maybe chmod 0755 './init.d/spamd'
maybe chmod 0755 './init.d/sshd'
maybe chmod 0755 './init.d/staticroute'
+maybe chmod 0755 './init.d/stunnel'
maybe chmod 0755 './init.d/svnserve'
maybe chmod 0755 './init.d/swap'
maybe chmod 0755 './init.d/swclock'
maybe chmod 0400 './ssl/postfix/server.pem'
maybe chmod 0700 './ssl/private'
maybe chmod 0644 './ssl/private/.keep_dev-libs_openssl-0'
+maybe chmod 0755 './stunnel'
+maybe chmod 0644 './stunnel/stunnel.conf'
maybe chmod 0440 './sudoers'
maybe chmod 0750 './sudoers.d'
maybe chmod 0644 './sysctl.conf'
--- /dev/null
+#!/sbin/runscript
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+# Default pidfile location
+DEFAULT_PIDFILE="/var/run/stunnel/stunnel.pid"
+FILES="/etc/stunnel/*.conf"
+DAEMON="/usr/sbin/stunnel"
+
+depend() {
+ need net
+ before logger
+}
+
+get_pids() {
+ local file=${1}
+ if test -f ${file} ; then
+ CHROOT=$(grep "^chroot" ${file} | sed "s;.*= *;;")
+ PIDFILE=$(grep "^pid" ${file} | sed "s;.*= *;;")
+ if [ "${PIDFILE}" == "" ] ; then
+ PIDFILE="${DEFAULT_PIDFILE}"
+ fi
+ if test -f ${CHROOT}/${PIDFILE} ; then
+ cat ${CHROOT}/${PIDFILE}
+ fi
+ fi
+}
+
+start() {
+ rm -rf /var/run/stunnel/*.pid
+ ebegin "Starting stunnel"
+ for file in ${FILES} ; do
+ if test -f "${file}" ; then
+ ARGS="${file} ${STUNNEL_OPTIONS}"
+ PROCLIST="$(get_pids ${file})"
+ CHROOT=$(grep "^chroot" ${file} | sed "s;.*= *;;")
+ PIDFILE=$(grep "^pid" ${file} | sed "s;.*= *;;")
+ if [ "${PROCLIST}" ] && kill -0 ${PROCLIST} 2> /dev/null ; then
+ ewarn " already running: ${file} "
+ elif ${DAEMON} ${ARGS} ; then
+ if ! test -f ${CHROOT}/${PIDFILE} ; then
+ # give the daemon time to create the pid file
+ # See bug #308931 for more details
+ sleep 0.5s
+ fi
+ if test -f ${CHROOT}/${PIDFILE} ; then
+ einfo " ${file}"
+ else
+ eerror " error starting: ${file}"
+ fi
+ fi
+ fi
+ done
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping stunnel"
+ for file in ${FILES} ; do
+ PROCLIST=$(get_pids ${file})
+ if [ "${PROCLIST}" ] && kill -0 ${PROCLIST} 2> /dev/null ; then
+ kill ${PROCLIST}
+ einfo " ${file} "
+ fi
+ done
+ eend $?
+}
+
+restart() {
+ svc_stop
+ sleep 1
+ svc_start
+}
--- /dev/null
+# Sample stunnel configuration file by Michal Trojnara 2002-2005
+# Some options used here may not be adequate for your particular configuration
+# Please make sure you understand them (especially the effect of chroot jail)
+
+# Certificate/key is needed in server mode and optional in client mode
+# cert = /etc/stunnel/stunnel.pem
+# key = /etc/stunnel/stunnel.pem
+
+# Some security enhancements for UNIX systems - comment them out on Win32
+# chroot = /chroot/stunnel/
+setuid = stunnel
+setgid = stunnel
+# PID is created inside chroot jail
+pid = /var/run/stunnel/stunnel.pid
+
+# Some performance tunings
+socket = l:TCP_NODELAY=1
+socket = r:TCP_NODELAY=1
+#compression = rle
+
+# Workaround for Eudora bug
+#options = DONT_INSERT_EMPTY_FRAGMENTS
+
+# Authentication stuff
+#verify = 2
+# Don't forget to c_rehash CApath
+# CApath is located inside chroot jail:
+#CApath = /certs
+# It's often easier to use CAfile:
+#CAfile = /etc/stunnel/certs.pem
+# Don't forget to c_rehash CRLpath
+# CRLpath is located inside chroot jail:
+#CRLpath = /crls
+# Alternatively you can use CRLfile:
+#CRLfile = /etc/stunnel/crls.pem
+
+# Some debugging stuff useful for troubleshooting
+#debug = 7
+#output = stunnel.log
+
+# Use it for client mode
+#client = yes
+
+# Service-level configuration
+
+#[pop3s]
+#accept = 995
+#connect = 110
+
+#[imaps]
+#accept = 993
+#connect = 143
+
+#[ssmtp]
+#accept = 465
+#connect = 25
+
+#[https]
+#accept = 443
+#connect = 80
+#TIMEOUTclose = 0
projects / config / uhu1 / etc.git / commitdiff