICES = NO
> diff --git a/testing/gnunet/gnunet-user-services.initd
> b/testing/gnunet/gnunet-user-services.initd new file mode 100644
> index 0000000000..6c960944ea
> --- /dev/null
> +++ b/testing/gnunet/gnunet-user-services.initd
> @@ -0,0 +1,33 @@
> +#!/sbin/openrc-run
> +# Contributor: xrs <xrs@mail36.net>
> +# Maintainer: xrs <xrs@mail36.net>
> +
> +name="gnunet-user-services"
> +description="GNUnet user services"
> +command_background="yes"
> +pidfile="/run/${SVCNAME}.pid"
> +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> +
> +depend() {
> +	need gnunet-system-services
> +}
> +
> +start() {
> +	for user in $users; do
> +		if test -z "`ps|grep $user|grep gnunet-service-arm`"
> > /dev/null 2>&1
> +		then
> +			sudo -u $user gnunet-arm \
> +				-c /home/$user/.config/gnunet.conf -s
> +		fi
> +	done
> +}
> +
> +stop() {
> +	for user in $users; do
> +		if test -n "`ps|grep $user|grep gnunet-service-arm`"
> > /dev/null 2>&1
> +		then
> +			sudo -u $user gnunet-arm \
> +				-c /home/$user/.config/gnunet.conf -e
> +		fi
> +	done
> +}
> diff --git a/testing/gnunet/gnunet-user.conf
> b/testing/gnunet/gnunet-user.conf new file mode 100644
> index 0000000000..22f1fe37a8
> --- /dev/null
> +++ b/testing/gnunet/gnunet-user.conf
> @@ -0,0 +1,3 @@
> +[arm]
> +START_SYSTEM_SERVICES = NO
> +START_USER_SERVICES = YES
> diff --git a/testing/gnunet/gnunet.post-install
> b/testing/gnunet/gnunet.post-install new file mode 100644
> index 0000000000..f7c19b26fc
> --- /dev/null
> +++ b/testing/gnunet/gnunet.post-install
> @@ -0,0 +1,40 @@
> +#!/bin/sh
> +
> +# Enumerate users.
> +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> +
> +# Install gnunet.conf for existing users.
> +for user in $users; do
> +        install -m644 -o $user -g $user
> -D /etc/skel/.config/gnunet.conf \
> +                /home/$user/.config/gnunet.conf
> +done
> +
> +# Enable GNS proxy for users, if desired.
> +echo "Use GNU Name System in Firefox/Chromium by default? [y,N]"
> +read -r yn
> +case $yn in
> +y|Y )
> +        # Enable GNS proxy for existant users.
> +        for user in $users; do
> +                port=$((8000+$(id -u $user)))
> +                gnunet-config -c /home/$user/.config/gnunet.conf \
> +                        --rewrite \
> +                        --section=gns-proxy \
> +                        --option=IMMEDIATE_START \
> +                        --value=YES
> +                gnunet-config -c /home/$user/.config/gnunet.conf \
> +                        --rewrite \
> +                        --section=gns-proxy \
> +                        --option=OPTIONS \
> +                        --value="-p $port"
> +        done
> +
> +        # Enable GNS proxy for future users.
> +        echo "[gns-proxy]" >> /etc/skel/.config/gnunet.conf
> +        echo "IMMEDIATE_START = YES" >> /etc/skel/.config/gnunet.conf
> +        ;;
> +* )
> +        ;;
> +esac
> +
> +exit 0
> diff --git a/testing/gnunet/gnunet.pre-deinstall
> b/testing/gnunet/gnunet.pre-deinstall new file mode 100644
> index 0000000000..3334c6d677
> --- /dev/null
> +++ b/testing/gnunet/gnunet.pre-deinstall
> @@ -0,0 +1,28 @@
> +#!/bin/sh
> +
> +# Remove proxy settings from browser.
> +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> +for user in $users; do
> +	gnunet_proxy=`grep -i
> "gns-proxy" /home/$user/.config/gnunet.conf`
> +	if [ "$gnunet_proxy" ]; then
> +		for ffprofile
> in /home/"$user"/.mozilla/firefox/*.*/; do
> +			# Reset proxy preferences
> +			js=$ffprofile/user.js
> +			if [ -f $js ]; then
> +				sed -i '/Preferences for using the
> GNU Name System/d' $js
> +				sed -i '/network.proxy.socks/d' $js
> +				sed -i '/network.proxy.socks_port/d'
> $js
> +				sed -i
> '/network.proxy.socks_remote_dns/d' $js
> +				sed -i '/network.proxy.type/d' $js
> +			fi
> +		done
> +
> +		# Chromium
> +		profile=/home/$user/.profile
> +		if [ -f $profile ]; then
> +			sed -i '/CHROMIUM_USER_FLAGS/d' $profile
> +		fi
> +	fi
> +done
> +
> +exit 0
> diff --git a/testing/gnunet/gnunet.pre-install
> b/testing/gnunet/gnunet.pre-install new file mode 100644
> index 0000000000..bbb629cb18
> --- /dev/null
> +++ b/testing/gnunet/gnunet.pre-install
> @@ -0,0 +1,17 @@
> +#!/bin/sh
> +
> +# Add special group gnunetdns for controlling access to
> "gnunet-helper-dns". +addgroup -S gnunetdns 2>/dev/null
> +addgroup -S gnunet 2>/dev/null
> +
> +# Add system user/group gnunet for system services
> +adduser -S -h "/var/lib/gnunet" -s /bin/sh \
> +	-G gnunet -g gnunet gnunet 2>/dev/null
> +
> +# add users on host system to group "gnunet"
> +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> +for user in $users; do
> +	adduser $user gnunet 2>/dev/null
> +done
> +
> +exit 0
> diff --git a/testing/gnunet/gnunet.xsession
> b/testing/gnunet/gnunet.xsession new file mode 100644
> index 0000000000..f19d6baf7f
> --- /dev/null
> +++ b/testing/gnunet/gnunet.xsession
> @@ -0,0 +1,54 @@
> +#!/bin/sh
> +user=$(whoami)
> +gnunet_proxy=$(gnunet-config -c /etc/skel/.config/gnunet.conf -s
> gns-proxy|grep 'IMMEDIATE_START = YES') +
> +# Enable GNS proxy for new users informed by /etc/skel.
> +if [ "$gnunet_proxy" ]; then
> +
> +	# Calculate user specific port
> +	port=$((8000+$(id -u $user)))
> +
> +	gnunet-config -c /home/$user/.config/gnunet.conf \
> +		--rewrite \
> +		--section=gns-proxy \
> +		--option=OPTIONS \
> +		--value="-p $port"
> +
> +	# Firefox
> +	if [ ! -d  ~/.mozilla/firefox/*.default ];then
> +		timeout 3s firefox --headless # dirty: create
> profile if not existent
> +	fi
> +	for ffprofile in ~/.mozilla/firefox/*.*/; do
> +		js=$ffprofile/user.js
> +		if [ -f $js ]; then
> +			sed -i '/Preferences for using the GNU Name
> System/d' $js
> +			sed -i '/network.proxy.socks/d' $js
> +			sed -i '/network.proxy.socks_port/d' $js
> +			sed -i '/network.proxy.socks_remote_dns/d'
> $js
> +			sed -i '/network.proxy.type/d' $js
> +		fi
> +		echo "// Preferences for using the GNU Name System"
> >> $js
> +		echo "user_pref(\"network.proxy.socks\",
> \"localhost\");" >> $js
> +		echo "user_pref(\"network.proxy.socks_port\",
> $port);" >> $js
> +		echo "user_pref(\"network.proxy.socks_remote_dns\",
> true);" >> $js
> +		echo "user_pref(\"network.proxy.type\", 1);" >> $js
> +	done
> +
> +	# Chromium
> +	profile=/home/$user/.profile
> +	if [ -f $profile ]; then
> +		sed -i '/CHROMIUM_USER_FLAGS/d' $profile
> +	fi
> +	echo "export
> CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \
> +		>> $profile
> +fi
> +
> +# Create/Renew GNS certificate authority (CA) per user.
> +gnunet-gns-proxy-setup-ca
> +
> +# In case a new user was added and gnunet-user-services has not been 
> +# restarted afterwards, start user services after login.
> +if test -z "`ps|grep -v grep|grep $user|grep gnunet-service-arm`"
> > /dev/null 2>&1 +then
> +	gnunet-arm -c /home/$user/.config/gnunet.conf -s
> +fi
Details
Message ID
<20191018210539.GA242707@alpha>
In-Reply-To
<20191013165502.C636541686@rage.so36.net> (view parent)
DKIM signature
missing
Download raw message
On Sun, Oct 13, 2019 at 06:53:31PM +0200, xrs wrote:
> Hello guys,
> 
> could one of the devs please check this (modified) patch? This is
> a new patch after _ikke_ had given me feedback and guided me to
> use atools. 
> 
> Kind regards,
> xrs
> 
> On Sun,  6 Oct 2019 20:30:38 +0200
> "xrs =:-)" <xrs@mail36.net> wrote:
> 
> > https://gnunet.org
> > A framework for secure and privacy enhancing peer-to-peer networking
> > testing/
> > ---
> >  testing/gnunet/APKBUILD                     | 98
> > +++++++++++++++++++++ testing/gnunet/gnunet-system-services.initd |
> > 16 ++++ testing/gnunet/gnunet-system.conf           |  3 +
> >  testing/gnunet/gnunet-user-services.initd   | 33 +++++++
> >  testing/gnunet/gnunet-user.conf             |  3 +
> >  testing/gnunet/gnunet.post-install          | 40 +++++++++
> >  testing/gnunet/gnunet.pre-deinstall         | 28 ++++++
> >  testing/gnunet/gnunet.pre-install           | 17 ++++
> >  testing/gnunet/gnunet.xsession              | 54 ++++++++++++
> >  9 files changed, 292 insertions(+)
> >  create mode 100644 testing/gnunet/APKBUILD
> >  create mode 100644 testing/gnunet/gnunet-system-services.initd
> >  create mode 100644 testing/gnunet/gnunet-system.conf
> >  create mode 100644 testing/gnunet/gnunet-user-services.initd
> >  create mode 100644 testing/gnunet/gnunet-user.conf
> >  create mode 100644 testing/gnunet/gnunet.post-install
> >  create mode 100644 testing/gnunet/gnunet.pre-deinstall
> >  create mode 100644 testing/gnunet/gnunet.pre-install
> >  create mode 100644 testing/gnunet/gnunet.xsession
> > 
> > diff --git a/testing/gnunet/APKBUILD b/testing/gnunet/APKBUILD
> > new file mode 100644
> > index 0000000000..da2b2dec4f
> > --- /dev/null
> > +++ b/testing/gnunet/APKBUILD
> > @@ -0,0 +1,98 @@
> > +# Contributor: xrs <xrs@mail36.net>
> > +# Maintainer: xrs <xrs@mail36.net>
> > +pkgname=gnunet
> > +pkgver=0.11.6
> > +pkgrel=0
> > +pkgdesc="A framework for secure and privacy enhancing peer-to-peer
> > networking" +url="https://gnunet.org"
> > +arch="all"
> > +license="AGPL-3.0"
> > +depends="libgpg-error libgcrypt nettle unbound-libs gnutls
> > gnutls-utils gnurl
> > +	libgnurl libmicrohttpd openssl libunistring libidn2 nss
> > sqlite zlib
> > +	miniupnpc gmp gettext bash which iptables coreutils sudo"
> > +depends_dev="libgpg-error-dev libgcrypt-dev nettle-dev unbound-dev
> > gnutls-dev
> > +	gnurl-dev libmicrohttpd-dev openssl-dev libunistring-dev
> > libidn2-dev
> > +	nss-dev sqlite-dev zlib-dev miniupnpc-dev gmp-dev gettext"
> > +makedepends="$depends_dev autoconf automake libtool gettext-dev
> > python3
> > +	texlive texinfo"
> > +install="$pkgname.pre-install $pkgname.post-install
> > $pkgname.pre-deinstall" +pkgusers="gnunet"
> > +pkggroups="gnunet gnunetdns"
> > +subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
> > +options="!check suid" # No check because The GNUnet project lacks a
> > good CI at the moment.
> > +source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/gnunet-$pkgver.tar.gz
> > +	gnunet-system.conf
> > +	gnunet-user.conf
> > +	gnunet-system-services.initd
> > +	gnunet-user-services.initd
> > +	gnunet.xsession
> > +	"
> > +
> > +prepare() {
> > +	default_prepare
> > +	autoreconf -if # FIXME: See
> > https://bugs.gnunet.org/view.php?id=5902 +}
> > +
> > +build() {
> > +	./configure \
> > +		--build=$CBUILD \
> > +		--host=$CHOST \
> > +		--prefix=/usr \
> > +		--sysconfdir=/etc \
> > +		--mandir=/usr/share/man \
> > +		--localstatedir=/var \
> > +		--enable-logging=verbose
> > +	make
> > +}
> > +
> > +check() {
> > +	make DESTDIR="$pkgdir" check
> > +	exit 0
> > +}
> > +
> > +package() {
> > +	make DESTDIR="$pkgdir" install
> > +
> > +	libexecdir=$pkgdir/usr/lib/gnunet/libexec/
> > +	# Limit access to critical gnunet-helper-dns to group
> > "gnunetdns"
> > +	chgrp gnunetdns $libexecdir/gnunet-helper-dns
> > +	chgrp gnunetdns $libexecdir/gnunet-service-dns
> > +	# Limit access to certain SUID binaries by group "gnunet"
> > +	chgrp gnunet    $libexecdir/gnunet-helper-exit
> > +	chgrp gnunet    $libexecdir/gnunet-helper-vpn
> > +	chgrp gnunet    $libexecdir/gnunet-helper-nat-client
> > +	chgrp gnunet    $libexecdir/gnunet-helper-nat-server
> > +	chmod u+s       $libexecdir/gnunet-helper-exit
> > +	chmod u+s       $libexecdir/gnunet-helper-vpn
> > +	chmod 2750      $libexecdir/gnunet-helper-dns
> > +	chmod 2700      $libexecdir/gnunet-service-dns
> > +	chmod u+s       $libexecdir/gnunet-helper-nat-client
> > +	chmod u+s       $libexecdir/gnunet-helper-nat-server
> > +
> > +	install -m644 -D $srcdir/$pkgname-user.conf \
> > +		$pkgdir/etc/skel/.config/$pkgname.conf
> > +	install -m644 -D $srcdir/$pkgname-system.conf \
> > +		$pkgdir/etc/$pkgname.conf
> > +	install -m755 -D $srcdir/$pkgname-system-services.initd \
> > +		$pkgdir/etc/init.d/$pkgname-system-services
> > +	install -m755 -D $srcdir/$pkgname-user-services.initd \
> > +		$pkgdir/etc/init.d/$pkgname-user-services
> > +	install -m755 -D $srcdir/$pkgname.xsession \
> > +
> > $pkgdir/etc/X11/xinit/xinitrc.d/80-$pkgname-user-services +}
> > +
> > +dev() {
> > +	default_dev
> > +
> > +	# dev() will move gnunet-config from $pkg to $pkg-dev, but
> > it's an
> > +	# intended part of $pkg.
> > +	install -m755 -D $builddir/src/util/.libs/gnunet-config \
> > +		$pkgdir/usr/bin/gnunet-config
> > +}
> > +
> > +sha512sums="1c6ea2ac7280d2edb30df627b79e017d199e93cd3970ce49f3f049abfb1dddfed541118e55766c422edf4a80e140c4eb2cfc681e0d4a1384e39811d024df9278
> > gnunet-0.11.6.tar.gz
> > +a0f55413ed2c6edd6746a751d92ddac95ba70f20eefb07330817870d749456448f44bba95d245911a00f6078e0c2ac626004e3b764be5e5e049c00626c4c5ac0
> > gnunet-system.conf
> > +b21112ff16aee771332aa9c33f55b0c7f46fe0266053543241e3efbe25dba56482c0e11112a192eefe59f1c74d2af5d7071b6a4e1e875cfc7e9d55b5fe8a0a33
> > gnunet-user.conf
> > +96ab78bb48d5fb10f0b34336ad05e73b543c4362c73436ef20b3bb83dff214e997acf38a2ea493b1901bdc37c8877d83cdaebd73a0e50831e2f23413c8edda76
> > gnunet-system-services.initd
> > +f67252e18c5fd701338653efe4cc14caae9213c1955f690cddec9fd7ad31a22680e931fbe908a1c5a78dc05094e547b2279f9a488f2ed80cc169590ad5ffa064
> > gnunet-user-services.initd
> > +839a081aca19b863f378db980e6447ad30c6c0ee72fac6e11c65e57e86886d675ebc61069e17f696b6ca868e8ce259cabf80feb90b04b23f3da3c628f7beb915
> > gnunet.xsession" diff --git
> > a/testing/gnunet/gnunet-system-services.initd
> > b/testing/gnunet/gnunet-system-services.initd new file mode 100644
> > index 0000000000..19248d23e1 --- /dev/null +++
> > b/testing/gnunet/gnunet-system-services.initd @@ -0,0 +1,16 @@
> > +#!/sbin/openrc-run +# Contributor: xrs <xrs@mail36.net> +#
> > Maintainer: xrs <xrs@mail36.net> + +name="gnunet-system-service"
> > +description="A secure and privacy enhancing peer-to-peer overlay
> > network" +command="/usr/lib/gnunet/libexec/gnunet-service-arm"
> > +command_args="-c /etc/gnunet.conf" +command_user="gnunet:gnunet"
> > +command_background="yes"
> > +pidfile="/run/${SVCNAME}.pid"
> > +
> > +depend() {
> > +	need net
> > +	before gnunet-user-services
> > +}
> > diff --git a/testing/gnunet/gnunet-system.conf
> > b/testing/gnunet/gnunet-system.conf new file mode 100644
> > index 0000000000..303cf5f16d
> > --- /dev/null
> > +++ b/testing/gnunet/gnunet-system.conf
> > @@ -0,0 +1,3 @@
> > +[arm]
> > +START_SYSTEM_SERVICES = YES
> > +START_USER_SERVICES = NO
> > diff --git a/testing/gnunet/gnunet-user-services.initd
> > b/testing/gnunet/gnunet-user-services.initd new file mode 100644
> > index 0000000000..6c960944ea
> > --- /dev/null
> > +++ b/testing/gnunet/gnunet-user-services.initd
> > @@ -0,0 +1,33 @@
> > +#!/sbin/openrc-run
> > +# Contributor: xrs <xrs@mail36.net>
> > +# Maintainer: xrs <xrs@mail36.net>
> > +
> > +name="gnunet-user-services"
> > +description="GNUnet user services"
> > +command_background="yes"
> > +pidfile="/run/${SVCNAME}.pid"
> > +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> > +
> > +depend() {
> > +	need gnunet-system-services
> > +}
> > +
> > +start() {
> > +	for user in $users; do
> > +		if test -z "`ps|grep $user|grep gnunet-service-arm`"
> > > /dev/null 2>&1
> > +		then
> > +			sudo -u $user gnunet-arm \
> > +				-c /home/$user/.config/gnunet.conf -s
> > +		fi
> > +	done
> > +}
> > +
> > +stop() {
> > +	for user in $users; do
> > +		if test -n "`ps|grep $user|grep gnunet-service-arm`"
> > > /dev/null 2>&1
> > +		then
> > +			sudo -u $user gnunet-arm \
> > +				-c /home/$user/.config/gnunet.conf -e
> > +		fi
> > +	done
> > +}
> > diff --git a/testing/gnunet/gnunet-user.conf
> > b/testing/gnunet/gnunet-user.conf new file mode 100644
> > index 0000000000..22f1fe37a8
> > --- /dev/null
> > +++ b/testing/gnunet/gnunet-user.conf
> > @@ -0,0 +1,3 @@
> > +[arm]
> > +START_SYSTEM_SERVICES = NO
> > +START_USER_SERVICES = YES
> > diff --git a/testing/gnunet/gnunet.post-install
> > b/testing/gnunet/gnunet.post-install new file mode 100644
> > index 0000000000..f7c19b26fc
> > --- /dev/null
> > +++ b/testing/gnunet/gnunet.post-install
> > @@ -0,0 +1,40 @@
> > +#!/bin/sh
> > +
> > +# Enumerate users.
> > +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> > +
> > +# Install gnunet.conf for existing users.
> > +for user in $users; do
> > +        install -m644 -o $user -g $user
> > -D /etc/skel/.config/gnunet.conf \
> > +                /home/$user/.config/gnunet.conf
> > +done
> > +
> > +# Enable GNS proxy for users, if desired.
> > +echo "Use GNU Name System in Firefox/Chromium by default? [y,N]"
> > +read -r yn
> > +case $yn in
> > +y|Y )
> > +        # Enable GNS proxy for existant users.
> > +        for user in $users; do
> > +                port=$((8000+$(id -u $user)))
> > +                gnunet-config -c /home/$user/.config/gnunet.conf \
> > +                        --rewrite \
> > +                        --section=gns-proxy \
> > +                        --option=IMMEDIATE_START \
> > +                        --value=YES
> > +                gnunet-config -c /home/$user/.config/gnunet.conf \
> > +                        --rewrite \
> > +                        --section=gns-proxy \
> > +                        --option=OPTIONS \
> > +                        --value="-p $port"
> > +        done
> > +
> > +        # Enable GNS proxy for future users.
> > +        echo "[gns-proxy]" >> /etc/skel/.config/gnunet.conf
> > +        echo "IMMEDIATE_START = YES" >> /etc/skel/.config/gnunet.conf
> > +        ;;
> > +* )
> > +        ;;
> > +esac
> > +
> > +exit 0
> > diff --git a/testing/gnunet/gnunet.pre-deinstall
> > b/testing/gnunet/gnunet.pre-deinstall new file mode 100644
> > index 0000000000..3334c6d677
> > --- /dev/null
> > +++ b/testing/gnunet/gnunet.pre-deinstall
> > @@ -0,0 +1,28 @@
> > +#!/bin/sh
> > +
> > +# Remove proxy settings from browser.
> > +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> > +for user in $users; do
> > +	gnunet_proxy=`grep -i
> > "gns-proxy" /home/$user/.config/gnunet.conf`
> > +	if [ "$gnunet_proxy" ]; then
> > +		for ffprofile
> > in /home/"$user"/.mozilla/firefox/*.*/; do
> > +			# Reset proxy preferences
> > +			js=$ffprofile/user.js
> > +			if [ -f $js ]; then
> > +				sed -i '/Preferences for using the
> > GNU Name System/d' $js
> > +				sed -i '/network.proxy.socks/d' $js
> > +				sed -i '/network.proxy.socks_port/d'
> > $js
> > +				sed -i
> > '/network.proxy.socks_remote_dns/d' $js
> > +				sed -i '/network.proxy.type/d' $js
> > +			fi
> > +		done
> > +
> > +		# Chromium
> > +		profile=/home/$user/.profile
> > +		if [ -f $profile ]; then
> > +			sed -i '/CHROMIUM_USER_FLAGS/d' $profile
> > +		fi
> > +	fi
> > +done
> > +
> > +exit 0
> > diff --git a/testing/gnunet/gnunet.pre-install
> > b/testing/gnunet/gnunet.pre-install new file mode 100644
> > index 0000000000..bbb629cb18
> > --- /dev/null
> > +++ b/testing/gnunet/gnunet.pre-install
> > @@ -0,0 +1,17 @@
> > +#!/bin/sh
> > +
> > +# Add special group gnunetdns for controlling access to
> > "gnunet-helper-dns". +addgroup -S gnunetdns 2>/dev/null
> > +addgroup -S gnunet 2>/dev/null
> > +
> > +# Add system user/group gnunet for system services
> > +adduser -S -h "/var/lib/gnunet" -s /bin/sh \
> > +	-G gnunet -g gnunet gnunet 2>/dev/null
> > +
> > +# add users on host system to group "gnunet"
> > +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd`
> > +for user in $users; do
> > +	adduser $user gnunet 2>/dev/null
> > +done
> > +
> > +exit 0
> > diff --git a/testing/gnunet/gnunet.xsession
> > b/testing/gnunet/gnunet.xsession new file mode 100644
> > index 0000000000..f19d6baf7f
> > --- /dev/null
> > +++ b/testing/gnunet/gnunet.xsession
> > @@ -0,0 +1,54 @@
> > +#!/bin/sh
> > +user=$(whoami)
> > +gnunet_proxy=$(gnunet-config -c /etc/skel/.config/gnunet.conf -s
> > gns-proxy|grep 'IMMEDIATE_START = YES') +
> > +# Enable GNS proxy for new users informed by /etc/skel.
> > +if [ "$gnunet_proxy" ]; then
> > +
> > +	# Calculate user specific port
> > +	port=$((8000+$(id -u $user)))
> > +
> > +	gnunet-config -c /home/$user/.config/gnunet.conf \
> > +		--rewrite \
> > +		--section=gns-proxy \
> > +		--option=OPTIONS \
> > +		--value="-p $port"
> > +
> > +	# Firefox
> > +	if [ ! -d  ~/.mozilla/firefox/*.default ];then
> > +		timeout 3s firefox --headless # dirty: create
> > profile if not existent
> > +	fi
> > +	for ffprofile in ~/.mozilla/firefox/*.*/; do
> > +		js=$ffprofile/user.js
> > +		if [ -f $js ]; then
> > +			sed -i '/Preferences for using the GNU Name
> > System/d' $js
> > +			sed -i '/network.proxy.socks/d' $js
> > +			sed -i '/network.proxy.socks_port/d' $js
> > +			sed -i '/network.proxy.socks_remote_dns/d'
> > $js
> > +			sed -i '/network.proxy.type/d' $js
> > +		fi
> > +		echo "// Preferences for using the GNU Name System"
> > >> $js
> > +		echo "user_pref(\"network.proxy.socks\",
> > \"localhost\");" >> $js
> > +		echo "user_pref(\"network.proxy.socks_port\",
> > $port);" >> $js
> > +		echo "user_pref(\"network.proxy.socks_remote_dns\",
> > true);" >> $js
> > +		echo "user_pref(\"network.proxy.type\", 1);" >> $js
> > +	done
> > +
> > +	# Chromium
> > +	profile=/home/$user/.profile
> > +	if [ -f $profile ]; then
> > +		sed -i '/CHROMIUM_USER_FLAGS/d' $profile
> > +	fi
> > +	echo "export
> > CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \
> > +		>> $profile
> > +fi
> > +
> > +# Create/Renew GNS certificate authority (CA) per user.
> > +gnunet-gns-proxy-setup-ca
> > +
> > +# In case a new user was added and gnunet-user-services has not been 
> > +# restarted afterwards, start user services after login.
> > +if test -z "`ps|grep -v grep|grep $user|grep gnunet-service-arm`"
> > > /dev/null 2>&1 +then
> > +	gnunet-arm -c /home/$user/.config/gnunet.conf -s
> > +fi
> 

Hello xrs,

Sorry that I did not reply yet, didn't have time to look at this.

You sent the patch now as a reply, which makes it very difficult for me
to apply.

May I suggest you to take a look at our gitlab instance reachable via
https://gitlab.alpinelinux.org? You can either register an account,
login via github, or gitlab hosted. When you create a merge request
there, you automatically get a CI pipeline with feedback whether it
builds for all the arches that Alpine Linux supports.

If you prefer to use e-mail, I recommend reading
https://git-send-email.io on how to properly send patches so that they
can be easily applied.

Hope this helps, Kevin
Reply to thread Export thread (mbox)