[System/Security] Jailkit

Winkie · 2004-12-03 17:40:53

Only bug I know of is that it leaves a blank line in /etc/shells (can't remember how the hell to remove that with sed)

PKGBUILD

# Contributed by Paul "Winkie" Robins, paul at gamingmp.com
pkgname=jailkit
pkgver=1.2
pkgrel=1
pkgdesc="A set of utilities to limit user accounts to specific files using chroot() and or specific commands"
url="http://olivier.sessink.nl/jailkit"

source=(http://olivier.sessink.nl/jailkit/$pkgname-$pkgver.tar.gz)
md5sums=(99842c29bdebc3b853542c45a4c8435c)

install=jailkit.install

build() {
  cd $startdir/src/$pkgname-$pkgver
  ./configure --prefix=/usr

  patch $startdir/src/$pkgname-$pkgver/Makefile $startdir/Makefile.patch
 
  make || return 1
  make prefix=$startdir/pkg/usr iniprefix=$startdir/pkg/etc/jailkit install

  mkdir $startdir/pkg/etc/rc.d
  cp $startdir/src/$pkgname-$pkgver/extra/jailkit $startdir/pkg/etc/rc.d
  chown root:root $startdir/pkg/etc/rc.d/jailkit
  chmod +x $startdir/pkg/etc/rc.d/jailkit
}

Makefile.patch

--- Makefile    2004-12-03 17:17:13.000000000 +0000
+++ Makefile    2004-12-03 17:18:37.000000000 +0000
@@ -40,9 +40,4 @@
        @cd py/ && $(MAKE) install
        @cd man/ && $(MAKE) install
-       # test if the jk_chrootsh is already in /etc/shells
-       if ! grep ${prefix}/sbin/jk_chrootsh /etc/shells ; then 
-               @echo "appending ${prefix}/sbin/jk_chroots to /etc/shells";
-               echo ${prefix}/sbin/jk_chrootsh >> /etc/shells ;
-       fi

jailkit.install

post_install() {
        # test if the jk_chrootsh is already in /etc/shells
        if ! grep /usr/sbin/jk_chrootsh /etc/shells ; then 
                echo "Appending /usr/sbin/jk_chroots to /etc/shells";
                echo /usr/sbin/jk_chrootsh >> /etc/shells ;
        fi
  /bin/true
}

pre_remove() {
        # Remove jk_chrootsh from /etc/shells
        echo
        echo "Removing /usr/sbin/jk_chroots from /etc/shells"
        sed -i s,^/usr/sbin/jk_chrootsh$,, /etc/shells
  /bin/true
}

op=$1
shift
$op $*

Enjoy!

cactus · 2004-12-03 21:59:32

sed -e /^$/d /etc/shells

the above should delete ALL blank lines in /etc/shells

Dreameen · 2004-12-04 09:48:10

patching file /home/xyz/jail/src/jailkit-1.2/Makefile
Reversed (or previously applied) patch detected!  Assume -R? [n]

If I choose to apply the patch the '1 of 1 HUNK failed' appears. Should I just ignore this previously applied patch message or is there sth wrong with the build().[/code]

cactus · 2004-12-04 21:24:23

your patch command might be wrong..
i guess it depends on the structure you had when you made the diff. Usually patch is executed in the same locale as the diff...

ie. if you have diff'ed the files when they were at the same directory level, that is also the level you should apply the patch to. Unless you are using the -p# option to strip leading directories off the filenames in the patchfile..

Just a guess though, I only know rudimentary things about patch and diff...probably enough to make myself look like an idiot when I try to help someone else out.

My suggestion would be to try patching the thing manually before trying it in your build script. It might be that the code has changed a bit since the version the patch was created with (if you did not create the patch). The fuzziness factor might be too great. Likely you can look at the diff and try applying it yourself manually, or seeing if it indeed does still need to be applied. Then you could create a new diff.

Winkie · 2004-12-07 03:19:48

If you tell me how the patch fails i'll fix it. It's simply to stop it adding the jailed shell to /etc/shells on build, because I add it in the .install.

Arch Linux

#1 2004-12-03 17:40:53

[System/Security] Jailkit

#2 2004-12-03 21:59:32

Re: [System/Security] Jailkit

#3 2004-12-04 09:48:10

Re: [System/Security] Jailkit

#4 2004-12-04 21:24:23

Re: [System/Security] Jailkit

#5 2004-12-07 03:19:48

Re: [System/Security] Jailkit

Board footer