[userv-utils] / debian / control

Source: userv-utils
Section: admin
Priority: extra
Maintainer: Ian Jackson <ijackson@chiark.greenend.org.uk>
Standards-Version: 3.7.0.0
Build-Depends: debhelper (>= 8)

Package: userv-utils
Architecture: all
Depends: userv
Recommends: ${perl:Depends}, ${misc:Depends}
Description: privsep utilities collection
 Several small userv services, which allow certain system configuration
 actions to be delegated.  In each case the service is disabled unless
 enabled by symlink /etc/userv/services.d/* -> ../services-available/*.
 .
 mailq - allow users to view the mail queue
 ndc-reload  - allow certain users to reload the nameserver
 checkpasswd-* - allow users to run a UNIX password check

Package: userv-ipif
Architecture: any
Depends: userv, ${shlibs:Depends}, ${misc:Depends}
Recommends: ssh
Description: VPN system (and user-mode network interface)
 userv-ipif is a userv service to allow non-root users to create
 network interfaces implemented in user space.
 .
 The default configuration does set up any users with permission to
 create network interfaces such as VPN endpoints.

Package: userv-dyndns
Architecture: all
Depends: userv, chiark-utils-bin, ${perl:Depends}, ${misc:Depends}
Recommends: bind
Description: dynamic DNS for shell account users
 userv-dyndns is a userv service which allows non-root users to
 modify individual DNS records in specified zones in a controlled way.
 .
 Typically, this can be used to provide a `dyndns.org'-like service
 which is modifiable by shell account users.
 .
 The default configuration does not set up any users with permission
 to modify the DNS.

Package: userv-cgi
Architecture: any
Depends: userv, ${shlibs:Depends}, ${misc:Depends}
Recommends: httpd
Description: user-provided CGI scripts invoked by userv
 This package contains ucgi, a userv service which allows CGI programs
 to be provided which do not run as the webserver user, but instead
 are owned by a particular other account.
 .
 Similar effects can be achieved with Apache's suexec; this package is
 for administrators who do not trust suexec and wish to defend the
 webserver from the CGI script providers, and vice versa, as much as
 possible.  This is achieved by using userv to do the cross-account
 call, rather than a custom setuid helper.
 .
 The default configuration allows the webserver user to invoke users'
 CGI programs from each user's ~/public-cgi, but to allow external
 callers to do this, the webserver will also need to be configured.

Package: userv-groupmanage
Architecture: all
Depends: userv, ${perl:Depends}, ${misc:Depends}
Description: user-controlled group membership
 groupmanage is a userv service which allows individual shell users to
 create UN*X groups, and/or to change the membership of existing
 groups of which they are recorded as the manager.
 .
 The default configuration allows users to create and manage a few
 groups, but is reasonably conservative.

Package: userv-git-daemon
Architecture: all
Depends: userv, git-core, adduser, ${perl:Depends}, ${misc:Depends}
Description: per-user git daemon service
 userv-git-daemon allows users to publish git repositories which will
 be published via the git protocol on 9418.  This is a bit like
 git-daemon except that the actual reading of each user's repositories
 is done as that user.
 .
 The default configuration does nothing: you must (a) manually copy
 the line from /usr/share/doc/examples/userv-git-daemon.inetd into
 /etc/inetd.conf and (b) specifically list hostnames and target
 directories in /etc/userv/git-urlmap.