From c307650f720584677c21b0d311ff566df8b83dfc Mon Sep 17 00:00:00 2001 From: "B. Watson" Date: Fri, 3 Aug 2018 05:57:19 +0700 Subject: network/ipxnet: Added (tunnel IPX over TCP/IP). Signed-off-by: Willy Sudiarto Raharjo --- network/ipxnet/README | 47 ++++++++++++++++++++ network/ipxnet/doinst.sh | 32 ++++++++++++++ network/ipxnet/git2tarxz.sh | 42 ++++++++++++++++++ network/ipxnet/ipxnet.SlackBuild | 94 ++++++++++++++++++++++++++++++++++++++++ network/ipxnet/ipxnet.info | 10 +++++ network/ipxnet/rc.ipxnet | 63 +++++++++++++++++++++++++++ network/ipxnet/rc.ipxnet.conf | 15 +++++++ network/ipxnet/slack-desc | 19 ++++++++ 8 files changed, 322 insertions(+) create mode 100644 network/ipxnet/README create mode 100644 network/ipxnet/doinst.sh create mode 100644 network/ipxnet/git2tarxz.sh create mode 100644 network/ipxnet/ipxnet.SlackBuild create mode 100644 network/ipxnet/ipxnet.info create mode 100644 network/ipxnet/rc.ipxnet create mode 100644 network/ipxnet/rc.ipxnet.conf create mode 100644 network/ipxnet/slack-desc (limited to 'network') diff --git a/network/ipxnet/README b/network/ipxnet/README new file mode 100644 index 0000000000000..1b7786bbf587c --- /dev/null +++ b/network/ipxnet/README @@ -0,0 +1,47 @@ +ipxnet (tunnel IPX over TCP/IP) + +Host a standalone IPX network over tcp for old DOS games running in +dosbox. + +For more information, see "https://www.dosbox.com/wiki/connectivity". Note +that the "Start IPX server" step is unnecessary when using this build +of ipxnet. + +There are two use cases for ipxnet, with two separate executables: + +- Users start the daemon as needed, and kill it when they're done. For + this, there's no need for an init script. The executable for users is + called "ipxnet". It logs to standard output only, and doesn't detach + from the terminal. The officially assigned UDP port number can't be + used, as it's port 213 and normal users can't bind to ports below 1024. + +- Persistent daemon, that starts at boot and runs until shutdown. The + executable for this is "ipxnet-system", but you don't normally run it + directly. Instead, there's an init script. To make ipxnet start at boot: + + # chmod 755 /etc/rc.d/rc.ipxnet + +...then edit /etc/rc.d/rc.local and add: + + if [ -x /etc/rc.d/rc.ipxnet ]; then + /etc/rc.d/rc.ipxnet start + fi + +The default UDP port for ipxnet-system is 213. To change this, edit +/etc/rc.d/rc.ipxnet.conf, then run "/etc/rc.d/rc.ipxnet restart" if the +daemon is already running. + +The ipxnet-system log file is /var/log/ipxnet.log. It will not be +overwritten when the package is reinstalled. + +The ipxnet-system binary is installed setuid nobody and setgid nogroup +by default. If you want to change this, set IPXUSER and/or IPXGROUP +in the SlackBuild's environment. It's a bad idea to run this as root, +since it hasn't been audited for security. If you're really paranoid, +you probably will want to create a dedicated ipxnet user and group. + +ipxnet-system also has the cap_net_bind_service capability set, meaning +it must be installed on a filesystem that supports capabilities (this +includes but is not limited to ext2/3/4 and reiserfs v3). This is required +for it to run as "nobody" yet be able to bind to low-numbered ports, +and is a much safer alternative to running it as root. diff --git a/network/ipxnet/doinst.sh b/network/ipxnet/doinst.sh new file mode 100644 index 0000000000000..5af0d51745ef4 --- /dev/null +++ b/network/ipxnet/doinst.sh @@ -0,0 +1,32 @@ + +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + rm $NEW + fi +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.ipxnet.new +config etc/rc.d/rc.ipxnet.conf.new + +# create log if missing, make sure ownership is correct. log +# will not be removed on package removal. +touch var/log/ipxnet.log +chown @IPXUSER@:@IPXGROUP@ var/log/ipxnet.log + +# 14.2 uses tar-1.15 for makepkg, can't handle capabilities, so: +[ -e /sbin/setcap] && /sbin/setcap cap_net_bind_service=epi usr/sbin/ipxnet-system diff --git a/network/ipxnet/git2tarxz.sh b/network/ipxnet/git2tarxz.sh new file mode 100644 index 0000000000000..43de757147d65 --- /dev/null +++ b/network/ipxnet/git2tarxz.sh @@ -0,0 +1,42 @@ +#!/bin/sh + +# Create source tarball from git repo, with generated version +# number. We don't include the git history in the tarball. + +# Note that this script doesn't need to be run as root. It does +# need to be able to write to the current directory it's run from. + +PRGNAM=ipxnet +CLONE_URL=https://github.com/intangir/$PRGNAM.git + +set -e + +GITDIR=$( mktemp -dt $PRGNAM.git.XXXXXX ) +rm -rf $GITDIR +git clone $CLONE_URL $GITDIR + +CWD="$( pwd )" +cd $GITDIR + +VERSION=$( git log --date=format:%Y%m%d --pretty=format:%cd.%h -n1 ) + +rm -rf .git +find . -name .gitignore -print0 | xargs -0 rm -f + +cd "$CWD" +rm -rf $PRGNAM-$VERSION $PRGNAM-$VERSION.tar.xz +mv $GITDIR $PRGNAM-$VERSION +tar cvfJ $PRGNAM-$VERSION.tar.xz $PRGNAM-$VERSION + +cat < $PKG/etc/rc.d/rc.$PRGNAM.new +cat $CWD/rc.$PRGNAM.conf > $PKG/etc/rc.d/rc.$PRGNAM.conf.new + +# doinst.sh installs blank log file, only need to include /var/log here. +mkdir -p $PKG/var/log + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a README.md $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +sed -e "s,@IPXUSER@,$IPXUSER,g" \ + -e "s,@IPXGROUP@,$IPXGROUP,g" \ + $CWD/doinst.sh > $PKG/install/doinst.sh + +# Our README includes init script instructions, include it. +cat $CWD/README > $PKG/install/README_SBo.txt + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/ipxnet/ipxnet.info b/network/ipxnet/ipxnet.info new file mode 100644 index 0000000000000..c17a1eaea5bf7 --- /dev/null +++ b/network/ipxnet/ipxnet.info @@ -0,0 +1,10 @@ +PRGNAM="ipxnet" +VERSION="20120808.0dce97e" +HOMEPAGE="https://github.com/intangir/ipxnet" +DOWNLOAD="http://urchlay.naptime.net/~urchlay/src/ipxnet-20120808.0dce97e.tar.xz" +MD5SUM="a6bebe9513240e145285e4526ea3114c" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +REQUIRES="" +MAINTAINER="B. Watson" +EMAIL="yalhcru@gmail.com" diff --git a/network/ipxnet/rc.ipxnet b/network/ipxnet/rc.ipxnet new file mode 100644 index 0000000000000..22733ce0e8a3f --- /dev/null +++ b/network/ipxnet/rc.ipxnet @@ -0,0 +1,63 @@ +#!/bin/sh + +# "Simple" init script for SBo ipxnet, by B. Watson . If +# you need something fancier (multiple instances of ipxnet), feel free +# to implement it here and send me the updated script. I'll add it to +# the SBo build. + +# Note that ipxnet daemonizes itself immediately (before even checking if +# it got the right number of command line arguments) and doesn't create a +# PID file. Trying to capture the PID of the just-spawned ipxnet process +# in this script is problematic, so I didn't bother with a PID file. We +# can't even capture error messages (because it closed its stdout/stderr). + +# The default settings: +IPXPORT=19900 + +# If config file found, source it (can override IPXPORT) +[ -e /etc/rc.d/rc.ipxnet.conf ] && source /etc/rc.d/rc.ipxnet.conf + +ok_fail() { + if [ "$?" = "0" ]; then + echo "OK" + exit 0 + else + echo "FAIL" + exit 1 + fi +} + +# returns success if an ipxnet process is listening on our port. +is_running() { + lsof +c 0 -i 4UDP:$IPXPORT | grep -q ipxnet-system +} + +# ipxnet doesn't exit with error status if it fails to start. So we have +# to check whether it started or not... we wait up to 20 sec or so, then +# give up. +check_start() { + for i in 0.2 0.5 1 3 6 10; do + sleep $i + is_running && return 0 + done + return 1 +} + +case "${1:-start}" in + start) + echo -n "Starting ipxnet on UDP port $IPXPORT: " + if is_running; then + echo "Already running!" + exit 1 + fi + /usr/sbin/ipxnet-system $IPXPORT + check_start + ok_fail + ;; + + stop) echo -n "Stopping ipxnet: "; killall ipxnet-system ; ok_fail ;; + + restart) $0 stop ; sleep 1; exec $0 start ;; + + *) echo "Usage: $0 stop|stop|restart" +esac diff --git a/network/ipxnet/rc.ipxnet.conf b/network/ipxnet/rc.ipxnet.conf new file mode 100644 index 0000000000000..bc9bfa34a0e16 --- /dev/null +++ b/network/ipxnet/rc.ipxnet.conf @@ -0,0 +1,15 @@ +# Config file for SBo ipxnet startup script, by B. Watson . + +# ipxnet-system binary runs setuid nobody by default, but has the +# cap_net_bind_service capability set. This gives the ipxnet-system +# process the capability to open low-numbered ports (any port < 1024), +# which could be a security concern: if ipxnet can be exploited, the +# exploit code could listen on e.g. the ssh or http port. The alternative +# (running ipxnet with root privileges) is much worse though: the exploit +# code could do *anything* in that case. + +# The official assigned port number: +IPXPORT=213 + +# The port number from the DOSBox examples: +# IPXPORT=19900 diff --git a/network/ipxnet/slack-desc b/network/ipxnet/slack-desc new file mode 100644 index 0000000000000..54274192e95ec --- /dev/null +++ b/network/ipxnet/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +ipxnet: ipxnet (tunnel IPX over TCP/IP) +ipxnet: +ipxnet: Host a standalone IPX network over tcp for old DOS games running +ipxnet: in dosbox. +ipxnet: +ipxnet: +ipxnet: +ipxnet: +ipxnet: +ipxnet: +ipxnet: -- cgit v1.2.3