From dc413fe0f5f1d1f9d46800ce3e79e04efced62e3 Mon Sep 17 00:00:00 2001 From: "Vance M. Allen" Date: Sat, 6 Jul 2024 11:46:50 -0600 Subject: Add support for webmin-2.111 Signed-off-by: Vance M. Allen --- app-admin/webmin/Manifest | 6 +- app-admin/webmin/files/gentoo-setup-2.021 | 438 ------------------------------ app-admin/webmin/files/gentoo-setup-2.111 | 438 ++++++++++++++++++++++++++++++ app-admin/webmin/webmin-2.021.ebuild | 314 --------------------- app-admin/webmin/webmin-2.111.ebuild | 314 +++++++++++++++++++++ 5 files changed, 755 insertions(+), 755 deletions(-) delete mode 100644 app-admin/webmin/files/gentoo-setup-2.021 create mode 100644 app-admin/webmin/files/gentoo-setup-2.111 delete mode 100644 app-admin/webmin/webmin-2.021.ebuild create mode 100644 app-admin/webmin/webmin-2.111.ebuild diff --git a/app-admin/webmin/Manifest b/app-admin/webmin/Manifest index 198114b..b350c45 100644 --- a/app-admin/webmin/Manifest +++ b/app-admin/webmin/Manifest @@ -1,6 +1,6 @@ AUX gentoo-setup-2.021 13727 BLAKE2B dca9dadd5775006f5bfbeee870723db8806a2236c984e2b4cec70031101f97fc5d4e1e1fd9219f27cdaa31ee860d247f71a01180b392154c16ca6554b1f73483 SHA512 fa6fde84eb9a16fea5d019fd920aed2a2f5dd51e5f32fa407fd1c424a0627eaafab7cd3b572a57e4f97e06ce5b6b5a7373ac377776a474a8512e077130eadc6e AUX init.d.webmin 2167 BLAKE2B b90957ca4273ccc6deb35837704523361c3ed8b61034cb067919dffeabd7a8e6153ab2deceffc7745b209ffe8c6b52ad8fd391aa76591a9870c5f8f60223fb64 SHA512 deedded42854f4b29b28f24afec5171c4ee0f3301c4a0f4f9442f1c39b2aac39490315049641ed0b60182bdeb88d3f8d34672a707f95ecfa755d03d7f4dff49b AUX webmin.service 416 BLAKE2B aef00b0f948286c54736613e37f114e6ffd90453cc6eadc3afffe7fa114df4e6a8b91e4f02da6fdfaa3eb2f57254e5e6785b201d0461f28839742cc13d883816 SHA512 7cf86342db3d34cbe39b62fa768660ba7dd160d9c0d113ef6a3a176187fa0c72531bed38e3203cf627ab05c1ac4d9a8b9e829d1baa9739d63dfa74f09c445f1e -DIST webmin-2.021-minimal.tar.gz 4095583 BLAKE2B 46121251e8225a2728f7c252851e32e27df5cbd896d29a82d4ed2fb62f2395a404dfe500797cdfeeeaf5528c55488b534e097ab2e6241cdb8bfa38aeb3455f9f SHA512 4f353be75d1a8e298eea3d6a881a6ff6b41bec77021ca54101793922ddfc6d4572b926b5c20768c207f0112d4e23ca1289fd2ffed1cb266a57a2db2a0a7e751d -DIST webmin-2.021.tar.gz 46950175 BLAKE2B a75b9e0a4696c6db012a7eb6c8df6ac52b6551fd25a4ee7d6ba669477949a495c7fa45dc8f47ebcd78a5f84c3c312a4471941c3224989faca3769fd938108d46 SHA512 d7fbe5507a5baa7e840a48c1bf436dd96edf42d5d474ddde2c9437b872bbb20f2ff92fb0bd49c8df4ce0525cb81ce3894f0ed9197924cafe2094481264dfd47e -EBUILD webmin-2.021.ebuild 10395 BLAKE2B 88aee7c0d31b4d916157f51f5faac7462dc4e295ce24f2792d3be819f79196cf40a09dee5003bce34dc0ab5f7e98ef52bd95d3454b89b1701e6a6c5de3f5cb59 SHA512 ce9a5e0632827decf7b7f226e45288e3dd8f96eb0b38d75c6dd6d52af338ec354a784be63a0104913ac616ce0f7b5759c9cd8fdef40b4fa3576b99388514def5 +DIST webmin-2.111-minimal.tar.gz 4667248 BLAKE2B 51cbaea3f0fc333efed29d481d5da33e8cba22539f406459357a8662ec52461a81f4aa6d29dc1587af6afeae5bd89a16a76a255fe1b3a5bd6ebdc7b271217b96 SHA512 057c3abb9a80fe58d20e94197ff3b92811a689c0850240da3a2d1715e338de3eb5743039d2e3353ab35dcb4cc52c64368c03d24238ce9d199969381bbd696a8f +DIST webmin-2.111.tar.gz 46503872 BLAKE2B 1038ded3c6cba64e3d7d93ba3fff68e1b7fdb202ad0ab54d95c7ed2cfd46ae7967bf6b3034106a16bb903e984c2d1f0d083e30a6703c979003847d8341e6fead SHA512 89b6039954e643b054f25698c33557ccfabcb0e3c360f4439cee20c58dbb34b206fff3cd3452fe9b0ebd1dc38be64c95e81cf94b798939d7e3bc9f516d46e7bd +EBUILD webmin-2.111.ebuild 10449 BLAKE2B b5b6cb92b6fb1fcddebf8dd0c3cd2e9771581fb91dccda6a12ff37bf81ec4f2c3fc15dcea766b14a777031e15726563de03dd71299dc2d52c2befee50aaa34ff SHA512 55e506c46c53ade2c1160fdaade4cf4f6298e95650821af9d82f1681910b09eeb784cfcde9e51c2ca521c7c4bc3e8274d34924d01822c43a25293fdace939b50 diff --git a/app-admin/webmin/files/gentoo-setup-2.021 b/app-admin/webmin/files/gentoo-setup-2.021 deleted file mode 100644 index 680dfbb..0000000 --- a/app-admin/webmin/files/gentoo-setup-2.021 +++ /dev/null @@ -1,438 +0,0 @@ -#!/bin/sh -# gentoo-setup.sh -# -# Version 1.2 -# -# A modified original Webmin setup.sh script to comply with Gentoo specifics -# -# Modification done by: PhobosK -# -# This script runs after the webmin archive is installed, and in the pkg_config() phase. -# It does setup the various config files of Webmin depending on if it is -# a new install, an upgrade or a reset. - -LANG= -export LANG - -if [ -z ${wadir} ]; then - echo "You can't run this script outside of the 'emerge --config app-admin/webmin' command." - exit 1 -fi - -# All things we do is from the Webmin install dir - $wadir -cd $wadir - - -# Are we hard resetting everything? -# If yes, we do: -# 1. Run the specific Webmin $wadir/run-uninstalls.pl -# It runs all uninstall.pl files in every module's folder. -# They delete all the set specific Webmin cron jobs. -# If bumping you should go through these files using the command: -# find . -name uninstall.pl -exec cat {} \; -print -# 2. Delete the whole /etc/webmin content, keeping only the gentoo .keep_* files -if [ "$reset" = "hard" ]; then - echo "Running Webmin's specific uninstall procedures.. (Please ignore any possible errors)" - (WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir LANG= "$wadir/run-uninstalls.pl") - echo "..done" - echo "" - - echo "Deleting the content of user's config folder: $config_dir .." - find $config_dir ! -name '.keep_*' -delete 2>/dev/null - echo "..done" - echo "" -fi - - -# Are we soft resetting? -# If yes we do: -# - Delete the $config_dir/config file so we get new config values -if [ "$reset" = "soft" ]; then - echo "Deleting the user's $config_dir/config file.." - if [ -f "$config_dir/config" ]; then - rm -f "$config_dir/config" - fi - echo "..done" - echo "" -fi - - -# Get all available modules of this version -allmods=`echo */module.info | sed -e 's/\/module.info//g'` - -# Get current Webmin version -ver=`cat "$wadir/version"` - -if [ -r "$config_dir/config" ]; then - upgrading=1 -fi - - -# Check if upgrading from an old version -if [ "$upgrading" = 1 ]; then - echo "Updating existant Webmin's config files.." - - # Get current var path - if [ -r "$config_dir/var-path" ]; then - _var_dir=`cat $config_dir/var-path` - if [ -n ${_var_dir} ]; then - var_dir=${_var_dir} - fi - fi - - # Get current perl path - if [ -r "$config_dir/perl-path" ]; then - _perl=`cat $config_dir/perl-path` - if [ -n ${_perl} ]; then - perl=${_perl} - fi - fi - - # Get old os name and version - os_type=`grep "^os_type=" $config_dir/config | sed -e 's/os_type=//g'` - os_version=`grep "^os_version=" $config_dir/config | sed -e 's/os_version=//g'` - real_os_type=`grep "^real_os_type=" $config_dir/config | sed -e 's/real_os_type=//g'` - real_os_version=`grep "^real_os_version=" $config_dir/config | sed -e 's/real_os_version=//g'` - - # Get port, ssl, no_ssl2, no_ssl3, ssl_redirect, no_sslcompression, ssl_honorcipherorder, no_tls1, no_tls1_1 and keyfile - port=`grep "^port=" $config_dir/miniserv.conf | sed -e 's/port=//g'` - ssl=`grep "^ssl=" $config_dir/miniserv.conf | sed -e 's/ssl=//g'` - no_ssl2=`grep "^no_ssl2=" $config_dir/miniserv.conf | sed -e 's/no_ssl2=//g'` - no_ssl3=`grep "^no_ssl3=" $config_dir/miniserv.conf | sed -e 's/no_ssl3=//g'` - ssl_redirect=`grep "^ssl_redirect=" $config_dir/miniserv.conf | sed -e 's/ssl_redirect=//g'` - ssl_honorcipherorder=`grep "^ssl_honorcipherorder=" $config_dir/miniserv.conf | sed -e 's/ssl_honorcipherorder=//g'` - no_sslcompression=`grep "^no_sslcompression=" $config_dir/miniserv.conf | sed -e 's/no_sslcompression=//g'` - no_tls1=`grep "^no_tls1=" $config_dir/miniserv.conf | sed -e 's/no_tls1=//g'` - no_tls1_1=`grep "^no_tls1_1=" $config_dir/miniserv.conf | sed -e 's/no_tls1_1=//g'` - keyfile=`grep "^keyfile=" $config_dir/miniserv.conf | sed -e 's/keyfile=//g'` - - # Update ACLs - $perl "$wadir/newmods.pl" $config_dir $allmods - - # Update miniserv.conf with new root directory, mime types file and server info - grep -v "^root=" $config_dir/miniserv.conf | grep -v "^mimetypes=" | grep -v "^server=" >$tempdir/$$.miniserv.conf - mv $tempdir/$$.miniserv.conf $config_dir/miniserv.conf - echo "root=$wadir" >> $config_dir/miniserv.conf - echo "mimetypes=$wadir/mime.types" >> $config_dir/miniserv.conf - echo "server=MiniServ/$ver" >> $config_dir/miniserv.conf - grep logout= $config_dir/miniserv.conf >/dev/null - if [ $? != "0" ]; then - echo "logout=$config_dir/logout-flag" >> $config_dir/miniserv.conf - fi - - # Remove old cache of module infos - rm -f $config_dir/module.infos.cache - echo "..done" - echo "" -else - # Create webserver's new config files - echo "Creating Webmin's new config files.." - - echo $perl > $config_dir/perl-path - echo $var_dir > $config_dir/var-path - - # Create a totally new conf file - cfile=$config_dir/miniserv.conf - echo "port=$port" > $cfile - echo "root=$wadir" >> $cfile - echo "mimetypes=$wadir/mime.types" >> $cfile - echo "addtype_cgi=internal/cgi" >> $cfile - echo "realm=Webmin Server" >> $cfile - echo "logfile=$var_dir/miniserv.log" >> $cfile - echo "errorlog=$var_dir/miniserv.error" >> $cfile - echo "pidfile=$pidfile" >> $cfile - echo "logtime=168" >> $cfile - echo "ppath=$ppath" >> $cfile - echo "ssl=$ssl" >> $cfile - echo "no_ssl2=$no_ssl2" >> $cfile - echo "no_ssl3=$no_ssl3" >> $cfile - echo "ssl_redirect=$ssl_redirect" >> $cfile - echo "ssl_honorcipherorder=$ssl_honorcipherorder" >> $cfile - echo "no_sslcompression=$no_sslcompression" >> $cfile - echo "no_tls1=$no_tls1" >> $cfile - echo "no_tls1_1=$no_tls1_1" >> $cfile - echo "keyfile=$keyfile" >> $cfile - echo "env_WEBMIN_CONFIG=$config_dir" >> $cfile - echo "env_WEBMIN_VAR=$var_dir" >> $cfile - echo "atboot=$atboot" >> $cfile - echo "logout=$config_dir/logout-flag" >> $cfile - echo "listen=10000" >> $cfile - echo "denyfile=\\.pl\$" >> $cfile - echo "log=1" >> $cfile - echo "blockhost_failures=5" >> $cfile - echo "blockhost_time=60" >> $cfile - echo "syslog=1" >> $cfile - echo "session=1" >> $cfile - echo "premodules=WebminCore" >> $cfile - echo "server=MiniServ/$ver" >> $cfile - - # Append package-specific info to config file. - # miniserv-conf can be created by upstream or by us in src_install phase (see there). - if [ -f "$wadir/miniserv-conf" ]; then - cat "$wadir/miniserv-conf" >>$cfile - fi - - # Create the default user allowed to login - root only - login="root" - - if [ -r /etc/shadow ]; then - #crypt=`grep "^root:" /etc/shadow | cut -f 2 -d :` - crypt=x - else - crypt=`grep "^root:" /etc/passwd | cut -f 2 -d :` - fi - - ufile=$config_dir/miniserv.users - echo "$login:$crypt:0" > $ufile - chmod 600 $ufile - - - echo "userfile=$ufile" >> $cfile - chmod 600 $cfile - echo "..done" - echo "" - - echo "Creating access control file.." - afile=$config_dir/webmin.acl - echo "$login: $allmods" > $afile - chmod 600 $afile - echo "..done" - echo "" -fi - - -# Create start, stop, restart and reload Gentoo compliant Webmin scripts -# We use sys-apps/openrc functions which is already pulled by sys-apps/baselayout -# or systemctl if we run under systemd -echo "Creating start and stop scripts.." -rm -f $config_dir/{start,stop,restart,reload} - -# The start script in /etc/webmin (Gentoo compliant) -cat <>"$config_dir/start" -#!/bin/sh - -if [ ! -f "${pidfile}" ]; then - if [[ -d /run/systemd/system ]] ; then - systemctl start webmin.service - else - rc-service --ifexists -- webmin start - fi -fi -END - -# The stop script in /etc/webmin (Gentoo compliant) -cat <>"$config_dir/stop" -#!/bin/sh - -if [[ -d /run/systemd/system ]] ; then - systemctl stop webmin.service -else - rc-service --ifexists -- webmin --ifstarted stop -fi -END - -# The restart script in /etc/webmin (Gentoo compliant) -cat <>"$config_dir/restart" -#!/bin/sh - -if [[ -d /run/systemd/system ]] ; then - systemctl try-restart webmin.service -else - rc-service --ifexists -- webmin --ifstarted restart -fi -END - -# The reload script in /etc/webmin (Gentoo compliant) -cat <>"$config_dir/reload" -#!/bin/sh - -if [[ -d /run/systemd/system ]] ; then - systemctl reload-or-try-restart webmin.service -else - rc-service --ifexists -- webmin --ifstarted reload -fi -END - -chmod 755 $config_dir/{start,stop,restart,reload} -echo "..done" -echo "" - - -if [ "$upgrading" = 1 ]; then - echo "Updating other config files.." -else - echo "Copying other config files.." -fi - -# This just copies and merges the Webmin's release config files, with user's in the /etc/webmin folder -newmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods` -if [ "$upgrading" != 1 ]; then - # Store the OS and version - echo "os_type=$os_type" >> $config_dir/config - echo "os_version=$os_version" >> $config_dir/config - echo "real_os_type=$real_os_type" >> $config_dir/config - echo "real_os_version=$real_os_version" >> $config_dir/config - - # Turn on logging by default - echo "log=1" >> $config_dir/config - - # Disallow unknown referers by default - echo "referers_none=1" >>$config_dir/config -else - # one-off hack to set log variable in config from miniserv.conf - grep log= $config_dir/config >/dev/null - if [ "$?" = "1" ]; then - grep log= $config_dir/miniserv.conf >> $config_dir/config - grep logtime= $config_dir/miniserv.conf >> $config_dir/config - grep logclear= $config_dir/miniserv.conf >> $config_dir/config - fi - - # Disallow unknown referers if not set - grep referers_none= $config_dir/config >/dev/null - if [ "$?" != "0" ]; then - echo "referers_none=1" >>$config_dir/config - fi -fi -echo $ver > $config_dir/version -echo "..done" -echo "" - -# Set passwd_ fields in miniserv.conf from global config -for field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do - grep $field= $config_dir/miniserv.conf >/dev/null - if [ "$?" != "0" ]; then - grep $field= $config_dir/config >> $config_dir/miniserv.conf - fi -done -grep passwd_mode= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo passwd_mode=0 >> $config_dir/miniserv.conf -fi - -grep ssl_honorcipherorder= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo ssl_honorcipherorder=1 >> $config_dir/miniserv.conf -fi - -# Disable SSL compression to defeat BEAST attack -grep no_sslcompression= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo no_sslcompression=1 >> $config_dir/miniserv.conf -fi - -# Tighten SSL security -grep no_ssl2= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo no_ssl2=1 >> $config_dir/miniserv.conf -fi - -grep no_ssl3= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo no_ssl3=1 >> $config_dir/miniserv.conf -fi - -grep no_tls1= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo no_tls1=1 >> $config_dir/miniserv.conf -fi - -grep no_tls1_1= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo no_tls1_1=1 >> $config_dir/miniserv.conf -fi - -# Make Perl crypt MD5 the default -grep md5pass= $config_dir/config >/dev/null -if [ "$?" != "0" ]; then - echo md5pass=1 >> $config_dir/config -fi - -# Set a special theme if none was set before -if [ "$theme" = "" ]; then - theme=`cat "$wadir/defaulttheme" 2>/dev/null` -fi -oldthemeline=`grep "^theme=" $config_dir/config` -oldtheme=`echo $oldthemeline | sed -e 's/theme=//g'` -if [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then - themelist=$theme -fi - -# Set a special overlay if none was set before -if [ "$overlay" = "" ]; then - overlay=`cat "$wadir/defaultoverlay" 2>/dev/null` -fi -if [ "$overlay" != "" ] && [ "$theme" != "" ] && [ -d "$wadir/$overlay" ]; then - themelist="$themelist $overlay" -fi - -# Apply the theme and maybe overlay -if [ "$themelist" != "" ]; then - echo "theme=$themelist" >> $config_dir/config - echo "preroot=$themelist" >> $config_dir/miniserv.conf -fi - -# If the old blue-theme is still in use, change it (new in 1.730) -oldtheme=`grep "^theme=" $config_dir/config | sed -e 's/theme=//g'` -if [ "$oldtheme" = "blue-theme" ]; then - sed -i -e 's/theme=blue-theme/theme=gray-theme/g' $config_dir/config - sed -i -e 's/preroot=blue-theme/preroot=gray-theme/g' $config_dir/miniserv.conf -fi - -# Set the product field in the global config -grep product= $config_dir/config >/dev/null -if [ "$?" != "0" ]; then - echo product=webmin >> $config_dir/config -fi - -# If password delays are not specifically disabled, enable them -grep passdelay= $config_dir/miniserv.conf >/dev/null -if [ "$?" != "0" ]; then - echo passdelay=1 >> $config_dir/miniserv.conf -fi - - -echo "Changing ownership and permissions.." -# Make all config dirs non-world-readable -for m in $newmods; do - chown -R root:root $config_dir/$m - chmod -R og-rw $config_dir/$m -done - -# Make miniserv config files non-world-readable -for f in miniserv.conf miniserv.users; do - chown -R root:root $config_dir/$f - chmod -R og-rw $config_dir/$f -done -chmod +r $config_dir/version - -# Fix up bad permissions from some older installs -for m in ldap-client ldap-server ldap-useradmin mailboxes mysql postgresql servers virtual-server; do - if [ -d "$config_dir/$m" ]; then - chown root:root $config_dir/$m - chmod og-rw $config_dir/$m - chmod og-rw $config_dir/$m/config 2>/dev/null - fi -done -echo "..done" -echo "" - - -# This executes all postinstall.pl for every module -# If you do bump, you should look at the specific changes they do with this command in root folder: -# find . -name postinstall.pl -exec cat {} \; -print -# Generally they are safe to run 'cause they change only user's config in /etc/webmin -# or setup some cron jobs -if [ "$nopostinstall" = "" ]; then - echo "Running postinstall scripts.. (Please ignore any possible errors)" - (cd "$wadir" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/run-postinstalls.pl") - echo "..done" - echo "" -fi - -# Enable background collection -if [ "$upgrading" != 1 -a -r $config_dir/system-status/enable-collection.pl ]; then - echo "Enabling background status collection.. (Please ignore any possible errors)" - $config_dir/system-status/enable-collection.pl 5 - echo "..done" - echo "" -fi diff --git a/app-admin/webmin/files/gentoo-setup-2.111 b/app-admin/webmin/files/gentoo-setup-2.111 new file mode 100644 index 0000000..680dfbb --- /dev/null +++ b/app-admin/webmin/files/gentoo-setup-2.111 @@ -0,0 +1,438 @@ +#!/bin/sh +# gentoo-setup.sh +# +# Version 1.2 +# +# A modified original Webmin setup.sh script to comply with Gentoo specifics +# +# Modification done by: PhobosK +# +# This script runs after the webmin archive is installed, and in the pkg_config() phase. +# It does setup the various config files of Webmin depending on if it is +# a new install, an upgrade or a reset. + +LANG= +export LANG + +if [ -z ${wadir} ]; then + echo "You can't run this script outside of the 'emerge --config app-admin/webmin' command." + exit 1 +fi + +# All things we do is from the Webmin install dir - $wadir +cd $wadir + + +# Are we hard resetting everything? +# If yes, we do: +# 1. Run the specific Webmin $wadir/run-uninstalls.pl +# It runs all uninstall.pl files in every module's folder. +# They delete all the set specific Webmin cron jobs. +# If bumping you should go through these files using the command: +# find . -name uninstall.pl -exec cat {} \; -print +# 2. Delete the whole /etc/webmin content, keeping only the gentoo .keep_* files +if [ "$reset" = "hard" ]; then + echo "Running Webmin's specific uninstall procedures.. (Please ignore any possible errors)" + (WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir LANG= "$wadir/run-uninstalls.pl") + echo "..done" + echo "" + + echo "Deleting the content of user's config folder: $config_dir .." + find $config_dir ! -name '.keep_*' -delete 2>/dev/null + echo "..done" + echo "" +fi + + +# Are we soft resetting? +# If yes we do: +# - Delete the $config_dir/config file so we get new config values +if [ "$reset" = "soft" ]; then + echo "Deleting the user's $config_dir/config file.." + if [ -f "$config_dir/config" ]; then + rm -f "$config_dir/config" + fi + echo "..done" + echo "" +fi + + +# Get all available modules of this version +allmods=`echo */module.info | sed -e 's/\/module.info//g'` + +# Get current Webmin version +ver=`cat "$wadir/version"` + +if [ -r "$config_dir/config" ]; then + upgrading=1 +fi + + +# Check if upgrading from an old version +if [ "$upgrading" = 1 ]; then + echo "Updating existant Webmin's config files.." + + # Get current var path + if [ -r "$config_dir/var-path" ]; then + _var_dir=`cat $config_dir/var-path` + if [ -n ${_var_dir} ]; then + var_dir=${_var_dir} + fi + fi + + # Get current perl path + if [ -r "$config_dir/perl-path" ]; then + _perl=`cat $config_dir/perl-path` + if [ -n ${_perl} ]; then + perl=${_perl} + fi + fi + + # Get old os name and version + os_type=`grep "^os_type=" $config_dir/config | sed -e 's/os_type=//g'` + os_version=`grep "^os_version=" $config_dir/config | sed -e 's/os_version=//g'` + real_os_type=`grep "^real_os_type=" $config_dir/config | sed -e 's/real_os_type=//g'` + real_os_version=`grep "^real_os_version=" $config_dir/config | sed -e 's/real_os_version=//g'` + + # Get port, ssl, no_ssl2, no_ssl3, ssl_redirect, no_sslcompression, ssl_honorcipherorder, no_tls1, no_tls1_1 and keyfile + port=`grep "^port=" $config_dir/miniserv.conf | sed -e 's/port=//g'` + ssl=`grep "^ssl=" $config_dir/miniserv.conf | sed -e 's/ssl=//g'` + no_ssl2=`grep "^no_ssl2=" $config_dir/miniserv.conf | sed -e 's/no_ssl2=//g'` + no_ssl3=`grep "^no_ssl3=" $config_dir/miniserv.conf | sed -e 's/no_ssl3=//g'` + ssl_redirect=`grep "^ssl_redirect=" $config_dir/miniserv.conf | sed -e 's/ssl_redirect=//g'` + ssl_honorcipherorder=`grep "^ssl_honorcipherorder=" $config_dir/miniserv.conf | sed -e 's/ssl_honorcipherorder=//g'` + no_sslcompression=`grep "^no_sslcompression=" $config_dir/miniserv.conf | sed -e 's/no_sslcompression=//g'` + no_tls1=`grep "^no_tls1=" $config_dir/miniserv.conf | sed -e 's/no_tls1=//g'` + no_tls1_1=`grep "^no_tls1_1=" $config_dir/miniserv.conf | sed -e 's/no_tls1_1=//g'` + keyfile=`grep "^keyfile=" $config_dir/miniserv.conf | sed -e 's/keyfile=//g'` + + # Update ACLs + $perl "$wadir/newmods.pl" $config_dir $allmods + + # Update miniserv.conf with new root directory, mime types file and server info + grep -v "^root=" $config_dir/miniserv.conf | grep -v "^mimetypes=" | grep -v "^server=" >$tempdir/$$.miniserv.conf + mv $tempdir/$$.miniserv.conf $config_dir/miniserv.conf + echo "root=$wadir" >> $config_dir/miniserv.conf + echo "mimetypes=$wadir/mime.types" >> $config_dir/miniserv.conf + echo "server=MiniServ/$ver" >> $config_dir/miniserv.conf + grep logout= $config_dir/miniserv.conf >/dev/null + if [ $? != "0" ]; then + echo "logout=$config_dir/logout-flag" >> $config_dir/miniserv.conf + fi + + # Remove old cache of module infos + rm -f $config_dir/module.infos.cache + echo "..done" + echo "" +else + # Create webserver's new config files + echo "Creating Webmin's new config files.." + + echo $perl > $config_dir/perl-path + echo $var_dir > $config_dir/var-path + + # Create a totally new conf file + cfile=$config_dir/miniserv.conf + echo "port=$port" > $cfile + echo "root=$wadir" >> $cfile + echo "mimetypes=$wadir/mime.types" >> $cfile + echo "addtype_cgi=internal/cgi" >> $cfile + echo "realm=Webmin Server" >> $cfile + echo "logfile=$var_dir/miniserv.log" >> $cfile + echo "errorlog=$var_dir/miniserv.error" >> $cfile + echo "pidfile=$pidfile" >> $cfile + echo "logtime=168" >> $cfile + echo "ppath=$ppath" >> $cfile + echo "ssl=$ssl" >> $cfile + echo "no_ssl2=$no_ssl2" >> $cfile + echo "no_ssl3=$no_ssl3" >> $cfile + echo "ssl_redirect=$ssl_redirect" >> $cfile + echo "ssl_honorcipherorder=$ssl_honorcipherorder" >> $cfile + echo "no_sslcompression=$no_sslcompression" >> $cfile + echo "no_tls1=$no_tls1" >> $cfile + echo "no_tls1_1=$no_tls1_1" >> $cfile + echo "keyfile=$keyfile" >> $cfile + echo "env_WEBMIN_CONFIG=$config_dir" >> $cfile + echo "env_WEBMIN_VAR=$var_dir" >> $cfile + echo "atboot=$atboot" >> $cfile + echo "logout=$config_dir/logout-flag" >> $cfile + echo "listen=10000" >> $cfile + echo "denyfile=\\.pl\$" >> $cfile + echo "log=1" >> $cfile + echo "blockhost_failures=5" >> $cfile + echo "blockhost_time=60" >> $cfile + echo "syslog=1" >> $cfile + echo "session=1" >> $cfile + echo "premodules=WebminCore" >> $cfile + echo "server=MiniServ/$ver" >> $cfile + + # Append package-specific info to config file. + # miniserv-conf can be created by upstream or by us in src_install phase (see there). + if [ -f "$wadir/miniserv-conf" ]; then + cat "$wadir/miniserv-conf" >>$cfile + fi + + # Create the default user allowed to login - root only + login="root" + + if [ -r /etc/shadow ]; then + #crypt=`grep "^root:" /etc/shadow | cut -f 2 -d :` + crypt=x + else + crypt=`grep "^root:" /etc/passwd | cut -f 2 -d :` + fi + + ufile=$config_dir/miniserv.users + echo "$login:$crypt:0" > $ufile + chmod 600 $ufile + + + echo "userfile=$ufile" >> $cfile + chmod 600 $cfile + echo "..done" + echo "" + + echo "Creating access control file.." + afile=$config_dir/webmin.acl + echo "$login: $allmods" > $afile + chmod 600 $afile + echo "..done" + echo "" +fi + + +# Create start, stop, restart and reload Gentoo compliant Webmin scripts +# We use sys-apps/openrc functions which is already pulled by sys-apps/baselayout +# or systemctl if we run under systemd +echo "Creating start and stop scripts.." +rm -f $config_dir/{start,stop,restart,reload} + +# The start script in /etc/webmin (Gentoo compliant) +cat <>"$config_dir/start" +#!/bin/sh + +if [ ! -f "${pidfile}" ]; then + if [[ -d /run/systemd/system ]] ; then + systemctl start webmin.service + else + rc-service --ifexists -- webmin start + fi +fi +END + +# The stop script in /etc/webmin (Gentoo compliant) +cat <>"$config_dir/stop" +#!/bin/sh + +if [[ -d /run/systemd/system ]] ; then + systemctl stop webmin.service +else + rc-service --ifexists -- webmin --ifstarted stop +fi +END + +# The restart script in /etc/webmin (Gentoo compliant) +cat <>"$config_dir/restart" +#!/bin/sh + +if [[ -d /run/systemd/system ]] ; then + systemctl try-restart webmin.service +else + rc-service --ifexists -- webmin --ifstarted restart +fi +END + +# The reload script in /etc/webmin (Gentoo compliant) +cat <>"$config_dir/reload" +#!/bin/sh + +if [[ -d /run/systemd/system ]] ; then + systemctl reload-or-try-restart webmin.service +else + rc-service --ifexists -- webmin --ifstarted reload +fi +END + +chmod 755 $config_dir/{start,stop,restart,reload} +echo "..done" +echo "" + + +if [ "$upgrading" = 1 ]; then + echo "Updating other config files.." +else + echo "Copying other config files.." +fi + +# This just copies and merges the Webmin's release config files, with user's in the /etc/webmin folder +newmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods` +if [ "$upgrading" != 1 ]; then + # Store the OS and version + echo "os_type=$os_type" >> $config_dir/config + echo "os_version=$os_version" >> $config_dir/config + echo "real_os_type=$real_os_type" >> $config_dir/config + echo "real_os_version=$real_os_version" >> $config_dir/config + + # Turn on logging by default + echo "log=1" >> $config_dir/config + + # Disallow unknown referers by default + echo "referers_none=1" >>$config_dir/config +else + # one-off hack to set log variable in config from miniserv.conf + grep log= $config_dir/config >/dev/null + if [ "$?" = "1" ]; then + grep log= $config_dir/miniserv.conf >> $config_dir/config + grep logtime= $config_dir/miniserv.conf >> $config_dir/config + grep logclear= $config_dir/miniserv.conf >> $config_dir/config + fi + + # Disallow unknown referers if not set + grep referers_none= $config_dir/config >/dev/null + if [ "$?" != "0" ]; then + echo "referers_none=1" >>$config_dir/config + fi +fi +echo $ver > $config_dir/version +echo "..done" +echo "" + +# Set passwd_ fields in miniserv.conf from global config +for field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do + grep $field= $config_dir/miniserv.conf >/dev/null + if [ "$?" != "0" ]; then + grep $field= $config_dir/config >> $config_dir/miniserv.conf + fi +done +grep passwd_mode= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo passwd_mode=0 >> $config_dir/miniserv.conf +fi + +grep ssl_honorcipherorder= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo ssl_honorcipherorder=1 >> $config_dir/miniserv.conf +fi + +# Disable SSL compression to defeat BEAST attack +grep no_sslcompression= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_sslcompression=1 >> $config_dir/miniserv.conf +fi + +# Tighten SSL security +grep no_ssl2= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_ssl2=1 >> $config_dir/miniserv.conf +fi + +grep no_ssl3= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_ssl3=1 >> $config_dir/miniserv.conf +fi + +grep no_tls1= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_tls1=1 >> $config_dir/miniserv.conf +fi + +grep no_tls1_1= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_tls1_1=1 >> $config_dir/miniserv.conf +fi + +# Make Perl crypt MD5 the default +grep md5pass= $config_dir/config >/dev/null +if [ "$?" != "0" ]; then + echo md5pass=1 >> $config_dir/config +fi + +# Set a special theme if none was set before +if [ "$theme" = "" ]; then + theme=`cat "$wadir/defaulttheme" 2>/dev/null` +fi +oldthemeline=`grep "^theme=" $config_dir/config` +oldtheme=`echo $oldthemeline | sed -e 's/theme=//g'` +if [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then + themelist=$theme +fi + +# Set a special overlay if none was set before +if [ "$overlay" = "" ]; then + overlay=`cat "$wadir/defaultoverlay" 2>/dev/null` +fi +if [ "$overlay" != "" ] && [ "$theme" != "" ] && [ -d "$wadir/$overlay" ]; then + themelist="$themelist $overlay" +fi + +# Apply the theme and maybe overlay +if [ "$themelist" != "" ]; then + echo "theme=$themelist" >> $config_dir/config + echo "preroot=$themelist" >> $config_dir/miniserv.conf +fi + +# If the old blue-theme is still in use, change it (new in 1.730) +oldtheme=`grep "^theme=" $config_dir/config | sed -e 's/theme=//g'` +if [ "$oldtheme" = "blue-theme" ]; then + sed -i -e 's/theme=blue-theme/theme=gray-theme/g' $config_dir/config + sed -i -e 's/preroot=blue-theme/preroot=gray-theme/g' $config_dir/miniserv.conf +fi + +# Set the product field in the global config +grep product= $config_dir/config >/dev/null +if [ "$?" != "0" ]; then + echo product=webmin >> $config_dir/config +fi + +# If password delays are not specifically disabled, enable them +grep passdelay= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo passdelay=1 >> $config_dir/miniserv.conf +fi + + +echo "Changing ownership and permissions.." +# Make all config dirs non-world-readable +for m in $newmods; do + chown -R root:root $config_dir/$m + chmod -R og-rw $config_dir/$m +done + +# Make miniserv config files non-world-readable +for f in miniserv.conf miniserv.users; do + chown -R root:root $config_dir/$f + chmod -R og-rw $config_dir/$f +done +chmod +r $config_dir/version + +# Fix up bad permissions from some older installs +for m in ldap-client ldap-server ldap-useradmin mailboxes mysql postgresql servers virtual-server; do + if [ -d "$config_dir/$m" ]; then + chown root:root $config_dir/$m + chmod og-rw $config_dir/$m + chmod og-rw $config_dir/$m/config 2>/dev/null + fi +done +echo "..done" +echo "" + + +# This executes all postinstall.pl for every module +# If you do bump, you should look at the specific changes they do with this command in root folder: +# find . -name postinstall.pl -exec cat {} \; -print +# Generally they are safe to run 'cause they change only user's config in /etc/webmin +# or setup some cron jobs +if [ "$nopostinstall" = "" ]; then + echo "Running postinstall scripts.. (Please ignore any possible errors)" + (cd "$wadir" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/run-postinstalls.pl") + echo "..done" + echo "" +fi + +# Enable background collection +if [ "$upgrading" != 1 -a -r $config_dir/system-status/enable-collection.pl ]; then + echo "Enabling background status collection.. (Please ignore any possible errors)" + $config_dir/system-status/enable-collection.pl 5 + echo "..done" + echo "" +fi diff --git a/app-admin/webmin/webmin-2.021.ebuild b/app-admin/webmin/webmin-2.021.ebuild deleted file mode 100644 index 6c9c84b..0000000 --- a/app-admin/webmin/webmin-2.021.ebuild +++ /dev/null @@ -1,314 +0,0 @@ -# Copyright 2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -inherit pam systemd - -DESCRIPTION="A web-based Unix systems administration interface" -HOMEPAGE="http://www.webmin.com/" -RESTRICT="mirror" -SRC_URI="minimal? ( mirror://sourceforge/webadmin/${P}-minimal.tar.gz ) - !minimal? ( mirror://sourceforge/webadmin/${P}.tar.gz )" - -LICENSE="BSD GPL-2" -SLOT="0" - -KEYWORDS="~amd64 ~x86" - -IUSE="minimal mysql postgres ldap" -REQUIRED_USE="minimal? ( !mysql !postgres !ldap )" - -# All the required perl modules can be found easily using (in Webmin's root src dir): -# find . -name cpan_modules.pl -exec grep "::" {} \; -# NOTE: If Webmin doesn't find the required perl modules, it offers(runtime) the user -# to install them using the in-built cpan module, and this will mess up perl on the system -# That's why some modules are forced without a use flag -# NOTE: pam, ssl and dnssec-tools deps are forced for security and Gentoo compliance installation reasons -DEPEND="virtual/perl-MIME-Base64 - virtual/perl-Socket - virtual/perl-Sys-Syslog - virtual/perl-Time-HiRes - virtual/perl-Time-Local - dev-perl/Authen-Libwrap - dev-perl/IO-Tty - dev-perl/MD5 - dev-perl/Net-SSLeay - dev-perl/Authen-PAM - dev-perl/Sys-Hostname-Long - >=net-dns/dnssec-tools-1.13 - !minimal? ( - mysql? ( dev-perl/DBD-mysql ) - postgres? ( dev-perl/DBD-Pg ) - ldap? ( dev-perl/perl-ldap ) - dev-perl/XML-Generator - dev-perl/XML-Parser - ) -" -RDEPEND="${DEPEND}" - -src_prepare() { - default - - local perl="$( which perl )" - - # Remove the unnecessary and incompatible files - rm -rf acl/Authen-SolarisRBAC-0.1* - if ! use minimal ; then - rm -rf {format,{bsd,hpux,sgi}exports,zones,rbac} - rm -f mount/{free,net,open}bsd-mounts* - rm -f mount/macos-mounts* - fi - - # For security reasons remove the SSL certificate that comes with Webmin - # We will create our own later - rm -f miniserv.pem - - # Remove the Webmin setup scripts to avoid Webmin in runtime to mess up config - # We will use our own later - rm -f setup.{sh,pl} - - # Set the installation type/mode to Gentoo - echo "gentoo" > install-type - - # Fix the permissions of the install files - chmod -R og-w "${S}" - - # Since we should not modify any files after install - # we set the perl path in all cgi and pl files here using Webmin's routines - # The pl file is Prefix safe and works only on provided input, no other filesystem files - ebegin "Fixing perl path in source files" - (find "${S}" -name '*.cgi' -print ; find "${S}" -name '*.pl' -print) | $perl "${S}"/perlpath.pl $perl - - eend $? -} - -src_install() { - # Create config dir and keep - diropts -m0755 - dodir /etc/webmin - keepdir /etc/webmin - - # Create install dir - # Third party modules installed through Webmin go here too, so keep - dodir /usr/libexec/webmin - keepdir /usr/libexec/webmin - - # Copy our own setup script to installation folder - insinto /usr/libexec/webmin - newins "${FILESDIR}"/gentoo-setup-${PV} gentoo-setup.sh - fperms 0744 /usr/libexec/webmin/gentoo-setup.sh - - # This is here if we ever want in future ebuilds to add some specific - # config values in the /etc/webmin/miniserv.conf - # The format of this file should be the same as the one of miniserv.conf: - # var=value - # - # Uncomment it if you use such file. Before that check if upstream - # has this file in root dir too. - #newins "${FILESDIR}/miniserv-conf" miniserv-conf - - # Create the log dir and keep - diropts -m0700 - dodir /var/log/webmin - keepdir /var/log/webmin - - # Create the init.d file and put the neccessary variables there - newinitd "${FILESDIR}"/init.d.webmin webmin - sed -i \ - -e "s:%exe%:${EROOT}/usr/libexec/webmin/miniserv.pl:" \ - -e "s:%pid%:${EROOT}/var/run/webmin.pid:" \ - -e "s:%conf%:${EROOT}/etc/webmin/miniserv.conf:" \ - -e "s:%config%:${EROOT}/etc/webmin/config:" \ - -e "s:%perllib%:${EROOT}/usr/libexec/webmin:" \ - "${ED}/etc/init.d/webmin" \ - || die "Failed to patch the webmin init file" - - # Create the systemd service file and put the neccessary variables there - # vma, 4/8/2023 - systemd environment variable no longer has _ prefix - systemd_newunit "${FILESDIR}"/webmin.service webmin.service - sed -i \ - -e "s:%exe%:${EROOT}/usr/libexec/webmin/miniserv.pl:" \ - -e "s:%pid%:${EROOT}/var/run/webmin.pid:" \ - -e "s:%conf%:${EROOT}/etc/webmin/miniserv.conf:" \ - -e "s:%config%:${EROOT}/etc/webmin/config:" \ - -e "s:%perllib%:${EROOT}/usr/libexec/webmin:" \ - "${ED}$(systemd_get_systemunitdir)/webmin.service" \ - || die "Failed to patch the webmin systemd service file" - - # Setup pam - pamd_mimic system-auth webmin auth account session - - # Copy files to installation folder - ebegin "Copying install files to destination" - cp -pPR "${S}"/* "${ED}/usr/libexec/webmin" - eend $? -} - -pkg_preinst() { - # First stop service if running so Webmin to not messup our config - ebegin "Stopping any running Webmin instance prior merging" - if systemd_is_booted ; then - systemctl stop webmin.service 2>/dev/null - else - rc-service --ifexists -- webmin --ifstarted stop - fi - eend $? -} - -pkg_postinst() { - # Run webmin_config first - non interactively - export INTERACTIVE="no" - webmin_config - # Every next time webmin_config should be interactive - INTERACTIVE="yes" - - ewarn - ewarn "Bare in mind that not all Webmin modules are Gentoo tweaked and may have some issues." - ewarn "Always be careful when using modules that modify init entries, do update of webmin, install CPAN modules etc." - ewarn "To avoid problems, please before using any module, look at its configuration options first." - ewarn "(Usually there is a link at top in the right pane of Webmin for configuring the module.)" - ewarn - if systemd_is_booted ; then - elog "- To make Webmin start at boot time, run: 'systemctl enable webmin.service'" - else - elog "- To make Webmin start at boot time, run: 'rc-update add webmin default'" - fi - elog "- The default URL to connect to Webmin is: https://localhost:10000" - elog "- The default user that can login is: root" - elog "- To reconfigure Webmin in case of problems run 'emerge --config app-admin/webmin'" -} - -pkg_prerm() { - # First stop service if running - we do not want Webmin to mess up config - ebegin "Stopping any running Webmin instance prior unmerging" - if systemd_is_booted ; then - systemctl stop webmin.service 2>/dev/null - else - rc-service --ifexists -- webmin --ifstarted stop - fi - eend $? -} - -pkg_postrm() { - # If removing webmin completely, remind the user for the Webmin's own cron jobs. - if [[ ! ${REPLACED_BY_VERSION} ]]; then - ewarn - ewarn "You have uninstalled Webmin, so have in mind that all cron jobs scheduled" - ewarn "by Webmin for its own modules, are left active and they will fail when Webmin is missing." - ewarn "To fix this just disable them if you intend to use Webmin again," - ewarn "OR delete them if not." - ewarn - fi -} - -pkg_config(){ - webmin_config -} - -webmin_config(){ - # First stop service if running - ebegin "Stopping any running Webmin instance" - if systemd_is_booted ; then - systemctl stop webmin.service 2>/dev/null - else - rc-service --ifexists -- webmin --ifstarted stop - fi - eend $? - - # Next set the default reset variable to 'none' - # reset/_reset can be: - # 'none' - does not reset anything, just upgrades if a conf is present - # OR installs new conf if a conf is missing - # 'soft' - deletes only $config_dir/config file and thus resetting most - # conf values to their defaults. Keeps the specific Webmin cron jobs - # 'hard' - deletes all files in $config_dir (keeping the .keep_* Gentoo file) - # and thus resetting all Webmin. Deletes the specific Webmin cron jobs too. - local _reset="none" - - # If in interactive mode ask user what should we do - if [[ "${INTERACTIVE}" = "yes" ]]; then - einfo - einfo "Please enter the number of the action you would like to perform?" - einfo - einfo "1. Update configuration" - einfo " (keeps old config options and adds the new ones)" - einfo "2. Soft reset configuration" - einfo " (keeps some old config options, the other options are set to default)" - ewarn " All Webmin users will be reset" - einfo "3. Hard reset configuration" - einfo " (all options including module options are set to default)" - ewarn " You will lose all Webmin configuration options you have done till now" - einfo "4. Exit this configuration utility (default)" - while [ "$correct" != "true" ] ; do - read answer - if [[ "$answer" = "1" ]] ; then - _reset="none" - correct="true" - elif [[ "$answer" = "2" ]] ; then - _reset="soft" - correct="true" - elif [[ "$answer" = "3" ]] ; then - _reset="hard" - correct="true" - elif [ "$answer" = "4" -o "$answer" = "" ] ; then - die "User aborted configuration." - else - echo "Answer not recognized. Enter a number from 1 to 4" - fi - done - - if [[ "$_reset" = "hard" ]]; then - while [ "$sure" != "true" ] ; do - ewarn "You will lose all Webmin configuration options you have done till now." - ewarn "Are you sure you want to do this? (y/n)" - read answer - if [[ $answer =~ ^[Yy]([Ee][Ss])?$ ]] ; then - sure="true" - elif [[ $answer =~ ^[Nn]([Oo])?$ ]] ; then - die "User aborted configuration." - else - echo "Answer not recognized. Enter 'y' or 'n'" - fi - done - fi - fi - - export reset=$_reset - - # Create ssl certificate for Webmin if there is not one in the proper place - if [[ ! -e "${EROOT}/etc/ssl/webmin/server.pem" ]]; then - SSL_ORGANIZATION="${SSL_ORGANIZATION:-Webmin Server}" - SSL_COMMONNAME="${SSL_COMMONNAME:-*}" - install_cert "${EROOT}/etc/ssl/webmin/server" - fi - - # Ensure all paths passed to the setup script use EROOT - export wadir="${EROOT}/usr/libexec/webmin" - export config_dir="${EROOT}/etc/webmin" - export var_dir="${EROOT}/var/log/webmin" - export tempdir="${T}" - export pidfile="${EROOT}/var/run/webmin.pid" - export perl="$( which perl )" - export os_type='gentoo-linux' - export os_version='*' - export real_os_type='Gentoo Linux' - export real_os_version='Any version' - # Forcing 'ssl', 'no_ssl2', 'no_ssl3', 'ssl_redirect', 'no_sslcompression', - # 'ssl_honorcipherorder', 'no_tls1' and 'no_tls1_1' for tightening security - export ssl=1 - export no_ssl2=1 - export no_ssl3=1 - export ssl_redirect=1 - export ssl_honorcipherorder=1 - export no_sslcompression=1 - export no_tls1=1 - export no_tls1_1=1 - export keyfile="${EROOT}/etc/ssl/webmin/server.pem" - export port=10000 - - export atboot=0 - - einfo "Executing Webmin's configure script" - $wadir/gentoo-setup.sh - - einfo "Configuration of Webmin done" -} diff --git a/app-admin/webmin/webmin-2.111.ebuild b/app-admin/webmin/webmin-2.111.ebuild new file mode 100644 index 0000000..efe59fe --- /dev/null +++ b/app-admin/webmin/webmin-2.111.ebuild @@ -0,0 +1,314 @@ +# Copyright 2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit pam systemd + +DESCRIPTION="A web-based Unix systems administration interface" +HOMEPAGE="http://www.webmin.com/" +RESTRICT="mirror" +SRC_URI="minimal? ( https://github.com/webmin/webmin/releases/download/${PV}/${P}-minimal.tar.gz ) + !minimal? ( https://github.com/webmin/webmin/releases/download/${PV}/${P}.tar.gz )" + +LICENSE="BSD GPL-2" +SLOT="0" + +KEYWORDS="~amd64 ~x86" + +IUSE="minimal mysql postgres ldap" +REQUIRED_USE="minimal? ( !mysql !postgres !ldap )" + +# All the required perl modules can be found easily using (in Webmin's root src dir): +# find . -name cpan_modules.pl -exec grep "::" {} \; +# NOTE: If Webmin doesn't find the required perl modules, it offers(runtime) the user +# to install them using the in-built cpan module, and this will mess up perl on the system +# That's why some modules are forced without a use flag +# NOTE: pam, ssl and dnssec-tools deps are forced for security and Gentoo compliance installation reasons +DEPEND="virtual/perl-MIME-Base64 + virtual/perl-Socket + virtual/perl-Sys-Syslog + virtual/perl-Time-HiRes + virtual/perl-Time-Local + dev-perl/Authen-Libwrap + dev-perl/IO-Tty + dev-perl/MD5 + dev-perl/Net-SSLeay + dev-perl/Authen-PAM + dev-perl/Sys-Hostname-Long + >=net-dns/dnssec-tools-1.13 + !minimal? ( + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + ldap? ( dev-perl/perl-ldap ) + dev-perl/XML-Generator + dev-perl/XML-Parser + ) +" +RDEPEND="${DEPEND}" + +src_prepare() { + default + + local perl="$( which perl )" + + # Remove the unnecessary and incompatible files + rm -rf acl/Authen-SolarisRBAC-0.1* + if ! use minimal ; then + rm -rf {format,{bsd,hpux,sgi}exports,zones,rbac} + rm -f mount/{free,net,open}bsd-mounts* + rm -f mount/macos-mounts* + fi + + # For security reasons remove the SSL certificate that comes with Webmin + # We will create our own later + rm -f miniserv.pem + + # Remove the Webmin setup scripts to avoid Webmin in runtime to mess up config + # We will use our own later + rm -f setup.{sh,pl} + + # Set the installation type/mode to Gentoo + echo "gentoo" > install-type + + # Fix the permissions of the install files + chmod -R og-w "${S}" + + # Since we should not modify any files after install + # we set the perl path in all cgi and pl files here using Webmin's routines + # The pl file is Prefix safe and works only on provided input, no other filesystem files + ebegin "Fixing perl path in source files" + (find "${S}" -name '*.cgi' -print ; find "${S}" -name '*.pl' -print) | $perl "${S}"/perlpath.pl $perl - + eend $? +} + +src_install() { + # Create config dir and keep + diropts -m0755 + dodir /etc/webmin + keepdir /etc/webmin + + # Create install dir + # Third party modules installed through Webmin go here too, so keep + dodir /usr/libexec/webmin + keepdir /usr/libexec/webmin + + # Copy our own setup script to installation folder + insinto /usr/libexec/webmin + newins "${FILESDIR}"/gentoo-setup-${PV} gentoo-setup.sh + fperms 0744 /usr/libexec/webmin/gentoo-setup.sh + + # This is here if we ever want in future ebuilds to add some specific + # config values in the /etc/webmin/miniserv.conf + # The format of this file should be the same as the one of miniserv.conf: + # var=value + # + # Uncomment it if you use such file. Before that check if upstream + # has this file in root dir too. + #newins "${FILESDIR}/miniserv-conf" miniserv-conf + + # Create the log dir and keep + diropts -m0700 + dodir /var/log/webmin + keepdir /var/log/webmin + + # Create the init.d file and put the neccessary variables there + newinitd "${FILESDIR}"/init.d.webmin webmin + sed -i \ + -e "s:%exe%:${EROOT}/usr/libexec/webmin/miniserv.pl:" \ + -e "s:%pid%:${EROOT}/var/run/webmin.pid:" \ + -e "s:%conf%:${EROOT}/etc/webmin/miniserv.conf:" \ + -e "s:%config%:${EROOT}/etc/webmin/config:" \ + -e "s:%perllib%:${EROOT}/usr/libexec/webmin:" \ + "${ED}/etc/init.d/webmin" \ + || die "Failed to patch the webmin init file" + + # Create the systemd service file and put the neccessary variables there + # vma, 4/8/2023 - systemd environment variable no longer has _ prefix + systemd_newunit "${FILESDIR}"/webmin.service webmin.service + sed -i \ + -e "s:%exe%:${EROOT}/usr/libexec/webmin/miniserv.pl:" \ + -e "s:%pid%:${EROOT}/var/run/webmin.pid:" \ + -e "s:%conf%:${EROOT}/etc/webmin/miniserv.conf:" \ + -e "s:%config%:${EROOT}/etc/webmin/config:" \ + -e "s:%perllib%:${EROOT}/usr/libexec/webmin:" \ + "${ED}$(systemd_get_systemunitdir)/webmin.service" \ + || die "Failed to patch the webmin systemd service file" + + # Setup pam + pamd_mimic system-auth webmin auth account session + + # Copy files to installation folder + ebegin "Copying install files to destination" + cp -pPR "${S}"/* "${ED}/usr/libexec/webmin" + eend $? +} + +pkg_preinst() { + # First stop service if running so Webmin to not messup our config + ebegin "Stopping any running Webmin instance prior merging" + if systemd_is_booted ; then + systemctl stop webmin.service 2>/dev/null + else + rc-service --ifexists -- webmin --ifstarted stop + fi + eend $? +} + +pkg_postinst() { + # Run webmin_config first - non interactively + export INTERACTIVE="no" + webmin_config + # Every next time webmin_config should be interactive + INTERACTIVE="yes" + + ewarn + ewarn "Bare in mind that not all Webmin modules are Gentoo tweaked and may have some issues." + ewarn "Always be careful when using modules that modify init entries, do update of webmin, install CPAN modules etc." + ewarn "To avoid problems, please before using any module, look at its configuration options first." + ewarn "(Usually there is a link at top in the right pane of Webmin for configuring the module.)" + ewarn + if systemd_is_booted ; then + elog "- To make Webmin start at boot time, run: 'systemctl enable webmin.service'" + else + elog "- To make Webmin start at boot time, run: 'rc-update add webmin default'" + fi + elog "- The default URL to connect to Webmin is: https://localhost:10000" + elog "- The default user that can login is: root" + elog "- To reconfigure Webmin in case of problems run 'emerge --config app-admin/webmin'" +} + +pkg_prerm() { + # First stop service if running - we do not want Webmin to mess up config + ebegin "Stopping any running Webmin instance prior unmerging" + if systemd_is_booted ; then + systemctl stop webmin.service 2>/dev/null + else + rc-service --ifexists -- webmin --ifstarted stop + fi + eend $? +} + +pkg_postrm() { + # If removing webmin completely, remind the user for the Webmin's own cron jobs. + if [[ ! ${REPLACED_BY_VERSION} ]]; then + ewarn + ewarn "You have uninstalled Webmin, so have in mind that all cron jobs scheduled" + ewarn "by Webmin for its own modules, are left active and they will fail when Webmin is missing." + ewarn "To fix this just disable them if you intend to use Webmin again," + ewarn "OR delete them if not." + ewarn + fi +} + +pkg_config(){ + webmin_config +} + +webmin_config(){ + # First stop service if running + ebegin "Stopping any running Webmin instance" + if systemd_is_booted ; then + systemctl stop webmin.service 2>/dev/null + else + rc-service --ifexists -- webmin --ifstarted stop + fi + eend $? + + # Next set the default reset variable to 'none' + # reset/_reset can be: + # 'none' - does not reset anything, just upgrades if a conf is present + # OR installs new conf if a conf is missing + # 'soft' - deletes only $config_dir/config file and thus resetting most + # conf values to their defaults. Keeps the specific Webmin cron jobs + # 'hard' - deletes all files in $config_dir (keeping the .keep_* Gentoo file) + # and thus resetting all Webmin. Deletes the specific Webmin cron jobs too. + local _reset="none" + + # If in interactive mode ask user what should we do + if [[ "${INTERACTIVE}" = "yes" ]]; then + einfo + einfo "Please enter the number of the action you would like to perform?" + einfo + einfo "1. Update configuration" + einfo " (keeps old config options and adds the new ones)" + einfo "2. Soft reset configuration" + einfo " (keeps some old config options, the other options are set to default)" + ewarn " All Webmin users will be reset" + einfo "3. Hard reset configuration" + einfo " (all options including module options are set to default)" + ewarn " You will lose all Webmin configuration options you have done till now" + einfo "4. Exit this configuration utility (default)" + while [ "$correct" != "true" ] ; do + read answer + if [[ "$answer" = "1" ]] ; then + _reset="none" + correct="true" + elif [[ "$answer" = "2" ]] ; then + _reset="soft" + correct="true" + elif [[ "$answer" = "3" ]] ; then + _reset="hard" + correct="true" + elif [ "$answer" = "4" -o "$answer" = "" ] ; then + die "User aborted configuration." + else + echo "Answer not recognized. Enter a number from 1 to 4" + fi + done + + if [[ "$_reset" = "hard" ]]; then + while [ "$sure" != "true" ] ; do + ewarn "You will lose all Webmin configuration options you have done till now." + ewarn "Are you sure you want to do this? (y/n)" + read answer + if [[ $answer =~ ^[Yy]([Ee][Ss])?$ ]] ; then + sure="true" + elif [[ $answer =~ ^[Nn]([Oo])?$ ]] ; then + die "User aborted configuration." + else + echo "Answer not recognized. Enter 'y' or 'n'" + fi + done + fi + fi + + export reset=$_reset + + # Create ssl certificate for Webmin if there is not one in the proper place + if [[ ! -e "${EROOT}/etc/ssl/webmin/server.pem" ]]; then + SSL_ORGANIZATION="${SSL_ORGANIZATION:-Webmin Server}" + SSL_COMMONNAME="${SSL_COMMONNAME:-*}" + install_cert "${EROOT}/etc/ssl/webmin/server" + fi + + # Ensure all paths passed to the setup script use EROOT + export wadir="${EROOT}/usr/libexec/webmin" + export config_dir="${EROOT}/etc/webmin" + export var_dir="${EROOT}/var/log/webmin" + export tempdir="${T}" + export pidfile="${EROOT}/var/run/webmin.pid" + export perl="$( which perl )" + export os_type='gentoo-linux' + export os_version='*' + export real_os_type='Gentoo Linux' + export real_os_version='Any version' + # Forcing 'ssl', 'no_ssl2', 'no_ssl3', 'ssl_redirect', 'no_sslcompression', + # 'ssl_honorcipherorder', 'no_tls1' and 'no_tls1_1' for tightening security + export ssl=1 + export no_ssl2=1 + export no_ssl3=1 + export ssl_redirect=1 + export ssl_honorcipherorder=1 + export no_sslcompression=1 + export no_tls1=1 + export no_tls1_1=1 + export keyfile="${EROOT}/etc/ssl/webmin/server.pem" + export port=10000 + + export atboot=0 + + einfo "Executing Webmin's configure script" + $wadir/gentoo-setup.sh + + einfo "Configuration of Webmin done" +} -- cgit v1.2.3-65-gdbad