• file
• revisions
• annotate
• diff
• comparison
• raw

tun/tun.spec@0ba300bdf30a (annotated)

tun/tun.spec

Mon, 20 Apr 2009 19:22:00 +0200

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Mon, 20 Apr 2009 19:22:00 +0200

changeset 178

0ba300bdf30a

parent 75

b3a835aa617c

child 387

33ae2d61c751

permissions

-rw-r--r--

Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.

michael@75	1	##
michael@75	2	## tun.spec -- OpenPKG RPM Specification
michael@75	3	## Copyright (c) 2009 Michael Schloh von Bennewitz <michael@schloh.com>
michael@75	4	##
michael@75	5	## Permission to use, copy, modify, and distribute this software for
michael@75	6	## any purpose with or without fee is hereby granted, provided that
michael@75	7	## the above copyright notice and this permission notice appear in all
michael@75	8	## copies.
michael@75	9	##
michael@75	10	## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
michael@75	11	## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
michael@75	12	## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
michael@75	13	## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
michael@75	14	## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
michael@75	15	## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
michael@75	16	## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
michael@75	17	## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
michael@75	18	## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
michael@75	19	## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
michael@75	20	## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
michael@75	21	## SUCH DAMAGE.
michael@75	22	##
michael@75	23
michael@75	24	# MSvB Fixme: Device driver could possibly be stripped
michael@75	25	# %{l_shtool} install -c -m -s 755 \
michael@75	26	# tun $RPM_BUILD_ROOT%{l_prefix}/lib/tun
michael@75	27
michael@75	28	# package information
michael@75	29	Name: tun
michael@75	30	Summary: Universal TUN/TAP Device Driver
michael@75	31	URL: http://vtun.sourceforge.net/tun/
michael@75	32	Vendor: Maxim Krasnyansky
michael@75	33	Packager: Michael Schloh von Bennewitz
michael@75	34	Distribution: Michael Schloh von Bennewitz
michael@75	35	Class: EVAL
michael@75	36	Group: Driver
michael@75	37	License: GPL
michael@75	38	Version: 1.1
michael@75	39	Release: 20090106
michael@75	40
michael@75	41	# list of sources
michael@75	42	Source0: http://vtun.sourceforge.net/tun/tun-%{version}.tar.gz
michael@75	43	Patch0: tun.patch
michael@75	44
michael@75	45	# build information
michael@75	46	Prefix: %{l_prefix}
michael@75	47	BuildRoot: %{l_buildroot}
michael@85	48	BuildPreReq: OpenPKG, openpkg >= 20050726, make
michael@75	49	PreReq: OpenPKG, openpkg >= 20050726
michael@75	50	AutoReq: no
michael@75	51	AutoReqProv: no
michael@75	52
michael@75	53	%description
michael@75	54	Tun provides packet reception and transmission for user space
michael@75	55	programs. It can be viewed as a simple Point-to-Point device, which
michael@75	56	instead of receiving packets from a physical media, receives them
michael@75	57	from user space program and instead of sending packets via physical
michael@75	58	media writes them to the user space program.
michael@75	59
michael@75	60	%track
michael@75	61	prog tun = {
michael@75	62	version = %{version}
michael@75	63	url = http://vtun.sourceforge.net/tun/
michael@75	64	regex = tun-(__VER__)\.tar\.gz
michael@75	65	}
michael@75	66
michael@75	67	%prep
michael@75	68	%setup -q -n tun-%{version}
michael@75	69	%patch -p0
michael@75	70
michael@75	71	%build
michael@75	72	CC="%{l_cc}" \
michael@75	73	CFLAGS="%{l_cflags -O}" \
michael@75	74	./configure \
michael@75	75	--prefix=%{l_prefix}
michael@75	76	locplat=`grep 'OS_DIR *=' Makefile | sed -e 's;OS_DIR[^=][^=]*= *\([^ ][^ ]*\);\1;'`
michael@75	77	( cd $locplat
michael@75	78	%{l_make} %{l_mflags -O}
michael@75	79	) || exit $?
michael@75	80
michael@75	81	%install
michael@75	82	rm -rf $RPM_BUILD_ROOT
michael@75	83	%{l_shtool} mkdir -f -p -m 755 \
michael@75	84	$RPM_BUILD_ROOT%{l_prefix}/lib/tun
michael@75	85	locplat=`grep 'OS_DIR *=' Makefile | sed -e 's;OS_DIR[^=][^=]*= *\([^ ][^ ]*\);\1;'`
michael@75	86	( cd $locplat
michael@75	87	%{l_shtool} install -c -m 644 \
michael@75	88	tun tun.conf if_tun.h $RPM_BUILD_ROOT%{l_prefix}/lib/tun
michael@75	89	) || exit $?
michael@75	90	%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT %{l_files_std}
michael@75	91
michael@75	92	%files -f files
michael@75	93
michael@75	94	%clean
michael@75	95	rm -rf $RPM_BUILD_ROOT
michael@75	96
michael@75	97	%post
michael@75	98	if [ $1 -eq 1 -o $1 -eq 2 ]; then
michael@75	99	# announce special nature of this package
michael@75	100	( echo "Attention: The special nature of the package contents require privileged"
michael@75	101	echo "interation, and must be carefully copied and nonportably installed to"
michael@75	102	echo "system areas outside of the OpenPKG instance."
michael@75	103	echo ""
michael@75	104	echo "This package therefore does not conform to basic OpenPKG principles, and"
michael@75	105	echo "should be removed immediately after its short term utility is exhausted."
michael@75	106	echo ""
michael@75	107	echo "To complete the installation on a SVR4 style operating system:"
michael@75	108	echo ""
michael@75	109	echo " $ su -"
michael@75	110	echo " # find %{l_prefix}/lib/tun/ -print"
michael@75	111	echo " # shtool install -c -m 755 -o root -g sys tun /usr/kernel/drv/"
michael@75	112	echo " # shtool install -c -m 644 -o root -g sys tun.conf /usr/kernel/drv/"
michael@75	113	echo " # shtool install -c -m 644 -o root -g bin if_tun.h /usr/include/net/"
michael@75	114	echo " # /usr/sbin/rem_drv tun"
michael@75	115	echo " # /usr/sbin/add_drv tun"
michael@75	116	) | %{l_rpmtool} msg -b -t notice
michael@75	117	fi
michael@75	118	exit 0
michael@75	119
michael@75	120	%postun
michael@75	121	[ $1 -eq 0 ] || exit 0
michael@75	122	# announce special nature of this package on uninstall
michael@75	123	( echo "Attention: The special nature of the package contents require privileged"
michael@75	124	echo "interation, and must be carefully deleted and nonportably uninstalled"
michael@75	125	echo "from system areas outside of the OpenPKG instance."
michael@75	126	echo ""
michael@75	127	echo " $ su -"
michael@75	128	echo " # ls -ld /usr/kernel/drv/*tun* /usr/include/net/*tun*"
michael@75	129	echo " # /usr/sbin/rem_drv tun"
michael@75	130	echo " # ls -ld /usr/kernel/drv/*tun*"
michael@75	131	echo " # ls -ld /usr/include/net/*tun*"
michael@75	132	echo " # rm -f /usr/kernel/drv/tun"
michael@75	133	echo " # rm -f /usr/kernel/drv/tun.conf"
michael@75	134	echo " # rm -f /usr/include/net/if_tun.h"
michael@75	135	) | %{l_rpmtool} msg -b -t notice
michael@75	136	exit 0
michael@75	137