On Sun, Dec 18, 2022 at 11:55:12AM +0000, Stuart Henderson wrote: > On 2022/12/17 22:36, Michael wrote: > > On Sat, Dec 17, 2022 at 11:06:32AM +0100, Omar Polo wrote: > > > On 2022/12/17 10:41:26 +0100, Pascal Stumpf <pas...@stumpf.co> wrote: > > > > On Sat, 17 Dec 2022 10:18:15 +0100, Pascal Stumpf wrote: > > > > > A few tweaks: > > > > > > > > > > * set MAKE_FLAGS so that the build respects CFLAGS > > > > > * NO_TESTS = Yes > > > > > * add README and endless.rc to the port itself, reformat, turn on -s > > > > > per > > > > > default (syslog logging) > > > > > * add dedicated _endlessh user > > > > > * install a default config file into examples and @sample it > > > > > > > > * correct Nm in endlessh.1 > > > > > > there's an extra patch-Makefile.orig in the tarball and > > > pkg/endlessh.rc is executable when it doesn't need to. > > > > > > ok for me with that fixed. > > > > Thanks to Pascal and you for the tweaks. > > > > I have tested the latest revision; works as expected and the changes > > seem fine to me. I took the liberty of fixing the last problems Omar > > mentioned in the attached port. > > > > > > > > > > > in pkg/README I'd say to symlink /etc/rc.d/endlessh to endlessh6 > > > instead of copying it, less to worry when updating. > > > > > > If I'm reading it correctly, it can't directly bind to 22 because it > > > doesn't start as root, it' would be nice to include an excerpt of the > > > pf configuration to redirect the port 22 to 2222. > > > > > > I'd use a patch instead of perl -pi in post-install to tweak the > > > configuration, it's more verbose but it's also more resiliant to > > > upstream changes to the file. > > > > > > Including the diff for user.list in case it comes in handy to who > > > would like to test it. > > > > > > Index: user.list > > > =================================================================== > > > RCS file: /home/cvs/ports/infrastructure/db/user.list,v > > > retrieving revision 1.413 > > > diff -u -p -r1.413 user.list > > > --- user.list 14 Dec 2022 12:09:05 -0000 1.413 > > > +++ user.list 17 Dec 2022 09:50:27 -0000 > > > @@ -395,3 +395,4 @@ id user group port > > > 884 _iblock _iblock net/iblock > > > 885 _mycorrhiza _mycorrhiza www/mycorrhiza > > > 886 _eduvpn _eduvpn net/eduvpn > > > +887 _endlessh _endlessh net/endlessh > > > > > There is no 1.1 release yet, so better name it 1.1pre20210430 (date of > commit). > > From readme: > > : If you want to cover both IPv4 and IPv6 you'll need to run *two* instances > of > : endlessh. > : > : - copy the endlessh rc script to ${RCDIR}/endlessh6 > : - copy the config file to ${SYSCONFDIR}/endlessh/config6 > : - use BindFamily 6 in config6 > : - in rc.conf.local force endlessh6 to load config6 like so: > : > : endlessh6_flags=-s -f /etc/endlessh/config6 > : endlessh_flags=-s > > No need to tell the user to do this, just provide an endlessh6 rc script > with the required daemon_flags. I don't think you need a second config > file, just use -6. > > : Covering more than 128 connections > : ================================== > : > : The defaults in OpenBSD only allow for 128 open file descriptors per > process, > : so regardless of the MaxClients setting in ${SYSCONFDIR}/endlessh/config > : you'll end up with something like 124 clients at the most. > : You can increase these limits in ${SYSCONFDIR}/login.conf for endlessh (and > : endlessh6) like so: > : > : endlessh:\ > : :openfiles=1024:\ > : :tc=daemon: > : endlessh6:\ > : :openfiles=1024:\ > : :tc=daemon: > > Provide pkg/endlessh.login and endless6.login files instead. 1024x2 is > a bit high for the default kern.maxfiles, I would suggest not more than > 512 for the installed file, users can change it if they need more. > > Then because it is just using standard OS mechanisms there is no more > need for pkg/README. >
Thanks for the feedback. Attached port should contain all the suggestions above. Also the pledge() comment was changed to "uses pledge() and unveil()" portcheck now complains about the two extra *.login files but looking at other ports that have those this seems normal: # /usr/ports/infrastructure/bin/portcheck extra file: pkg/endlessh.login extra file: pkg/endlessh6.login net/endlessh (this time actually reaching the mailinglist...)
endlessh.tgz
Description: Binary data