www-misc/shellinabox: Initial import. Fixes bug 343765.

Package-Manager: portage-2.2.20.1
Signed-off-by: Patrice Clement <monsieurp@gentoo.org>

5 files changed, 261 insertions, 0 deletions

diff --git a/www-misc/shellinabox/Manifest b/www-misc/shellinabox/Manifest
new file mode 100644
index 000000000000..85f28cdd8761
--- /dev/null
+++ b/www-misc/shellinabox/Manifest
@@ -0,0 +1 @@
+DIST shellinabox-2.18.zip 328195 SHA256 0a3572268b7f42e402cd2fc48ca1f9d1dad6d27d6209ca19923a60f4ee5cb5f8 SHA512 a036131d48d7e1b2e69e128d509a755978bbeb13ebac82212b225d3b0eafea8420ecbb830ea85a75e870814bf20c446ca1642fe59da516f74e0e439a3a41fe24 WHIRLPOOL 903195402af196b55dafcf7f261bc291c5fdd690c3a40ca09578c58d307a6b75e38bbb5316995708e078a6bab6a36de1e2ae9722142bf97b948de2c1dbcf2e52
diff --git a/www-misc/shellinabox/files/shellinaboxd.conf b/www-misc/shellinabox/files/shellinaboxd.conf
new file mode 100644
index 000000000000..7f020c123d1c
--- /dev/null
+++ b/www-misc/shellinabox/files/shellinaboxd.conf
@@ -0,0 +1,75 @@
+# conf.d file for shellinaboxd
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+# Options available (copied from the man page):
+#
+# Sometimes, it is not necessary to replace the entire style sheet using the
+# --static-file option. But instead a small incremental change should be made to
+# the visual  appearance  of the terminal. The --css option provides a means to
+# append additional style rules to the end of the default styles.css sheet. More
+# than one --css option can be given on the same command line.
+#
+# You shouldn't need to change this value 
+# unless you want to load your own style sheets.
+SIAB_CSS_DIR="/usr/share/shellinabox-resources"
+
+# If built with SSL/TLS support enabled, the daemon will look in SIAB_CERT_DIR for any
+# certificates. If unspecified, this defaults to the current working directory.         
+# 
+# If the browser negotiated a Server Name Identification the daemon will look for
+# a matching certificate-SERVERNAME.pem file. This allows for virtual hosting
+# of multiple server names on the same IP address and port.                                                                                                            
+# 
+# If no SNI handshake took place, it falls back on using the certificate in the
+# certificate.pem file.                                                                  
+# 
+# The administrator should make sure that there are matching certificates for
+# each of the virtual hosts on this server, and that there is a generic certifi‐
+# cate.pem file.                                                                                                                                                       
+# 
+# If no suitable certificate is installed, shellinaboxd will attempt to invoke
+# /usr/bin/openssl and create a new self-signed certificate. This only
+# succeeds if, after dropping privileges, shellinaboxd has write
+# permissions for SIAB_CERT_DIR.                                                                                       
+# 
+# Most browsers show a warning message when encountering a self-signed
+# certificate and then allow the user the option of accepting the certificate.
+# Due to this usability problem, and due to the perceived security
+# implications, the use of auto-generated self-signed certificates is intended
+# for testing or in  intranet deployments, only.
+#
+SIAB_CERT_DIR="/etc/shellinabox/cert"
+
+# By default, shellinaboxd redirectes all incoming HTTP requests to their
+# equivalent HTTPS URLs. If promoting of connections to encrypted SSL/TLS
+# sessions is undesired, this behavior can be disabled.
+# 
+# This option is also useful during testing or for deployment in trusted
+# intranets, if SSL certificates are unavailable.
+#
+# SIAB_DISABLE_SSL and SIAB_CERT_DIR are mutually exclusive options.
+#
+# Add this option to SIAB_OPTS if you don't want SSL support.
+SIAB_DISABLE_SSL="--disable-ssl"
+
+# Default port to listen on.
+SIAB_HTTP_PORT="4200"
+
+# Run shellinabox as this user.
+SIAB_USER="shellinaboxd"
+
+# Run shellinabox as this group.
+SIAB_GROUP="shellinaboxd"
+
+# Default service to launch
+SIAB_SERVICE="/:LOGIN"
+
+# Do not add both SIAB_CSS_DIR or SIAB_CERT_DIR to SIAB_OPTS.
+
+# Default setup turns off SSL.
+SIAB_OPTS="${SIAB_DISABLE_SSL} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}"
+
+# Uncomment this line to activate SSL.
+# SIAB_OPTS="--cert=${SIAB_CERT_DIR} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}"
diff --git a/www-misc/shellinabox/files/shellinaboxd.init b/www-misc/shellinabox/files/shellinaboxd.init
new file mode 100644
index 000000000000..7282fedcc031
--- /dev/null
+++ b/www-misc/shellinabox/files/shellinaboxd.init
@@ -0,0 +1,61 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+my_daemon="shellinaboxd"
+pidfile="/var/run/${my_daemon}.pid"
+command="/usr/sbin/${my_daemon}"
+command_args="${SIAB_OPTS}"
+
+depend() {
+    use net
+}
+
+start_pre() {
+    function my_join() { local IFS="${1}"; shift; echo "$*"; }
+
+    if [[ -n ${SIAB_CSS_DIR} ]]; then
+        # This code searches SIAB_CSS_DIR for CSS files
+        # and formats the --user-css option accordingly.
+        local CSS_FILES=( "${SIAB_CSS_DIR}"/*.css )
+        local SIAB_CSS_FILES=()
+
+        for _CSS in "${CSS_FILES[@]}"; do
+            _BASE="$(basename ${_CSS})"
+            _NAME="${_BASE%%\.css}"
+            _NAME="${_NAME//-/_}"
+            _NAME="${_NAME^}"
+            # These are the default style sheets. Don't load them.
+            [[ ${_NAME} =~ ^(Print|Styles).*? ]] && continue
+            SIAB_CSS_FILES+=("\"${_NAME}\":-${_CSS}")
+        done
+
+        # The 1st one, which the default one, must be turned on using a + sign.
+        SIAB_CSS_FILES[0]=$(sed 's#:-#:+#' <<< ${SIAB_CSS_FILES[0]})
+
+        command_args="${command_args} --user-css=$(my_join , "${SIAB_CSS_FILES[@]}")"
+    fi
+
+    return 0
+}
+
+start() {
+    ebegin "Starting ${my_daemon}"
+    start-stop-daemon \
+        --start \
+        --background \
+        --pidfile ${pidfile} \
+        --make-pidfile \
+        --exec ${command} \
+        -- ${command_args}
+    eend $?
+}
+
+stop() {
+    ebegin "Stopping ${my_daemon}"
+    start-stop-daemon \
+        --stop \
+        --pidfile ${pidfile}
+    eend $?
+}
diff --git a/www-misc/shellinabox/metadata.xml b/www-misc/shellinabox/metadata.xml
new file mode 100644
index 000000000000..a7ec23a9d4b9
--- /dev/null
+++ b/www-misc/shellinabox/metadata.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<herd>shell-tools</herd>
+	<maintainer>
+		<email>monsieurp@gentoo.org</email>
+		<name>Patrice Clement</name>
+	</maintainer>
+	<use>
+		<flag name="ssl">Enable SSL support.</flag>
+		<flag name="pam">Enable PAM support.</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">shellinabox/shellinabox</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/www-misc/shellinabox/shellinabox-2.18.ebuild b/www-misc/shellinabox/shellinabox-2.18.ebuild
new file mode 100644
index 000000000000..fb9d66a7a196
--- /dev/null
+++ b/www-misc/shellinabox/shellinabox-2.18.ebuild
@@ -0,0 +1,108 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+AUTOTOOLS_AUTORECONF="yes"
+AUTOTOOLS_IN_SOURCE_BUILD="yes"
+
+inherit user autotools-utils
+
+DESCRIPTION="Web server that can export arbitrary command line tools to a web based terminal emulator"
+HOMEPAGE="https://github.com/shellinabox/shellinabox"
+SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.zip -> ${P}.zip"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~ppc64 ~x86"
+IUSE="+ssl +pam"
+
+RDEPEND="${DEPEND}"
+DEPEND="${RDEPEND}
+	ssl? ( dev-libs/openssl:0= )
+	pam? ( virtual/pam )"
+
+SIAB_CERT_DIR="/etc/shellinabox/cert"
+SIAB_SSL_BASH="${SIAB_CERT_DIR}/gen_ssl_cert.bash"
+SIAB_DAEMON="${PN}d"
+
+shellinbox_gen_ssl_setup() {
+	read -r -d '' SIAB_SSL_SETUP << EOF
+cd ${SIAB_CERT_DIR}
+openssl genrsa -des3 -out server.key 1024
+openssl req -new -key server.key -out server.csr
+cp server.key server.key.org
+openssl rsa -in server.key.org -out server.key
+openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
+cat server.crt server.key > certificate.pem
+EOF
+}
+
+pkg_setup() {
+	enewgroup "${SIAB_DAEMON}"
+	enewuser "${SIAB_DAEMON}" -1 -1 -1 "${SIAB_DAEMON}"
+}
+
+src_configure() {
+	local myeconf="--disable-runtime-loading"
+
+	econf \
+		$(use_enable ssl) \
+		$(use_enable pam) \
+		"${myeconf}"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die
+
+	# make installs the binary in bin.
+	rm -rf "${D}/usr/bin" || die
+
+	# whereas it should put it in sbin.
+	dosbin "${SIAB_DAEMON}"
+
+	# Install init+conf files.
+	newinitd "${FILESDIR}/${SIAB_DAEMON}.init" "${SIAB_DAEMON}"
+	newconfd "${FILESDIR}/${SIAB_DAEMON}.conf" "${SIAB_DAEMON}"
+
+	# Install CSS files.
+	insinto "/usr/share/${PN}-resources"
+	doins -r "${PN}"/*.css
+
+	if use ssl; then
+		# Create directory where SSL certificates will be generated.
+		dodir "${SIAB_CERT_DIR}"
+		fowners "${SIAB_DAEMON}:${SIAB_DAEMON}" "${SIAB_CERT_DIR}"
+
+		# Generate set up variable.
+		shellinbox_gen_ssl_setup
+
+		# Dump it in a bash script.
+		echo "#!/usr/bin/env bash" > "${D}/${SIAB_SSL_BASH}" ||die
+		echo "${SIAB_SSL_SETUP}" >> "${D}/${SIAB_SSL_BASH}" || die
+		chmod +x "${D}/${SIAB_SSL_BASH}" || die
+	fi
+}
+
+pkg_postinst() {
+	ewarn
+	ewarn "The default configuration expose a login shell"
+	ewarn "with SSL disabled on the localhost interface only."
+	ewarn
+
+	if use ssl; then
+		shellinbox_gen_ssl_setup
+
+		einfo
+		einfo "To generate self-signed SSL certificates"
+		einfo "please read the following procedure"
+		einfo "explained here: https://code.google.com/p/shellinabox/issues/detail?id=59#c15"
+		einfo
+		einfo "${SIAB_SSL_SETUP}"
+		einfo
+		einfo "This walkthrough has been written in ${SIAB_SSL_BASH} for your convenience."
+		einfo "Make sure to execute this script."
+		einfo
+	fi
+}