-
Notifications
You must be signed in to change notification settings - Fork 5
/
bsock.spec
101 lines (72 loc) · 2.88 KB
/
bsock.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
%define name bsock
%define version 0.11
Name: %{name}
Version: %{version}
Release: 1%{?dist}
Summary: bsock - bind() sockets to restricted ports for lower-privilege daemons
Group: Systems Environment/Daemons
License: LGPLv2+
Vendor: Glue Logic LLC
URL: https://github.com/gstrauss/bsock/
Source0: bsock-%{version}.tar.gz
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
BuildRequires: gcc
Requires: glibc, %{name}-libs = %{version}
%package libs
Summary: bsock - shared libraries
Group: System Environment/Libraries
%description
==
bsock - bind() sockets to restricted ports for lower-privilege daemons
bsock federates binding to (important) socket addresses/ports on a system and
removes the requirement that many daemons start with root privileges in order
to bind to assigned ports.
The bsock daemon listens for requests on a local unix domain socket.
proxyexec - proxy command execution without setuid
proxyexec is an executable that builds with libbsock.so and can be used
as a login shell or as the target of an sshd_config ForceCommand to
leverage operating system authentication to passing credentials to a
service program running under a single account.
proxyexec handles client/server communication by passing argv and stdin,
stdout, stderr fds over unix domain socket between processes owned by
different users.
bpoll - bookkeeping poll interface
bpoll provides a thin and portable abstraction interface using historical poll
semantics to detect ready events on socket, pipe, and other descriptors.
bpoll aims to provide a bookeeping event polling framework to encapsulate a
variety of poll implementations provided by different platforms.
==
%description libs
bsock - bind() sockets to restricted ports for lower-privilege daemons
bpoll - bookkeeping poll interface
This package contains bsock shared libraries.
%prep
%setup -q
%build
make %{?_smp_mflags} PREFIX=/usr PROXYEXEC_SOCKET_DIR=/var/run/proxyexec/
%install
rm -rf $RPM_BUILD_ROOT
make install PREFIX=$RPM_BUILD_ROOT/usr
make install-doc PREFIX=$RPM_BUILD_ROOT/usr
make install-headers PREFIX=$RPM_BUILD_ROOT/usr
mv $RPM_BUILD_ROOT/usr/share/doc/bsock \
$RPM_BUILD_ROOT/usr/share/doc/bsock-%{version}
# permissions restored in files section below, after 'strip' is possibly run
chmod u+w $RPM_BUILD_ROOT/usr/%{_lib}/* $RPM_BUILD_ROOT/usr/sbin/*
mv $RPM_BUILD_ROOT/usr/etc $RPM_BUILD_ROOT/usr/var $RPM_BUILD_ROOT/
%clean
rm -rf $RPM_BUILD_ROOT
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%files
%defattr(-,root,root,-)
%config(noreplace) /etc/*
/usr/include/bsock
%attr(0555,root,daemon) /usr/sbin/bsock
%attr(0555,root,root) /usr/sbin/proxyexec
%ghost /var/run/bsock
%ghost /var/run/proxyexec
%doc /usr/share/doc/bsock-%{version}
%files libs
%defattr(-,root,root,-)
%attr(0555,root,root) %{_libdir}/libbsock*