From: frank <frank@uhu1.uhu-banane.de>
Date: Tue, 31 Jan 2012 08:08:41 +0000 (+0100)
Subject: committing changes in /etc after emerge run
X-Git-Url: https://git.uhu-banane.net/?a=commitdiff_plain;h=4d847c69fbedf4c8746295561695de4df329b927;p=config%2Fuhu1%2Fetc.git

committing changes in /etc after emerge run

Package changes:
+net-misc/stunnel-4.44
---

diff --git a/.etckeeper b/.etckeeper
index 376bbc5..ce40246 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -625,6 +625,7 @@ maybe chmod 0755 './init.d/snmptrapd'
 maybe chmod 0755 './init.d/spamd'
 maybe chmod 0755 './init.d/sshd'
 maybe chmod 0755 './init.d/staticroute'
+maybe chmod 0755 './init.d/stunnel'
 maybe chmod 0755 './init.d/svnserve'
 maybe chmod 0755 './init.d/swap'
 maybe chmod 0755 './init.d/swclock'
@@ -1113,6 +1114,8 @@ maybe chgrp mail './ssl/postfix/server.pem'
 maybe chmod 0400 './ssl/postfix/server.pem'
 maybe chmod 0700 './ssl/private'
 maybe chmod 0644 './ssl/private/.keep_dev-libs_openssl-0'
+maybe chmod 0755 './stunnel'
+maybe chmod 0644 './stunnel/stunnel.conf'
 maybe chmod 0440 './sudoers'
 maybe chmod 0750 './sudoers.d'
 maybe chmod 0644 './sysctl.conf'
diff --git a/init.d/stunnel b/init.d/stunnel
new file mode 100755
index 0000000..cf33c04
--- /dev/null
+++ b/init.d/stunnel
@@ -0,0 +1,73 @@
+#!/sbin/runscript
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+# Default pidfile location
+DEFAULT_PIDFILE="/var/run/stunnel/stunnel.pid"
+FILES="/etc/stunnel/*.conf"
+DAEMON="/usr/sbin/stunnel"
+
+depend() {
+	need net
+    before logger
+}
+
+get_pids() {
+    local file=${1}
+    if test -f ${file} ; then
+        CHROOT=$(grep "^chroot" ${file} | sed "s;.*= *;;")
+        PIDFILE=$(grep "^pid" ${file} | sed "s;.*= *;;")
+        if [ "${PIDFILE}" == "" ] ; then
+            PIDFILE="${DEFAULT_PIDFILE}"
+        fi
+        if test -f ${CHROOT}/${PIDFILE} ; then
+            cat ${CHROOT}/${PIDFILE}
+        fi
+    fi
+}
+
+start() {
+    rm -rf /var/run/stunnel/*.pid
+	ebegin "Starting stunnel"
+    for file in ${FILES} ; do
+        if test -f "${file}" ; then
+            ARGS="${file} ${STUNNEL_OPTIONS}"
+            PROCLIST="$(get_pids ${file})"
+            CHROOT=$(grep "^chroot" ${file} | sed "s;.*= *;;")
+            PIDFILE=$(grep "^pid" ${file} | sed "s;.*= *;;")
+            if [ "${PROCLIST}" ] && kill -0 ${PROCLIST} 2> /dev/null ; then
+                ewarn "  already running: ${file} "
+            elif ${DAEMON} ${ARGS} ; then
+                if ! test -f ${CHROOT}/${PIDFILE} ; then
+                    # give the daemon time to create the pid file
+                    # See bug #308931 for more details
+                    sleep 0.5s
+                fi
+                if test -f ${CHROOT}/${PIDFILE} ; then
+                    einfo "   ${file}"
+                else
+                    eerror "   error starting: ${file}"
+                fi
+            fi
+        fi
+    done
+    eend $?
+}
+
+stop() {
+	ebegin "Stopping stunnel"
+    for file in ${FILES} ; do
+        PROCLIST=$(get_pids ${file})
+        if [ "${PROCLIST}" ] && kill -0 ${PROCLIST} 2> /dev/null ; then
+            kill ${PROCLIST}
+            einfo "  ${file} "
+        fi
+    done
+    eend $?
+}
+
+restart() {
+    svc_stop
+    sleep 1
+    svc_start
+}
diff --git a/stunnel/stunnel.conf b/stunnel/stunnel.conf
new file mode 100644
index 0000000..4aa8b8c
--- /dev/null
+++ b/stunnel/stunnel.conf
@@ -0,0 +1,61 @@
+# Sample stunnel configuration file by Michal Trojnara 2002-2005
+# Some options used here may not be adequate for your particular configuration
+# Please make sure you understand them (especially the effect of chroot jail)
+
+# Certificate/key is needed in server mode and optional in client mode
+# cert = /etc/stunnel/stunnel.pem
+# key = /etc/stunnel/stunnel.pem
+
+# Some security enhancements for UNIX systems - comment them out on Win32
+# chroot = /chroot/stunnel/
+setuid = stunnel
+setgid = stunnel
+# PID is created inside chroot jail
+pid = /var/run/stunnel/stunnel.pid
+
+# Some performance tunings
+socket = l:TCP_NODELAY=1
+socket = r:TCP_NODELAY=1
+#compression = rle
+
+# Workaround for Eudora bug
+#options = DONT_INSERT_EMPTY_FRAGMENTS
+
+# Authentication stuff
+#verify = 2
+# Don't forget to c_rehash CApath
+# CApath is located inside chroot jail:
+#CApath = /certs
+# It's often easier to use CAfile:
+#CAfile = /etc/stunnel/certs.pem
+# Don't forget to c_rehash CRLpath
+# CRLpath is located inside chroot jail:
+#CRLpath = /crls
+# Alternatively you can use CRLfile:
+#CRLfile = /etc/stunnel/crls.pem
+
+# Some debugging stuff useful for troubleshooting
+#debug = 7
+#output = stunnel.log
+
+# Use it for client mode
+#client = yes
+
+# Service-level configuration
+
+#[pop3s]
+#accept  = 995
+#connect = 110
+
+#[imaps]
+#accept  = 993
+#connect = 143
+
+#[ssmtp]
+#accept  = 465
+#connect = 25
+
+#[https]
+#accept  = 443
+#connect = 80
+#TIMEOUTclose = 0