mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-22 21:50:55 +00:00
rssh: remove
Upstream has not made any releases since 2012 and there are several known CVEs. The derivation has been marked broken in nixpkgs since March 2019.
This commit is contained in:
parent
c05d71527c
commit
7cbeb32381
|
@ -1,97 +0,0 @@
|
|||
# CAVEATS:
|
||||
# - Have only tested this with rsync, scp, and sftp. cvs support should work, but chroot integration is unlikely to function without further work
|
||||
# - It is compiled without rdist support because rdist is ludicrously ancient (and not already in nixpkgs)
|
||||
|
||||
{ stdenv, fetchurl, openssh, rsync, cvs }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "rssh";
|
||||
version = "2.3.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/rssh/rssh/${version}/${pname}-${version}.tar.gz";
|
||||
sha256 = "f30c6a760918a0ed39cf9e49a49a76cb309d7ef1c25a66e77a41e2b1d0b40cd9";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./fix-config-path.patch
|
||||
|
||||
# Patches from AUR
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0001-fail-logging.patch?h=rssh";
|
||||
name = "0001-fail-logging.patch";
|
||||
sha256 = "d30f2f4fdb1b57f94773f5b0968a4da3356b14a040efe69ec1e976c615035c65";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0002-info-to-debug.patch?h=rssh";
|
||||
name = "0002-info-to-debug.patch";
|
||||
sha256 = "86f6ecf34f62415b0d6204d4cbebc47322dc2ec71732d06aa27758e35d688fcd";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0003-man-page-spelling.patch?h=rssh";
|
||||
name = "0003-man-page-spelling.patch";
|
||||
sha256 = "455b3bbccddf1493999d00c2cd46e62930ef4fd8211e0b7d3a89d8010d6a5431";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0004-mkchroot.patch?h=rssh";
|
||||
name = "0004-mkchroot.patch";
|
||||
sha256 = "f7fd8723d2aa94e64e037c13c2f263a52104af680ab52bfcaea73dfa836457c2";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0005-mkchroot-arch.patch?h=rssh";
|
||||
name = "0005-mkchroot-arch.patch";
|
||||
sha256 = "ac8894c4087a063ae8267d2fdfcde69c2fe6b67a8ff5917e4518b8f73f08ba3f";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0006-mkchroot-symlink.patch?h=rssh";
|
||||
name = "0006-mkchroot-symlink.patch";
|
||||
sha256 = "bce98728cb9b55c92182d4901c5f9adf49376a07c5603514b0004e3d1c85e9c7";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0007-destdir.patch?h=rssh";
|
||||
name = "0007-destdir.patch";
|
||||
sha256 = "7fa03644f81dc37d77cc7e2cad994f17f91b2b8a49b1a74e41030a4ac764385e";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/0008-rsync-protocol.patch?h=rssh";
|
||||
name = "0008-rsync-protocol.patch";
|
||||
sha256 = "0c772afe9088eeded129ead86775ef18e58c318bbc58fc3e2585e7ff09cc5e91";
|
||||
})
|
||||
];
|
||||
|
||||
# Run this after to avoid conflict with patches above
|
||||
postPatch = ''
|
||||
sed -i '/chmod u+s/d' Makefile.in
|
||||
'';
|
||||
|
||||
|
||||
buildInputs = [ openssh rsync cvs ];
|
||||
|
||||
configureFlags = [
|
||||
"--with-sftp-server=${openssh}/libexec/sftp-server"
|
||||
"--with-scp=${openssh}/bin/scp"
|
||||
"--with-rsync=${rsync}/bin/rsync"
|
||||
"--with-cvs=${cvs}/bin/cvs"
|
||||
];
|
||||
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A restricted shell for use with OpenSSH, allowing only scp and/or sftp";
|
||||
longDescription = ''
|
||||
rssh also includes support for rsync and cvs. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that.
|
||||
'';
|
||||
homepage = "http://www.pizzashack.org/rssh/";
|
||||
license = licenses.bsd2;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ arobyn ];
|
||||
knownVulnerabilities = [
|
||||
"CVE-2019-1000018"
|
||||
"CVE-2019-3463"
|
||||
"CVE-2019-3464"
|
||||
];
|
||||
};
|
||||
|
||||
passthru = {
|
||||
shellPath = "/bin/rssh";
|
||||
};
|
||||
}
|
|
@ -1,12 +0,0 @@
|
|||
diff -Naur rssh-2.3.4/Makefile.in rssh-2.3.4-fixed/Makefile.in
|
||||
--- rssh-2.3.4/Makefile.in 2012-11-27 11:19:34.000000000 +1100
|
||||
+++ rssh-2.3.4-fixed/Makefile.in 2015-11-11 21:13:58.516651742 +1100
|
||||
@@ -186,7 +186,7 @@
|
||||
sysconfdir = @sysconfdir@
|
||||
target_alias = @target_alias@
|
||||
AUTOMAKE_OPTIONS = nostdinc
|
||||
-ourdefs = -DPATH_RSSH_CONFIG=\"@sysconfdir@/rssh.conf\" -DPATH_CHROOT_HELPER=\"@libexecdir@/rssh_chroot_helper\"
|
||||
+ourdefs = -DPATH_RSSH_CONFIG=\"/etc/rssh.conf\" -DPATH_CHROOT_HELPER=\"@libexecdir@/rssh_chroot_helper\"
|
||||
ourflags = @defcflags@ @static@
|
||||
AM_CFLAGS = $(ourflags)
|
||||
nodist_rssh_SOURCES = main.c pathnames.h config.h
|
|
@ -467,6 +467,7 @@ mapAliases ({
|
|||
robomongo = robo3t; #added 2017-09-28
|
||||
rocm-runtime-ext = throw "rocm-runtime-ext has been removed, since its functionality was added to rocm-runtime"; #added 2020-08-21
|
||||
rssglx = rss-glx; #added 2015-03-25
|
||||
rssh = throw "rssh has been removed from nixpkgs: no upstream releases since 2012, several known CVEs"; # added 2020-08-25
|
||||
recordmydesktop = throw "recordmydesktop has been removed from nixpkgs, as it's unmaintained and uses deprecated libraries"; # added 2019-12-10
|
||||
gtk-recordmydesktop = throw "gtk-recordmydesktop has been removed from nixpkgs, as it's unmaintained and uses deprecated libraries"; # added 2019-12-10
|
||||
qt-recordmydesktop = throw "qt-recordmydesktop has been removed from nixpkgs, as it's abandoned and uses deprecated libraries"; # added 2019-12-10
|
||||
|
|
|
@ -8259,8 +8259,6 @@ in
|
|||
|
||||
tcsh = callPackage ../shells/tcsh { };
|
||||
|
||||
rssh = callPackage ../shells/rssh { };
|
||||
|
||||
rush = callPackage ../shells/rush { };
|
||||
|
||||
xonsh = callPackage ../shells/xonsh { };
|
||||
|
|
Loading…
Reference in a new issue