diff options
Diffstat (limited to 'meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/01_man_portability.patch')
-rw-r--r-- | meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/01_man_portability.patch | 248 |
1 files changed, 248 insertions, 0 deletions
diff --git a/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/01_man_portability.patch b/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/01_man_portability.patch new file mode 100644 index 0000000000..4963f82eb8 --- /dev/null +++ b/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/01_man_portability.patch | |||
@@ -0,0 +1,248 @@ | |||
1 | diff -ruNp tcp_wrappers_7.6.orig/hosts_access.3 tcp_wrappers_7.6/hosts_access.3 | ||
2 | --- tcp_wrappers_7.6.orig/hosts_access.3 2005-03-09 18:30:25.000000000 +0100 | ||
3 | +++ tcp_wrappers_7.6/hosts_access.3 2005-03-09 18:27:03.000000000 +0100 | ||
4 | @@ -3,7 +3,7 @@ | ||
5 | hosts_access, hosts_ctl, request_init, request_set \- access control library | ||
6 | .SH SYNOPSIS | ||
7 | .nf | ||
8 | -#include "tcpd.h" | ||
9 | +#include <tcpd.h> | ||
10 | |||
11 | extern int allow_severity; | ||
12 | extern int deny_severity; | ||
13 | diff -ruNp tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5 | ||
14 | --- tcp_wrappers_7.6.orig/hosts_access.5 2005-03-09 18:30:25.000000000 +0100 | ||
15 | +++ tcp_wrappers_7.6/hosts_access.5 2005-03-09 18:30:18.000000000 +0100 | ||
16 | @@ -8,9 +8,9 @@ name, host name/address) patterns. Exam | ||
17 | impatient reader is encouraged to skip to the EXAMPLES section for a | ||
18 | quick introduction. | ||
19 | .PP | ||
20 | -An extended version of the access control language is described in the | ||
21 | -\fIhosts_options\fR(5) document. The extensions are turned on at | ||
22 | -program build time by building with -DPROCESS_OPTIONS. | ||
23 | +The extended version of the access control language is described in the | ||
24 | +\fIhosts_options\fR(5) document. \fBNote that this language supersedes | ||
25 | +the meaning of \fIshell_command\fB as documented below.\fR | ||
26 | .PP | ||
27 | In the following text, \fIdaemon\fR is the the process name of a | ||
28 | network daemon process, and \fIclient\fR is the name and/or address of | ||
29 | @@ -346,8 +346,8 @@ in.tftpd: LOCAL, .my.domain | ||
30 | /etc/hosts.deny: | ||
31 | .in +3 | ||
32 | .nf | ||
33 | -in.tftpd: ALL: (/some/where/safe_finger -l @%h | \\ | ||
34 | - /usr/ucb/mail -s %d-%h root) & | ||
35 | +in.tftpd: ALL: (/usr/sbin/safe_finger -l @%h | \\ | ||
36 | + /usr/bin/mail -s %d-%h root) & | ||
37 | .fi | ||
38 | .PP | ||
39 | The safe_finger command comes with the tcpd wrapper and should be | ||
40 | @@ -383,6 +383,7 @@ that shouldn\'t. All problems are repor | ||
41 | .fi | ||
42 | .SH SEE ALSO | ||
43 | .nf | ||
44 | +hosts_options(5) extended syntax. | ||
45 | tcpd(8) tcp/ip daemon wrapper program. | ||
46 | tcpdchk(8), tcpdmatch(8), test programs. | ||
47 | .SH BUGS | ||
48 | diff -ruNp tcp_wrappers_7.6.orig/hosts_options.5 tcp_wrappers_7.6/hosts_options.5 | ||
49 | --- tcp_wrappers_7.6.orig/hosts_options.5 2005-03-09 18:30:24.000000000 +0100 | ||
50 | +++ tcp_wrappers_7.6/hosts_options.5 2005-03-09 18:27:03.000000000 +0100 | ||
51 | @@ -2,10 +2,8 @@ | ||
52 | .SH NAME | ||
53 | hosts_options \- host access control language extensions | ||
54 | .SH DESCRIPTION | ||
55 | -This document describes optional extensions to the language described | ||
56 | -in the hosts_access(5) document. The extensions are enabled at program | ||
57 | -build time. For example, by editing the Makefile and turning on the | ||
58 | -PROCESS_OPTIONS compile-time option. | ||
59 | +This document describes extensions to the language described | ||
60 | +in the hosts_access(5) document. | ||
61 | .PP | ||
62 | The extensible language uses the following format: | ||
63 | .sp | ||
64 | @@ -58,12 +56,12 @@ Notice the leading dot on the domain nam | ||
65 | Execute, in a child process, the specified shell command, after | ||
66 | performing the %<letter> expansions described in the hosts_access(5) | ||
67 | manual page. The command is executed with stdin, stdout and stderr | ||
68 | -connected to the null device, so that it won\'t mess up the | ||
69 | +connected to the null device, so that it won't mess up the | ||
70 | conversation with the client host. Example: | ||
71 | .sp | ||
72 | .nf | ||
73 | .ti +3 | ||
74 | -spawn (/some/where/safe_finger -l @%h | /usr/ucb/mail root) & | ||
75 | +spawn (/usr/sbin/safe_finger -l @%h | /usr/bin/mail root) & | ||
76 | .fi | ||
77 | .sp | ||
78 | executes, in a background child process, the shell command "safe_finger | ||
79 | diff -ruNp tcp_wrappers_7.6.orig/inetcf.c tcp_wrappers_7.6/inetcf.c | ||
80 | --- tcp_wrappers_7.6.orig/inetcf.c 1997-02-12 02:13:24.000000000 +0100 | ||
81 | +++ tcp_wrappers_7.6/inetcf.c 2005-03-09 18:27:03.000000000 +0100 | ||
82 | @@ -26,13 +26,17 @@ extern void exit(); | ||
83 | * guesses. Shorter names follow longer ones. | ||
84 | */ | ||
85 | char *inet_files[] = { | ||
86 | +#if 0 | ||
87 | "/private/etc/inetd.conf", /* NEXT */ | ||
88 | "/etc/inet/inetd.conf", /* SYSV4 */ | ||
89 | "/usr/etc/inetd.conf", /* IRIX?? */ | ||
90 | +#endif | ||
91 | "/etc/inetd.conf", /* BSD */ | ||
92 | +#if 0 | ||
93 | "/etc/net/tlid.conf", /* SYSV4?? */ | ||
94 | "/etc/saf/tlid.conf", /* SYSV4?? */ | ||
95 | "/etc/tlid.conf", /* SYSV4?? */ | ||
96 | +#endif | ||
97 | 0, | ||
98 | }; | ||
99 | |||
100 | diff -ruNp tcp_wrappers_7.6.orig/tcpd.8 tcp_wrappers_7.6/tcpd.8 | ||
101 | --- tcp_wrappers_7.6.orig/tcpd.8 1996-02-21 16:39:16.000000000 +0100 | ||
102 | +++ tcp_wrappers_7.6/tcpd.8 2005-03-09 18:27:03.000000000 +0100 | ||
103 | @@ -12,7 +12,11 @@ The program supports both 4.3BSD-style s | ||
104 | TLI. Functionality may be limited when the protocol underneath TLI is | ||
105 | not an internet protocol. | ||
106 | .PP | ||
107 | -Operation is as follows: whenever a request for service arrives, the | ||
108 | +There are two possible modes of operation: execution of \fItcpd\fP | ||
109 | +before a service started by \fIinetd\fP, or linking a daemon with | ||
110 | +the \fIlibwrap\fP shared library as documented in the \fIhosts_access\fR(3) | ||
111 | +manual page. Operation when started by \fIinetd\fP | ||
112 | +is as follows: whenever a request for service arrives, the | ||
113 | \fIinetd\fP daemon is tricked into running the \fItcpd\fP program | ||
114 | instead of the desired server. \fItcpd\fP logs the request and does | ||
115 | some additional checks. When all is well, \fItcpd\fP runs the | ||
116 | @@ -88,11 +92,11 @@ configuration files. | ||
117 | .sp | ||
118 | .in +5 | ||
119 | # mkdir /other/place | ||
120 | -# mv /usr/etc/in.fingerd /other/place | ||
121 | -# cp tcpd /usr/etc/in.fingerd | ||
122 | +# mv /usr/sbin/in.fingerd /other/place | ||
123 | +# cp tcpd /usr/sbin/in.fingerd | ||
124 | .fi | ||
125 | .PP | ||
126 | -The example assumes that the network daemons live in /usr/etc. On some | ||
127 | +The example assumes that the network daemons live in /usr/sbin. On some | ||
128 | systems, network daemons live in /usr/sbin or in /usr/libexec, or have | ||
129 | no `in.\' prefix to their name. | ||
130 | .SH EXAMPLE 2 | ||
131 | @@ -101,35 +105,34 @@ are left in their original place. | ||
132 | .PP | ||
133 | In order to monitor access to the \fIfinger\fR service, perform the | ||
134 | following edits on the \fIinetd\fR configuration file (usually | ||
135 | -\fI/etc/inetd.conf\fR or \fI/etc/inet/inetd.conf\fR): | ||
136 | +\fI/etc/inetd.conf\fR): | ||
137 | .nf | ||
138 | .sp | ||
139 | .ti +5 | ||
140 | -finger stream tcp nowait nobody /usr/etc/in.fingerd in.fingerd | ||
141 | +finger stream tcp nowait nobody /usr/sbin/in.fingerd in.fingerd | ||
142 | .sp | ||
143 | becomes: | ||
144 | .sp | ||
145 | .ti +5 | ||
146 | -finger stream tcp nowait nobody /some/where/tcpd in.fingerd | ||
147 | +finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd | ||
148 | .sp | ||
149 | .fi | ||
150 | .PP | ||
151 | -The example assumes that the network daemons live in /usr/etc. On some | ||
152 | +The example assumes that the network daemons live in /usr/sbin. On some | ||
153 | systems, network daemons live in /usr/sbin or in /usr/libexec, the | ||
154 | daemons have no `in.\' prefix to their name, or there is no userid | ||
155 | field in the inetd configuration file. | ||
156 | .PP | ||
157 | Similar changes will be needed for the other services that are to be | ||
158 | covered by \fItcpd\fR. Send a `kill -HUP\' to the \fIinetd\fR(8) | ||
159 | -process to make the changes effective. AIX users may also have to | ||
160 | -execute the `inetimp\' command. | ||
161 | +process to make the changes effective. | ||
162 | .SH EXAMPLE 3 | ||
163 | In the case of daemons that do not live in a common directory ("secret" | ||
164 | or otherwise), edit the \fIinetd\fR configuration file so that it | ||
165 | specifies an absolute path name for the process name field. For example: | ||
166 | .nf | ||
167 | .sp | ||
168 | - ntalk dgram udp wait root /some/where/tcpd /usr/local/lib/ntalkd | ||
169 | + ntalk dgram udp wait root /usr/sbin/tcpd /usr/local/lib/ntalkd | ||
170 | .sp | ||
171 | .fi | ||
172 | .PP | ||
173 | @@ -164,6 +167,7 @@ The default locations of the host access | ||
174 | .SH SEE ALSO | ||
175 | .na | ||
176 | .nf | ||
177 | +hosts_access(3), functions provided by the libwrap library. | ||
178 | hosts_access(5), format of the tcpd access control tables. | ||
179 | syslog.conf(5), format of the syslogd control file. | ||
180 | inetd.conf(5), format of the inetd control file. | ||
181 | diff -ruNp tcp_wrappers_7.6.orig/tcpdchk.8 tcp_wrappers_7.6/tcpdchk.8 | ||
182 | --- tcp_wrappers_7.6.orig/tcpdchk.8 1995-01-08 17:00:31.000000000 +0100 | ||
183 | +++ tcp_wrappers_7.6/tcpdchk.8 2005-03-09 18:27:03.000000000 +0100 | ||
184 | @@ -9,8 +9,8 @@ tcpdchk [-a] [-d] [-i inet_conf] [-v] | ||
185 | potential and real problems it can find. The program examines the | ||
186 | \fItcpd\fR access control files (by default, these are | ||
187 | \fI/etc/hosts.allow\fR and \fI/etc/hosts.deny\fR), and compares the | ||
188 | -entries in these files against entries in the \fIinetd\fR or \fItlid\fR | ||
189 | -network configuration files. | ||
190 | +entries in these files against entries in the \fIinetd\fR | ||
191 | +network configuration file. | ||
192 | .PP | ||
193 | \fItcpdchk\fR reports problems such as non-existent pathnames; services | ||
194 | that appear in \fItcpd\fR access control rules, but are not controlled | ||
195 | @@ -26,14 +26,13 @@ problem. | ||
196 | .SH OPTIONS | ||
197 | .IP -a | ||
198 | Report access control rules that permit access without an explicit | ||
199 | -ALLOW keyword. This applies only when the extended access control | ||
200 | -language is enabled (build with -DPROCESS_OPTIONS). | ||
201 | +ALLOW keyword. | ||
202 | .IP -d | ||
203 | Examine \fIhosts.allow\fR and \fIhosts.deny\fR files in the current | ||
204 | directory instead of the default ones. | ||
205 | .IP "-i inet_conf" | ||
206 | Specify this option when \fItcpdchk\fR is unable to find your | ||
207 | -\fIinetd.conf\fR or \fItlid.conf\fR network configuration file, or when | ||
208 | +\fIinetd.conf\fR network configuration file, or when | ||
209 | you suspect that the program uses the wrong one. | ||
210 | .IP -v | ||
211 | Display the contents of each access control rule. Daemon lists, client | ||
212 | @@ -54,7 +53,6 @@ tcpdmatch(8), explain what tcpd would do | ||
213 | hosts_access(5), format of the tcpd access control tables. | ||
214 | hosts_options(5), format of the language extensions. | ||
215 | inetd.conf(5), format of the inetd control file. | ||
216 | -tlid.conf(5), format of the tlid control file. | ||
217 | .SH AUTHORS | ||
218 | .na | ||
219 | .nf | ||
220 | diff -ruNp tcp_wrappers_7.6.orig/tcpdmatch.8 tcp_wrappers_7.6/tcpdmatch.8 | ||
221 | --- tcp_wrappers_7.6.orig/tcpdmatch.8 2005-03-09 18:30:24.000000000 +0100 | ||
222 | +++ tcp_wrappers_7.6/tcpdmatch.8 2005-03-09 18:27:03.000000000 +0100 | ||
223 | @@ -13,7 +13,7 @@ request for service. Examples are given | ||
224 | The program examines the \fItcpd\fR access control tables (default | ||
225 | \fI/etc/hosts.allow\fR and \fI/etc/hosts.deny\fR) and prints its | ||
226 | conclusion. For maximal accuracy, it extracts additional information | ||
227 | -from your \fIinetd\fR or \fItlid\fR network configuration file. | ||
228 | +from your \fIinetd\fR network configuration file. | ||
229 | .PP | ||
230 | When \fItcpdmatch\fR finds a match in the access control tables, it | ||
231 | identifies the matched rule. In addition, it displays the optional | ||
232 | @@ -50,7 +50,7 @@ Examine \fIhosts.allow\fR and \fIhosts.d | ||
233 | directory instead of the default ones. | ||
234 | .IP "-i inet_conf" | ||
235 | Specify this option when \fItcpdmatch\fR is unable to find your | ||
236 | -\fIinetd.conf\fR or \fItlid.conf\fR network configuration file, or when | ||
237 | +\fIinetd.conf\fR network configuration file, or when | ||
238 | you suspect that the program uses the wrong one. | ||
239 | .SH EXAMPLES | ||
240 | To predict how \fItcpd\fR would handle a telnet request from the local | ||
241 | @@ -86,7 +86,6 @@ tcpdchk(8), tcpd configuration checker | ||
242 | hosts_access(5), format of the tcpd access control tables. | ||
243 | hosts_options(5), format of the language extensions. | ||
244 | inetd.conf(5), format of the inetd control file. | ||
245 | -tlid.conf(5), format of the tlid control file. | ||
246 | .SH AUTHORS | ||
247 | .na | ||
248 | .nf | ||