diff options
Diffstat (limited to 'app-admin')
-rw-r--r-- | app-admin/webmin/Manifest | 6 | ||||
-rw-r--r-- | app-admin/webmin/files/gentoo-setup-2.021 | 438 | ||||
-rw-r--r-- | app-admin/webmin/files/init.d.webmin | 86 | ||||
-rw-r--r-- | app-admin/webmin/files/webmin.service | 18 | ||||
-rw-r--r-- | app-admin/webmin/webmin-2.021.ebuild | 314 |
5 files changed, 862 insertions, 0 deletions
diff --git a/app-admin/webmin/Manifest b/app-admin/webmin/Manifest new file mode 100644 index 0000000..198114b --- /dev/null +++ b/app-admin/webmin/Manifest @@ -0,0 +1,6 @@ +AUX gentoo-setup-2.021 13727 BLAKE2B dca9dadd5775006f5bfbeee870723db8806a2236c984e2b4cec70031101f97fc5d4e1e1fd9219f27cdaa31ee860d247f71a01180b392154c16ca6554b1f73483 SHA512 fa6fde84eb9a16fea5d019fd920aed2a2f5dd51e5f32fa407fd1c424a0627eaafab7cd3b572a57e4f97e06ce5b6b5a7373ac377776a474a8512e077130eadc6e +AUX init.d.webmin 2167 BLAKE2B b90957ca4273ccc6deb35837704523361c3ed8b61034cb067919dffeabd7a8e6153ab2deceffc7745b209ffe8c6b52ad8fd391aa76591a9870c5f8f60223fb64 SHA512 deedded42854f4b29b28f24afec5171c4ee0f3301c4a0f4f9442f1c39b2aac39490315049641ed0b60182bdeb88d3f8d34672a707f95ecfa755d03d7f4dff49b +AUX webmin.service 416 BLAKE2B aef00b0f948286c54736613e37f114e6ffd90453cc6eadc3afffe7fa114df4e6a8b91e4f02da6fdfaa3eb2f57254e5e6785b201d0461f28839742cc13d883816 SHA512 7cf86342db3d34cbe39b62fa768660ba7dd160d9c0d113ef6a3a176187fa0c72531bed38e3203cf627ab05c1ac4d9a8b9e829d1baa9739d63dfa74f09c445f1e +DIST webmin-2.021-minimal.tar.gz 4095583 BLAKE2B 46121251e8225a2728f7c252851e32e27df5cbd896d29a82d4ed2fb62f2395a404dfe500797cdfeeeaf5528c55488b534e097ab2e6241cdb8bfa38aeb3455f9f SHA512 4f353be75d1a8e298eea3d6a881a6ff6b41bec77021ca54101793922ddfc6d4572b926b5c20768c207f0112d4e23ca1289fd2ffed1cb266a57a2db2a0a7e751d +DIST webmin-2.021.tar.gz 46950175 BLAKE2B a75b9e0a4696c6db012a7eb6c8df6ac52b6551fd25a4ee7d6ba669477949a495c7fa45dc8f47ebcd78a5f84c3c312a4471941c3224989faca3769fd938108d46 SHA512 d7fbe5507a5baa7e840a48c1bf436dd96edf42d5d474ddde2c9437b872bbb20f2ff92fb0bd49c8df4ce0525cb81ce3894f0ed9197924cafe2094481264dfd47e +EBUILD webmin-2.021.ebuild 10395 BLAKE2B 88aee7c0d31b4d916157f51f5faac7462dc4e295ce24f2792d3be819f79196cf40a09dee5003bce34dc0ab5f7e98ef52bd95d3454b89b1701e6a6c5de3f5cb59 SHA512 ce9a5e0632827decf7b7f226e45288e3dd8f96eb0b38d75c6dd6d52af338ec354a784be63a0104913ac616ce0f7b5759c9cd8fdef40b4fa3576b99388514def5 diff --git a/app-admin/webmin/files/gentoo-setup-2.021 b/app-admin/webmin/files/gentoo-setup-2.021 new file mode 100644 index 0000000..680dfbb --- /dev/null +++ b/app-admin/webmin/files/gentoo-setup-2.021 @@ -0,0 +1,438 @@ +#!/bin/sh +# gentoo-setup.sh +# +# Version 1.2 +# +# A modified original Webmin setup.sh script to comply with Gentoo specifics +# +# Modification done by: PhobosK <phobosk@kbfx.net> +# +# This script runs after the webmin archive is installed, and in the pkg_config() phase. +# It does setup the various config files of Webmin depending on if it is +# a new install, an upgrade or a reset. + +LANG= +export LANG + +if [ -z ${wadir} ]; then + echo "You can't run this script outside of the 'emerge --config app-admin/webmin' command." + exit 1 +fi + +# All things we do is from the Webmin install dir - $wadir +cd $wadir + + +# Are we hard resetting everything? +# If yes, we do: +# 1. Run the specific Webmin $wadir/run-uninstalls.pl +# It runs all uninstall.pl files in every module's folder. +# They delete all the set specific Webmin cron jobs. +# If bumping you should go through these files using the command: +# find . -name uninstall.pl -exec cat {} \; -print +# 2. Delete the whole /etc/webmin content, keeping only the gentoo .keep_* files +if [ "$reset" = "hard" ]; then + echo "Running Webmin's specific uninstall procedures.. (Please ignore any possible errors)" + (WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir LANG= "$wadir/run-uninstalls.pl") + echo "..done" + echo "" + + echo "Deleting the content of user's config folder: $config_dir .." + find $config_dir ! -name '.keep_*' -delete 2>/dev/null + echo "..done" + echo "" +fi + + +# Are we soft resetting? +# If yes we do: +# - Delete the $config_dir/config file so we get new config values +if [ "$reset" = "soft" ]; then + echo "Deleting the user's $config_dir/config file.." + if [ -f "$config_dir/config" ]; then + rm -f "$config_dir/config" + fi + echo "..done" + echo "" +fi + + +# Get all available modules of this version +allmods=`echo */module.info | sed -e 's/\/module.info//g'` + +# Get current Webmin version +ver=`cat "$wadir/version"` + +if [ -r "$config_dir/config" ]; then + upgrading=1 +fi + + +# Check if upgrading from an old version +if [ "$upgrading" = 1 ]; then + echo "Updating existant Webmin's config files.." + + # Get current var path + if [ -r "$config_dir/var-path" ]; then + _var_dir=`cat $config_dir/var-path` + if [ -n ${_var_dir} ]; then + var_dir=${_var_dir} + fi + fi + + # Get current perl path + if [ -r "$config_dir/perl-path" ]; then + _perl=`cat $config_dir/perl-path` + if [ -n ${_perl} ]; then + perl=${_perl} + fi + fi + + # Get old os name and version + os_type=`grep "^os_type=" $config_dir/config | sed -e 's/os_type=//g'` + os_version=`grep "^os_version=" $config_dir/config | sed -e 's/os_version=//g'` + real_os_type=`grep "^real_os_type=" $config_dir/config | sed -e 's/real_os_type=//g'` + real_os_version=`grep "^real_os_version=" $config_dir/config | sed -e 's/real_os_version=//g'` + + # Get port, ssl, no_ssl2, no_ssl3, ssl_redirect, no_sslcompression, ssl_honorcipherorder, no_tls1, no_tls1_1 and keyfile + port=`grep "^port=" $config_dir/miniserv.conf | sed -e 's/port=//g'` + ssl=`grep "^ssl=" $config_dir/miniserv.conf | sed -e 's/ssl=//g'` + no_ssl2=`grep "^no_ssl2=" $config_dir/miniserv.conf | sed -e 's/no_ssl2=//g'` + no_ssl3=`grep "^no_ssl3=" $config_dir/miniserv.conf | sed -e 's/no_ssl3=//g'` + ssl_redirect=`grep "^ssl_redirect=" $config_dir/miniserv.conf | sed -e 's/ssl_redirect=//g'` + ssl_honorcipherorder=`grep "^ssl_honorcipherorder=" $config_dir/miniserv.conf | sed -e 's/ssl_honorcipherorder=//g'` + no_sslcompression=`grep "^no_sslcompression=" $config_dir/miniserv.conf | sed -e 's/no_sslcompression=//g'` + no_tls1=`grep "^no_tls1=" $config_dir/miniserv.conf | sed -e 's/no_tls1=//g'` + no_tls1_1=`grep "^no_tls1_1=" $config_dir/miniserv.conf | sed -e 's/no_tls1_1=//g'` + keyfile=`grep "^keyfile=" $config_dir/miniserv.conf | sed -e 's/keyfile=//g'` + + # Update ACLs + $perl "$wadir/newmods.pl" $config_dir $allmods + + # Update miniserv.conf with new root directory, mime types file and server info + grep -v "^root=" $config_dir/miniserv.conf | grep -v "^mimetypes=" | grep -v "^server=" >$tempdir/$$.miniserv.conf + mv $tempdir/$$.miniserv.conf $config_dir/miniserv.conf + echo "root=$wadir" >> $config_dir/miniserv.conf + echo "mimetypes=$wadir/mime.types" >> $config_dir/miniserv.conf + echo "server=MiniServ/$ver" >> $config_dir/miniserv.conf + grep logout= $config_dir/miniserv.conf >/dev/null + if [ $? != "0" ]; then + echo "logout=$config_dir/logout-flag" >> $config_dir/miniserv.conf + fi + + # Remove old cache of module infos + rm -f $config_dir/module.infos.cache + echo "..done" + echo "" +else + # Create webserver's new config files + echo "Creating Webmin's new config files.." + + echo $perl > $config_dir/perl-path + echo $var_dir > $config_dir/var-path + + # Create a totally new conf file + cfile=$config_dir/miniserv.conf + echo "port=$port" > $cfile + echo "root=$wadir" >> $cfile + echo "mimetypes=$wadir/mime.types" >> $cfile + echo "addtype_cgi=internal/cgi" >> $cfile + echo "realm=Webmin Server" >> $cfile + echo "logfile=$var_dir/miniserv.log" >> $cfile + echo "errorlog=$var_dir/miniserv.error" >> $cfile + echo "pidfile=$pidfile" >> $cfile + echo "logtime=168" >> $cfile + echo "ppath=$ppath" >> $cfile + echo "ssl=$ssl" >> $cfile + echo "no_ssl2=$no_ssl2" >> $cfile + echo "no_ssl3=$no_ssl3" >> $cfile + echo "ssl_redirect=$ssl_redirect" >> $cfile + echo "ssl_honorcipherorder=$ssl_honorcipherorder" >> $cfile + echo "no_sslcompression=$no_sslcompression" >> $cfile + echo "no_tls1=$no_tls1" >> $cfile + echo "no_tls1_1=$no_tls1_1" >> $cfile + echo "keyfile=$keyfile" >> $cfile + echo "env_WEBMIN_CONFIG=$config_dir" >> $cfile + echo "env_WEBMIN_VAR=$var_dir" >> $cfile + echo "atboot=$atboot" >> $cfile + echo "logout=$config_dir/logout-flag" >> $cfile + echo "listen=10000" >> $cfile + echo "denyfile=\\.pl\$" >> $cfile + echo "log=1" >> $cfile + echo "blockhost_failures=5" >> $cfile + echo "blockhost_time=60" >> $cfile + echo "syslog=1" >> $cfile + echo "session=1" >> $cfile + echo "premodules=WebminCore" >> $cfile + echo "server=MiniServ/$ver" >> $cfile + + # Append package-specific info to config file. + # miniserv-conf can be created by upstream or by us in src_install phase (see there). + if [ -f "$wadir/miniserv-conf" ]; then + cat "$wadir/miniserv-conf" >>$cfile + fi + + # Create the default user allowed to login - root only + login="root" + + if [ -r /etc/shadow ]; then + #crypt=`grep "^root:" /etc/shadow | cut -f 2 -d :` + crypt=x + else + crypt=`grep "^root:" /etc/passwd | cut -f 2 -d :` + fi + + ufile=$config_dir/miniserv.users + echo "$login:$crypt:0" > $ufile + chmod 600 $ufile + + + echo "userfile=$ufile" >> $cfile + chmod 600 $cfile + echo "..done" + echo "" + + echo "Creating access control file.." + afile=$config_dir/webmin.acl + echo "$login: $allmods" > $afile + chmod 600 $afile + echo "..done" + echo "" +fi + + +# Create start, stop, restart and reload Gentoo compliant Webmin scripts +# We use sys-apps/openrc functions which is already pulled by sys-apps/baselayout +# or systemctl if we run under systemd +echo "Creating start and stop scripts.." +rm -f $config_dir/{start,stop,restart,reload} + +# The start script in /etc/webmin (Gentoo compliant) +cat <<END >>"$config_dir/start" +#!/bin/sh + +if [ ! -f "${pidfile}" ]; then + if [[ -d /run/systemd/system ]] ; then + systemctl start webmin.service + else + rc-service --ifexists -- webmin start + fi +fi +END + +# The stop script in /etc/webmin (Gentoo compliant) +cat <<END >>"$config_dir/stop" +#!/bin/sh + +if [[ -d /run/systemd/system ]] ; then + systemctl stop webmin.service +else + rc-service --ifexists -- webmin --ifstarted stop +fi +END + +# The restart script in /etc/webmin (Gentoo compliant) +cat <<END >>"$config_dir/restart" +#!/bin/sh + +if [[ -d /run/systemd/system ]] ; then + systemctl try-restart webmin.service +else + rc-service --ifexists -- webmin --ifstarted restart +fi +END + +# The reload script in /etc/webmin (Gentoo compliant) +cat <<END >>"$config_dir/reload" +#!/bin/sh + +if [[ -d /run/systemd/system ]] ; then + systemctl reload-or-try-restart webmin.service +else + rc-service --ifexists -- webmin --ifstarted reload +fi +END + +chmod 755 $config_dir/{start,stop,restart,reload} +echo "..done" +echo "" + + +if [ "$upgrading" = 1 ]; then + echo "Updating other config files.." +else + echo "Copying other config files.." +fi + +# This just copies and merges the Webmin's release config files, with user's in the /etc/webmin folder +newmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods` +if [ "$upgrading" != 1 ]; then + # Store the OS and version + echo "os_type=$os_type" >> $config_dir/config + echo "os_version=$os_version" >> $config_dir/config + echo "real_os_type=$real_os_type" >> $config_dir/config + echo "real_os_version=$real_os_version" >> $config_dir/config + + # Turn on logging by default + echo "log=1" >> $config_dir/config + + # Disallow unknown referers by default + echo "referers_none=1" >>$config_dir/config +else + # one-off hack to set log variable in config from miniserv.conf + grep log= $config_dir/config >/dev/null + if [ "$?" = "1" ]; then + grep log= $config_dir/miniserv.conf >> $config_dir/config + grep logtime= $config_dir/miniserv.conf >> $config_dir/config + grep logclear= $config_dir/miniserv.conf >> $config_dir/config + fi + + # Disallow unknown referers if not set + grep referers_none= $config_dir/config >/dev/null + if [ "$?" != "0" ]; then + echo "referers_none=1" >>$config_dir/config + fi +fi +echo $ver > $config_dir/version +echo "..done" +echo "" + +# Set passwd_ fields in miniserv.conf from global config +for field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do + grep $field= $config_dir/miniserv.conf >/dev/null + if [ "$?" != "0" ]; then + grep $field= $config_dir/config >> $config_dir/miniserv.conf + fi +done +grep passwd_mode= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo passwd_mode=0 >> $config_dir/miniserv.conf +fi + +grep ssl_honorcipherorder= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo ssl_honorcipherorder=1 >> $config_dir/miniserv.conf +fi + +# Disable SSL compression to defeat BEAST attack +grep no_sslcompression= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_sslcompression=1 >> $config_dir/miniserv.conf +fi + +# Tighten SSL security +grep no_ssl2= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_ssl2=1 >> $config_dir/miniserv.conf +fi + +grep no_ssl3= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_ssl3=1 >> $config_dir/miniserv.conf +fi + +grep no_tls1= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_tls1=1 >> $config_dir/miniserv.conf +fi + +grep no_tls1_1= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo no_tls1_1=1 >> $config_dir/miniserv.conf +fi + +# Make Perl crypt MD5 the default +grep md5pass= $config_dir/config >/dev/null +if [ "$?" != "0" ]; then + echo md5pass=1 >> $config_dir/config +fi + +# Set a special theme if none was set before +if [ "$theme" = "" ]; then + theme=`cat "$wadir/defaulttheme" 2>/dev/null` +fi +oldthemeline=`grep "^theme=" $config_dir/config` +oldtheme=`echo $oldthemeline | sed -e 's/theme=//g'` +if [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then + themelist=$theme +fi + +# Set a special overlay if none was set before +if [ "$overlay" = "" ]; then + overlay=`cat "$wadir/defaultoverlay" 2>/dev/null` +fi +if [ "$overlay" != "" ] && [ "$theme" != "" ] && [ -d "$wadir/$overlay" ]; then + themelist="$themelist $overlay" +fi + +# Apply the theme and maybe overlay +if [ "$themelist" != "" ]; then + echo "theme=$themelist" >> $config_dir/config + echo "preroot=$themelist" >> $config_dir/miniserv.conf +fi + +# If the old blue-theme is still in use, change it (new in 1.730) +oldtheme=`grep "^theme=" $config_dir/config | sed -e 's/theme=//g'` +if [ "$oldtheme" = "blue-theme" ]; then + sed -i -e 's/theme=blue-theme/theme=gray-theme/g' $config_dir/config + sed -i -e 's/preroot=blue-theme/preroot=gray-theme/g' $config_dir/miniserv.conf +fi + +# Set the product field in the global config +grep product= $config_dir/config >/dev/null +if [ "$?" != "0" ]; then + echo product=webmin >> $config_dir/config +fi + +# If password delays are not specifically disabled, enable them +grep passdelay= $config_dir/miniserv.conf >/dev/null +if [ "$?" != "0" ]; then + echo passdelay=1 >> $config_dir/miniserv.conf +fi + + +echo "Changing ownership and permissions.." +# Make all config dirs non-world-readable +for m in $newmods; do + chown -R root:root $config_dir/$m + chmod -R og-rw $config_dir/$m +done + +# Make miniserv config files non-world-readable +for f in miniserv.conf miniserv.users; do + chown -R root:root $config_dir/$f + chmod -R og-rw $config_dir/$f +done +chmod +r $config_dir/version + +# Fix up bad permissions from some older installs +for m in ldap-client ldap-server ldap-useradmin mailboxes mysql postgresql servers virtual-server; do + if [ -d "$config_dir/$m" ]; then + chown root:root $config_dir/$m + chmod og-rw $config_dir/$m + chmod og-rw $config_dir/$m/config 2>/dev/null + fi +done +echo "..done" +echo "" + + +# This executes all postinstall.pl for every module +# If you do bump, you should look at the specific changes they do with this command in root folder: +# find . -name postinstall.pl -exec cat {} \; -print +# Generally they are safe to run 'cause they change only user's config in /etc/webmin +# or setup some cron jobs +if [ "$nopostinstall" = "" ]; then + echo "Running postinstall scripts.. (Please ignore any possible errors)" + (cd "$wadir" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/run-postinstalls.pl") + echo "..done" + echo "" +fi + +# Enable background collection +if [ "$upgrading" != 1 -a -r $config_dir/system-status/enable-collection.pl ]; then + echo "Enabling background status collection.. (Please ignore any possible errors)" + $config_dir/system-status/enable-collection.pl 5 + echo "..done" + echo "" +fi diff --git a/app-admin/webmin/files/init.d.webmin b/app-admin/webmin/files/init.d.webmin new file mode 100644 index 0000000..a1a431d --- /dev/null +++ b/app-admin/webmin/files/init.d.webmin @@ -0,0 +1,86 @@ +#!/sbin/openrc-run +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + + +# We do not give a choice to user for configuring these 'cause it will mess up +# Webmin's configuration +WEBMIN_EXE="%exe%" +WEBMIN_PID="%pid%" +WEBMIN_CONF="%conf%" +WEBMIN_CONFIG="%config%" + +extra_started_commands="reload" + +depend() { + use net logger +} + +checkconfig() { + # Check if Webmin setup has been done + if [ ! -f ${WEBMIN_CONFIG} ]; then + eerror "Error in Webmin's configuration. The ${WEBMIN_CONFIG} is not present." + eerror "Please run 'emerge --config app-admin/webmin' to fix this." + return 1 + fi + + # Check if ssl cert is present + local key ssl + key=`grep "^keyfile=" ${WEBMIN_CONF} | sed -e 's/keyfile=//g'` + ssl=`grep "^ssl=" ${WEBMIN_CONF} | sed -e 's/ssl=//g'` + + if [ ! -f "${key}" ] ; then + if [ "${ssl}" = "0" ]; then + ewarn "Your SSL certificate is not present." + ewarn "Please either fix the path in the 'keyfile=' option of your ${WEBMIN_CONF}" + ewarn "OR run 'emerge --config app-admin/webmin'" + else + eerror "Error in Webmin's configuration. No SSL certificate is present." + eerror "Please either fix the path in the 'keyfile=' option of your ${WEBMIN_CONF}" + eerror "OR change the 'ssl=' option of your ${WEBMIN_CONF} to 'ssl=0'" + eerror "OR run 'emerge --config app-admin/webmin'" + return 1 + fi + fi + + return 0 +} + +reload() { + if [ ! -f "${WEBMIN_PID}" ]; then + eerror "Webmin is not running" + return 1 + fi + + checkconfig || return 1 + + ebegin "Reloading Webmin's configuration files" + start-stop-daemon --signal USR1 --pidfile "$WEBMIN_PID" + eend $? +} + +start() { + checkconfig || return 1 + ebegin "Starting Webmin" + + start-stop-daemon --start --background --interpreted \ + --env LANG= \ + --env PERLLIB="%perllib%" \ + --exec "$WEBMIN_EXE" \ + --pidfile "$WEBMIN_PID" \ + -- "$WEBMIN_CONF" + eend $? + # Leave time to spawn, so no stop is received while spawning + sleep 3 +} + +stop() { + ebegin "Stopping Webmin" + start-stop-daemon --stop --interpreted --quiet \ + --exec "$WEBMIN_EXE" \ + --pidfile "$WEBMIN_PID" + eend $? + # Leave time to stop because of the scripts that use this + sleep 3 +} diff --git a/app-admin/webmin/files/webmin.service b/app-admin/webmin/files/webmin.service new file mode 100644 index 0000000..5bec85b --- /dev/null +++ b/app-admin/webmin/files/webmin.service @@ -0,0 +1,18 @@ +[Unit] +Description=Webmin Administration Tool +After=network.target remote-fs.target nss-lookup.target +ConditionFileNotEmpty=%config% +ConditionFileNotEmpty=%conf% + +[Service] +RemainAfterExit=yes +KillMode=mixed +# Webmin is exiting with 1 on SIGTERM +SuccessExitStatus=1 +ExecStart=%exe% %conf% +PIDFile=%pid% +Environment="PERLLIB=%perllib%" LANG= +ExecReload=/bin/kill -USR1 $MAINPID + +[Install] +WantedBy=multi-user.target diff --git a/app-admin/webmin/webmin-2.021.ebuild b/app-admin/webmin/webmin-2.021.ebuild new file mode 100644 index 0000000..6c9c84b --- /dev/null +++ b/app-admin/webmin/webmin-2.021.ebuild @@ -0,0 +1,314 @@ +# Copyright 2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit pam systemd + +DESCRIPTION="A web-based Unix systems administration interface" +HOMEPAGE="http://www.webmin.com/" +RESTRICT="mirror" +SRC_URI="minimal? ( mirror://sourceforge/webadmin/${P}-minimal.tar.gz ) + !minimal? ( mirror://sourceforge/webadmin/${P}.tar.gz )" + +LICENSE="BSD GPL-2" +SLOT="0" + +KEYWORDS="~amd64 ~x86" + +IUSE="minimal mysql postgres ldap" +REQUIRED_USE="minimal? ( !mysql !postgres !ldap )" + +# All the required perl modules can be found easily using (in Webmin's root src dir): +# find . -name cpan_modules.pl -exec grep "::" {} \; +# NOTE: If Webmin doesn't find the required perl modules, it offers(runtime) the user +# to install them using the in-built cpan module, and this will mess up perl on the system +# That's why some modules are forced without a use flag +# NOTE: pam, ssl and dnssec-tools deps are forced for security and Gentoo compliance installation reasons +DEPEND="virtual/perl-MIME-Base64 + virtual/perl-Socket + virtual/perl-Sys-Syslog + virtual/perl-Time-HiRes + virtual/perl-Time-Local + dev-perl/Authen-Libwrap + dev-perl/IO-Tty + dev-perl/MD5 + dev-perl/Net-SSLeay + dev-perl/Authen-PAM + dev-perl/Sys-Hostname-Long + >=net-dns/dnssec-tools-1.13 + !minimal? ( + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + ldap? ( dev-perl/perl-ldap ) + dev-perl/XML-Generator + dev-perl/XML-Parser + ) +" +RDEPEND="${DEPEND}" + +src_prepare() { + default + + local perl="$( which perl )" + + # Remove the unnecessary and incompatible files + rm -rf acl/Authen-SolarisRBAC-0.1* + if ! use minimal ; then + rm -rf {format,{bsd,hpux,sgi}exports,zones,rbac} + rm -f mount/{free,net,open}bsd-mounts* + rm -f mount/macos-mounts* + fi + + # For security reasons remove the SSL certificate that comes with Webmin + # We will create our own later + rm -f miniserv.pem + + # Remove the Webmin setup scripts to avoid Webmin in runtime to mess up config + # We will use our own later + rm -f setup.{sh,pl} + + # Set the installation type/mode to Gentoo + echo "gentoo" > install-type + + # Fix the permissions of the install files + chmod -R og-w "${S}" + + # Since we should not modify any files after install + # we set the perl path in all cgi and pl files here using Webmin's routines + # The pl file is Prefix safe and works only on provided input, no other filesystem files + ebegin "Fixing perl path in source files" + (find "${S}" -name '*.cgi' -print ; find "${S}" -name '*.pl' -print) | $perl "${S}"/perlpath.pl $perl - + eend $? +} + +src_install() { + # Create config dir and keep + diropts -m0755 + dodir /etc/webmin + keepdir /etc/webmin + + # Create install dir + # Third party modules installed through Webmin go here too, so keep + dodir /usr/libexec/webmin + keepdir /usr/libexec/webmin + + # Copy our own setup script to installation folder + insinto /usr/libexec/webmin + newins "${FILESDIR}"/gentoo-setup-${PV} gentoo-setup.sh + fperms 0744 /usr/libexec/webmin/gentoo-setup.sh + + # This is here if we ever want in future ebuilds to add some specific + # config values in the /etc/webmin/miniserv.conf + # The format of this file should be the same as the one of miniserv.conf: + # var=value + # + # Uncomment it if you use such file. Before that check if upstream + # has this file in root dir too. + #newins "${FILESDIR}/miniserv-conf" miniserv-conf + + # Create the log dir and keep + diropts -m0700 + dodir /var/log/webmin + keepdir /var/log/webmin + + # Create the init.d file and put the neccessary variables there + newinitd "${FILESDIR}"/init.d.webmin webmin + sed -i \ + -e "s:%exe%:${EROOT}/usr/libexec/webmin/miniserv.pl:" \ + -e "s:%pid%:${EROOT}/var/run/webmin.pid:" \ + -e "s:%conf%:${EROOT}/etc/webmin/miniserv.conf:" \ + -e "s:%config%:${EROOT}/etc/webmin/config:" \ + -e "s:%perllib%:${EROOT}/usr/libexec/webmin:" \ + "${ED}/etc/init.d/webmin" \ + || die "Failed to patch the webmin init file" + + # Create the systemd service file and put the neccessary variables there + # vma, 4/8/2023 - systemd environment variable no longer has _ prefix + systemd_newunit "${FILESDIR}"/webmin.service webmin.service + sed -i \ + -e "s:%exe%:${EROOT}/usr/libexec/webmin/miniserv.pl:" \ + -e "s:%pid%:${EROOT}/var/run/webmin.pid:" \ + -e "s:%conf%:${EROOT}/etc/webmin/miniserv.conf:" \ + -e "s:%config%:${EROOT}/etc/webmin/config:" \ + -e "s:%perllib%:${EROOT}/usr/libexec/webmin:" \ + "${ED}$(systemd_get_systemunitdir)/webmin.service" \ + || die "Failed to patch the webmin systemd service file" + + # Setup pam + pamd_mimic system-auth webmin auth account session + + # Copy files to installation folder + ebegin "Copying install files to destination" + cp -pPR "${S}"/* "${ED}/usr/libexec/webmin" + eend $? +} + +pkg_preinst() { + # First stop service if running so Webmin to not messup our config + ebegin "Stopping any running Webmin instance prior merging" + if systemd_is_booted ; then + systemctl stop webmin.service 2>/dev/null + else + rc-service --ifexists -- webmin --ifstarted stop + fi + eend $? +} + +pkg_postinst() { + # Run webmin_config first - non interactively + export INTERACTIVE="no" + webmin_config + # Every next time webmin_config should be interactive + INTERACTIVE="yes" + + ewarn + ewarn "Bare in mind that not all Webmin modules are Gentoo tweaked and may have some issues." + ewarn "Always be careful when using modules that modify init entries, do update of webmin, install CPAN modules etc." + ewarn "To avoid problems, please before using any module, look at its configuration options first." + ewarn "(Usually there is a link at top in the right pane of Webmin for configuring the module.)" + ewarn + if systemd_is_booted ; then + elog "- To make Webmin start at boot time, run: 'systemctl enable webmin.service'" + else + elog "- To make Webmin start at boot time, run: 'rc-update add webmin default'" + fi + elog "- The default URL to connect to Webmin is: https://localhost:10000" + elog "- The default user that can login is: root" + elog "- To reconfigure Webmin in case of problems run 'emerge --config app-admin/webmin'" +} + +pkg_prerm() { + # First stop service if running - we do not want Webmin to mess up config + ebegin "Stopping any running Webmin instance prior unmerging" + if systemd_is_booted ; then + systemctl stop webmin.service 2>/dev/null + else + rc-service --ifexists -- webmin --ifstarted stop + fi + eend $? +} + +pkg_postrm() { + # If removing webmin completely, remind the user for the Webmin's own cron jobs. + if [[ ! ${REPLACED_BY_VERSION} ]]; then + ewarn + ewarn "You have uninstalled Webmin, so have in mind that all cron jobs scheduled" + ewarn "by Webmin for its own modules, are left active and they will fail when Webmin is missing." + ewarn "To fix this just disable them if you intend to use Webmin again," + ewarn "OR delete them if not." + ewarn + fi +} + +pkg_config(){ + webmin_config +} + +webmin_config(){ + # First stop service if running + ebegin "Stopping any running Webmin instance" + if systemd_is_booted ; then + systemctl stop webmin.service 2>/dev/null + else + rc-service --ifexists -- webmin --ifstarted stop + fi + eend $? + + # Next set the default reset variable to 'none' + # reset/_reset can be: + # 'none' - does not reset anything, just upgrades if a conf is present + # OR installs new conf if a conf is missing + # 'soft' - deletes only $config_dir/config file and thus resetting most + # conf values to their defaults. Keeps the specific Webmin cron jobs + # 'hard' - deletes all files in $config_dir (keeping the .keep_* Gentoo file) + # and thus resetting all Webmin. Deletes the specific Webmin cron jobs too. + local _reset="none" + + # If in interactive mode ask user what should we do + if [[ "${INTERACTIVE}" = "yes" ]]; then + einfo + einfo "Please enter the number of the action you would like to perform?" + einfo + einfo "1. Update configuration" + einfo " (keeps old config options and adds the new ones)" + einfo "2. Soft reset configuration" + einfo " (keeps some old config options, the other options are set to default)" + ewarn " All Webmin users will be reset" + einfo "3. Hard reset configuration" + einfo " (all options including module options are set to default)" + ewarn " You will lose all Webmin configuration options you have done till now" + einfo "4. Exit this configuration utility (default)" + while [ "$correct" != "true" ] ; do + read answer + if [[ "$answer" = "1" ]] ; then + _reset="none" + correct="true" + elif [[ "$answer" = "2" ]] ; then + _reset="soft" + correct="true" + elif [[ "$answer" = "3" ]] ; then + _reset="hard" + correct="true" + elif [ "$answer" = "4" -o "$answer" = "" ] ; then + die "User aborted configuration." + else + echo "Answer not recognized. Enter a number from 1 to 4" + fi + done + + if [[ "$_reset" = "hard" ]]; then + while [ "$sure" != "true" ] ; do + ewarn "You will lose all Webmin configuration options you have done till now." + ewarn "Are you sure you want to do this? (y/n)" + read answer + if [[ $answer =~ ^[Yy]([Ee][Ss])?$ ]] ; then + sure="true" + elif [[ $answer =~ ^[Nn]([Oo])?$ ]] ; then + die "User aborted configuration." + else + echo "Answer not recognized. Enter 'y' or 'n'" + fi + done + fi + fi + + export reset=$_reset + + # Create ssl certificate for Webmin if there is not one in the proper place + if [[ ! -e "${EROOT}/etc/ssl/webmin/server.pem" ]]; then + SSL_ORGANIZATION="${SSL_ORGANIZATION:-Webmin Server}" + SSL_COMMONNAME="${SSL_COMMONNAME:-*}" + install_cert "${EROOT}/etc/ssl/webmin/server" + fi + + # Ensure all paths passed to the setup script use EROOT + export wadir="${EROOT}/usr/libexec/webmin" + export config_dir="${EROOT}/etc/webmin" + export var_dir="${EROOT}/var/log/webmin" + export tempdir="${T}" + export pidfile="${EROOT}/var/run/webmin.pid" + export perl="$( which perl )" + export os_type='gentoo-linux' + export os_version='*' + export real_os_type='Gentoo Linux' + export real_os_version='Any version' + # Forcing 'ssl', 'no_ssl2', 'no_ssl3', 'ssl_redirect', 'no_sslcompression', + # 'ssl_honorcipherorder', 'no_tls1' and 'no_tls1_1' for tightening security + export ssl=1 + export no_ssl2=1 + export no_ssl3=1 + export ssl_redirect=1 + export ssl_honorcipherorder=1 + export no_sslcompression=1 + export no_tls1=1 + export no_tls1_1=1 + export keyfile="${EROOT}/etc/ssl/webmin/server.pem" + export port=10000 + + export atboot=0 + + einfo "Executing Webmin's configure script" + $wadir/gentoo-setup.sh + + einfo "Configuration of Webmin done" +} |