Date: Thursday, August 21, 2014 @ 16:39:06 Author: seblu Revision: 117710
upgpkg: sslh 1.16-3 - start as user sslh by default - add user/group sslh - provide a working default conf - fix FS#41643 Added: sslh/trunk/sslh.conf Modified: sslh/trunk/PKGBUILD sslh/trunk/sslh-fork.service sslh/trunk/sslh-select.service sslh/trunk/sslh.install ---------------------+ PKGBUILD | 29 +++++++++++++++++------------ sslh-fork.service | 3 ++- sslh-select.service | 3 ++- sslh.conf | 29 +++++++++++++++++++++++++++++ sslh.install | 23 +++++++++++++++++++++-- 5 files changed, 71 insertions(+), 16 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2014-08-21 14:24:56 UTC (rev 117709) +++ PKGBUILD 2014-08-21 14:39:06 UTC (rev 117710) @@ -1,11 +1,11 @@ # $Id$ -# Maintainer: Sébastien Luttringer +# Maintainer: Sébastien "Seblu" Luttringer <se...@archlinux.org> # Contributor: Le_suisse <lesuisse.dev+aur at gmail dot com> # Contributor: Jason Rodriguez <jason-...@catloaf.net> pkgname=sslh pkgver=1.16 -pkgrel=2 +pkgrel=3 pkgdesc='SSL/SSH/OpenVPN/XMPP/tinc port multiplexer' arch=('i686' 'x86_64') url='http://www.rutschle.net/tech/sslh.shtml' @@ -14,11 +14,13 @@ backup=('etc/sslh.conf') install=$pkgname.install source=("http://www.rutschle.net/tech/$pkgname-v$pkgver.tar.gz" - 'sslh-select.service' - 'sslh-fork.service') -md5sums=('1e85b84eb82a96b81de9b1e637a3e795' - '67e8c9511508673254afa3e1ca61ff89' - 'a4402244a4d819beb3c6dc7ff031084e') + 'sslh.conf' + 'sslh-select.service' + 'sslh-fork.service') +md5sums=('c6e7d1cb0adb15f6efe480e36d98c560' + 'd5405c7ca7e1813e4d49a473e5834640' + 'eebafa2f6c1b3f88ade8e0a3c054e1b8' + '77e84cac50178eb389f7b25387c1f403') build() { cd $pkgname-v$pkgver @@ -26,15 +28,18 @@ } package() { + # default arch config + install -Dm 644 sslh.conf "$pkgdir/etc/sslh.conf" # manually install to have both ssl-fork and ssl-select cd $pkgname-v$pkgver - install -Dm 0755 sslh-fork "$pkgdir/usr/bin/sslh-fork" - install -Dm 0755 sslh-select "$pkgdir/usr/bin/sslh-select" + install -Dm 755 sslh-fork "$pkgdir/usr/bin/sslh-fork" + install -Dm 755 sslh-select "$pkgdir/usr/bin/sslh-select" ln -s sslh-fork "$pkgdir/usr/bin/sslh" # install manpage - install -Dm 0644 sslh.8.gz "$pkgdir/usr/share/man/man8/sslh.8.gz" - # install example file - install -Dm 0644 example.cfg "$pkgdir/etc/sslh.conf" + install -Dm 644 sslh.8.gz "$pkgdir/usr/share/man/man8/sslh.8.gz" + # install examples files + install -Dm 644 basic.cfg "$pkgdir/usr/share/doc/$pkgname/basic.cfg" + install -Dm 644 example.cfg "$pkgdir/usr/share/doc/$pkgname/example.cfg" # systemd install -Dm 644 $srcdir/sslh-fork.service \ "$pkgdir/usr/lib/systemd/system/sslh-fork.service" Modified: sslh-fork.service =================================================================== --- sslh-fork.service 2014-08-21 14:24:56 UTC (rev 117709) +++ sslh-fork.service 2014-08-21 14:39:06 UTC (rev 117710) @@ -3,8 +3,9 @@ After=network.target [Service] -ExecStart=/usr/bin/sslh-fork -f -F /etc/sslh.conf +ExecStart=/usr/bin/sslh-fork -F /etc/sslh.conf KillMode=process +PIDFile=/run/sslh.pid [Install] WantedBy=multi-user.target Modified: sslh-select.service =================================================================== --- sslh-select.service 2014-08-21 14:24:56 UTC (rev 117709) +++ sslh-select.service 2014-08-21 14:39:06 UTC (rev 117710) @@ -3,7 +3,8 @@ After=network.target [Service] -ExecStart=/usr/bin/sslh-select -f -F /etc/sslh.conf +ExecStart=/usr/bin/sslh-select -F /etc/sslh.conf +PIDFile=/run/sslh.pid [Install] WantedBy=multi-user.target Added: sslh.conf =================================================================== --- sslh.conf (rev 0) +++ sslh.conf 2014-08-21 14:39:06 UTC (rev 117710) @@ -0,0 +1,29 @@ +# Default Arch configuration +# You can find more examples in /usr/share/doc/sslh + +verbose: false; +foreground: true; +inetd: false; +numeric: false; +transparent: false; +timeout: 2; +user: "sslh"; +pidfile: "/run/sslh.pid"; + + +listen: +( + { host: "::0"; port: "443"; } +); + +protocols: +( + { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; probe: "builtin"; }, + { name: "openvpn"; host: "localhost"; port: "1194"; probe: "builtin"; }, + { name: "xmpp"; host: "localhost"; port: "5222"; probe: "builtin"; }, + { name: "http"; host: "localhost"; port: "80"; probe: "builtin"; }, + { name: "ssl"; host: "localhost"; port: "8443"; probe: "builtin"; }, + { name: "anyprot"; host: "localhost"; port: "8443"; probe: "builtin"; } +); + +# vim:set ts=4 sw=4 et: Modified: sslh.install =================================================================== --- sslh.install 2014-08-21 14:24:56 UTC (rev 117709) +++ sslh.install 2014-08-21 14:39:06 UTC (rev 117710) @@ -1,13 +1,32 @@ #!/bin/sh # arg 1: the new package version +post_install() { + getent passwd sslh >/dev/null || useradd -M -d /var/empty -r -U -M sslh + : +} + +# arg 1: the new package version # arg 2: the old package version post_upgrade() { - if [ "$(vercmp $2 1.14-1)" -le 0 ]; then + if (( "$(vercmp $2 1.14-1)" <= 0 )); then cat << EOF ===> sslh systemd service has been splitted in sslh-fork.service and sslh-select.service EOF - fi + fi + if (( "$(vercmp $2 1.16-3)" < 0 )); then + post_install "$1" + cat << EOF +===> sslh may runs as unprivileged sslh user. Check your setup. +EOF + fi } +# arg 1: the old package version +post_remove() { + userdel -f sslh &>/dev/null + groupdel sslh &>/dev/null + : +} + # vim:set ts=2 sw=2 ft=sh et: