dgamelaunch-openbsd =================== dgamelaunch is a network-based game shell where anyone can sign up for an account and start playing any game which suits your fancy - games known to work with dgamelaunch are for example NetHack (http://www.nethack.org) and Crawl (http://crawl.develz.org). WARNING: This version of dgamelaunch in intended to run on OpenBSD, leveraging its capabilities. It is still a work in progress. DGAMELAUNCH VERSIONS ==================== Development version can be fetched from the source repository with cvs: cvs -d :extssh:anoncvs@operationalsecurity.es:/cvs checkout -P dgamelaunch-openbsd Releases are downloadable at gopher://gopher.operationalsecurity.es/1/Software REQUIREMENTS ============ - normal development tools (make, etc) - autotools (autogen, autoconf, automake) - ncurses library and development files - bison (or yacc or byacc) - flex (or lex) - optionally sqlite3 library and development files COMPILING ========= When compiling for OpenBSD, ensure the adecuate environment variables are set: export CC=cc export CPATH=/usr/local/include export LIBRARY_PATH=/usr/local/include export AUTOMAKE_VERSION=1.15 export AUTOCONF_VERSION=2.69 Basically all you have to do is: ./autogen.sh && make Some options you might want give to autogen: --with-config-file=/absolute/path/to/dgamelaunch.config --enable-sqlite WARNING: The current development build has only been tested with the options above and may lead to unpredictable results if used with a different set of options. Dgamelaunch should compile without issue on Linux, Solaris, OpenBSD, FreeBSD 4 and 5. (Whether it _runs_ on all of these platforms is a different issue. We'd like to hear about it.) dgamelaunch was originally developed by M. Drew Streib but is now a collaborative project. Copyright and contact information is in the COPYING file, included with this package. BASIC SETUP INSTRUCTIONS ======================== These instructions are not current. For a more up-to-date ones, see http://nethackwiki.com/wiki/User:Paxed/HowTo_setup_dgamelaunch 1) Setup a chroot jail. There is a helpful script included to accomplish this, called dgl-create-chroot, in the source directory. The default settings are viewable by editing the script; to customize the installation, look at dgl-create-chroot.conf.example.* (also in the source directory) and edit it to suit your needs, and save it into the same directory as dgl-create-chroot as dgl-create-chroot.conf. It's very likely you need to run the script as root. The script will not work with the very limited System V /bin/sh, such found on Solaris; start it with ksh instead. If you decide to not use dgl-create-chroot, you're on your own and we assume you have enough clue to figure out exactly what's needed for the chroot to operate correctly. 2) Compile nethack. Make sure the directories in the chroot match up with where nethack thinks everything is. You may need to edit the VAR_PLAYGROUND variable in include/unixconf.h and/or the HACKDIR variable in include/config.h. (Note: Try not to, for security, to put anything else in the chroot. You may need to put gzip in there though if you compile nethack to use it for compression.) 3) Make a copy of dgamelaunch.conf and edit it. This will contain information for dgamelaunch about what uid/username, gid/group to shed privileges to at runtime. It must also contain the path to nethack, and needs to know certain aspects of your chroot. Note that using a username in dgamelaunch.conf will cause (part of) your passwd database to be loaded into dgamelaunch's memory space. If you use BSD, this will also include encrypted passwords. Therefore, it's recommended to put the uid in the dgamelaunch.conf. The same applies to groups, but openpty(3) often looks up the tty group anyway. 4) Setup dgamelaunch as one of the following: a) The shell for a single login. b) An (x)inetd service. If you choose a login shell make sure dgamelaunch is setuid root. (that is, chmod 4755 dgamelaunch.) It will shed privs right after entering the chroot jail though. Example xinetd lines: service telnet { socket_type = stream protocol = tcp wait = no user = root server = /usr/sbin/in.telnetd server_args = -h -L /opt/nethack/nethack.dtype.org/dgamelaunch -q -f /etc/dgamelaunch.conf rlimit_cpu = 3600 bind = 64.71.163.206 } A classic inetd line would look like this: telnet stream tcp nowait root.root /usr/sbin/tcpd /usr/sbin/in.telnetd -h -L /usr/sbin/dgamelaunch -q -f /etc/dgamelaunch.conf In both cases, the -L specifies an alternate login program (telnetlogin is invoked by default) and -h prevents revealing of a login banner (for example, "Debian GNU/Linux testing/unstable influx") before starting the login shell. It goes without saying that the argument after -L must point to dgamelaunch's exact location. Also, the location of dgamelaunch.conf is variable and of course should be customized by you. NOTE: It appears that the -L option is not very widely supported. FreeBSD's telnetd uses -p instead, and you can't give arguments (arguments appropriate to standard login are used). Some other telnetds do not support anything like this at all. The -f option, followed by a filename, specifies the path to the config file to use for dgamelaunch. If you specify the right path for DEFCONFIG in the Makefile, you may be able to omit this. For dgamelaunch, the -q option will silence errors pertaining to the server configuration. This is recommended for use within inetd to prevent spamming the clients, but when testing and setting up we strongly suggest you leave it off until running dgamelaunch produces no error output on stderr. 5) Test your compilation of dgamelaunch by running it as root. If this works, a shell login or (x)inetd will work with the correct configuration. If you have problems with dgamelaunch's display make sure that your chroot's /etc/terminfo directory (or whatever directory your ncurses uses) is populated. COMMANDLINE PARAMETERS ====================== -a Ignored. -c Shows error message and exits. (login shell command) -e Ignored. -h Ignored. -i user Autologin and run the register -command hook for "user" (with password "user"). -p Ignored. -q Be quiet, suppress errors. -s Show players currently playing. -W user:msg Send message "msg" to all players. The message seems to come from "user". -S Free the shared memory block. -D Show contents of the shared memory block. ENVIRONMENT VARIABLES ===================== Linux telnetd allows importing the USER environment variables via telnet, while FreeBSD does not. FreeBSD, on the other hand, does allow the LOGNAME environment variable. Dgamelaunch will first check USER, then LOGNAME, for "username:password", and tries autologin if either exists. Dgamelaunch-specific DGLAUTH is checked before either of those. ERROR CODES =========== 1 Could not terminate stale processes 2 Cannot chroot() 3 Cannot chdir() 4 Cannot setgroups() 5 Cannot setgid() 6 Cannot setuid() 7 Caught HUP 8 Cannot run as root: Config file has shed_user = "root" 9 Cannot run as root: Config file has shed_user set to UID 0 user. 10 Could not setup player 11 Cannot run as root: Config file has shed_uid = 0 12 Config file has an unrecognized token 13 Config file: Negative value not accepted 15 dgamelaunch called with -c (login shell command); exited 20 No menu defined, or no banner found for menu 60 Cannot create a new terminal, or no termcap files. 61 Cannot openpty() 62 Cannot open /dev/ptmx 65 Cannot open master ptsname 68 Cannot fcntl inprogress-lock 70 Cannot write to inprogress-lock 71 ftok() error for shm_key, no "dgamelaunch" file found? 72 ftok() error for shm_sem_key, no "dgamelaunch" file found? 73 shmget() error, cannot connect to shared memory 74 smat() error, cannot attach to shared memory 75 Nothing in shared memory? 76 sem_init() error, could not initialize shared memory 77 sem_wait() error 78 sem_post() error 95 Cannot fnctl lockfile 96 sqlite3_open() failed when checking user existence: could not open login database 97 sqlite3_open() failed in writefile() 98 sqlite3_exec() failed in writefile() 99 Could not open password file 100 Username field too long in login file 101 Email field too long in login file 102 password field too long in login file 103 env field too long in login file 104 Cannot read config file 105 Cannot read default config file 106 Cannot open lockfile or password file 107 fcntl failed on login database in writefile() 108 sqlite3_exec() failed when checking user existence. 109 Too many registered users. (see maxusers setting in config file) 110 Login failed 111 Two users trying to register at the same time 112 Error changing password: cannot have ':' in password 113 Error parsing configuration file 114 exec-command fork failed 115 could not read lock file in writefile() 116 Too many registered users. (see maxusers setting in config file) 117 wall error: no message to send 118 wall error: no players 119 User has a retarded terminal 120 wall error: message too long 121 wall error: "from" username is too short 122 Error changing password: struct "me" does not exist 123 chdir() failed in dgl commands. 140 populate_games(): Cannot open inprogress-dir 145 populate_games(): Inprogress-filename does not have ':' in it 146 populate_games(): Inprogress-filename does not have ': in it (pt. 2) 200 purge_stale_locks(): could not open inprogress-dir 201 purge_stale_locks(): inprogress-file did not have ':' in it 202 purge_stale_locks(): could not read inprogress-file 203 purge_stale_locks(): could not get inprogress-file contents 300 crypt_newhash(): failed to save password hash to allocated memory