mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-04 22:33:27 +00:00
Code Issues Releases Activity
a355f99ef3
freebsd-ports/net/cvsup-mirror/pkg-install

255 lines
6.2 KiB
Plaintext
Raw Normal View History

The cvsup-mirror port, a kit that makes it easy to set up a FreeBSD mirror site.
1997-02-02 04:11:35 +00:00
#! /bin/sh
base=${PREFIX}/etc/cvsup
prefixes=${base}/prefixes
chmods_done=" "
ask() {
local question default answer
question=$1
default=$2
if [ -z "${PACKAGE_BUILDING}" ]; then
read -p "${question} [${default}]? " answer
fi
if [ x${answer} = x ]; then
answer=${default}
fi
echo ${answer}
}
yesno() {
local dflt question answer
question=$1
dflt=$2
while :; do
answer=$(ask "${question}" "${dflt}")
case "${answer}" in
[Yy]*) return 0;;
[Nn]*) return 1;;
esac
echo "Please answer yes or no."
done
}
install_links() {
local link dir subdir path
while [ $# -ge 3 ]; do
link=$1
dir=$2
subdir=$3
echo " Linking ${link} -> ${dir}"
ln -sf ${dir} ${prefixes}/${link} || exit
if [ "x${dir}" != "xSKIP" -a "x${dir}" != "x.." ]; then
if [ "x${subdir}" = "x." ]; then
path=${dir}
else
path=${dir}/${subdir}
fi
( cd ${prefixes} || exit
Check to make sure that the "gnats" subdirectory is a true subdirectory, and not a symbolic link. Update the reported size of the CVS repository to reflect current reality.
1997-05-18 02:27:19 +00:00
if [ "x${subdir}" != "x." -a -h ${path} ]; then
cat <<EOF
"${subdir}" must be a true subdirectory of "${dir}", not a symbolic link.
Please remove the symbolic link and/or configure again using the true
directory path to "${subdir}".
EOF
exit 1
fi
test -d ${path} || mkdir -p ${path} || exit ) || exit
The cvsup-mirror port, a kit that makes it easy to set up a FreeBSD mirror site.
1997-02-02 04:11:35 +00:00
if ! expr "${chmods_done}" : ".* ${path} " >/dev/null 2>&1; then
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
echo -n " Fixing ownerships and modes in ${path} ..."
( chdir ${prefixes} && \
chown -R ${cuser}:${cgroup} ${path} && \
chmod -R a+rX ${path} ) || exit
The cvsup-mirror port, a kit that makes it easy to set up a FreeBSD mirror site.
1997-02-02 04:11:35 +00:00
echo " done."
chmods_done="${chmods_done}${path} "
fi
fi
shift 3
done
}
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
make_account() {
DEINSTALL: Offer to kill all running cvsupd processes. Remind the user to remove the client's home directory and the mirrored files. INSTALL: Create a home directory for the client user, since one is needed to hold the authentication key file. Also create an empty "auth" file so that its permissions will be right. Set the gcos fields more appropriately.
2000-02-11 04:26:59 +00:00
local u g gcos homeopt home
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
u=$1
g=$2
DEINSTALL: Offer to kill all running cvsupd processes. Remind the user to remove the client's home directory and the mirrored files. INSTALL: Create a home directory for the client user, since one is needed to hold the authentication key file. Also create an empty "auth" file so that its permissions will be right. Set the gcos fields more appropriately.
2000-02-11 04:26:59 +00:00
gcos=$3
homeopt=${4:+"-d $4"}
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
if pw group show "${g}" >/dev/null 2>&1; then
echo "You already have a group \"${g}\", so I will use it."
else
echo "You need a group \"${g}\"."
if which -s pw && yesno "Would you like me to create it" y; then
pw groupadd ${g} || exit
echo "Done."
else
echo "Please create it, and try again."
if ! grep -q "^${u}:" /etc/passwd; then
echo "While you're at it, please create a user \"${u}\" too,"
echo "with a default group of \"${g}\"."
fi
exit 1
fi
fi
if pw user show "${u}" >/dev/null 2>&1; then
echo "You already have a user \"${u}\", so I will use it."
else
echo "You need a user \"${u}\"."
if which -s pw && yesno "Would you like me to create it" y; then
DEINSTALL: Offer to kill all running cvsupd processes. Remind the user to remove the client's home directory and the mirrored files. INSTALL: Create a home directory for the client user, since one is needed to hold the authentication key file. Also create an empty "auth" file so that its permissions will be right. Set the gcos fields more appropriately.
2000-02-11 04:26:59 +00:00
pw useradd ${u} -g ${g} -h - ${homeopt} \
-s /nonexistent -c "${gcos}" || exit
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
echo "Done."
else
echo "Please create it, and try again."
exit 1
fi
fi
DEINSTALL: Offer to kill all running cvsupd processes. Remind the user to remove the client's home directory and the mirrored files. INSTALL: Create a home directory for the client user, since one is needed to hold the authentication key file. Also create an empty "auth" file so that its permissions will be right. Set the gcos fields more appropriately.
2000-02-11 04:26:59 +00:00
if [ x"$homeopt" = x ]; then
eval home=~${u}
if [ ! -d "${home}" ]; then
if yesno \
"Would you like me to create ${u}'s home directory (${home})" y
then
(umask 77 && \
mkdir -p ${home}/.cvsup && \
touch ${home}/.cvsup/auth) || exit
chown -R ${u}:${g} ${home} || exit
else
echo "Please create it, and try again."
exit 1
fi
fi
fi
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
}
The cvsup-mirror port, a kit that makes it easy to set up a FreeBSD mirror site.
1997-02-02 04:11:35 +00:00
case $2 in
POST-INSTALL)
. ${base}/config.sh || exit
if which -s pw && which -s lockf; then
:
else
cat <<EOF
This system looks like a pre-2.2 version of FreeBSD. I see that it
is missing the "lockf" and/or "pw" utilities. I need these utilities.
Please get them and install them, and try again. You can get the
sources from:
ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/src/usr.bin/lockf.tar.gz
ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/src/usr.sbin/pw.tar.gz
EOF
exit 1
fi
echo ""
DEINSTALL: Offer to kill all running cvsupd processes. Remind the user to remove the client's home directory and the mirrored files. INSTALL: Create a home directory for the client user, since one is needed to hold the authentication key file. Also create an empty "auth" file so that its permissions will be right. Set the gcos fields more appropriately.
2000-02-11 04:26:59 +00:00
make_account ${user} ${group} "CVSup Daemon" "/nonexistent"
make_account ${cuser} ${cgroup} "CVSup Client"
The cvsup-mirror port, a kit that makes it easy to set up a FreeBSD mirror site.
1997-02-02 04:11:35 +00:00
echo "Fixing ownerships and modes in \"${base}\"."
This is a fairly substantial upgrade of the cvsup-mirror port. In honor of the occasion I have bumped the version number to 1.1. The port now depends upon the cvsup-bin and cvsupd-bin ports rather than on the more trouble-prone cvsup port. The CVSup server is run with "-C 100" (max. 100 clients at a time) and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access" file. This is nice because you can change the limit by editing the file; you don't have to restart the server. The cvsupd.access file also contains a rule to limit each individual host to one connection at a time. The CVSup client is now run under its own unprivileged user ID instead of root. This is a security enhancement. It makes it impossible for a compromised master site to install files into places outside the mirror area of the filesystem. The permissions of various other files such as /usr/local/etc/cvsup have also been strengthened to enhance security. Both client and server now cd to /var/tmp to run, so that if they decide to croak they'll be able to write the core file. :-) The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start" and "stop" arguments. The configure script no longer attempts to tell you the sizes of the various collections. That's impossible to maintain. When I have time I plan to make a web page where one can obtain that information from an automatically-updated source. Then I will reference the URL in the configure script. It is possible to upgrade an existing cvsup-mirror-1.0 installation to this new version, but it is tricky because of the change in ownership of the mirrored files. I will post instructions to the freebsd-hubs mailing list after I make sure I have the procedure just right.
2000-01-28 06:42:37 +00:00
chown -R root:wheel ${base}
test -d ${base}/sup || mkdir -p ${base}/sup
test -d ${base}/sup.client || mkdir -p ${base}/sup.client
chown -R ${cuser}:${cgroup} ${base}/sup ${base}/sup.client
chmod -R go=u-w ${base}
The cvsup-mirror port, a kit that makes it easy to set up a FreeBSD mirror site.
1997-02-02 04:11:35 +00:00
echo "Setting up links and directories for distributions."
test -d ${prefixes} || mkdir ${prefixes} || exit
install_links ${distribs}
echo ""
if grep -q "^[^#]*${facility}.*/var/log/cvsupd.log" /etc/syslog.conf; then
echo -n "It looks like you already have some logging set up, so I "
echo "will use it."
else
if yesno "Would you like me to set up the syslog logging" y; then
echo "Setting up server logging in \"/etc/syslog.conf\"."
cat <<EOF >>/etc/syslog.conf
!cvsupd
${facility}.info /var/log/cvsupd.log
EOF
if [ ! -f /var/log/cvsupd.log ]; then
echo "Creating \"/var/log/cvsupd.log\"."
cp /dev/null /var/log/cvsupd.log
fi
if [ -f /var/run/syslog.pid ]; then
echo "Giving syslogd a kick in the pants."
kill -HUP $(cat /var/run/syslog.pid)
fi
echo "Adding cvsupd log entry to \"/etc/newsyslog.conf\"."
cat <<EOF >>/etc/newsyslog.conf
/var/log/cvsupd.log 664 7 * 24 Z
EOF
echo "Done."
else
cat <<EOF
OK, please remember to do it yourself. You should log "${facility}.info"
to "/var/log/cvsupd.log". Don't forget to add an entry to
"/etc/newsyslog.conf".
EOF
fi
fi
echo ""
if grep -q "^[^#]*${base}/update\.sh" /etc/crontab; then
echo "It looks like your crontab is already set up, so I'll use that."
else
if [ ${interval} -eq 1 ]; then
updstr="hourly updates"
else
updstr="updates every ${interval} hours"
fi
if yesno "Would you like me to set up your crontab for ${updstr}" y
then
echo "Scheduling ${updstr} in \"/etc/crontab\"."
delay=5
now=$(date "+%s")
start=$((${now} + ${delay}*60))
hh=$(date -r ${start} "+%H")
mm=$(date -r ${start} "+%M")
h=$((${hh}))
m=$((${mm}))
if [ ${interval} -eq 1 ]; then
hstr="*"
else
h0=$((${h} % ${interval}))
if [ ${interval} -eq 24 ]; then
hstr=${h0}
else
h1=$((${h0} + 24 - ${interval}))
hstr=${h0}-${h1}/${interval}
fi
fi
cat <<EOF >>/etc/crontab
${m} ${hstr} * * * root ${base}/update.sh
EOF
cat <<EOF
Done. The first update will be ${delay} minutes from now, at ${hh}:${mm}.
The cvsupd server will be started automatically after the first update,
and whenever you reboot.
EOF
else
cat <<EOF
OK, please remember to do it yourself. The crontab entry should run
"${base}/update.sh" as root.
EOF
fi
fi
echo ""
echo "You are now a FreeBSD mirror site."
;;
esac
Reference in New Issue Copy Permalink