diff --git a/.cvsignore b/.cvsignore index e69de29..bbceb25 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +ppp-2.3.11.tar.gz diff --git a/ppp-2.3.5-pamd.conf b/ppp-2.3.5-pamd.conf new file mode 100644 index 0000000..7d7274e --- /dev/null +++ b/ppp-2.3.5-pamd.conf @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth required pam_nologin.so +auth required pam_stack.so service=system-auth +account required pam_stack.so service=system-auth +session required pam_stack.so service=system-auth diff --git a/ppp-2.3.6-sample.patch b/ppp-2.3.6-sample.patch new file mode 100644 index 0000000..92eee6c --- /dev/null +++ b/ppp-2.3.6-sample.patch @@ -0,0 +1,295 @@ +--- ppp-2.3.3/sample/auth-down.sample Tue Jan 6 17:53:27 1998 ++++ ppp-2.3.3/sample/auth-down Tue Jan 6 17:53:27 1998 +@@ -0,0 +1,17 @@ ++#!/bin/sh ++# ++# A program or script which is executed after the remote system ++# successfully authenticates itself. It is executed with the parameters ++# ++# ++ ++# ++# The environment is cleared before executing this script ++# so the path must be reset ++# ++PATH=/usr/sbin:/sbin:/usr/bin:/bin ++export PATH ++ ++echo auth-down `date +'%y/%m/%d %T'` $* >> /var/log/pppstats ++ ++# last line +--- ppp-2.3.3/sample/auth-up.sample Tue Jan 6 17:53:27 1998 ++++ ppp-2.3.3/sample/auth-up Tue Jan 6 17:53:27 1998 +@@ -0,0 +1,17 @@ ++#!/bin/sh ++# ++# A program or script which is executed after the remote system ++# successfully authenticates itself. It is executed with the parameters ++# ++# ++ ++# ++# The environment is cleared before executing this script ++# so the path must be reset ++# ++PATH=/usr/sbin:/sbin:/usr/bin:/bin ++export PATH ++ ++echo auth-up `date +'%y/%m/%d %T'` $* >> /var/log/pppstats ++ ++# last line +--- ppp-2.3.3/sample/ip-down.sample Tue Jan 6 17:53:27 1998 ++++ ppp-2.3.3/sample/ip-down Tue Jan 6 17:53:27 1998 +@@ -0,0 +1,22 @@ ++#!/bin/sh ++# ++# This script is run by the pppd _after_ the link is brought down. ++# It should be used to delete routes, unset IP addresses etc. ++# ++# This script is called with the following arguments: ++# Arg Name Example ++# $1 Interface name ppp0 ++# $2 The tty ttyS1 ++# $3 The link speed 38400 ++# $4 Local IP number 12.34.56.78 ++# $5 Peer IP number 12.34.56.99 ++# ++ ++# ++# The environment is cleared before executing this script ++# so the path must be reset ++# ++PATH=/usr/sbin:/sbin:/usr/bin:/bin ++export PATH ++ ++# last line +--- ppp-2.3.3/sample/ip-up.sample Tue Jan 6 17:53:27 1998 ++++ ppp-2.3.3/sample/ip-up Tue Jan 6 17:53:27 1998 +@@ -0,0 +1,23 @@ ++#!/bin/sh ++# ++# This script is run by the pppd after the link is established. ++# It should be used to add routes, set IP address, run the mailq ++# etc. ++# ++# This script is called with the following arguments: ++# Arg Name Example ++# $1 Interface name ppp0 ++# $2 The tty ttyS1 ++# $3 The link speed 38400 ++# $4 Local IP number 12.34.56.78 ++# $5 Peer IP number 12.34.56.99 ++# ++ ++# ++# The environment is cleared before executing this script ++# so the path must be reset ++# ++PATH=/usr/sbin:/sbin:/usr/bin:/bin ++export PATH ++ ++# last line +--- ppp-2.3.3/sample/options.sample Tue Jan 6 17:53:27 1998 ++++ ppp-2.3.3/sample/options Tue Jan 6 17:53:27 1998 +@@ -0,0 +1,153 @@ ++# /etc/ppp/options ++ ++# The name of this server. Often, the FQDN is used here. ++#name ++ ++# Enforce the use of the hostname as the name of the local system for ++# authentication purposes (overrides the name option). ++usehostname ++ ++# If no local IP address is given, pppd will use the first IP address ++# that belongs to the local hostname. If "noipdefault" is given, this ++# is disabled and the peer will have to supply an IP address. ++noipdefault ++ ++# With this option, pppd will accept the peer's idea of our local IP ++# address, even if the local IP address was specified in an option. ++#ipcp-accept-local ++ ++# With this option, pppd will accept the peer's idea of its (remote) IP ++# address, even if the remote IP address was specified in an option. ++#ipcp-accept-remote ++ ++# Specify which DNS Servers the incoming Win95 or WinNT Connection should use ++# Two Servers can be remotely configured ++#ms-dns 192.168.1.1 ++#ms-dns 192.168.1.2 ++ ++# Specify which WINS Servers the incoming connection Win95 or WinNT should use ++#wins-addr 192.168.1.50 ++#wins-addr 192.168.1.51 ++ ++# enable this on a server that already has a permanent default route ++#nodefaultroute ++ ++# Run the executable or shell command specified after pppd has terminated ++# the link. This script could, for example, issue commands to the modem ++# to cause it to hang up if hardware modem control signals were not ++# available. ++# If mgetty is running, it will reset the modem anyway. So there is no need ++# to do it here. ++#disconnect "chat -- \d+++\d\c OK ath0 OK" ++ ++# Increase debugging level (same as -d). The debug output is written ++# to syslog LOG_LOCAL2. ++debug ++ ++# Enable debugging code in the kernel-level PPP driver. The argument n ++# is a number which is the sum of the following values: 1 to enable ++# general debug messages, 2 to request that the contents of received ++# packets be printed, and 4 to request that the contents of transmitted ++# packets be printed. ++#kdebug n ++ ++# Require the peer to authenticate itself before allowing network ++# packets to be sent or received. ++# Please do not disable this setting. It is expected to be standard in ++# future releases of pppd. Use the call option (see manpage) to disable ++# authentication for specific peers. ++#auth ++ ++# authentication can either be pap or chap. As most people only want to ++# use pap, you can also disable chap: ++#require-pap ++#refuse-chap ++ ++# Use hardware flow control (i.e. RTS/CTS) to control the flow of data ++# on the serial port. ++crtscts ++ ++# Specifies that pppd should use a UUCP-style lock on the serial device ++# to ensure exclusive access to the device. ++lock ++ ++# Use the modem control lines. ++modem ++ ++# async character map -- 32-bit hex; each bit is a character ++# that needs to be escaped for pppd to receive it. 0x00000001 ++# represents '\x01', and 0x80000000 represents '\x1f'. ++# To allow pppd to work over a rlogin/telnet connection, ou should escape ++# XON (^Q), XOFF (^S) and ^]: (The peer should use "escape ff".) ++#asyncmap 200a0000 ++asyncmap 0 ++ ++# Specifies that certain characters should be escaped on transmission ++# (regardless of whether the peer requests them to be escaped with its ++# async control character map). The characters to be escaped are ++# specified as a list of hex numbers separated by commas. Note that ++# almost any character can be specified for the escape option, unlike ++# the asyncmap option which only allows control characters to be ++# specified. The characters which may not be escaped are those with hex ++# values 0x20 - 0x3f or 0x5e. ++#escape 11,13,ff ++ ++# Set the MRU [Maximum Receive Unit] value to for negotiation. pppd ++# will ask the peer to send packets of no more than bytes. The ++# minimum MRU value is 128. The default MRU value is 1500. A value of ++# 296 is recommended for slow links (40 bytes for TCP/IP header + 256 ++# bytes of data). ++#mru 542 ++ ++# Set the MTU [Maximum Transmit Unit] value to . Unless the peer ++# requests a smaller value via MRU negotiation, pppd will request that ++# the kernel networking code send data packets of no more than n bytes ++# through the PPP network interface. ++#mtu ++ ++# Set the interface netmask to , a 32 bit netmask in "decimal dot" ++# notation (e.g. 255.255.255.0). ++#netmask 255.255.255.0 ++ ++# Don't fork to become a background process (otherwise pppd will do so ++# if a serial device is specified). ++nodetach ++ ++# Set the assumed name of the remote system for authentication purposes ++# to . ++#remotename ++ ++# Add an entry to this system's ARP [Address Resolution Protocol] ++# table with the IP address of the peer and the Ethernet address of this ++# system. {proxyarp,noproxyarp} ++proxyarp ++ ++# Use the system password database for authenticating the peer using ++# PAP. Note: mgetty already provides this option. If this is specified ++# then dialin from users using a script under Linux to fire up ppp wont work. ++#login ++ ++# If this option is given, pppd will send an LCP echo-request frame to ++# the peer every n seconds. Under Linux, the echo-request is sent when ++# no packets have been received from the peer for n seconds. Normally ++# the peer should respond to the echo-request by sending an echo-reply. ++# This option can be used with the lcp-echo-failure option to detect ++# that the peer is no longer connected. ++lcp-echo-interval 30 ++ ++# If this option is given, pppd will presume the peer to be dead if n ++# LCP echo-requests are sent without receiving a valid LCP echo-reply. ++# If this happens, pppd will terminate the connection. Use of this ++# option requires a non-zero value for the lcp-echo-interval parameter. ++# This option can be used to enable pppd to terminate after the physical ++# connection has been broken (e.g., the modem has hung up) in ++# situations where no hardware modem control lines are available. ++lcp-echo-failure 4 ++ ++# Specifies that pppd should disconnect if the link is idle for n seconds. ++idle 600 ++ ++# Disable the IPXCP and IPX protocols. ++noipx ++ ++# ------ +--- ppp-2.3.3/sample/options.ttyXX.sample Tue Jan 6 17:53:27 1998 ++++ ppp-2.3.3/sample/options.ttyXX Tue Jan 6 17:53:27 1998 +@@ -0,0 +1,14 @@ ++# If you need to set up multiple serial lines then copy this file to ++# options. for each tty with a modem on it. ++# ++# The options.tty file will assign an IP address to each PPP connection ++# as it comes up. They must all be distinct! ++# ++# Example: ++# options.ttyS1 for com2 under DOS. ++# ++# Edit the following line so that the first IP address ++# mentioned is the ip address of the serial port while the second ++# is the IP address of your host ++# ++hostname-s1:hostname +--- ppp-2.3.3/sample/pap-secrets.sample Tue Jan 6 17:53:27 1998 ++++ ppp-2.3.3/sample/pap-secrets Tue Jan 6 17:53:27 1998 +@@ -0,0 +1,28 @@ ++# Secrets for authentication using PAP ++# client server secret IP addresses ++ ++# OUTBOUND CONNECTIONS ++# Here you should add your userid password to connect to your providers via ++# pap. The * means that the password is to be used for ANY host you connect ++# to. Thus you do not have to worry about the foreign machine name. Just ++# replace password with your password. ++# If you have different providers with different passwords then you better ++# remove the following line. ++#hostname * password ++ ++# INBOUND CONNECTIONS ++#client hostname 192.168.1.1 ++ ++# If you add "auth login -chap +pap" to /etc/mgetty+sendfax/login.config, ++# all users in /etc/passwd can use their password for pap-authentication. ++# ++# Every regular user can use PPP and has to use passwords from /etc/passwd ++#* hostname "" ++# UserIDs that cannot use PPP at all. Check your /etc/passwd and add any ++# other accounts that should not be able to use pppd! Replace hostname ++# with your local hostname. ++#guest hostname "*" - ++#master hostname "*" - ++#root hostname "*" - ++#support hostname "*" - ++#stats hostname "*" - diff --git a/ppp.spec b/ppp.spec new file mode 100644 index 0000000..4459c36 --- /dev/null +++ b/ppp.spec @@ -0,0 +1,177 @@ +Summary: The PPP (Point-to-Point Protocol) daemon. +Name: ppp +Version: 2.3.11 +Release: 7 +Copyright: distributable +Group: System Environment/Daemons +Source0: ftp://cs.anu.edu.au/pub/software/ppp/ppp-%{version}.tar.gz +Source1: ppp-2.3.5-pamd.conf +Patch0: ppp-2.3.11-make.patch +Patch1: ppp-2.3.6-sample.patch +Patch2: ppp-2.3.9-wtmp.patch +Patch3: ppp-2.3.11-reap.patch +Patch4: ppp-2.3.11-pam_session.patch +BuildRoot: %{_tmppath}/%{name}-root +Requires: glibc >= 2.0.6, /etc/pam.d/system-auth + +%description +The ppp package contains the PPP (Point-to-Point Protocol) daemon and +documentation for PPP support. The PPP protocol provides a method for +transmitting datagrams over serial point-to-point links. PPP is +usually used to dial in to an ISP (Internet Service Provider) or other +organization over a modem and phone line. + +%prep +%setup -q +%patch0 -p1 -b .make +%patch1 -p1 -b .sample +%patch2 -p1 -b .wtmp +%patch3 -p1 -b .reap +%patch4 -p1 -b .pam_session +# patch 2 depends on the -lutil in patch 0 +find . -type f -name "*.sample" | xargs rm -f + +%build +./configure +make RPM_OPT_FLAGS="$RPM_OPT_FLAGS" + +%install +[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT +make install DESTDIR=$RPM_BUILD_ROOT MANDIR=$RPM_BUILD_ROOT%{_mandir} BINDIR=$RPM_BUILD_ROOT%{_sbindir} + +## it shouldn't be SUID root be default +#chmod 755 $RPM_BUILD_ROOT/usr/sbin/pppd + +chmod go+r scripts/* +mkdir -p $RPM_BUILD_ROOT/etc/pam.d +install -m 644 %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/ppp + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root) +%{_sbindir}/chat +%{_sbindir}/pppd +%{_sbindir}/pppdump +%{_sbindir}/pppstats +%{_mandir}/man8/chat.8* +%{_mandir}/man8/pppd.8* +%{_mandir}/man8/pppdump.8* +%{_mandir}/man8/pppstats.8* +%dir /etc/ppp +%config /etc/ppp/chap-secrets +%config /etc/ppp/options +%config /etc/ppp/pap-secrets +%config /etc/pam.d/ppp +%doc README README.linux scripts sample + +%changelog +* Wed Jul 12 2000 Prospector +- automatic rebuild + +* Mon Jun 5 2000 Nalin Dahyabhai +- move man pages to %{_mandir} + +* Thu Jun 1 2000 Nalin Dahyabhai +- change perms using defattr +- modify PAM setup to use system-auth + +* Sun Mar 26 2000 Florian La Roche +- change to root:root perms + +* Mon Mar 06 2000 Nalin Dahyabhai +- reaper bugs verified as fixed +- check pam_open_session result code (bug #9966) + +* Mon Feb 07 2000 Nalin Dahyabhai +- take a shot at the wrong reaper bugs (#8153, #5290) + +* Thu Feb 03 2000 Nalin Dahyabhai +- free ride through the build system (release 2) + +* Tue Jan 18 2000 Nalin Dahyabhai +- Update to 2.3.11 + +* Sat Nov 06 1999 Michael K. Johnson +- Better fix for both problems + +* Fri Nov 05 1999 Michael K. Johnson +- fix for double-dial problem +- fix for requiring a controlling terminal problem + +* Sun Sep 19 1999 Preston Brown +- 2.3.10 bugfix release + +* Fri Aug 13 1999 Michael K. Johnson +- New version 2.3.9 required for kernel 2.3.13 and will be required + for new initscripts. auth patch removed; 2.3.9 does the same thing + more readably than the previous patch. + +* Thu Jun 24 1999 Cristian Gafton +- add pppdump + +* Fri Apr 09 1999 Cristian Gafton +- force pppd use the glibc's logwtmp instead of implementing its own + +* Wed Apr 01 1999 Preston Brown +- version 2.3.7 bugfix release + +* Tue Mar 23 1999 Cristian Gafton +- version 2.3.6 + +* Mon Mar 22 1999 Michael Johnson +- auth patch + +* Sun Mar 21 1999 Cristian Gafton +- auto rebuild in the new build environment (release 3) + +* Thu Jan 07 1999 Cristian Gafton +- build for glibc 2.1 + +* Fri Jun 5 1998 Jeff Johnson +- updated to 2.3.5. + +* Tue May 19 1998 Prospector System +- translations modified for de + +* Fri May 8 1998 Jakub Jelinek +- make it run with kernels 2.1.100 and above. + +* Fri Apr 24 1998 Prospector System +- translations modified for de, fr, tr + +* Wed Mar 18 1998 Cristian Gafton +- requires glibc 2.0.6 or later + +* Wed Mar 18 1998 Michael K. Johnson +- updated PAM patch to not turn off wtmp/utmp/syslog logging. + +* Wed Jan 7 1998 Cristian Gafton +- added the /etc/pam.d config file +- updated PAM patch to include session support + +* Tue Jan 6 1998 Cristian Gafton +- updated to ppp-2.3.3, build against glibc-2.0.6 - previous patches not + required any more. +- added buildroot +- fixed the PAM support, which was really, completely broken and against any + standards (session support is still not here... :-( ) +- we build against running kernel and pray that it will work +- added a samples patch; updated glibc patch + +* Thu Dec 18 1997 Erik Troan +- added a patch to use our own route.h, rather then glibc's (which has + alignment problems on Alpha's) -- I only applied this patch on the Alpha, + though it should be safe everywhere + +* Fri Oct 10 1997 Erik Troan +- turned off the execute bit for scripts in /usr/doc + +* Fri Jul 18 1997 Erik Troan +- built against glibc + +* Tue Mar 25 1997 Erik Troan +- Integrated new patch from David Mosberger +- Improved description + diff --git a/sources b/sources index e69de29..20159a2 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +21be3688b98eeaaf5740d4a73a1220eb ppp-2.3.11.tar.gz