Section: admin
Priority: extra
Maintainer: Ian Jackson <ijackson@chiark.greenend.org.uk>
-Standards-Version: 2.1.1.0
+Standards-Version: 3.7.0.0
Build-Depends: debhelper (>= 8)
-Package: userv-ipif
+Package: userv-utils
Architecture: any
-Depends: userv, ${shlibs:Depends}, ${misc:Depends}
-Recommends: ssh
-Description: VPN system (and user-mode network interface)
- userv-ipif is a userv service to allow non-root users to create
- network interfaces implemented in user space.
+Depends: userv
+Recommends: ${perl:Depends}, ${misc:Depends}
+Description: privsep utilities collection
+ Several small userv services, which allow certain system configuration
+ actions to be delegated. In each case the service is disabled unless
+ enabled by symlink /etc/userv/services.d/* -> ../services-available/*.
.
- The default configuration does set up any users with permission to
- create network interfaces such as VPN endpoints.
+ ipif - allow non-root users to create network interfaces
+ ucgi - run CGI programs in providing user's account
+ mailq - allow users to view the mail queue
+ ndc-reload - allow certain users to reload the nameserver
+ checkpasswd-* - allow users to run a UNIX password check
Package: userv-dyndns
Architecture: all
Typically, this can be used to provide a `dyndns.org'-like service
which is modifiable by shell account users.
.
- The default configuration does not set up any users with permission
- to modify the DNS.
-
-Package: userv-cgi
-Architecture: any
-Depends: userv, ${shlibs:Depends}, ${misc:Depends}
-Recommends: httpd
-Description: user-provided CGI scripts invoked by userv
- This package contains ucgi, a userv service which allows CGI programs
- to be provided which do not run as the webserver user, but instead
- are owned by a particular other account.
- .
- Similar effects can be achieved with Apache's suexec; this package is
- for administrators who do not trust suexec and wish to defend the
- webserver from the CGI script providers, and vice versa, as much as
- possible. This is achieved by using userv to do the cross-account
- call, rather than a custom setuid helper.
- .
- The default configuration allows the webserver user to invoke users'
- CGI programs from each user's ~/public-GI, but to allow external
- callers to do this, the webserver will also need to be configured.
+ The default configuration creates the infrastructure (including a
+ service user) but does not allow any users to modify the DNS.
Package: userv-groupmanage
Architecture: all
the line from /usr/share/doc/examples/userv-git-daemon.inetd into
/etc/inetd.conf and (b) specifically list hostnames and target
directories in /etc/userv/git-urlmap.
-
-Package: userv-misc
-Architecture: all
-Depends: userv
-Recommends: ${perl:Depends}, ${misc:Depends}
-Description: miscellaneous small userv scripts
- This package a few small userv services. Since you must choose
- whether to install this package or not as one lump, the default
- configuration for each script does not give users any new abilities.
- .
- mailq - allow users to view the mail queue
- ndc-reload - allow certain users to reload the nameserver
- checkpasswd-* - allow users to run a UNIX password check
~ian / userv-utils.git / blobdiff