diff --git a/.gitignore b/.gitignore index dc73d83..0f0d9c9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /target Cargo.lock test.sh +crab.tar.gz diff --git a/conf b/conf deleted file mode 100644 index 0da97e5..0000000 --- a/conf +++ /dev/null @@ -1,5 +0,0 @@ -permit nopass linus as root -deny :docker -#deny jane -permit persist :wheel -permit jane as doe \ No newline at end of file diff --git a/config/default b/config/default new file mode 100644 index 0000000..8976cc6 --- /dev/null +++ b/config/default @@ -0,0 +1,5 @@ +deny :docker +permit nopass persist linus as root +#deny stallman +permit :wheel persist +permit nvidia as fu \ No newline at end of file diff --git a/pam b/config/pam similarity index 100% rename from pam rename to config/pam diff --git a/deployments/aur/.SRCINFO b/deployments/aur/.SRCINFO index c145393..83827ea 100644 --- a/deployments/aur/.SRCINFO +++ b/deployments/aur/.SRCINFO @@ -2,15 +2,14 @@ pkgbase = crab pkgdesc = A rusty permission authentication system pkgver = 0.0.6 pkgrel = 2 - url = https://g.tylerm.dev/tylermurphy534/crab.git + url = https://g.tylerm.dev/tylermurphy534/crab arch = x86_64 arch = i686 license = GPL3 - makedepends = git makedepends = cargo depends = glibc depends = pam - source = git+https://g.tylerm.dev/tylermurphy534/crab.git + source = crab-0.0.6.tar.gz::https://f.tylerm.dev/source/crab/crab-0.0.6.tar.gz md5sums = SKIP pkgname = crab diff --git a/deployments/aur/PKGBUILD b/deployments/aur/PKGBUILD index 6196e48..2edfc1e 100644 --- a/deployments/aur/PKGBUILD +++ b/deployments/aur/PKGBUILD @@ -1,24 +1,24 @@ # Maintainer: Tyler Murphy pkgname=crab pkgver=0.0.6 -pkgrel=2 +pkgrel=1 pkgdesc="A rusty permission authentication system" arch=('x86_64' 'i686') -url="https://g.tylerm.dev/tylermurphy534/crab.git" +url="https://g.tylerm.dev/tylermurphy534/crab" license=('GPL3') -makedepends=('git' 'cargo') +makedepends=('cargo') depends=('glibc' 'pam') -source=("git+$url") +source=("$pkgname-$pkgver.tar.gz::https://f.tylerm.dev/source/$pkgname/$pkgname-$pkgver.tar.gz") md5sums=('SKIP') build() { - cd crab + cd "$srcdir" cargo build --release } package() { - cd crab + cd "$srcdir" install -D --mode=4755 --owner=root --group=root ./target/release/crab ${pkgdir}/usr/bin/crab - install -D --mode=600 --owner=root --group=root pam ${pkgdir}/etc/pam.d/crab - install -D --mode=600 --owner=root --group=root conf ${pkgdir}/usr/share/crab/crab.conf + install -D --mode=600 --owner=root --group=root ./config/pam ${pkgdir}/etc/pam.d/crab + install -D --mode=644 --owner=root --group=root ./config/default ${pkgdir}/usr/share/crab/crab.conf } diff --git a/install.sh b/deployments/source/install.sh similarity index 84% rename from install.sh rename to deployments/source/install.sh index 6c7b019..5b95a83 100755 --- a/install.sh +++ b/deployments/source/install.sh @@ -15,7 +15,7 @@ cp pam /etc/pam.d/crab chmod 600 /etc/pam.d/crab mkdir /usr/share/crab -chmod 600 /usr/share/crab +chmod 644 /usr/share/crab cp conf /usr/share/crab/crab.conf -chmod 600 /usr/share/crab/crab.conf +chmod 644 /usr/share/crab/crab.conf diff --git a/uninstall.sh b/deployments/source/uninstall.sh similarity index 100% rename from uninstall.sh rename to deployments/source/uninstall.sh diff --git a/readme.md b/readme.md index 7d6566d..e191759 100644 --- a/readme.md +++ b/readme.md @@ -3,15 +3,34 @@ # Installation ### From Source -First run `cargo build --release` to compile the binary. -Then run `install.sh` as root to install crab. +To be able to build the package, you need cargo wich you can get either though rust or rust up. -Run `uninstall.sh` as root to uninstall crab. +To build, run the following commands below in the root directory of the repo. Make sure to run the shell script as root. +```bash +cargo build --release +./deployments/source/install.sh +``` + +To uninstall, just run the following script as root. +```bash +./deployments/source/uninstall.sh +``` ### Arch Based Systems If you are on an arch based distro, crab is avaliable on the [AUR](https://aur.archlinux.org/packages/crab) as `crab`. +``` +paru -S crab +``` # Configuration + +The default configuration file is stored in `/usr/share/crab/crab.conf` and must be coppied to `/etc/crab.conf`. +```bash +cp /usr/share/crab/crab.conf /etc/crab.conf +chown root:root /etc/crab.conf +chmod 600 /etc/crab.conf +``` + Each line in the configuration specifies a different rule. Each rule is applied from top to bottom, so the first onethat matches a user is what is used. The first word is either `permit` or `deny` to allow or deny a certain group. Then the tags `persist` and `nopass` can be added to allow authoriziation @@ -23,8 +42,8 @@ For Example ``` deny :docker permit nopass persist linus as root -permit :wheel persist #deny stallman +permit :wheel persist permit nvidia as fu ``` -The default configuration file is stored in `/usr/share/crab/crab.conf` and must be coppied to `/etc/crab.conf`. +Please make sure when editing your config that not normal users can edit the file, but only root. If normal users can edit the config, they can add themselvs as permitted and get elevated privilages.