Site Navigation

Date:      2 Mar 2004 18:36:58 -0000
From:      Thomas-Martin Seck <tmseck@netcologne.de>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/63652: [Maintainer] www/squid24: sync with www/squid
Message-ID:  <20040302183658.2202.qmail@laurel.tmseck.homedns.org>
Resent-Message-ID: <200403021840.i22IeBhf015090@freefall.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

>Number:         63652
>Category:       ports
>Synopsis:       [Maintainer] www/squid24: sync with www/squid
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 02 10:40:10 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Thomas-Martin Seck
>Release:        FreeBSD 4.9-STABLE i386
>Organization:
private site in Germany
>Environment:
FreeBSD ports repository as of Mar 02, 2004.

	
>Description:
Synchronize with www/squid:
- create the squid user with id 100:100 and provide a migration path via
  'make changeuser'
- don't overdo CONFLICTS
- remove support for rcNG on systems without /etc/rc.subr
- add pkg-deinstall, which somehow did not make it into portversion 2.4_11

Information for committers:
please 'cvs add' pkg-deinstall
	
>How-To-Repeat:
	
>Fix:
Apply this patch:

diff -ruN -x CVS squid24.orig/Makefile squid24/Makefile
--- squid24.orig/Makefile	Wed Feb 18 13:24:46 2004
+++ squid24/Makefile	Tue Mar  2 18:07:50 2004
@@ -7,10 +7,17 @@
 # Tunables not (yet) configurable via 'make config':
 # SQUID_{U,G}ID
 #   Which user/group squid should run as (default: squid/squid).
-#   The user and group will be created if they do not already exist.
+#   The user and group will be created if they do not already exist with
+#   a uid:gid of 100:100.
 #   NOTE: before version 2.4.7_11, these settings defaulted to
 #   nobody/nogroup.
 #   If you wish to keep these settings, please define SQUID_UID=nobody and
+#   SQUID_GID=nogroup in your make environment before you start the update.
+#   NOTE2:
+#   Before version 2.4_12 the numerical id chosen for SQUID_UID (and
+#   SQUID_GID respectively) was the first free id greater than or equal 3128.
+#   If you wish to move your squid user to id 100:100, run "make changeuser",
+#   please see the changeuser target's definition for further information.
 #
 # SQUID_LANGUAGE
 #   The set of error pages to be installed. Valid values are:
@@ -26,7 +33,7 @@
 
 PORTNAME=	squid
 PORTVERSION=	2.4
-PORTREVISION=	11
+PORTREVISION=	12
 CATEGORIES=	www
 MASTER_SITES=	\
 		ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
@@ -47,7 +54,7 @@
 MAINTAINER=	tmseck@netcologne.de
 COMMENT=	The successful WWW proxy cache and accelerator
 
-CONFLICTS=	squid-*
+CONFLICTS=	squid-2.[^4]
 
 GNU_CONFIGURE=	yes
 STRIP=		# won't install scripts correctly otherwise.
@@ -221,5 +228,51 @@
 	-cd ${PREFIX}/libexec/squid && ${STRIP_CMD} ${libexec}
 	-cd ${PREFIX}/sbin && ${STRIP_CMD} ${sbin}
 	@${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+
+changeuser:
+# Recover from the problem that earlier versions of this port created the
+# squid pseudo-user with an id greater than 999 which is not allowed in
+# FreeBSD's ports system. The port now uses id 100:100.
+# NOTE:
+# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
+# have a different setup, do not run this target!
+.if ${SQUID_UID:L} == nobody
+	@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
+	${ECHO_CMD} "this target!"
+	exit 1
+.endif
+	@if [ `id -u` -ne 0 ]; \
+	then ${ECHO_CMD} "Sorry, you must be root to use this target."; exit 1; fi; \
+	current_uid=`id -u ${SQUID_UID}`; \
+	current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
+	${ECHO_CMD} "I will remove this user:"; \
+	id -P $${current_uid}; \
+	${ECHO_CMD} "and this group:"; \
+	pw groupshow ${SQUID_GID}; \
+	${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
+	${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
+	${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
+	${ECHO_CMD} "After that, all files and directories that were accessible"; \
+	${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
+	${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
+	${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
+	${ECHO_CMD} "please abort this target now."; \
+	read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
+	${ECHO_CMD} "OK, here we go:"; \
+	${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
+	pw userdel -u $${current_uid}; \
+	${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
+	pw groupadd -n ${SQUID_GID} -g 100; \
+	pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
+	    -d ${PREFIX}/squid -s /sbin/nologin -h - ; \
+	${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
+	${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
+	${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
+	${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
+	${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
+	${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
+	${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
+	${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
+	${ECHO_CMD} "Finished."
 
 .include <bsd.port.post.mk>
diff -ruN -x CVS squid24.orig/files/squid.sh squid24/files/squid.sh
--- squid24.orig/files/squid.sh	Wed Feb 18 13:24:47 2004
+++ squid24/files/squid.sh	Sat Feb 28 18:27:10 2004
@@ -8,15 +8,13 @@
 # KEYWORD: FreeBSD
 # 
 # Note:
-# If you are running an rcNG-System (i.e. FreeBSD 5 and later or after
-# having installed the rc_subr-port on an earlier system) you must set
+# If you are running an rcNG-System (i.e. FreeBSD 5 and later) you need to set
 # "squid_enable=YES" in either /etc/rc.conf, /etc/rc.conf.local or
 # /etc/rc.conf.d/squid to make this script actually do something. There
 # you can also set squid_chdir, squid_user, and squid_flags.
 #
 # Please see squid(8), rc.conf(5) and rc(8) for further details.
 
-unset rcNG
 name="squid"
 command=%%PREFIX%%/sbin/squid
 extra_commands=reload
@@ -28,33 +26,29 @@
 default_config=%%PREFIX%%/etc/squid/squid.conf
 
 if [ -f /etc/rc.subr ]; then
-	. /etc/rc.subr && rcNG=yes
-else
-	if [ -f %%PREFIX%%/etc/rc.subr ]; then
-		. %%PREFIX%%/etc/rc.subr && rcNG=yes
-	fi
-fi
-
-if [ "${rcNG}" ]; then
+	# make use of rcNG features:
+	. /etc/rc.subr
 	rcvar=`set_rcvar`
 	load_rc_config ${name}
-	# check that squid's default configuration is present when
-	# squid_flags is not set. We assume that you specify at
-	# least the path to your non-default configuration with
-	# '-f /path/to/config.file' in squid_flags if you delete this file.
+	# squid(8) will not start if ${default_config} is not present so try
+	# to catch that beforehand via ${required_files} rather than make
+	# squid(8) crash.
+	# If you remove the default configuration file make sure to add
+	# '-f /path/to/your/squid.conf' to squid_flags
 	if [ -z "${squid_flags}" ]; then
 		required_files=${default_config}
 	fi
 	required_dirs=${squid_chdir}
 	run_rc_command "$1"
 else
+	# implement the startup using the "old style" for non-rcNG-systems:
 	case $1 in
 	start)
 		if [ -x "${command}" -a \
-		    \( -f "${default_config}" -o "${squid_flags}" \) ]; then
+			\( -f "${default_config}" -o "${squid_flags}" \) ]; then
 			echo -n ' squid'
 			(cd ${squid_chdir} && exec su -fm ${squid_user} -c \
-			    "${command} ${squid_flags}")
+				"${command} ${squid_flags}")
 		fi
 		;;
 	stop)
@@ -66,7 +60,7 @@
 			done
 		fi
 		;;
-	*)
+		*)
 		echo "usage: `basename $0` {start|stop}" >&2
 		exit 64
 		;;
diff -ruN -x CVS squid24.orig/pkg-deinstall squid24/pkg-deinstall
--- squid24.orig/pkg-deinstall	Thu Jan  1 01:00:00 1970
+++ squid24/pkg-deinstall	Wed Feb 25 01:00:17 2004
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# $FreeBSD:$
+#
+
+PATH=/bin:/usr/bin:/usr/sbin
+pkgname=$1
+
+case $2 in
+DEINSTALL)
+	cd ${PKG_PREFIX}/etc/squid || exit 1
+	for f in squid.conf mime.conf ; do
+		cmp -s -z ${f} ${f}.default && rm ${f}
+	done
+	;;
+POST-DEINSTALL)
+	rmdir ${PKG_PREFIX}/etc/squid 2>/dev/null
+	rmdir ${PKG_PREFIX}/squid/cache 2>/dev/null
+	rmdir -p ${PKG_PREFIX}/squid/logs 2>/dev/null
+	echo "===> post-deinstallation information for ${pkgname}"
+	echo ""
+	echo "     Please note that ${pkgname} was not completely removed"
+	echo "     from this system."
+	echo ""
+	echo "     The cache and log directories, squid's user account,"
+	echo "     and any modified configuration files have been preserved"
+	echo "     in case you want to install an updated version of squid"
+	echo "     on this system. You must remove them manually if you do"
+	echo "     not want to use squid any longer."
+	echo ""
+	;;
+*)
+	exit 64
+	;;
+esac
+exit 0
diff -ruN -x CVS squid24.orig/pkg-install squid24/pkg-install
--- squid24.orig/pkg-install	Wed Feb 18 13:24:46 2004
+++ squid24/pkg-install	Tue Mar  2 18:05:10 2004
@@ -9,16 +9,19 @@
 squid_confdir=${PKG_PREFIX:-/usr/local}/etc/squid
 squid_user=${SQUID_USER:=squid}
 squid_group=${SQUID_GROUP:=squid}
-squid_gid=3128
-squid_uid=3128
-
+squid_gid=100
+squid_uid=100
+# Try to catch the case where the $squid_user might have been created with an
+# id greater than or equal 3128. The valid exception is "nobody".
+nobody_uid=65534
+nobody_gid=65534
+squid_oldgid=3128
+squid_olduid=3128
+unset wrong_id
 case $2 in
 PRE-INSTALL)
 	echo "===> Pre-installation configuration for ${pkgname}"
 	if ! pw groupshow ${squid_group} -q >/dev/null ; then
-		while pw groupshow -g ${squid_gid} -q >/dev/null; do
-			squid_gid=`expr ${squid_gid} + 1`
-		done
 		echo "There is no group '${squid_group}' on this system, so I will try to create it:"
 		if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
 			echo "Failed to create group \"${squid_group}\"!" >&2
@@ -29,12 +32,15 @@
 		fi
 	else
 		echo "I will use the existing group '${squid_group}':"
+		current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
+		if [ ${current_gid} -ge ${squid_oldgid} \
+		    -a ${current_gid} -ne ${nobody_gid} ]; then
+			wrong_id=1
+		fi	
 	fi
 	pw groupshow ${squid_group}
+
 	if ! pw usershow ${squid_user} -q >/dev/null ; then
-		while pw usershow -u ${squid_uid} -q >/dev/null; do
-			squid_uid=`expr ${squid_uid} + 1`
-		done
 		echo "There is no account '${squid_user}' on this system, so I will try to create it:"
 		if ! pw useradd ${squid_user} -u ${squid_uid} -q \
 	  	    -c "squid caching-proxy pseudo user" -g ${squid_group} \
@@ -47,8 +53,53 @@
 		fi
 	else
 		echo "I will use the existing user '${squid_user}':"
+		current_uid=`id -u ${squid_user}`
+		if [ ${current_uid} -ge ${squid_olduid} \
+		    -a ${current_uid} -ne ${nobody_uid} ];
+		then
+			wrong_id=1
+		fi
 	fi
 	pw usershow ${squid_user}
+	if [ "${wrong_id}" ]; then
+		echo ""
+		echo " * NOTICE *"
+		echo ""
+		echo "The squid pseudo-user's uid and/or gid have been found"
+		echo "to be greater than or equal 3128."
+		echo ""
+		echo "This is not a problem as such, but violates the FreeBSD"
+		echo "ports' principle that a ports must not claim a uid greater"
+		echo "than 999."
+		echo ""
+		echo "Since version 2.5.4_11, the squid user is thus created"
+		echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
+		echo "port used the first unused uid/gid greater than or"
+		echo "equal 3128."
+		echo ""
+		echo "If you want to change the existing squid user's id, run"
+		echo "'make changeuser' after the installation has completed."
+		echo "If you installed this port via a package, issue the"
+		echo "following commands as root:"
+		echo ""
+		echo "pw userdel -u ${current_uid}"
+		echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
+		echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
+		echo "    -c \"squid caching-proxy pseudo user\" \\"
+		echo "    -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
+		echo "    -h -"
+		echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
+		echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
+		echo ""
+		echo "In case you have installed third party software for squid"
+		echo "like squidGuard, you should additionally run:"
+		echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
+		echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
+		echo ""
+		if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
+			read -p "Press RETURN to continue..." dummy
+		fi
+	fi
 	for dir in cache logs; do
 	if [ ! -d ${squid_base}/${dir} ]; then
 		echo "Creating ${squid_base}/${dir}..."
	


>Release-Note:
>Audit-Trail:
>Unformatted:

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040302183658.2202.qmail>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact