From: "Michael Weber" <xmw@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] dev/xmw:master commit in: x11-misc/trivdm/, x11-misc/trivdm/files/
Date: Mon, 10 Oct 2011 22:04:22 +0000 (UTC) [thread overview]
Message-ID: <51c6f92ad07666b06423fbcc96114b4fe4a6371b.xmw@gentoo> (raw)
commit: 51c6f92ad07666b06423fbcc96114b4fe4a6371b
Author: Michael Weber <xmw <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 10 22:03:27 2011 +0000
Commit: Michael Weber <xmw <AT> gentoo <DOT> org>
CommitDate: Mon Oct 10 22:03:27 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/xmw.git;a=commit;h=51c6f92a
x11-misc/trivdm: New version w/ more security fun
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 62EEF090)
---
x11-misc/trivdm/ChangeLog | 6 +++
x11-misc/trivdm/Manifest | 20 +++------
x11-misc/trivdm/files/trivdm-0_p20111010 | 62 +++++++++++++++++++++++++++++
x11-misc/trivdm/trivdm-0_p20111010.ebuild | 59 +++++++++++++++++++++++++++
4 files changed, 133 insertions(+), 14 deletions(-)
diff --git a/x11-misc/trivdm/ChangeLog b/x11-misc/trivdm/ChangeLog
index 3829c2f..17cbd70 100644
--- a/x11-misc/trivdm/ChangeLog
+++ b/x11-misc/trivdm/ChangeLog
@@ -2,6 +2,12 @@
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
# $Header: $
+*trivdm-0_p20111010 (10 Oct 2011)
+
+ 10 Oct 2011; Michael Weber <xmw@gentoo.org> +files/trivdm-0_p20111010,
+ +trivdm-0_p20111010.ebuild:
+ New version w/ more security fun
+
*trivdm-0_p20110927 (27 Sep 2011)
27 Sep 2011; Michael Weber <xmw@gentoo.org> +files/trivdm-0_p20110927,
diff --git a/x11-misc/trivdm/Manifest b/x11-misc/trivdm/Manifest
index 290c0ac..5c3db2a 100644
--- a/x11-misc/trivdm/Manifest
+++ b/x11-misc/trivdm/Manifest
@@ -1,26 +1,18 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
-- -----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA256
-
AUX trivdm-0_p20110921 2319 RMD160 d5ea44d05528ee0d6d3a6f27d8bb00bd513fce5d SHA1 21cb08d686d6c9c8cb157660f903e9ae2e496b01 SHA256 eae817ac58331265e5f73c7d154e14524b90417a3560c826da4b55b49fe95a42
AUX trivdm-0_p20110927 2435 RMD160 7430356d28715ee4062d434da4fd18f1df9c79b1 SHA1 b8b11db1314ab9404e8bcafc9c86b3cab39cab85 SHA256 33e54114644860dc4aced2935e72d0188f016dbff5191f3fde4e70dbbb380cc6
+AUX trivdm-0_p20111010 2563 RMD160 b2e376c89eaae8ea2e4ed97627abb989f2d08b6e SHA1 c09676bafd6c3d8b5ecc0da300b4dfb5dd1c914d SHA256 ba60fd9c8b87632b2fe1ec63dbdaad0ebf8c9db035a9e746cafd67f265c2ee04
EBUILD trivdm-0_p20110921.ebuild 1372 RMD160 e03319f38b7e6d5398b7d9ad70f19cecefa4bb98 SHA1 4d9946e7c0ff322e9600526be021151dc9ab8347 SHA256 28a5980ee288a5dff6ca820da6272567ff841d61bafd35f9a29b0b42c7025135
EBUILD trivdm-0_p20110927.ebuild 1430 RMD160 25be98eeb10527e26be5126aabe585cbbed68318 SHA1 794da6899cd0b6c883141e574dee65759287dbfa SHA256 ad040c7033142c823ca27c66b392e6371f6afd8af5c45d170720001779226113
-MISC ChangeLog 463 RMD160 a2bf88f9761720e6d5dbc25c27b4b049bfd87abe SHA1 cf38de624c7dff5398883e5af0ee958a63f72db6 SHA256 2f05250a79307c84dbc3ae46a8eebca2415141760ebbeab9c70cd1d898478c22
+EBUILD trivdm-0_p20111010.ebuild 1686 RMD160 032c3bdeabdaed07f71eebd52894607907d5f2f8 SHA1 b9a954ab3e1a7da070fa92720b35d8c27cdc38c5 SHA256 d6df9c06e74c8f478769ab4214ac30d69fe3805d46f07100c9966201e2add920
+MISC ChangeLog 637 RMD160 078203c7eca39c9fd6000ec9c6107876d754fd90 SHA1 de8ef89f74a895fa4357a573043665f752239529 SHA256 4e34b8a54dc904fade2f4fe278d9792b59bbc8d00fe54c8759af2209b8cfcd12
MISC metadata.xml 245 RMD160 6b03982a4d5f32d9fa6b9259ae36f9fcb07c8404 SHA1 fb16c7b4c5ab071dd979f761b8bb075f5396b737 SHA256 375a1da02cd2c393ce2378a73c1ce08134bc030b3bb378c6a4d6ca9cd5be1f8d
-- -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.17 (GNU/Linux)
-
-iF4EAREIAAYFAk6CRN0ACgkQknrdDGLu8JCVPwD/VQDOBMHu+ifAI5orQGVbxcQQ
-MSfhzp6j+7PYMsGf+RUA/0rC0dbMfxo4Iw5H2vM+/+bipPyvtqKqzUCizWQi74CB
-=aXXm
-- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
-iF4EAREIAAYFAk6CRToACgkQknrdDGLu8JC4oAD/b20CGtoY0PIG+cIQODS/lb1h
-ecrcLkx/F8XHRjbZd+4A/jRBFRJHeveIkRTC169UltoxuuDJulFNGkHUY0rPLePn
-=XwBm
+iF4EAREIAAYFAk6Ta68ACgkQknrdDGLu8JD8pwEAgklGWIj3msJQXNHv9mvCrDqK
+xBRNleX5buDk8Kz36F8BAIjw0TYjU9bc9zTtA37497uaBNMdnK0RXvrrpk7EziBx
+=ndJj
-----END PGP SIGNATURE-----
diff --git a/x11-misc/trivdm/files/trivdm-0_p20111010 b/x11-misc/trivdm/files/trivdm-0_p20111010
new file mode 100644
index 0000000..30de0be
--- /dev/null
+++ b/x11-misc/trivdm/files/trivdm-0_p20111010
@@ -0,0 +1,62 @@
+#!/bin/zsh
+# trivdm by Christian Neukirchen, Michael Weber root@fs.lmu.de
+# wget http://xmw.de/tmp/trivdm -O /usr/local/bin/trivdm
+# c7:2345:respawn:/usr/bin/openvt -c 7 -f -w /usr/local/bin/trivdm
+# symlinks to /usr/local/bin/{gdmflexiserver,w} and /etc/local.d/trivdm.start
+# groupadd --system trivdm ; useradd --system -g trivdm -G wheel trivdm
+# chmod u+s /usr/bin/chvt
+
+NAME=$(basename $0) ; USER=trivdm ; LANG=C
+log() { echo "$@" | logger -s -t $NAME }
+trap 'read -s -k -t 10 "?Press any key to continue ..." ; exit -1 ' ZERR
+w() { ps haxo ruser,tty,comm | grep -v $USER | egrep -v "agetty|login$" | \
+ awk '{ if ( $3 == "X" || $2 != "?" ) print $1" "$2 }' | sort -u | \
+ awk '{ ORS="" ; if ( u != $1 ) { u=$1 ; print "\n"u"\t" } ; print $2"," }' \
+ | sed -e '1d ; s:,$:: ; $a\' }
+
+case $NAME in
+ gdmflexiserver)
+ [ "$1" = "-ls" ] && exec chvt 7 || exec /usr/bin/gdmflexiserver $@ ;;
+ trivdm.start)
+ chvt 7 ; exec setfont sun12x22 ;;
+ w)
+ w ; exec /usr/bin/w $@ ;;
+ *)
+ [ "$1" = "update" ] && exec wget http://xmw.de/tmp/$NAME -O $0
+ [ "$(id -un)" = "$USER" ] || exec su -c $0 $USER ;;
+esac
+
+clear
+toilet --font mono9 --gay $(hostname -f | sed 's:^[^\.]*\.::') | awk \
+ '{a[NR%8]=a[NR%8] $0} END {for (i=1;i<=NR;i++) print a[i];print a[0]}' \
+ | sed 's/ *$//g;/^$/d'
+print -n "Usage: <username>[/<session type>]|!halt|!reboot
+ <session type> in ~/.xinitrc (default), Gnome (fallback),\n\t"
+find /etc/X11/Sessions -type f ! -name Gnome | \
+ awk -F / 'BEGIN { ORS=", " } { print $5 }' | sed 's:, $:\n\n:'
+print "connected users:\n$({ w | grep '' || print '<none>'} | sed 's:^:\t:')\n"
+read "login?$(hostname)/tty7 x11 login: "
+
+case $login in
+ "" ) [ ] ;;
+ !* ) if [ -z "$(w)" ] ; then sudo -n "${login[2,-1]}"
+ else log "$login denied, users logged in!" ; fi ; [ ] ;;
+ */* ) xclient=$(find /etc/X11/Sessions -iname "*${login#*/}*" \
+ -type f | sort | head -n 1)
+ [ -n "$xclient" ] || { log invalid session ; [ ] }
+ login=${login%/*} ;;
+ * ) xclient="~/.xinitrc" ;;
+esac
+
+id "$login" 2>&1 >/dev/null | sed "s|^id:|$NAME:|"
+id "$login" 2>/dev/null >/dev/null
+
+tty=$(ps h -eo ruser,tty,comm | grep "^$login " | awk '$3=="X" {print $2}')
+[ "$tty" ] && { log switching to console $tty ; chvt "${tty#tty}" ; [ ] }
+
+dpy=0 ; while [ -e /tmp/.X11-unix/X$dpy ] ; do (( dpy += 1 )) done
+su -l -c "export xclient=$xclient ;
+ [ -x \"\$xclient\" ] || xclient=/etc/X11/Sessions/Gnome ;
+ /usr/sbin/daemonize -a -e ~/.xorg-stderr -o ~/.xorg-stdout -c ~ \
+ /usr/bin/startx \$xclient -- :$dpy -retro" $login
+[ ]
diff --git a/x11-misc/trivdm/trivdm-0_p20111010.ebuild b/x11-misc/trivdm/trivdm-0_p20111010.ebuild
new file mode 100644
index 0000000..f65ff95
--- /dev/null
+++ b/x11-misc/trivdm/trivdm-0_p20111010.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=3
+
+inherit eutils
+
+DESCRIPTION="trivial display manager"
+HOMEPAGE="http://xmw.de/tmp/trivdm"
+SRC_URI=""
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE=""
+
+RDEPEND="app-misc/toilet
+ app-shells/zsh
+ sys-apps/daemonize
+ sys-apps/kbd"
+DEPEND=""
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 /usr/bin/${PN} -1 ${PN}
+}
+
+src_install() {
+ newbin "${FILESDIR}"/${P} ${PN} || die
+ dodir /etc/env.d || die
+ echo "CONFIG_PROTECT=\"/usr/bin/${PN}\"" \
+ > "${D}"/etc/env.d/90${PN} || die
+ dodir /etc/sudoers.d || die
+ echo "#${PN} ALL=(root) NOPASSWD: /sbin/reboot,/sbin/halt" \
+ > "${D}"/etc/sudoers.d/${PN} || die
+ chmod 0440 "${D}"/etc/sudoers.d/${PN} || die
+}
+
+pkg_preinst() {
+ sed -e "/^c7:/d" /etc/inittab > "${ED}"/etc/inittab || die
+ sed -n -e '/c7:/{s/^.*c7:/c7:/ ; s:/local/:/: ; p}' \
+ "${ED}"/usr/bin/${PN} >> "${ED}"/etc/inittab || die
+
+ elog "IMPORTANT NOTE"
+ elog "Your system needs 5 minor adjustments that"
+ elog "must not be made by Gentoo portage system:"
+ elog "1) enable xscreensaver->newlogin compartibility"
+ elog " ln -s ../../bin/${PN} /usr/local/bin/gdmflexiserver"
+ elog "2) tune w to display remote login sessions and daemonized X11"
+ elog " ln -s ../../bin/${PN} /usr/local/bin/w"
+ elog "3) set a fancy font on framebuffer console on startup"
+ elog " ln -s ../../usr/bin/${PN} /etc/local.d/${PN}.start"
+ elog "4) grant chvt to everyone"
+ elog " chmod u+s /usr/bin/chvt"
+ elog "5) updated /etc/inittab (etc-update, ...) and reload"
+ elog " kill -HUP 1"
+ elog "Install app-admin/sudo and review /etc/sudoers.d/${PN}"
+}
next reply other threads:[~2011-10-10 22:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-10 22:04 Michael Weber [this message]
-- strict thread matches above, loose matches on Subject: below --
2013-07-07 0:39 [gentoo-commits] dev/xmw:master commit in: x11-misc/trivdm/, x11-misc/trivdm/files/ Michael Weber
2012-10-28 17:26 Michael Weber
2012-04-23 8:29 Michael Weber
2012-03-21 19:58 Michael Weber
2011-09-27 21:51 Michael Weber
2011-09-27 21:49 Michael Weber
2011-09-23 22:08 Michael Weber
2011-09-23 21:52 Michael Weber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51c6f92ad07666b06423fbcc96114b4fe4a6371b.xmw@gentoo \
--to=xmw@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox