Removing mkxauth and its manpage with an extreme prejudice.

This commit is contained in:
Matěj Cepl 2011-08-12 00:01:13 +02:00
parent 5dfc635d3b
commit 2a6c3bcb27
3 changed files with 4 additions and 649 deletions

384
mkxauth
View File

@ -1,384 +0,0 @@
#!/bin/sh
#
# mkxauth: script to make per-user Xauthority database
# formerly 'newcookie' script; modified 18-Jul-1996 jim knoble
#
########################################################################
# $Log: mkxauth,v $
# Revision 1.1 2004/03/10 20:21:41 mharris
# automated commit of xorg-x11-0.0.6.6-0.0.2004_03_09.0
#
# Revision 1.8mh 2004/02/23 mharris
# changed chown to use foo:bar instead of foo.bar as the latter has been
# deprecated. This entry is added by hand as mkxauth isn't in CVS
#
# Revision 1.7 1996/10/23 21:34:23 jmknoble
# take path of least surprise if no command specified;
# if hostnames specified with -c, don't assume local host.
#
# Revision 1.6 1996/10/02 20:34:12 jmknoble
# updated help text again
#
# Revision 1.5 1996/10/02 20:10:03 jmknoble
# updated help text
#
# Revision 1.4 1996/10/02 20:03:26 jmknoble
# fixed quoting problem in key generation
#
# Revision 1.3 1996/08/20 16:31:30 jmknoble
# refined random key generation (using mcookie if available)
#
# Revision 1.2 1996/08/20 15:49:33 jmknoble
# replaced key generation using perl with method using md5sum
#
# Revision 1.1 1996/08/05 16:40:20 jmknoble
# Initial revision
#
########################################################################
#set -x
## default values for some variables
usr_umask=0077
# eventual exit status
sts=0
# verbose operation if blank
opt_vrbopr=''
# eventual string of non-option arguments
cmd_args=''
# filename for per-user Xauthority database
usrauth=.Xauthority
# username for whom to make per-user database
lclusr=`whoami`
# mode for making database;
# valid values are 'create', 'merge-local',
# 'merge-ftp', 'merge-rsh', 'merge-rzip',
# and 'none'
xauth_mode='none'
# actual path to target database
dstauth=''
# user to login as for rsh/rzip modes
rmtusr=`whoami`
# host to contact for remote Xauthority databases
rmthst=''
# local user to grab Xauthority from in merge mode
srcusr=''
########################################################################
# help message
function prthlp() {
echo ""
echo " usage: $0 [-q] [-u <login>] -m <login>"
echo " $0 [-q] [-u <login>] -f <host>"
echo " $0 [-q] [-u <login>] -r <host> [-l <login>]"
echo " $0 [-q] [-u <login>] -z <host> [-l <login>]"
echo " $0 [-q] [-u <login>] -c [<host> [<host> ... ]]"
echo ""
echo " create or update an Xauthority database containing authentication"
echo " keys for the current user or a specified user on the local host."
echo ""
echo " commands:"
echo ""
echo " -m <login> merge the Xauthority database from local user <login>"
echo " (if readable) with the target .Xauthority"
echo ""
echo " -f <host> merge a remote Xauthority database with the target"
echo " .Xauthority, using ncftp"
echo ""
echo " -r <host> merge a remote Xauthority database with the target"
echo " .Xauthority, using rsh"
echo ""
echo " -z <host> merge a remote Xauthority database with the target"
echo " .Xauthority, using rsh and gzip"
echo ""
echo " -c <host>... create a local Xauthority database, or add keys to an"
echo " existing one, for all hosts listed (uses md5sum). if"
echo " no hosts are listed, assume the local host."
echo ""
echo " options:"
echo ""
echo " -q quiet operation"
echo ""
echo " -u <login> create/merge .Xauthority for user <login>"
echo ""
echo " -l <login> for '-f', '-r' and '-z' modes, use <login> for the"
echo " remote login"
echo ""
exit 0
}
# check that current user is root
function chkroot() {
if [ `whoami` != root ]; then
echo "sorry---you need to be root" "$*"
exit 1
fi
}
# write a message to stdout iff verbose mode on
function msg() {
if [ -z "$opt_vrbopr" ]; then
echo "$@"
fi
}
# check that a command exists
function chkcmdexs() {
for i in $*; do
if [ -z `type -p $i` ]; then
echo "`basename $0`: error: can't find command '$i'"
exit 1
fi
done
}
# check that a file exists, and create it if it doesn't
# *and* if we have write permissions to its parent dir
function chkfilexs() {
for i in $*; do
if [ ! -f "$i" ]; then
if [ -w `dirname $i` ]; then
msg -n "creating file $i ... "
touch $i
msg "done"
fi
fi
done
}
# check if a file is readable
function redabl() {
local srcfil=$1
if [ -r "$srcfil" ]; then
sts=0
else
echo "`basename $0`: error: cannot read file $srcfil"
sts=1
fi
return $sts
}
# check if a file is writable
function wrtabl() {
local dstfil=$1
if [ -w "$dstfil" ]; then
sts=0
else
echo "`basename $0`: error: cannot write to file $dstfil"
sts=1
fi
return $sts
}
# set the correct ownership for a file
function givusr() {
local lststs=$1
local usrnam=$2
local dstfil=$3
if [ $lststs = 0 ]; then
chown $usrnam:$usrnam $dstfil
sts=0
else
msg ""
echo "`basename $0`: error writing to file $dstfil"
sts=1
fi
return $sts
}
########################################################################
# set our umask so that no one else can read our files
umask $usr_umask
# test some command-line args
while [ "$*" ]; do
case $1 in
-h | --help)
shift
prthlp
;;
-q | --quiet)
shift
opt_vrbopr='-q'
;;
-u | --user)
shift
lclusr="$1"
shift
;;
-l | --login)
shift
rmtusr="$1"
shift
;;
-c | --create)
shift
xauth_mode='create'
;;
-m | --merge)
shift
xauth_mode='merge-local'
srcusr="$1"
shift
;;
-f | --ftp)
shift
xauth_mode='merge-ftp'
rmthst="$1"
shift
;;
-r | --rsh)
shift
xauth_mode='merge-rsh'
rmthst="$1"
shift
;;
-z | --rzip)
shift
xauth_mode='merge-rzip'
rmthst="$1"
shift
;;
-*)
echo "`basename $0`: invalid option '$1'"
shift
prthlp
;;
*)
cmd_args="$cmd_args $1"
shift
;;
esac
done
# if called without a valid command, follow path of least surprise
if [ "$xauth_mode" = "none" ]; then
prthlp
fi
# figure out if we're allowed to do what we said we wanted to
if [ `whoami` != $lclusr ]; then
chkroot "to change another user's .Xauthority."
fi
# make sure xauth is available
chkcmdexs xauth
# set name for target Xauthority database
dstauth=`eval echo ~$lclusr/$usrauth`
# figure out what action to take
case $xauth_mode in
create)
# create an Xauthority database for user 'userid'.
# (requires md5sum, xauth)
chkcmdexs uptime dd md5sum cut
# create an empty database if one doesn't exist
chkfilexs $dstauth
# generate a random key -- depends on md5sum, among others
key=`(
whoami
uptime
[ \`type -p mcookie\` ] && mcookie
[ -f /proc/meminfo ] && cat /proc/meminfo
[ -f /dev/urandom ] && dd if=/dev/urandom bs=16 count=1
) 2>&1 | md5sum | cut -f 1 -d ' '`
# add all hosts specified on command line;
# if none specified, assume local host.
authhosts=`hostname`
if [ "$cmd_args" ]; then
authhosts="$cmd_args"
fi
if wrtabl $dstauth; then
for i in $authhosts; do
msg -n "adding key for $i to $dstauth ... "
xauth -f $dstauth add $i/unix:0 . $key
xauth -f $dstauth add $i:0 . $key
if [ $? != 0 ]; then
break
fi
msg "done"
done
# make sure the user owns the file
givusr $? $lclusr $dstauth
fi
;;
merge-local)
# merge a local Xauthority database (if readable)
# from a specified user with the database for local user.
# (requires xauth)
srcauth=`eval echo ~$srcusr/$usrauth`
if redabl $srcauth; then
mrgcmd="xauth -f $dstauth merge $srcauth"
mrgmsg="merging $srcauth into $dstauth"
else
exit $sts
fi
;;
merge-ftp)
# merge a remote Xauthority database with the local one
# for local user, using ncftp.
# (requires ncftp, xauth)
chkcmdexs ncftp
srcauth="$rmtusr@$rmthst:$usrauth"
if [ -z "$opt_vrbopr" ]; then
ftp_vrbopr="-V quiet"
else
ftp_vrbopr="-V quiet"
fi
mrgcmd='ncftp $ftp_vrbopr <<-ENDFTPCMD
open -ui $rmthst
$rmtusr
get $usrauth "|xauth -f $dstauth merge -"
quit
ENDFTPCMD'
mrgmsg="merging $srcauth into $dstauth"
;;
merge-rsh)
# merge a remote Xauthority database with the local one
# for local user, using rsh
# (requires rsh, xauth)
chkcmdexs rsh
srcauth="$rmtusr@$rmthst:$usrauth"
mrgcmd="{ rsh -l $rmtusr $rmthst cat $usrauth } \
| { xauth -f $dstauth merge - }"
mrgmsg="merging $srcauth into $dstauth"
;;
merge-rzip)
# merge a remote Xauthority database with the local one
# for local user, using rsh and gzip.
# (requires rsh, gzip, xauth)
chkcmdexs rsh gzip
srcauth="$rmtusr@$rmthst:$usrauth"
mrgcmd="{ rsh -l $rmtusr $rmthst gzip -c $usrauth } \
| { gzip -dc } \
| { xauth -f $dstauth merge - }"
mrgmsg="merging $srcauth into $dstauth"
;;
*)
# something's hosed
echo "oops! xauth_mode = '$xauth_mode' - this shouldn't happen."
sts=1
;;
esac
# actually perform merge, if requested
case $xauth_mode in
merge-*)
# create an empty database if one doesn't exist
chkfilexs $dstauth
# perform the requested merge, if the target database is writable
if wrtabl $dstauth; then
msg "$mrgmsg ... "
eval "$mrgcmd"
# if successful, make sure the user owns the file
if givusr $? $lclusr $dstauth; then
msg "done"
fi
fi
;;
esac
exit $sts

View File

@ -1,254 +0,0 @@
.de TQ
.br
.ns
.TP \\$1
..
.TH mkxauth 1x "12-Dec-1996" "Red Hat Software" "Linux User's Manual"
.SH NAME
mkxauth \- create and merge .Xauthority files
.SH SYNOPSIS
(1)
.B mkxauth
[ \-q ] [ \-u
.I login
] \-c [
.I host
[
.I host
\|.\|.\|. ] ]
.PP
(2)
.B mkxauth
[ \-q ] [ \-u
.I login
] \-m
.I login
.PP
(3)
.B mkxauth
[ \-q ] [ \-u
.I login
] \-f
.I host
.PP
(4)
.B mkxauth
[ \-q ] [ \-u
.I login
] \-r
.I host
[ \-l
.I login
]
.PP
(5)
.B mkxauth
[ \-q ] [ \-u
.I login
] \-z
.I host
[ \-l
.I login
]
.SH DESCRIPTION
.B mkxauth
aids in the creation and maintenance of X authentication databases
(.Xauthority files). Use it to create a ~/.Xauthority file or merge
keys from another local or remote .Xauthority file. Remote .Xauthority
files can be retrieved via FTP (using
.BR ncftp (1))
or via
.BR rsh (1).
For a slight measure of security,
.B mkxauth
does not create any temporary files containing authentication keys
(although anyone spying on network packets can see the authentication
key data as they pass through the network; for secure network
communications, use
.BR ssh (1)).
.SS Creating and Adding to a .Xauthority File
To create a .Xauthority file, use
.B mkxauth \-c
(see (1) above).
.B mkxauth
creates a .Xauthority file in the user's home directory (~/),
containing a `key' or `magic cookie' for the host it was run on (the
one returned by
.BR hostname (1)).
If a .Xauthority file already exists, the keys are added to it. If
keys for that host already exist, they are replaced.
.PP
To create or add to a .Xauthority file for another user, use
.B mkxauth \-u
.I login
.BR \-c .
.B mkxauth
adds keys to
.RI ~ login /.Xauthority
(only the root user is allowed to do this).
.PP
To add a key for more than one host, specify all hosts on the command
line:
.B mkxauth \-c daffy porky
.BR bugs .
All hosts specified on the same command line receive the same key. To
create different keys for multiple hosts, run
.B mkxauth
for each host in succession:
.PP
.RS
.TQ
mkxauth \-c daffy
.TQ
mkxauth \-c porky
.TQ
mkxauth \-c bugs
.RE
.SS Merging Keys from Local .Xauthority Files
To merge keys from another local user's .Xauthority file, use
.B mkxauth \-m
.I login
(see (2) above).
.B mkxauth
adds the keys in
.RI ~ login /.Xauthority
to ~/.Xauthority, replacing any keys which already exist.
.RI ~ login /.Xauthority
must be readable by the user running
.B mkxauth
(normally only the root user can read other people's .Xauthority files).
.SS Merging Keys via FTP
To merge keys from a remote .Xauthority file via FTP, use
.B mkxauth \-f
.I host
(see (3) above).
.B mkxauth
retrieves the remote .Xauthority from
.I host
using
.BR ncftp (1)
and adds those keys to ~/.Xauthority, replacing any keys which already
exist.
.RI [ NOTE :
you must have a ~/.netrc file set up to automatically log you into
.IR host ,
otherwise the FTP login attempt will fail.]
.SS Merging Keys via rsh(1)
To merge keys from remote .Xauthority file via
.BR rsh (1),
use
.B mkxauth \-r
.I host
(see (4) above).
.B mkxauth
retrieves the remote .Xauthority from
.I host
using
.BR rsh (1)
and adds those keys to ~/.Xauthority, replacing any keys which already
exist. To login as a different user, use
.B \-l
.IR login .
.RI [ NOTE :
you must have a .rhosts file set up properly for this to work,
otherwise the remote login attempt will fail].
.SS Merging Keys via rsh(1) and gzip(1)
If your remote .Xauthority file is large, or to make it slightly less
obvious that you're transferring authentication keys over the network,
.B mkxauth
can
.BR gzip (1)
your .Xauthority file before retrieving it via
.BR rsh (1).
To do this, use
.B mkxauth \-z
.I host
(see (5) above).
.B mkxauth
retrieves the remote .Xauthority from
.I host
using
.BR rsh (1)
and adds those keys to ~/.Xauthority, replacing any keys which already
exist. To login as a different user, use
.B \-l
.IR login .
.RI [ NOTE :
you must have a .rhosts file set up properly for this to work,
otherwise the remote login attempt will fail].
.SS Options
To make
.B mkxauth
operate quietly, use the
.B \-q
option.
.PP
To add to
.RI ~ login /.Xauthority,
use the
.B \-u
.I login
option.
.PP
To use
.I login
for the remote login in
.B mkxauth
.BR \-f ,
.B mkxauth
.BR \-r ,
and
.B mkxauth
.BR \-z ,
use the
.B \-l
.I login
option.
.SS Getting Help
To get quick help about
.BR mkxauth ,
use
.B mkxauth
.BR \-\-help .
.SH FILES
.TQ
~/.Xauthority
.TQ
~/.netrc
.TQ
~/.rhosts
.SH COMMENTS
.B mkxauth
is mostly useful for maintaining .Xauthority files in an environment
which uses
.BR startx (1x).
.BR xdm (1x)
uses its own method of generating .Xauthority files. However,
.B mkxauth
is still useful for transferring .Xauthority information to remote
login sessions so that the user can display remote X clients on the
local host without too much trouble.
.PP
Note, however, that using
.BR rsh (1)
is inherently insecure, and sites concerned about security should use
.BR ssh (1)
instead (see http://www.cs.hut.fi/ssh/ for more information).
.SH SEE ALSO
.BR X (1x),
.BR Xsecurity (1x),
.BR gzip (1),
.BR mcookie (1),
.BR md5sum (1),
.BR ncftp (1),
.BR rsh (1),
.BR startx (1x),
.BR xauth (1x),
.BR xdm (1x)
.SH BUGS
Does not respect the XAUTHORITY environment variable.
.SH AUTHOR
Conceived and written by Jim Knoble <jmknoble@redhat.com>. Copyright
1996 by Jim Knoble and Red Hat Software. Distributed under the GNU GPL
(General Public License); see ftp://prep.ai.mit.edu/pub/gnu/COPYING for
more information.

View File

@ -3,7 +3,7 @@
Summary: X.Org X11 X authority utilities Summary: X.Org X11 X authority utilities
Name: xorg-x11-%{pkgname} Name: xorg-x11-%{pkgname}
Version: 1.0.6 Version: 1.0.6
Release: 1%{?dist} Release: 2%{?dist}
# NOTE: Remove Epoch line if package gets renamed # NOTE: Remove Epoch line if package gets renamed
Epoch: 1 Epoch: 1
License: MIT License: MIT
@ -11,8 +11,6 @@ Group: User Interface/X
URL: http://www.x.org URL: http://www.x.org
Source0: ftp://ftp.x.org/pub/individual/app/%{pkgname}-%{version}.tar.bz2 Source0: ftp://ftp.x.org/pub/individual/app/%{pkgname}-%{version}.tar.bz2
Source10: mkxauth
Source11: mkxauth.man
BuildRequires: pkgconfig BuildRequires: pkgconfig
BuildRequires: libX11-devel BuildRequires: libX11-devel
@ -21,7 +19,6 @@ BuildRequires: libXext-devel
BuildRequires: libXmu-devel BuildRequires: libXmu-devel
Provides: xauth Provides: xauth
Provides: mkxauth
%description %description
xauth is used to edit and display the authorization information xauth is used to edit and display the authorization information
@ -38,11 +35,6 @@ make %{?_smp_mflags}
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT
# Install mkxauth
{
install -p -m 755 %{SOURCE10} $RPM_BUILD_ROOT%{_bindir}/
install -p -m 644 %{SOURCE11} $RPM_BUILD_ROOT%{_mandir}/man1/mkxauth.1x
}
%clean %clean
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
@ -51,12 +43,13 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root,-) %defattr(-,root,root,-)
%doc COPYING README %doc COPYING README
%{_bindir}/xauth %{_bindir}/xauth
%{_bindir}/mkxauth
#%dir %{_mandir}/man1x #%dir %{_mandir}/man1x
%{_mandir}/man1/xauth.1* %{_mandir}/man1/xauth.1*
%{_mandir}/man1/mkxauth.1*
%changelog %changelog
* Thu Aug 11 2011 Matěj Cepl <mcepl@redhat.com> - 1.0.6-2
- Removed mkxauth with an extreme prejudice.
* Tue Jun 21 2011 Adam Jackson <ajax@redhat.com> 1.0.6-1 * Tue Jun 21 2011 Adam Jackson <ajax@redhat.com> 1.0.6-1
- xauth 1.0.6 - xauth 1.0.6