Annotation of dgamelaunch-openbsd/README, Revision 1.7
1.3 rubenllo 1: dgamelaunch-openbsd
2: ===================
1.1 rubenllo 3:
4: dgamelaunch is a network-based game shell where anyone can sign up for an
5: account and start playing any game which suits your fancy - games known to
6: work with dgamelaunch are for example NetHack (http://www.nethack.org) and
7: Crawl (http://crawl.develz.org).
8:
1.6 rubenllo 9: This version of dgamelaunch in intended to run on OpenBSD, leveraging
1.7 ! rubenllo 10: its capabilities. It is expected to run on other Unix-lile Operating Systems.
1.1 rubenllo 11:
12: DGAMELAUNCH VERSIONS
13: ====================
14:
1.3 rubenllo 15: Development version can be fetched from the source repository with cvs:
1.1 rubenllo 16:
1.3 rubenllo 17: cvs -d :extssh:anoncvs@operationalsecurity.es:/cvs checkout -P
18: dgamelaunch-openbsd
1.1 rubenllo 19:
1.3 rubenllo 20: Releases are downloadable at gopher://gopher.operationalsecurity.es/1/Software
1.1 rubenllo 21:
22:
23: REQUIREMENTS
24: ============
25:
26: - normal development tools (make, etc)
27: - autotools (autogen, autoconf, automake)
28: - ncurses library and development files
29: - bison (or yacc or byacc)
30: - flex (or lex)
31: - optionally sqlite3 library and development files
32:
33:
34: COMPILING
35: =========
36:
1.3 rubenllo 37: When compiling for OpenBSD, ensure the adecuate environment variables are set:
38:
39: export CC=cc
40: export CPATH=/usr/local/include
1.4 rubenllo 41: export LIBRARY_PATH=/usr/local/lib
1.3 rubenllo 42: export AUTOMAKE_VERSION=1.15
43: export AUTOCONF_VERSION=2.69
44:
1.1 rubenllo 45: Basically all you have to do is:
46:
1.4 rubenllo 47: ./autogen.sh && gmake
1.1 rubenllo 48:
49: Some options you might want give to autogen:
50:
51: --with-config-file=/absolute/path/to/dgamelaunch.config
52: --enable-sqlite
53:
1.3 rubenllo 54: Dgamelaunch should compile without issue on Linux, Solaris, OpenBSD, FreeBSD 4
55: and 5. (Whether it _runs_ on all of these platforms is a different issue. We'd
1.1 rubenllo 56: like to hear about it.)
57:
1.6 rubenllo 58: dgamelaunch was originally developed by M. Drew Streib <dtype@dtype.org>. This
59: version is a friendly fork of the one hosted by paxed on github. Copyright and
60: contact information is in the COPYING file, included with this package.
1.1 rubenllo 61:
62: BASIC SETUP INSTRUCTIONS
63: ========================
64:
65: These instructions are not current. For a more up-to-date ones, see
66: http://nethackwiki.com/wiki/User:Paxed/HowTo_setup_dgamelaunch
67:
68: 1) Setup a chroot jail. There is a helpful script included to accomplish this,
69: called dgl-create-chroot, in the source directory. The default settings are
70: viewable by editing the script; to customize the installation, look at
71: dgl-create-chroot.conf.example.* (also in the source directory) and edit it to
72: suit your needs, and save it into the same directory as dgl-create-chroot as
73: dgl-create-chroot.conf. It's very likely you need to run the script as root.
74: The script will not work with the very limited System V /bin/sh, such found on
75: Solaris; start it with ksh instead.
76:
77: If you decide to not use dgl-create-chroot, you're on your own and we assume
78: you have enough clue to figure out exactly what's needed for the chroot to
79: operate correctly.
80:
81: 2) Compile nethack. Make sure the directories in the chroot match up with
82: where nethack thinks everything is. You may need to edit the VAR_PLAYGROUND
83: variable in include/unixconf.h and/or the HACKDIR variable in include/config.h.
84:
85: (Note: Try not to, for security, to put anything else in the chroot. You may
86: need to put gzip in there though if you compile nethack to use it for
87: compression.)
88:
89: 3) Make a copy of dgamelaunch.conf and edit it. This will contain information
90: for dgamelaunch about what uid/username, gid/group to shed privileges to at
91: runtime. It must also contain the path to nethack, and needs to know certain
92: aspects of your chroot.
93:
94: Note that using a username in dgamelaunch.conf will cause (part of) your
95: passwd database to be loaded into dgamelaunch's memory space. If you use BSD,
96: this will also include encrypted passwords. Therefore, it's recommended to
97: put the uid in the dgamelaunch.conf. The same applies to groups, but openpty(3)
98: often looks up the tty group anyway.
99:
100: 4) Setup dgamelaunch as one of the following:
101: a) The shell for a single login.
102: b) An (x)inetd service.
103:
104: If you choose a login shell make sure dgamelaunch is setuid root. (that is,
105: chmod 4755 dgamelaunch.) It will shed privs right after entering the chroot
106: jail though.
107:
108: Example xinetd lines:
109:
110: service telnet
111: {
112: socket_type = stream
113: protocol = tcp
114: wait = no
115: user = root
116: server = /usr/sbin/in.telnetd
117: server_args = -h -L /opt/nethack/nethack.dtype.org/dgamelaunch -q -f /etc/dgamelaunch.conf
118: rlimit_cpu = 3600
119: bind = 64.71.163.206
120: }
121:
122: A classic inetd line would look like this:
123:
124: telnet stream tcp nowait root.root /usr/sbin/tcpd /usr/sbin/in.telnetd -h -L /usr/sbin/dgamelaunch -q -f /etc/dgamelaunch.conf
125:
126: In both cases, the -L specifies an alternate login program (telnetlogin is
127: invoked by default) and -h prevents revealing of a login banner (for
128: example, "Debian GNU/Linux testing/unstable influx") before starting the
129: login shell.
130:
131: It goes without saying that the argument after -L must point to dgamelaunch's
132: exact location. Also, the location of dgamelaunch.conf is variable and of
133: course should be customized by you.
134:
135: NOTE: It appears that the -L option is not very widely supported. FreeBSD's
136: telnetd uses -p instead, and you can't give arguments (arguments appropriate
137: to standard login are used). Some other telnetds do not support anything
138: like this at all.
139:
140: The -f option, followed by a filename, specifies the path to the config file
141: to use for dgamelaunch. If you specify the right path for DEFCONFIG in the
142: Makefile, you may be able to omit this.
143:
144: For dgamelaunch, the -q option will silence errors pertaining to the server
145: configuration. This is recommended for use within inetd to prevent spamming
146: the clients, but when testing and setting up we strongly suggest you leave it
147: off until running dgamelaunch produces no error output on stderr.
148:
149: 5) Test your compilation of dgamelaunch by running it as root. If this
150: works, a shell login or (x)inetd will work with the correct configuration.
151: If you have problems with dgamelaunch's display make sure that your chroot's
152: /etc/terminfo directory (or whatever directory your ncurses uses) is
153: populated.
154:
155:
156: COMMANDLINE PARAMETERS
157: ======================
158:
159: -a Ignored.
160: -c Shows error message and exits. (login shell command)
161: -e Ignored.
162: -h Ignored.
163: -i user Autologin and run the register -command hook for "user"
164: (with password "user").
165: -p Ignored.
166: -q Be quiet, suppress errors.
167: -s Show players currently playing.
168: -W user:msg Send message "msg" to all players. The message seems
169: to come from "user".
170: -S Free the shared memory block.
171: -D Show contents of the shared memory block.
172:
173:
174: ENVIRONMENT VARIABLES
175: =====================
176:
177: Linux telnetd allows importing the USER environment variables via telnet,
178: while FreeBSD does not. FreeBSD, on the other hand, does allow the LOGNAME
179: environment variable. Dgamelaunch will first check USER, then LOGNAME,
180: for "username:password", and tries autologin if either exists.
181: Dgamelaunch-specific DGLAUTH is checked before either of those.
182:
183:
184: ERROR CODES
185: ===========
186:
187: 1 Could not terminate stale processes
188: 2 Cannot chroot()
189: 3 Cannot chdir()
190: 4 Cannot setgroups()
191: 5 Cannot setgid()
192: 6 Cannot setuid()
193: 7 Caught HUP
194: 8 Cannot run as root: Config file has shed_user = "root"
195: 9 Cannot run as root: Config file has shed_user set to UID 0 user.
196: 10 Could not setup player
197: 11 Cannot run as root: Config file has shed_uid = 0
198: 12 Config file has an unrecognized token
199: 13 Config file: Negative value not accepted
200: 15 dgamelaunch called with -c (login shell command); exited
201: 20 No menu defined, or no banner found for menu
202: 60 Cannot create a new terminal, or no termcap files.
203: 61 Cannot openpty()
204: 62 Cannot open /dev/ptmx
205: 65 Cannot open master ptsname
206: 68 Cannot fcntl inprogress-lock
207: 70 Cannot write to inprogress-lock
208: 71 ftok() error for shm_key, no "dgamelaunch" file found?
209: 72 ftok() error for shm_sem_key, no "dgamelaunch" file found?
210: 73 shmget() error, cannot connect to shared memory
211: 74 smat() error, cannot attach to shared memory
212: 75 Nothing in shared memory?
213: 76 sem_init() error, could not initialize shared memory
214: 77 sem_wait() error
215: 78 sem_post() error
216: 95 Cannot fnctl lockfile
217: 96 sqlite3_open() failed when checking user existence: could not open login database
218: 97 sqlite3_open() failed in writefile()
219: 98 sqlite3_exec() failed in writefile()
220: 99 Could not open password file
221: 100 Username field too long in login file
222: 101 Email field too long in login file
223: 102 password field too long in login file
224: 103 env field too long in login file
225: 104 Cannot read config file
226: 105 Cannot read default config file
227: 106 Cannot open lockfile or password file
228: 107 fcntl failed on login database in writefile()
229: 108 sqlite3_exec() failed when checking user existence.
230: 109 Too many registered users. (see maxusers setting in config file)
231: 110 Login failed
232: 111 Two users trying to register at the same time
233: 112 Error changing password: cannot have ':' in password
234: 113 Error parsing configuration file
235: 114 exec-command fork failed
236: 115 could not read lock file in writefile()
237: 116 Too many registered users. (see maxusers setting in config file)
238: 117 wall error: no message to send
239: 118 wall error: no players
240: 119 User has a retarded terminal
241: 120 wall error: message too long
242: 121 wall error: "from" username is too short
243: 122 Error changing password: struct "me" does not exist
244: 123 chdir() failed in dgl commands.
245: 140 populate_games(): Cannot open inprogress-dir
246: 145 populate_games(): Inprogress-filename does not have ':' in it
247: 146 populate_games(): Inprogress-filename does not have ': in it (pt. 2)
248: 200 purge_stale_locks(): could not open inprogress-dir
249: 201 purge_stale_locks(): inprogress-file did not have ':' in it
250: 202 purge_stale_locks(): could not read inprogress-file
251: 203 purge_stale_locks(): could not get inprogress-file contents
1.3 rubenllo 252: 300 crypt_newhash(): failed to save password hash to allocated memory
1.5 rubenllo 253: 301 pledge(): failed to leverage OpenBSD's pledge()
CVSweb