Added some documentation explaining how to configure ShellInABox on Fedora.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@188 0da03de8-d603-11dd-86c2-0f8696b7b6f9
This commit is contained in:
zodiac@gmail.com
parent
e17458375d
commit
c64e8aeb97
10 changed files with 54 additions and 8 deletions
|
|
@ -20,7 +20,9 @@ dist_doc_DATA = AUTHORS \
|
||||||
shellinabox/black-on-white.css \
|
shellinabox/black-on-white.css \
|
||||||
shellinabox/monochrome.css \
|
shellinabox/monochrome.css \
|
||||||
shellinabox/color.css
|
shellinabox/color.css
|
||||||
EXTRA_DIST = demo/beep.wav \
|
EXTRA_DIST = INSTALL.Debian \
|
||||||
|
README.Fedora \
|
||||||
|
demo/beep.wav \
|
||||||
demo/favicon.ico \
|
demo/favicon.ico \
|
||||||
demo/demo.html \
|
demo/demo.html \
|
||||||
demo/demo.js \
|
demo/demo.js \
|
||||||
|
|
@ -34,6 +36,7 @@ EXTRA_DIST = demo/beep.wav \
|
||||||
demo/usercss-1.css \
|
demo/usercss-1.css \
|
||||||
demo/usercss-2.css \
|
demo/usercss-2.css \
|
||||||
demo/usercss-3.css \
|
demo/usercss-3.css \
|
||||||
|
etc-pam.d-shellinabox-example \
|
||||||
shellinabox/shellinaboxd.man.in \
|
shellinabox/shellinaboxd.man.in \
|
||||||
shellinabox/shell_in_a_box.js \
|
shellinabox/shell_in_a_box.js \
|
||||||
shellinabox/vt100.js \
|
shellinabox/vt100.js \
|
||||||
|
|
|
||||||
|
|
@ -279,7 +279,9 @@ dist_doc_DATA = AUTHORS \
|
||||||
shellinabox/monochrome.css \
|
shellinabox/monochrome.css \
|
||||||
shellinabox/color.css
|
shellinabox/color.css
|
||||||
|
|
||||||
EXTRA_DIST = demo/beep.wav \
|
EXTRA_DIST = INSTALL.Debian \
|
||||||
|
README.Fedora \
|
||||||
|
demo/beep.wav \
|
||||||
demo/favicon.ico \
|
demo/favicon.ico \
|
||||||
demo/demo.html \
|
demo/demo.html \
|
||||||
demo/demo.js \
|
demo/demo.js \
|
||||||
|
|
@ -293,6 +295,7 @@ EXTRA_DIST = demo/beep.wav \
|
||||||
demo/usercss-1.css \
|
demo/usercss-1.css \
|
||||||
demo/usercss-2.css \
|
demo/usercss-2.css \
|
||||||
demo/usercss-3.css \
|
demo/usercss-3.css \
|
||||||
|
etc-pam.d-shellinabox-example \
|
||||||
shellinabox/shellinaboxd.man.in \
|
shellinabox/shellinaboxd.man.in \
|
||||||
shellinabox/shell_in_a_box.js \
|
shellinabox/shell_in_a_box.js \
|
||||||
shellinabox/vt100.js \
|
shellinabox/vt100.js \
|
||||||
|
|
|
||||||
27
README.Fedora
Normal file
27
README.Fedora
Normal file
|
|
@ -0,0 +1,27 @@
|
||||||
|
When running in SELinux mode on Fedora, some operations don't work out of the
|
||||||
|
box.
|
||||||
|
|
||||||
|
Until somebody contributes a complete SELinux policy for ShellInABox, here are
|
||||||
|
some tips on getting things working:
|
||||||
|
|
||||||
|
- avoid using the default "LOGIN" service. Calling /bin/login does not do
|
||||||
|
the right thing.
|
||||||
|
The "LOGIN" service is the default service when running "shellinaboxd" as
|
||||||
|
"root". This means, you will most likely see all logins failing, whenever
|
||||||
|
you start the daemon as "root".
|
||||||
|
To fix this problem, consider explicitly specifying a service definition.
|
||||||
|
One of these two should work:
|
||||||
|
--service /:AUTH:HOME:/bin/bash
|
||||||
|
or
|
||||||
|
--service /:SSH
|
||||||
|
The latter requires that you have a locally running "sshd" daemon.
|
||||||
|
|
||||||
|
- On Fedora, PAM authentication does not work for shellinabox until you
|
||||||
|
explicitly configure it. This means, using "AUTH" in the service definition
|
||||||
|
will not allow you to log in.
|
||||||
|
You can fix this by defining a proper "/etc/pam.d/shellinabox" file. Take a
|
||||||
|
look at "etc-pam.d-shellinabox-example" for a working example.
|
||||||
|
Make sure you assign the correct SELinux labels to this file when copying
|
||||||
|
it into "/etc/pam.d":
|
||||||
|
cp -Z system_u:object_r:etc_t:s0 etc-pam.d-shellinabox-example /etc/pam.d/
|
||||||
|
|
||||||
2
config.h
2
config.h
|
|
@ -138,7 +138,7 @@
|
||||||
#define STDC_HEADERS 1
|
#define STDC_HEADERS 1
|
||||||
|
|
||||||
/* Most recent revision number in the version control system */
|
/* Most recent revision number in the version control system */
|
||||||
#define VCS_REVISION "187"
|
#define VCS_REVISION "188"
|
||||||
|
|
||||||
/* Version number of package */
|
/* Version number of package */
|
||||||
#define VERSION "2.10"
|
#define VERSION "2.10"
|
||||||
|
|
|
||||||
2
configure
vendored
2
configure
vendored
|
|
@ -2319,7 +2319,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
|
||||||
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||||
|
|
||||||
|
|
||||||
VCS_REVISION=187
|
VCS_REVISION=188
|
||||||
|
|
||||||
|
|
||||||
cat >>confdefs.h <<_ACEOF
|
cat >>confdefs.h <<_ACEOF
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ AC_PREREQ(2.57)
|
||||||
|
|
||||||
dnl This is the one location where the authoritative version number is stored
|
dnl This is the one location where the authoritative version number is stored
|
||||||
AC_INIT(shellinabox, 2.10, markus@shellinabox.com)
|
AC_INIT(shellinabox, 2.10, markus@shellinabox.com)
|
||||||
VCS_REVISION=187
|
VCS_REVISION=188
|
||||||
AC_SUBST(VCS_REVISION)
|
AC_SUBST(VCS_REVISION)
|
||||||
AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
|
AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
|
||||||
[Most recent revision number in the version control system])
|
[Most recent revision number in the version control system])
|
||||||
|
|
|
||||||
|
|
@ -1901,7 +1901,7 @@ VT100.prototype.toggleBell = function() {
|
||||||
};
|
};
|
||||||
|
|
||||||
VT100.prototype.about = function() {
|
VT100.prototype.about = function() {
|
||||||
alert("VT100 Terminal Emulator " + "2.10 (revision 187)" +
|
alert("VT100 Terminal Emulator " + "2.10 (revision 188)" +
|
||||||
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
||||||
"For more information check http://shellinabox.com");
|
"For more information check http://shellinabox.com");
|
||||||
};
|
};
|
||||||
|
|
|
||||||
13
etc-pam.d-shellinabox-example
Normal file
13
etc-pam.d-shellinabox-example
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
#%PAM-1.0
|
||||||
|
auth required pam_sepermit.so
|
||||||
|
auth include password-auth
|
||||||
|
account required pam_nologin.so
|
||||||
|
account include password-auth
|
||||||
|
password include password-auth
|
||||||
|
# pam_selinux.so close should be the first session rule
|
||||||
|
session required pam_selinux.so close
|
||||||
|
session required pam_loginuid.so
|
||||||
|
# pam_selinux.so open should only be followed by sessions to be executed in the user context
|
||||||
|
session required pam_selinux.so open env_params
|
||||||
|
session optional pam_keyinit.so force revoke
|
||||||
|
session include password-auth
|
||||||
|
|
@ -358,7 +358,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
|
||||||
};
|
};
|
||||||
|
|
||||||
ShellInABox.prototype.about = function() {
|
ShellInABox.prototype.about = function() {
|
||||||
alert("Shell In A Box version " + "2.10 (revision 187)" +
|
alert("Shell In A Box version " + "2.10 (revision 188)" +
|
||||||
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
||||||
"For more information check http://shellinabox.com" +
|
"For more information check http://shellinabox.com" +
|
||||||
(typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?
|
(typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?
|
||||||
|
|
|
||||||
|
|
@ -1901,7 +1901,7 @@ VT100.prototype.toggleBell = function() {
|
||||||
};
|
};
|
||||||
|
|
||||||
VT100.prototype.about = function() {
|
VT100.prototype.about = function() {
|
||||||
alert("VT100 Terminal Emulator " + "2.10 (revision 187)" +
|
alert("VT100 Terminal Emulator " + "2.10 (revision 188)" +
|
||||||
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
"\nCopyright 2008-2009 by Markus Gutschke\n" +
|
||||||
"For more information check http://shellinabox.com");
|
"For more information check http://shellinabox.com");
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue