From f21e9ee2d0b0544d499f53b89de5eb2c83e86951 Mon Sep 17 00:00:00 2001 From: Rene Wagner Date: Sat, 12 Aug 2006 18:52:28 +0200 Subject: [PATCH] gpe-shield: don't install setuid root. clean up init script. Signed-off-by: Rene Wagner --- .../packages/gpe-shield/gpe-shield_0.9.bb | 14 ++++-- .../packages/gpe-shield/ipshield | 50 +++++++++++++++++++ 2 files changed, 61 insertions(+), 3 deletions(-) create mode 100755 org.handhelds.familiar/packages/gpe-shield/ipshield diff --git a/org.handhelds.familiar/packages/gpe-shield/gpe-shield_0.9.bb b/org.handhelds.familiar/packages/gpe-shield/gpe-shield_0.9.bb index fd1d2c4..aa7ce6f 100644 --- a/org.handhelds.familiar/packages/gpe-shield/gpe-shield_0.9.bb +++ b/org.handhelds.familiar/packages/gpe-shield/gpe-shield_0.9.bb @@ -1,11 +1,19 @@ -PR = "r0" +PR = "r1" LICENSE = "GPL" DEPENDS = "libgpewidget iptables virtual/kernel" -RDEPENDS = "iptables" +RDEPENDS = "gpe-su iptables" RRECOMMENDS = "kernel-module-ipt-state" SECTION = "gpe" MAINTAINER = "Florian Boor " DESCRIPTION = "GPE network security tool" -inherit gpe pkgconfig +inherit gpe + +SRC_URI += "file://ipshield" + +do_install_append () { + chmod 0755 ${D}${bindir}/gpe-shield + sed -i -e 's:Exec=gpe:Exec=gpe-su -c ${bindir}/gpe:' ${D}${datadir}/applications/${PN}.desktop + install -m 0755 ${WORKDIR}/ipshield ${D}${sysconfdir}/init.d +} diff --git a/org.handhelds.familiar/packages/gpe-shield/ipshield b/org.handhelds.familiar/packages/gpe-shield/ipshield new file mode 100755 index 0000000..41160c0 --- /dev/null +++ b/org.handhelds.familiar/packages/gpe-shield/ipshield @@ -0,0 +1,50 @@ +#! /bin/sh +# +# Startup script for gpe firewall engine. +# Based on debian skeleton. +# + +set -e + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +GPE_SHIELD=/usr/bin/gpe-shield +IPTABLES=/usr/sbin/iptables +NAME=gpe-shield +DESC="GPE desktop firewall" + +SCRIPTNAME=/etc/init.d/$NAME + +# Gracefully exit if the package has been removed. +test -x $GPE_SHIELD || exit 0 + +# Read config file if it is present. +#if [ -r /etc/default/$NAME ] +#then +# . /etc/default/$NAME +#fi + + +case "$1" in + start) + test -f /etc/access.conf || exit 0 + + echo -n "Starting $DESC: $NAME" + if [ -f /etc/gpe/gpe-shield-load ] + then + $GPE_SHIELD --activate > /dev/null && echo -n " done" + else + echo -n " deactivated" + fi + echo "." + ;; + stop) + echo -n "Stopping $DESC: $NAME" + ($IPTABLES --flush && $IPTABLES -P INPUT ACCEPT) > /dev/null && echo "." + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop}" >&2 + exit 1 + ;; +esac + +exit 0 -- 2.41.1