oidentd@.service

[Unit]
Description=RFC 1413 compliant per-connection identification server
Documentation=man:oidentd(8) man:oidentd.conf(5) man:oidentd_masq.conf(5)

[Service]
Type=simple
PrivateDevices=true
# added automatically, for details please see
# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
ProtectSystem=full
ProtectHome=true
ProtectHostname=true
ProtectClock=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectKernelLogs=true
ProtectControlGroups=true
RestrictRealtime=true
# end of automatic additions 
EnvironmentFile=/etc/sysconfig/oidentd
ExecStart=/usr/sbin/oidentd -I -u nobody -g nobody --foreground --nosyslog $OIDENTD_OPTIONS
StandardInput=socket
StandardError=syslog
Accepting request 286346 from home:posophe:branches:network:utilities Fixed. By the way, there is an update available for opendkim OBS-URL: https://build.opensuse.org/request/show/286346 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=7 2015-02-16 16:49:59 +00:00			`[Unit]`
Accepting request 750413 from home:Smar:oidentd - Updated signing key to a new version used to sign the package - Updated systemd files from upstream - Version bump to 2.4.0 Changes in version 2.4.0 * Linux: removed optional dependency on libcap-ng. * Deprecated '\e' escape sequence in configuration files. * Fixed incorrect username in log message when spoofing fails. * Implemented XDG Base Directory specification * ~/.config/oidentd.conf takes precedence over ~/.oidentd.conf * Rewrote all manual pages, now licensed under GFDL v1.3+. * Prevent overflow when too many replies are specified in the system-wide configuration file. * Rewrote INSTALL and README files. * Improved PRNG interface. * Changed project description. * Deprecated support for MASQFILE and IPCONNTRACK on Linux. * Users of recent kernels are unaffected by this change. * Minor bugfixes, cleanups, and improvements. * Deprecated support for Darwin. * Deprecated support for FreeBSD 1-3. * Deprecated support for FreeBSD 4. * Deprecated support for NetBSD 1-4. * Deprecated support for OpenBSD 2.0-2.3. * Deprecated support for OpenBSD 2.4-2.8. * Deprecated support for OpenBSD 2.9. * Deprecated support for Solaris 2.4. * Deprecated support for Solaris 2.5. * Deprecated support for Solaris 2.6-2.7. * Deprecated support for Solaris 2.8. Changes in version 2.3.2 * Option `--forward` now implies `--masquerade`. * Added a warning when the connection limit is exceeded. * Added systemd services and a socket file. * Added compile-time configuration to `--version` output. * Linux: fixed incorrect buffer lengths when compiled with `--disable-ipv6`. * Deprecated libudb (user database library) support. * Linux: fixed incorrect byte order in libnetfilter_conntrack queries. * Linux: fixed a null dereference with libnetfilter_conntrack on kernels without a connection tracking file. * Build as a position-independent executable and with stack protection. * Fixed an invalid comment style in the default oidentd_masq.conf file. Changes in version 2.3.1 * Fixed build with libnetfilter_conntrack on Linux. Changes in version 2.3.0 * Added a forwarding capability. * Added Linux IPv6 masquerading support. * Added build information to `--version` output. * Always use libnetfilter_conntrack when available. * Fixed signed/unsigned bit shifting on Linux. * Minor bugfixes. - fix source URLs and some spec cleanup - Version bump to 2.2.3 - Added bison and flex as build dependencies as upstream changed the project to generate the files at the build time - Removed TODO as it is not present an more - Changed service file to oidentd@.service, so each opened socket can be given own instance. FWIW, instead of this, oidentd could be run as a traditional daemon, by removing oidentd.socket and flag --stdio from the service. For some reason, to resolve boo#953608 @ was removed, which prevents using oidentd at least on Leap 15.0. - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Rename oidentd@.service to oidentd.service and hardcode variables; (boo#953608) - Add back support for sysconfig in the service file - Really install the service and socket unit configuration files; (boo#953608). - Force gnu89 inline semantics - Use systemd instead of sysvinit for openSUSE >= 12.1 - Do not copy the INSTALL file in package documentation; user doesn't install from sources - Get rid of depreciated stuff - add automake as buildrequire to avoid implicit dependency - Package the init script with 0755 permissions; (bnc#557358). - Update to version 2.0.8. + Removed spaces between commas and colons from responses. + Pulled in patches for Linux from Debian. + Open masquerading options before dropping permissions on linux. - converted neededforbuild to BuildRequires - Add missing PreReq (#46479) - inital SuSE RPM OBS-URL: https://build.opensuse.org/request/show/750413 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=24 2019-12-13 17:12:08 +00:00			`Description=RFC 1413 compliant per-connection identification server`
Accepting request 352694 from home:posophe:branches:network:utilities This time is the good one OBS-URL: https://build.opensuse.org/request/show/352694 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=16 2016-01-17 04:11:42 +00:00			`Documentation=man:oidentd(8) man:oidentd.conf(5) man:oidentd_masq.conf(5)`
Accepting request 286346 from home:posophe:branches:network:utilities Fixed. By the way, there is an update available for opendkim OBS-URL: https://build.opensuse.org/request/show/286346 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=7 2015-02-16 16:49:59 +00:00
			`[Service]`
Accepting request 352694 from home:posophe:branches:network:utilities This time is the good one OBS-URL: https://build.opensuse.org/request/show/352694 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=16 2016-01-17 04:11:42 +00:00			`Type=simple`
			`PrivateDevices=true`
Accepting request 925220 from home:Smar:branches:network:utilities - Remove unsupported hardening flags when using old version with old systemd. - Removed harden_oidentd@.service.patch as this package is using own service instead of upstream one, which also has same security switches. - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_oidentd@.service.patch Modified: * oidentd@.service OBS-URL: https://build.opensuse.org/request/show/925220 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=28 2021-10-14 09:47:04 +00:00			`# added automatically, for details please see`
			`# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort`
			`ProtectSystem=full`
			`ProtectHome=true`
			`ProtectHostname=true`
			`ProtectClock=true`
			`ProtectKernelTunables=true`
			`ProtectKernelModules=true`
			`ProtectKernelLogs=true`
			`ProtectControlGroups=true`
			`RestrictRealtime=true`
			`# end of automatic additions`
Accepting request 352694 from home:posophe:branches:network:utilities This time is the good one OBS-URL: https://build.opensuse.org/request/show/352694 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=16 2016-01-17 04:11:42 +00:00			`EnvironmentFile=/etc/sysconfig/oidentd`
			`ExecStart=/usr/sbin/oidentd -I -u nobody -g nobody --foreground --nosyslog $OIDENTD_OPTIONS`
Accepting request 286346 from home:posophe:branches:network:utilities Fixed. By the way, there is an update available for opendkim OBS-URL: https://build.opensuse.org/request/show/286346 OBS-URL: https://build.opensuse.org/package/show/network:utilities/oidentd?expand=0&rev=7 2015-02-16 16:49:59 +00:00			`StandardInput=socket`
			`StandardError=syslog`