net-print/novell-iprint-xclient: default to security low for localhost

trunk/novell4gentoo/net-print/novell-iprint-xclient/ChangeLog

@@ -2,6 +2,10 @@
 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
 # $Header: $
 
+  04 Sep 2008; Mario Fetka <mario.fetka@gmail.com> +files/post-high,
+  +files/post-low, +novell-iprint-xclient-6.500.20070508_p1-r1.ebuild:
+  default to security low for localhost
+
   03 Sep 2008; Mario Fetka <mario.fetka@gmail.com>
   novell-iprint-xclient-6.500.20070508_p1.ebuild:
   add missing RDEPEND

trunk/novell4gentoo/net-print/novell-iprint-xclient/Manifest

@@ -1,6 +1,9 @@
 AUX 80novell-iprint 176 RMD160 e6190bfcde19e2da265b790012582d4200c20668 SHA1 8d9051acc2390dd4fd40fb8221043b1ed0c80fe4 SHA256 a8eea0f270391a658d311a6de6f3b543db62a14767d6c9a966b15d845783d9b4
 AUX 80novell-iprint64 180 RMD160 3a485dd8c9ad50168afa25bb6c643d65a666c810 SHA1 530a627efc418438f0e4ddd7a56d1be3242466a6 SHA256 dd2b575b9016fbd911ba65fcbfc04a5205618d63267021e632b88878b982e96e
+AUX post-high 1982 RMD160 6bc0f5f30af9456b74312d5155e9fe1d95d5494b SHA1 462b945db78d7be1180be672db49aebfba7960c1 SHA256 05da68dbade35edc43b695dd2c83a4e3ee7eb8bac16e4025020866a6152c50b9
+AUX post-low 1915 RMD160 d99e230e53fb9fc61fa2c29903f06d41c4b24f95 SHA1 822a3cedcd3e6efb4e97c30181bf79f273bc9d9f SHA256 5a7aa0c41c63676f53d284b5bdc50a50a58dd6ef550945dce9014b175b40da2d
 DIST OES2-i386-CD1.iso 451971072 RMD160 05862048a73feed632aafb5fd4f25a4e9c5ecc6a SHA1 6286002ebef39929eceecee47e6e2a095e66ba71 SHA256 10b3921c5a833bb8fc992e8bd699b28e045471f8338d3480863ca86413161f63
+EBUILD novell-iprint-xclient-6.500.20070508_p1-r1.ebuild 5072 RMD160 857276c10b11b5c6e2d1f960496c22c49996dc41 SHA1 6feb8a39a0218a7aafc143b276e0a3b9eb060f6d SHA256 bc1ab4010b05303fc48526e59e1bfb32d60c44bc958c398cf9b94d79493862d6
 EBUILD novell-iprint-xclient-6.500.20070508_p1.ebuild 3614 RMD160 0e5fa61cf33248f403ead431cfe18a956e771328 SHA1 c7700e5b54253af6db5ef6cd52e7e07479effffa SHA256 93e36d8de8d01768de058a2221c90a1baef197e2cf37559e1af98efab8ce146e
-MISC ChangeLog 467 RMD160 02160710b516cd2857ec7fd5ad438fb0687a4d62 SHA1 6174eb47a1e8bcd344410b6105820314556c0cff SHA256 737f4f9c6b43ca1815e30440f276f7bc0231873f4971668579171f8292986195
+MISC ChangeLog 648 RMD160 82d437af9a2398fe920f422e110026609d351ae6 SHA1 5e715ad6b1d379aa73a77ed7b442388b7cb34d1d SHA256 ef616771737d181ca3e7ce2fb082be955920c3d6eb7acb56f126e7650709a435
 MISC metadata.xml 170 RMD160 645927a396fdc21cdeb089fe42c5397332420ea6 SHA1 ac7f48a14fec325926f9ce1be8fbf1f311b4f2e4 SHA256 d797a2ec6f9dc516c9f9c1a758ee87ad3e8c43101b5dc76c2f872d5bd4639b42

trunk/novell4gentoo/net-print/novell-iprint-xclient/files/post-high

@@ -0,0 +1,40 @@
+##
+## First, modify cupsd.conf to allow local access to /admin:
+##
+DATE=$(date +%Y%m%d)
+TMP_DIR=/tmp
+TMP_FILE="$(mktemp ${TMP_DIR}/.cupsd.conf.XXXXXX)"
+EDIT_TAG="Edited by Novell-iPrint:"
+CONF_FILE="/etc/cups/cupsd.conf"
+BACKUP_FILE=${CONF_FILE}.bak.${DATE}.$$
+# Modify CONF_FILE for 'high' security model for /admin section
+if [ -f ${CONF_FILE} ]; then
+   sed -e "/^ *< *Location *\/admin/,/^ *< *\/Location *>/{          # Work only in the '<Location /admin>' block
+         /^.*Location/!d;                                            # Delete all but the location directives
+         s@\(^ *< *Location.*$\)@\1\n# ${EDIT_TAG} ${DATE}\n#\n# Security setting: high\n# Original configuration backed up to ${BACKUP_FILE}\n#\n\nAuthType BasicDigest\nAuthClass Group\nAuthGroupName sys\n\n## Restrict access to local domain\nOrder Deny,Allow\nDeny From All\nAllow From 127.0.0.1\n#Encryption Required@;
+      }" ${CONF_FILE} >  "${TMP_FILE}"
+   # Replace the CONF_FILE with our modified version
+   if ! cp "${CONF_FILE}" "${BACKUP_FILE}"; then
+      echo "Error: Failed to create backup of $(basename ${CONF_FILE})"
+      echo "Add 'Allow From 127.0.0.1' for all users to <Location /admin> section manualy."
+   elif ! mv "${TMP_FILE}" ${CONF_FILE}; then
+      echo "Error: Failed to modify $(basename ${CONF_FILE})"
+      echo "Add 'Allow From 127.0.0.1' for all users to <Location /admin> section manualy."
+   fi
+   rm -rf "${TMP_FILE}"
+else
+   echo "${CONF_FILE}: No such file or directory or already modified by Novell iPrint"
+fi
+/sbin/ldconfig
+# Restart cups
+# only if it is running ...
+
+	test -n "$FIRST_ARG" || FIRST_ARG=$1 
+	if test "$FIRST_ARG" -ge 1 ; then 
+	   test -f /etc/sysconfig/services && . /etc/sysconfig/services 
+           if test "$YAST_IS_RUNNING" != "instsys" -a "$DISABLE_RESTART_ON_UPDATE" != yes ; then 
+              for service in cups ; do 
+                 /etc/init.d/$service try-restart > /dev/null || : 
+              done 
+           fi 
+        fi

trunk/novell4gentoo/net-print/novell-iprint-xclient/files/post-low

@@ -0,0 +1,40 @@
+##
+## First, modify cupsd.conf to allow local access to /admin:
+##
+DATE=$(date +%Y%m%d)
+TMP_DIR=/tmp
+TMP_FILE="$(mktemp ${TMP_DIR}/.cupsd.conf.XXXXXX)"
+EDIT_TAG="Edited by Novell-iPrint:"
+CONF_FILE="/etc/cups/cupsd.conf"
+BACKUP_FILE=${CONF_FILE}.bak.${DATE}.$$
+# Modify CONF_FILE for 'low' security model for /admin section
+if [ -f ${CONF_FILE} ]; then
+   sed -e "/^ *< *Location *\/admin/,/^ *< *\/Location *>/{          # Work only in the '<Location /admin>' block
+         /^.*Location/!d;                                            # Delete all but the location directives
+         s@\(^ *< *Location.*$\)@\1\n# ${EDIT_TAG} ${DATE}\n#\n# Security setting: low\n# Original configuration backed up to ${BACKUP_FILE}\n#\n\nAuthType None\n\n## Restrict access to local domain\nOrder Deny,Allow\nDeny From All\nAllow From 127.0.0.1@;
+      }" ${CONF_FILE} >  "${TMP_FILE}"
+   # Replace the CONF_FILE with our modified version
+   if ! cp "${CONF_FILE}" "${BACKUP_FILE}"; then
+      echo "Error: Failed to create backup of $(basename ${CONF_FILE})"
+      echo "Add 'Allow From 127.0.0.1' for all users to <Location /admin> section manualy."
+   elif ! mv "${TMP_FILE}" ${CONF_FILE}; then
+      echo "Error: Failed to modify $(basename ${CONF_FILE})"
+      echo "Add 'Allow From 127.0.0.1' for all users to <Location /admin> section manualy."
+   fi
+   rm -rf "${TMP_FILE}"
+else
+   echo "${CONF_FILE}: No such file or directory or already modified by Novell iPrint"
+fi
+/sbin/ldconfig
+# Restart cups
+# only if it is running ...
+
+	test -n "$FIRST_ARG" || FIRST_ARG=$1 
+	if test "$FIRST_ARG" -ge 1 ; then 
+	   test -f /etc/sysconfig/services && . /etc/sysconfig/services 
+           if test "$YAST_IS_RUNNING" != "instsys" -a "$DISABLE_RESTART_ON_UPDATE" != yes ; then 
+              for service in cups ; do 
+                 /etc/init.d/$service try-restart > /dev/null || : 
+              done 
+           fi 
+        fi

trunk/novell4gentoo/net-print/novell-iprint-xclient/novell-iprint-xclient-6.500.20070508_p1-r1.ebuild

@@ -0,0 +1,147 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+NOVELL_BUILDID="GsODlkBPM2g~"
+NOVELL_FILE32="OES2-i386-CD1.iso"
+RESTRICT="mirror strip"
+
+inherit novell eutils rpm nsplugins
+
+MY_PV="${PV/_p/-}"
+
+DESCRIPTION="Novell iPrint Client for Linux Low Security"
+HOMEPAGE="http://www.novell.com"
+SRC_URI="http://${NOVELL_ACCOUNT_USERNAME}:${NOVELL_ACCOUNT_PASSWORD}@cdn.novell.com/prot/${NOVELL_BUILDID}/${NOVELL_FILE32}"
+
+LICENSE="Novell-NCL"
+SLOT="0"
+KEYWORDS="~x86 ~amd64"
+IUSE="gtk linguas_cs linguas_de linguas_es linguas_fr linguas_hu linguas_it linguas_ja linguas_pl linguas_pt linguas_ru linguas_sl linguas_zh_cn linguas_zh_tw"
+
+DEPEND=">=app-arch/p7zip-4.15"
+
+RDEPEND="virtual/libc
+	dev-libs/atk
+	dev-libs/expat
+	dev-libs/glib
+	media-libs/fontconfig
+	media-libs/freetype
+	media-libs/glitz
+	media-libs/libpng
+	>=net-print/cups-1.2
+	sys-libs/zlib
+	www-client/mozilla-firefox
+	x11-libs/gtk+
+	x11-libs/pango
+	x11-libs/cairo
+	x11-libs/libXrender
+	x11-libs/libX11
+	x11-libs/libXext
+	!net-print/novell-iprint-xclient-sh
+	!net-print/novell-iprint-xclient-sl"
+
+src_unpack() {
+	7z x "${DISTDIR}"/${NOVELL_FILE32}
+	cd "${WORKDIR}"
+	rpm_unpack "${WORKDIR}"/suse/noarch/novell-iprint-client-6.0.20070914-2.noarch.rpm
+	mkdir -p "${WORKDIR}"/${PN}-${MY_PV}
+	cd ${PN}-${MY_PV}
+	if use x86
+	then
+	    ndir=x86
+	    narch=i586
+	    nlib=lib
+	elif use amd64
+	then
+	    ndir=x86_64
+	    narch=x86_64
+	    nlib=lib64
+	fi
+	    rpm_unpack "${WORKDIR}"/var/opt/novell/iprint/htdocs/clients/linux/${ndir}/novell-iprint-xclient-sl-${MY_PV}.${narch}.rpm
+}
+
+src_compile() {
+	CUPSDIR=`cups-config --serverbin`
+}
+
+src_install() {
+	for x in cs de es fr hu it ja pl pt ru sl zh_cn zh_tw
+	do
+	    if use linguas_${x}
+	    then
+		cp "${WORKDIR}"/${PN}-${MY_PV}/opt/novell/iprint/share/locale/${x}/LC_MESSAGES/iprint-client.mo "${WORKDIR}"/${x}.mo
+		domo "${WORKDIR}"/${x}.mo
+	    fi
+	done
+	insinto /etc/opt/novell/iprint
+	doins "${WORKDIR}"/${PN}-${MY_PV}/etc/opt/novell/iprint/*
+	into /opt/novell/iprint
+	dobin "${WORKDIR}"/${PN}-${MY_PV}/opt/novell/iprint/bin/*
+	insinto /opt/novell/iprint/plugin
+	doins "${WORKDIR}"/${PN}-${MY_PV}/opt/novell/iprint/plugin/npnipp.so
+	inst_plugin /opt/novell/iprint/plugin/npnipp.so
+	insinto /usr/share/autostart
+	doins "${WORKDIR}"/${PN}-${MY_PV}/opt/kde3/share/autostart/*.desktop
+	dosed "s:/usr/share/pixmaps/iprint_32:iprint.gif:g" /usr/share/autostart/iprint.desktop
+	exeinto ${CUPSDIR}/backend
+	doexe "${WORKDIR}"/${PN}-${MY_PV}/usr/${nlib}/cups/backend/*
+	dosym ${CUPSDIR} /usr/$(get_libdir)/cups
+	keepdir /var/opt/novell/log/iprint/client
+	into /opt/novell
+	dolib "${WORKDIR}"/${PN}-${MY_PV}/opt/novell/${nlib}/*
+	doman "${WORKDIR}"/${PN}-${MY_PV}/opt/novell/man/*/*
+	newicon "${WORKDIR}"/${PN}-${MY_PV}/opt/novell/iprint/share/icons/iprint_32.gif iprint.gif
+
+	if use x86
+	then
+	    doenvd "${FILESDIR}"/80novell-iprint
+	elif use amd64
+	then
+	    doenvd "${FILESDIR}"/80novell-iprint64
+	fi
+}
+
+pkg_nofetch() {
+	einfo "This files require you to register at ${HOMEPAGE} (free account)"
+	einfo "Please download following file:"
+	einfo " - ${NOVELL_FILE32}"
+	einfo "from http://download.novell.com/Download?buildid=${NOVELL_BUILDID}"
+	einfo "and place it in ${DISTDIR}"
+	einfo ""
+	einfo "To get rid of downloading files from ${HOMEPAGE}"
+	einfo "you can create a file /etc/portage/novell.acc"
+	einfo "containing the novell account infos with following commands"
+	einfo "# echo \"NOVELL_ACCOUNT_USERNAME=\\\"balduin\\\"\" >> /etc/portage/novell.acc"
+	einfo "# echo \"NOVELL_ACCOUNT_PASSWORD=\\\"derfisch\\\"\" >> /etc/portage/novell.acc"
+}
+
+pkg_postinst() {
+##
+## First, modify cupsd.conf to allow local access to /admin:
+##
+DATE=$(date +%Y%m%d)
+TMP_DIR=/tmp
+TMP_FILE="$(mktemp ${TMP_DIR}/.cupsd.conf.XXXXXX)"
+EDIT_TAG="Edited by Novell-iPrint:"
+CONF_FILE="/etc/cups/cupsd.conf"
+BACKUP_FILE=${CONF_FILE}.bak.${DATE}.$$
+# Modify CONF_FILE for 'low' security model for /admin section
+	if [ -f ${CONF_FILE} ]; then
+	    sed -e "/^ *< *Location *\/admin/,/^ *< *\/Location *>/{          # Work only in the '<Location /admin>' block
+	    /^.*Location/!d;                                            # Delete all but the location directives
+	    s@\(^ *< *Location.*$\)@\1\n# ${EDIT_TAG} ${DATE}\n#\n# Security setting: low\n# Original configuration backed up to ${BACKUP_FILE}\n#\n\nAuthType None\n\n## Restrict access to local domain\nOrder Deny,Allow\nDeny From All\nAllow From 127.0.0.1@;
+	}" ${CONF_FILE} >  "${TMP_FILE}"
+	# Replace the CONF_FILE with our modified version
+	    if ! cp "${CONF_FILE}" "${BACKUP_FILE}"; then
+		eerror "Failed to create backup of $(basename ${CONF_FILE})"
+		einfo "Add 'Allow From 127.0.0.1' for all users to <Location /admin> section manualy."
+	    elif ! mv "${TMP_FILE}" ${CONF_FILE}; then
+		eerror "Failed to modify $(basename ${CONF_FILE})"
+		einfo "Add 'Allow From 127.0.0.1' for all users to <Location /admin> section manualy."
+	    fi
+	    rm -rf "${TMP_FILE}"
+	else
+	    echo "${CONF_FILE}: No such file or directory or already modified by Novell iPrint"
+	fi
+}