From nobody@FreeBSD.org  Sat Sep 14 01:24:28 2013
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTP id 98DE07F9
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 14 Sep 2013 01:24:28 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from oldred.freebsd.org (oldred.freebsd.org [8.8.178.121])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.freebsd.org (Postfix) with ESMTPS id 85AE02885
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 14 Sep 2013 01:24:28 +0000 (UTC)
Received: from oldred.freebsd.org ([127.0.1.6])
	by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id r8E1OR8h072449
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 14 Sep 2013 01:24:27 GMT
	(envelope-from nobody@oldred.freebsd.org)
Received: (from nobody@localhost)
	by oldred.freebsd.org (8.14.5/8.14.5/Submit) id r8E1ORkD072360;
	Sat, 14 Sep 2013 01:24:27 GMT
	(envelope-from nobody)
Message-Id: <201309140124.r8E1ORkD072360@oldred.freebsd.org>
Date: Sat, 14 Sep 2013 01:24:27 GMT
From: Yuri Victorovich <yuri@tsoft.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [PATCH port www/shellinabox] Added an option to login as ssh (as opposed to as login(1))
X-Send-Pr-Version: www-3.1
X-GNATS-Notify: olivier@cochard.me

>Number:         182074
>Category:       ports
>Synopsis:       [PATCH] www/shellinabox: Added an option to login as ssh (as opposed to as login(1))
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    sunpoet
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Sep 14 01:30:00 UTC 2013
>Closed-Date:    Sat Sep 14 08:03:54 UTC 2013
>Last-Modified:  Sat Sep 14 08:10:00 UTC 2013
>Originator:     Yuri Victorovich
>Release:        9.1
>Organization:
n/a
>Environment:
>Description:
I need shellinabox login prompt to go through pam google authenticator for security purposes.

Currently shellinabox by default uses login(1). login(1) can be configured for google authenticator through the pam config. But this isn't practical, because login(1) is used for the local login, and it isn't desirable to use google authenticator with the local logins.

shellinabox has an option to disable login(1), which practically makes it to login through ssh.

There is some notion of pam login as "shellinabox" service in the code, but it appears this part of code isn't complete and isn't activated by default.

So making it login as ssh is a good intermediate option for the time being.
This way ssh login can be configured as google authenticator and it works fine through shellinabox too.

There is the shellinabox PR https://code.google.com/p/shellinabox/issues/detail?id=187 asking for improvement in this area.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

Index: Makefile
===================================================================
--- Makefile	(revision 326997)
+++ Makefile	(working copy)
@@ -17,8 +17,9 @@
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/COPYING
 
-OPTIONS_DEFINE=		CORES MANPAGES
+OPTIONS_DEFINE=		CORES NOLOGIN MANPAGES
 CORES_DESC=	Patch shellinaboxd to enable core dumps
+NOLOGIN_DESC=	Login through ssh (not through login)
 
 HAS_CONFIGURE=	yes
 CONFIGURE_ARGS=	\
@@ -41,6 +42,11 @@
 
 .include <bsd.port.pre.mk>
 
+.if ${PORT_OPTIONS:MNOLOGIN}
+CONFIGURE_ARGS+=--disable-login
+.endif
+
+
 .if ${ARCH} == "powerpc"
 BROKEN=		Does not load on powerpc
 .endif


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Sat Sep 14 01:30:08 UTC 2013 
State-Changed-Why:  
Awaiting maintainers feedback (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=182074 

From: Edwin Groothuis <edwin@FreeBSD.org>
To: olivier@cochard.me
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/182074: [PATCH port www/shellinabox] Added an option to login as ssh (as opposed to as login(1))
Date: Sat, 14 Sep 2013 01:30:08 UT

 Maintainer of www/shellinabox,
 
 Please note that PR ports/182074 has just been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/182074
 
 -- 
 Edwin Groothuis via the GNATS Auto Assign Tool
 edwin@FreeBSD.org

From: Yuri <yuri@rawbw.com>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/182074: [PATCH port www/shellinabox] Added an option to
 login as ssh (as opposed to as login(1))
Date: Fri, 13 Sep 2013 18:45:43 -0700

 This is a multi-part message in MIME format.
 --------------010200060707090005010201
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 7bit
 
 Sorry, forgot port version bump.
 
 Yuri
 
 --------------010200060707090005010201
 Content-Type: text/plain; charset=UTF-8;
  name="patch-shellinabox-nologin.patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
  filename="patch-shellinabox-nologin.patch"
 
 Index: Makefile
 ===================================================================
 --- Makefile	(revision 326997)
 +++ Makefile	(working copy)
 @@ -7,7 +7,7 @@
  
  PORTNAME=	shellinabox
  PORTVERSION=	2.14
 -PORTREVISION=	1
 +PORTREVISION=	2
  CATEGORIES=	www
  MASTER_SITES=	GOOGLE_CODE
  
 @@ -17,8 +17,9 @@
  LICENSE=	GPLv2
  LICENSE_FILE=	${WRKSRC}/COPYING
  
 -OPTIONS_DEFINE=		CORES MANPAGES
 +OPTIONS_DEFINE=		CORES NOLOGIN MANPAGES
  CORES_DESC=	Patch shellinaboxd to enable core dumps
 +NOLOGIN_DESC=	Login through ssh (not through login)
  
  HAS_CONFIGURE=	yes
  CONFIGURE_ARGS=	\
 @@ -41,6 +42,11 @@
  
  .include <bsd.port.pre.mk>
  
 +.if ${PORT_OPTIONS:MNOLOGIN}
 +CONFIGURE_ARGS+=--disable-login
 +.endif
 +
 +
  .if ${ARCH} == "powerpc"
  BROKEN=		Does not load on powerpc
  .endif
 
 --------------010200060707090005010201--

From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= <olivier@cochard.me>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: ports/182074: [PATCH port www/shellinabox] Added an option to
 login as ssh (as opposed to as login(1))
Date: Sat, 14 Sep 2013 09:28:07 +0200

 Hi,
 I'm agree with this patch.
 
 Regards,
 
 Olivier
 
 On Sat, Sep 14, 2013 at 3:30 AM, Edwin Groothuis <edwin@freebsd.org> wrote:
 > Maintainer of www/shellinabox,
 >
 > Please note that PR ports/182074 has just been submitted.
 >
 > If it contains a patch for an upgrade, an enhancement or a bug fix
 > you agree on, reply to this email stating that you approve the patch
 > and a committer will take care of it.
 >
 > The full text of the PR can be found at:
 >     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/182074
 >
 > --
 > Edwin Groothuis via the GNATS Auto Assign Tool
 > edwin@FreeBSD.org
Responsible-Changed-From-To: freebsd-ports-bugs->sunpoet 
Responsible-Changed-By: sunpoet 
Responsible-Changed-When: Sat Sep 14 07:47:17 UTC 2013 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=182074 
State-Changed-From-To: feedback->closed 
State-Changed-By: sunpoet 
State-Changed-When: Sat Sep 14 08:03:53 UTC 2013 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=182074 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/182074: commit references a PR
Date: Sat, 14 Sep 2013 08:03:51 +0000 (UTC)

 Author: sunpoet
 Date: Sat Sep 14 08:03:43 2013
 New Revision: 327240
 URL: http://svnweb.freebsd.org/changeset/ports/327240
 
 Log:
   - Add NOLOGIN option: login as ssh (as opposed to as login(1))
   - While I'm here:
     - Remove LICENSE_FILE for well-known licenses
     - Update OPTONS_DEFINE: add DOCS and remove no-op MANPAGES
     - Cleanup Makefile header
     - Use single space after WWW:
   
   PR:		ports/182074
   Submitted by:	Yuri Victorovich <yuri@tsoft.com>
   Approved by:	Olivier Cochard-Labbe <olivier@cochard.me> (maintainer)
 
 Modified:
   head/www/shellinabox/Makefile   (contents, props changed)
   head/www/shellinabox/pkg-descr   (contents, props changed)
 
 Modified: head/www/shellinabox/Makefile
 ==============================================================================
 --- head/www/shellinabox/Makefile	Sat Sep 14 08:01:54 2013	(r327239)
 +++ head/www/shellinabox/Makefile	Sat Sep 14 08:03:43 2013	(r327240)
 @@ -1,9 +1,5 @@
 -# New ports collection makefile for:	shellinabox
 -# Date created:		25 june 2010
 -# Whom:			Olivier Cochard-Labbe <olivier@cochard.me>
 -#
 +# Created by: Olivier Cochard-Labbe <olivier@cochard.me>
  # $FreeBSD$
 -#
  
  PORTNAME=	shellinabox
  PORTVERSION=	2.14
 @@ -15,9 +11,8 @@ MAINTAINER=	olivier@cochard.me
  COMMENT=	Publish command line shell through AJAX interface
  
  LICENSE=	GPLv2
 -LICENSE_FILE=	${WRKSRC}/COPYING
  
 -OPTIONS_DEFINE=		CORES MANPAGES
 +OPTIONS_DEFINE=	CORES DOCS
  CORES_DESC=	Patch shellinaboxd to enable core dumps
  
  HAS_CONFIGURE=	yes
 @@ -39,6 +34,12 @@ PKGDEINSTALL=	${WRKDIR}/pkg-deinstall
  SUB_FILES=	pkg-deinstall
  SUB_LIST=	USERS=${USERS} GROUPS=${GROUPS}
  
 +.include <bsd.port.options.mk>
 +
 +.if ${PORT_OPTIONS:MNOLOGIN}
 +CONFIGURE_ARGS+=--disable-login
 +.endif
 +
  .include <bsd.port.pre.mk>
  
  .if ${ARCH} == "powerpc"
 @@ -60,7 +61,6 @@ post-install:
  .if ${PORT_OPTIONS:MDOCS}
  	${MKDIR} ${DOCSDIR}/
  	cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}/
 -
  .endif
  	${MKDIR} ${ETCDIR}/
  	${CHMOD} 700 ${ETCDIR}/
 
 Modified: head/www/shellinabox/pkg-descr
 ==============================================================================
 --- head/www/shellinabox/pkg-descr	Sat Sep 14 08:01:54 2013	(r327239)
 +++ head/www/shellinabox/pkg-descr	Sat Sep 14 08:03:43 2013	(r327240)
 @@ -1,4 +1,4 @@
  Shell In A Box is a web server that can export arbitary command line tools to a 
  web based terminal emulator
  
 -WWW:	http://code.google.com/p/shellinabox/	
 +WWW: http://code.google.com/p/shellinabox/	
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 
>Unformatted:
