OpenSDE
/
package-nopast
3
0
Fork 0
Code Issues 9 Projects 1 Releases Activity
OpenSDE Packages Database (without history before r20070)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9881 Commits
49 Branches
0 Tags
34 MiB
Tree: 6699835e83
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6699835e83'
${ noResults }
package-nopast/network/tcp_wrappers/0003-tcp_wrappers-7.6-man-p...

264 lines
11 KiB
Raw Normal View History

tcp_wrappers: fixed by integrating patches from debian
14 years ago
  1. # --- SDE-COPYRIGHT-NOTE-BEGIN ---
  2. # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
  3. #
  4. # Filename: package/.../tcp_wrappers/0003-tcp_wrappers-7.6-man-portability.patch
  5. # Copyright (C) 2011 The OpenSDE Project
  6. #
  7. # More information can be found in the files COPYING and README.
  8. #
  9. # This patch file is dual-licensed. It is available under the license the
  10. # patched project is licensed under, as long as it is an OpenSource license
  11. # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
  12. # of the GNU General Public License as published by the Free Software
  13. # Foundation; either version 2 of the License, or (at your option) any later
  14. # version.
  15. # --- SDE-COPYRIGHT-NOTE-END ---
  17. diff -ruNp tcp_wrappers_7.6.orig/hosts_access.3 tcp_wrappers_7.6/hosts_access.3
  18. --- tcp_wrappers_7.6.orig/hosts_access.3 2005-03-09 18:30:25.000000000 +0100
  19. +++ tcp_wrappers_7.6/hosts_access.3 2005-03-09 18:27:03.000000000 +0100
  20. @@ -3,7 +3,7 @@
  21. hosts_access, hosts_ctl, request_init, request_set \- access control library
  22. .SH SYNOPSIS
  23. .nf
  24. -#include "tcpd.h"
  25. +#include <tcpd.h>
  27. extern int allow_severity;
  28. extern int deny_severity;
  29. diff -ruNp tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5
  30. --- tcp_wrappers_7.6.orig/hosts_access.5 2005-03-09 18:30:25.000000000 +0100
  31. +++ tcp_wrappers_7.6/hosts_access.5 2005-03-09 18:30:18.000000000 +0100
  32. @@ -8,9 +8,9 @@ name, host name/address) patterns. Exam
  33. impatient reader is encouraged to skip to the EXAMPLES section for a
  34. quick introduction.
  35. .PP
  36. -An extended version of the access control language is described in the
  37. -\fIhosts_options\fR(5) document. The extensions are turned on at
  38. -program build time by building with -DPROCESS_OPTIONS.
  39. +The extended version of the access control language is described in the
  40. +\fIhosts_options\fR(5) document. \fBNote that this language supersedes
  41. +the meaning of \fIshell_command\fB as documented below.\fR
  42. .PP
  43. In the following text, \fIdaemon\fR is the process name of a
  44. network daemon process, and \fIclient\fR is the name and/or address of
  45. @@ -346,8 +346,8 @@ in.tftpd: LOCAL, .my.domain
  46. /etc/hosts.deny:
  47. .in +3
  48. .nf
  49. -in.tftpd: ALL: (/some/where/safe_finger -l @%h | \\
  50. - /usr/ucb/mail -s %d-%h root) &
  51. +in.tftpd: ALL: (/usr/sbin/safe_finger -l @%h | \\
  52. + /usr/bin/mail -s %d-%h root) &
  53. .fi
  54. .PP
  55. The safe_finger command comes with the tcpd wrapper and should be
  56. @@ -383,6 +383,7 @@ that shouldn\'t. All problems are repor
  57. .fi
  58. .SH SEE ALSO
  59. .nf
  60. +hosts_options(5) extended syntax.
  61. tcpd(8) tcp/ip daemon wrapper program.
  62. tcpdchk(8), tcpdmatch(8), test programs.
  63. .SH BUGS
  64. diff -ruNp tcp_wrappers_7.6.orig/hosts_options.5 tcp_wrappers_7.6/hosts_options.5
  65. --- tcp_wrappers_7.6.orig/hosts_options.5 2005-03-09 18:30:24.000000000 +0100
  66. +++ tcp_wrappers_7.6/hosts_options.5 2005-03-09 18:27:03.000000000 +0100
  67. @@ -2,10 +2,8 @@
  68. .SH NAME
  69. hosts_options \- host access control language extensions
  70. .SH DESCRIPTION
  71. -This document describes optional extensions to the language described
  72. -in the hosts_access(5) document. The extensions are enabled at program
  73. -build time. For example, by editing the Makefile and turning on the
  74. -PROCESS_OPTIONS compile-time option.
  75. +This document describes extensions to the language described
  76. +in the hosts_access(5) document.
  77. .PP
  78. The extensible language uses the following format:
  79. .sp
  80. @@ -58,12 +56,12 @@ Notice the leading dot on the domain nam
  81. Execute, in a child process, the specified shell command, after
  82. performing the %<letter> expansions described in the hosts_access(5)
  83. manual page. The command is executed with stdin, stdout and stderr
  84. -connected to the null device, so that it won\'t mess up the
  85. +connected to the null device, so that it won't mess up the
  86. conversation with the client host. Example:
  87. .sp
  88. .nf
  89. .ti +3
  90. -spawn (/some/where/safe_finger -l @%h | /usr/ucb/mail root) &
  91. +spawn (/usr/sbin/safe_finger -l @%h | /usr/bin/mail root) &
  92. .fi
  93. .sp
  94. executes, in a background child process, the shell command "safe_finger
  95. diff -ruNp tcp_wrappers_7.6.orig/inetcf.c tcp_wrappers_7.6/inetcf.c
  96. --- tcp_wrappers_7.6.orig/inetcf.c 1997-02-12 02:13:24.000000000 +0100
  97. +++ tcp_wrappers_7.6/inetcf.c 2005-03-09 18:27:03.000000000 +0100
  98. @@ -26,13 +26,17 @@ extern void exit();
  99. * guesses. Shorter names follow longer ones.
  100. */
  101. char *inet_files[] = {
  102. +#if 0
  103. "/private/etc/inetd.conf", /* NEXT */
  104. "/etc/inet/inetd.conf", /* SYSV4 */
  105. "/usr/etc/inetd.conf", /* IRIX?? */
  106. +#endif
  107. "/etc/inetd.conf", /* BSD */
  108. +#if 0
  109. "/etc/net/tlid.conf", /* SYSV4?? */
  110. "/etc/saf/tlid.conf", /* SYSV4?? */
  111. "/etc/tlid.conf", /* SYSV4?? */
  112. +#endif
  113. 0,
  114. };
  116. diff -ruNp tcp_wrappers_7.6.orig/tcpd.8 tcp_wrappers_7.6/tcpd.8
  117. --- tcp_wrappers_7.6.orig/tcpd.8 1996-02-21 16:39:16.000000000 +0100
  118. +++ tcp_wrappers_7.6/tcpd.8 2005-03-09 18:27:03.000000000 +0100
  119. @@ -12,7 +12,11 @@ The program supports both 4.3BSD-style s
  120. TLI. Functionality may be limited when the protocol underneath TLI is
  121. not an internet protocol.
  122. .PP
  123. -Operation is as follows: whenever a request for service arrives, the
  124. +There are two possible modes of operation: execution of \fItcpd\fP
  125. +before a service started by \fIinetd\fP, or linking a daemon with
  126. +the \fIlibwrap\fP shared library as documented in the \fIhosts_access\fR(3)
  127. +manual page. Operation when started by \fIinetd\fP
  128. +is as follows: whenever a request for service arrives, the
  129. \fIinetd\fP daemon is tricked into running the \fItcpd\fP program
  130. instead of the desired server. \fItcpd\fP logs the request and does
  131. some additional checks. When all is well, \fItcpd\fP runs the
  132. @@ -88,11 +92,11 @@ configuration files.
  133. .sp
  134. .in +5
  135. # mkdir /other/place
  136. -# mv /usr/etc/in.fingerd /other/place
  137. -# cp tcpd /usr/etc/in.fingerd
  138. +# mv /usr/sbin/in.fingerd /other/place
  139. +# cp tcpd /usr/sbin/in.fingerd
  140. .fi
  141. .PP
  142. -The example assumes that the network daemons live in /usr/etc. On some
  143. +The example assumes that the network daemons live in /usr/sbin. On some
  144. systems, network daemons live in /usr/sbin or in /usr/libexec, or have
  145. no `in.\' prefix to their name.
  146. .SH EXAMPLE 2
  147. @@ -101,35 +105,34 @@ are left in their original place.
  148. .PP
  149. In order to monitor access to the \fIfinger\fR service, perform the
  150. following edits on the \fIinetd\fR configuration file (usually
  151. -\fI/etc/inetd.conf\fR or \fI/etc/inet/inetd.conf\fR):
  152. +\fI/etc/inetd.conf\fR):
  153. .nf
  154. .sp
  155. .ti +5
  156. -finger stream tcp nowait nobody /usr/etc/in.fingerd in.fingerd
  157. +finger stream tcp nowait nobody /usr/sbin/in.fingerd in.fingerd
  158. .sp
  159. becomes:
  160. .sp
  161. .ti +5
  162. -finger stream tcp nowait nobody /some/where/tcpd in.fingerd
  163. +finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd
  164. .sp
  165. .fi
  166. .PP
  167. -The example assumes that the network daemons live in /usr/etc. On some
  168. +The example assumes that the network daemons live in /usr/sbin. On some
  169. systems, network daemons live in /usr/sbin or in /usr/libexec, the
  170. daemons have no `in.\' prefix to their name, or there is no userid
  171. field in the inetd configuration file.
  172. .PP
  173. Similar changes will be needed for the other services that are to be
  174. covered by \fItcpd\fR. Send a `kill -HUP\' to the \fIinetd\fR(8)
  175. -process to make the changes effective. AIX users may also have to
  176. -execute the `inetimp\' command.
  177. +process to make the changes effective.
  178. .SH EXAMPLE 3
  179. In the case of daemons that do not live in a common directory ("secret"
  180. or otherwise), edit the \fIinetd\fR configuration file so that it
  181. specifies an absolute path name for the process name field. For example:
  182. .nf
  183. .sp
  184. - ntalk dgram udp wait root /some/where/tcpd /usr/local/lib/ntalkd
  185. + ntalk dgram udp wait root /usr/sbin/tcpd /usr/local/lib/ntalkd
  186. .sp
  187. .fi
  188. .PP
  189. @@ -164,6 +167,7 @@ The default locations of the host access
  190. .SH SEE ALSO
  191. .na
  192. .nf
  193. +hosts_access(3), functions provided by the libwrap library.
  194. hosts_access(5), format of the tcpd access control tables.
  195. syslog.conf(5), format of the syslogd control file.
  196. inetd.conf(5), format of the inetd control file.
  197. diff -ruNp tcp_wrappers_7.6.orig/tcpdchk.8 tcp_wrappers_7.6/tcpdchk.8
  198. --- tcp_wrappers_7.6.orig/tcpdchk.8 1995-01-08 17:00:31.000000000 +0100
  199. +++ tcp_wrappers_7.6/tcpdchk.8 2005-03-09 18:27:03.000000000 +0100
  200. @@ -9,8 +9,8 @@ tcpdchk [-a] [-d] [-i inet_conf] [-v]
  201. potential and real problems it can find. The program examines the
  202. \fItcpd\fR access control files (by default, these are
  203. \fI/etc/hosts.allow\fR and \fI/etc/hosts.deny\fR), and compares the
  204. -entries in these files against entries in the \fIinetd\fR or \fItlid\fR
  205. -network configuration files.
  206. +entries in these files against entries in the \fIinetd\fR
  207. +network configuration file.
  208. .PP
  209. \fItcpdchk\fR reports problems such as non-existent pathnames; services
  210. that appear in \fItcpd\fR access control rules, but are not controlled
  211. @@ -26,14 +26,13 @@ problem.
  212. .SH OPTIONS
  213. .IP -a
  214. Report access control rules that permit access without an explicit
  215. -ALLOW keyword. This applies only when the extended access control
  216. -language is enabled (build with -DPROCESS_OPTIONS).
  217. +ALLOW keyword.
  218. .IP -d
  219. Examine \fIhosts.allow\fR and \fIhosts.deny\fR files in the current
  220. directory instead of the default ones.
  221. .IP "-i inet_conf"
  222. Specify this option when \fItcpdchk\fR is unable to find your
  223. -\fIinetd.conf\fR or \fItlid.conf\fR network configuration file, or when
  224. +\fIinetd.conf\fR network configuration file, or when
  225. you suspect that the program uses the wrong one.
  226. .IP -v
  227. Display the contents of each access control rule. Daemon lists, client
  228. @@ -54,7 +53,6 @@ tcpdmatch(8), explain what tcpd would do
  229. hosts_access(5), format of the tcpd access control tables.
  230. hosts_options(5), format of the language extensions.
  231. inetd.conf(5), format of the inetd control file.
  232. -tlid.conf(5), format of the tlid control file.
  233. .SH AUTHORS
  234. .na
  235. .nf
  236. diff -ruNp tcp_wrappers_7.6.orig/tcpdmatch.8 tcp_wrappers_7.6/tcpdmatch.8
  237. --- tcp_wrappers_7.6.orig/tcpdmatch.8 2005-03-09 18:30:24.000000000 +0100
  238. +++ tcp_wrappers_7.6/tcpdmatch.8 2005-03-09 18:27:03.000000000 +0100
  239. @@ -13,7 +13,7 @@ request for service. Examples are given
  240. The program examines the \fItcpd\fR access control tables (default
  241. \fI/etc/hosts.allow\fR and \fI/etc/hosts.deny\fR) and prints its
  242. conclusion. For maximal accuracy, it extracts additional information
  243. -from your \fIinetd\fR or \fItlid\fR network configuration file.
  244. +from your \fIinetd\fR network configuration file.
  245. .PP
  246. When \fItcpdmatch\fR finds a match in the access control tables, it
  247. identifies the matched rule. In addition, it displays the optional
  248. @@ -50,7 +50,7 @@ Examine \fIhosts.allow\fR and \fIhosts.d
  249. directory instead of the default ones.
  250. .IP "-i inet_conf"
  251. Specify this option when \fItcpdmatch\fR is unable to find your
  252. -\fIinetd.conf\fR or \fItlid.conf\fR network configuration file, or when
  253. +\fIinetd.conf\fR network configuration file, or when
  254. you suspect that the program uses the wrong one.
  255. .SH EXAMPLES
  256. To predict how \fItcpd\fR would handle a telnet request from the local
  257. @@ -86,7 +86,6 @@ tcpdchk(8), tcpd configuration checker
  258. hosts_access(5), format of the tcpd access control tables.
  259. hosts_options(5), format of the language extensions.
  260. inetd.conf(5), format of the inetd control file.
  261. -tlid.conf(5), format of the tlid control file.
  262. .SH AUTHORS
  263. .na
  264. .nf