ef9b86abab
Based on the work by Eric Schnoebelen and virtus@ in pkgsrc-wip. DESCR: cvsd is a wrapper program for cvs in pserver mode. It will run 'cvs pserver' under a special uid/gid in a chroot jail. cvsd is run as a daemon and is controlled through a configuration file. It is relatively easy to configure and tools are provided for easily setting up a rootjail. This server can be useful if you want to run a public cvs pserver. You should however be aware of the security limitations of running a cvs pserver. If you want any kind of authentication you should really consider using secure shell as a secure authentication mechanism and transport. Passwords used in cvs pserver are transmitted in plaintext and this wrapper won't change that. This server adds a layer of security to cvs. cvs is a very powerful tool and is capable of running scripts and other things. By running cvs in a rootjail it is possible to limit the amount of "damage" cvs can do if it is exploited. It is generally a good idea to run cvsd without any write permissions to any directory on the system.
29 lines
639 B
Bash
29 lines
639 B
Bash
#!@RCD_SCRIPTS_SHELL@
|
|
#
|
|
# $NetBSD: cvsd.sh,v 1.1.1.1 2006/05/20 23:38:16 wiz Exp $
|
|
#
|
|
# PROVIDE: cvsd
|
|
# REQUIRE: DAEMON
|
|
|
|
if [ -e /etc/rc.subr ]
|
|
then
|
|
. /etc/rc.subr
|
|
fi
|
|
|
|
name="cvsd"
|
|
rcvar=$name
|
|
command="@PREFIX@/sbin/${name}"
|
|
required_files="@PREFIX@/etc/${name}.conf"
|
|
pidfile=$(awk '/^#/ {next}; /PidFile/ {print $2}' ${required_files})
|
|
# pidfile=/var/run/cvsd.pid
|
|
command_args=""
|
|
# add more flags through ${${name}_flags}
|
|
|
|
if [ -e /etc/rc.subr ]
|
|
then
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|
|
else
|
|
echo -n ' ${name}'
|
|
${command} ${cvsd_flags} ${command_args}
|
|
fi
|