FreeBSD Mail Archives

Date:      Sun, 06 Mar 2011 14:55:49 +1100
From:      Lawrence Stewart <lstewart@freebsd.org>
To:        Ashish SHUKLA <ashish@freebsd.org>
Cc:        freebsd-ports@freebsd.org
Subject:   Re: Adding a PAM config option to net-im/ejabberd
Message-ID:  <4D7305C5.5040709@freebsd.org>
In-Reply-To: <86ipx5esde.fsf@chateau.d.if>
References:  <4D44FD91.7070607@freebsd.org> <86r5buec8e.fsf@chateau.d.if>	<4D45F219.6070207@freebsd.org> <86ipx5esde.fsf@chateau.d.if>

This is a multi-part message in MIME format.
--------------010305030507060809090602
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

On 01/31/11 13:09, Ashish SHUKLA wrote:
> Lawrence Stewart writes:
>> On 01/31/11 00:45, Ashish SHUKLA wrote:
>>> Hi Lawrence,
>>>
>>> Lawrence Stewart writes:
>>>> Hi Ashish,
>>>
>>>> What do you think about applying the attached patch to the ejabberd
>>>> port? It installs some parts required to allow ejabberd to auth against
>>>> PAM and is working great for me.
>>>
>>> Sure, I can apply it, once ports freeze is over. I also need to update
>>> ejabberd. I'll do both together.
> 
>> Sounds good, thanks. One question: in order to get PAM auth working, you
>> have to set uid root on the epam bits and chown them appropriately in
>> order to allow things to work. Should the port installation process do
>> these steps as well or should we leave them to the user? I would be
>> inclined to have the port do them so that upgrading the port doesn't
>> break PAM auth after the upgrade. We would want to print a big warning
>> at the end of the port install about the set uid security aspects though.
> 
> Thanks for the mention, I suggest adding mention of setuid bit in the
> description of the OPTION. And ofcourse port is going to set the setuid bit
> during installation.
> 
> And `security-check' target in bsd.port.mk will catch the setuid bit set on
> the installed executable, and will inform the user as well. So, adding a
> warning about setuid bit be redundant, IMHO.

Updated patch attached. Feel like committing it for me?

Cheers,
Lawrence

--------------010305030507060809090602
Content-Type: text/plain;
 name="ejabberd_withpam.patch"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="ejabberd_withpam.patch"

LS0tIE1ha2VmaWxlLm9yaWcJMjAxMC0xMC0yNSAwODo1NTowNC4wMDAwMDAwMDAgKzExMDAK
KysrIE1ha2VmaWxlCTIwMTEtMDMtMDYgMTQ6NDc6MjcuMDAwMDAwMDAwICsxMTAwCkBAIC0y
Myw3ICsyMyw4IEBACiBVU0VfUkNfU1VCUj0JJHtQT1JUTkFNRX0KIE5PUFJFQ0lPVVNNQUtF
VkFSUz0JeWVzCiAKLU9QVElPTlM9CU9EQkMJIkVuYWJsZSBPREJDIHN1cHBvcnQiCQlvZmYK
K09QVElPTlM9CU9EQkMJIkVuYWJsZSBPREJDIHN1cHBvcnQiCQkJb2ZmIFwKKwkJUEFNCSJF
bmFibGUgc2V0dWlkIFBBTSBhdXRoIHN1cHBvcnQiCW9mZgogCiBNQUtFX0VOVj0JUE9SVFZF
UlNJT049JHtQT1JUVkVSU0lPTn0KIENPTkZJR1VSRV9BUkdTKz0tLWxvY2Fsc3RhdGVkaXI9
L3ZhcgpAQCAtNTUsNiArNTYsMTMgQEAKIFBMSVNUX1NVQis9CU9EQkM9IkBjb21tZW50ICIK
IC5lbmRpZgogCisuaWYgZGVmaW5lZChXSVRIX1BBTSkKK0NPTkZJR1VSRV9BUkdTKz0tLWVu
YWJsZS1wYW0KK1BMSVNUX1NVQis9CVBBTT0iIgorLmVsc2UKK1BMSVNUX1NVQis9CVBBTT0i
QGNvbW1lbnQgIgorLmVuZGlmCisKIC5pZiBkZWZpbmVkKE5PUE9SVERPQ1MpCiBNQUtFX0FS
R1MrPQlOT1BPUlRET0NTPSR7Tk9QT1JURE9DU30KIC5lbmRpZgpAQCAtNjcsNiArNzUsMTIg
QEAKIAkke0ZJTkR9ICR7UFJFRklYfS9saWIvZXJsYW5nL2xpYi8ke0RJU1ROQU1FfSAtdHlw
ZSBmIC1wcmludDAgfCAke1hBUkdTfSAtMCAke0NITU9EfSAke1NIQVJFTU9ERX0KIAkke0ZJ
TkR9ICR7UFJFRklYfS9saWIvZXJsYW5nL2xpYi8ke0RJU1ROQU1FfSAtdHlwZSBmIC1wcmlu
dDAgfCAke1hBUkdTfSAtMCAke0NIT1dOfSAke1NIQVJFT1dOfToke1NIQVJFR1JQfQogCisu
aWYgZGVmaW5lZChXSVRIX1BBTSkKKwkke0NITU9EfSA0NzUwICR7UFJFRklYfS9saWIvZXJs
YW5nL2xpYi8ke0RJU1ROQU1FfS9wcml2L2Jpbi9lcGFtCisJJHtDSE9XTn0gcm9vdDplamFi
YmVyZCAke1BSRUZJWH0vbGliL2VybGFuZy9saWIvJHtESVNUTkFNRX0vcHJpdi9iaW4vZXBh
bQorCSR7SU5TVEFMTH0gLW0gNDQ0ICR7RklMRVNESVJ9L3BhbV9lamFiYmVyZCAke1BSRUZJ
WH0vZXRjL3BhbS5kL2VqYWJiZXJkCisuZW5kaWYKKwogCUAke0NBVH0gJHtQS0dNRVNTQUdF
fQogCiAuaW5jbHVkZSA8YnNkLnBvcnQucG9zdC5taz4KLS0tIHBrZy1wbGlzdC5vcmlnCTIw
MTAtMTAtMDEgMDI6MjI6MTUuMDAwMDAwMDAwICsxMDAwCisrKyBwa2ctcGxpc3QJMjAxMS0w
My0wNiAxNDoxNjo1MC4wMDAwMDAwMDAgKzExMDAKQEAgLTU4LDYgKzU4LDkgQEAKICUlT0RC
QyUlbGliL2VybGFuZy9saWIvJSVQT1JUTkFNRSUlLSUlUE9SVFZFUlNJT04lJS9lYmluLyUl
UE9SVE5BTUUlJV9vZGJjLmJlYW0KICUlT0RCQyUlbGliL2VybGFuZy9saWIvJSVQT1JUTkFN
RSUlLSUlUE9SVFZFUlNJT04lJS9lYmluLyUlUE9SVE5BTUUlJV9vZGJjX3N1cC5iZWFtCiAl
JU9EQkMlJWxpYi9lcmxhbmcvbGliLyUlUE9SVE5BTUUlJS0lJVBPUlRWRVJTSU9OJSUvZWJp
bi9vZGJjX3F1ZXJpZXMuYmVhbQorJSVQQU0lJWxpYi9lcmxhbmcvbGliLyUlUE9SVE5BTUUl
JS0lJVBPUlRWRVJTSU9OJSUvZWJpbi9lcGFtLmJlYW0KKyUlUEFNJSVsaWIvZXJsYW5nL2xp
Yi8lJVBPUlROQU1FJSUtJSVQT1JUVkVSU0lPTiUlL3ByaXYvYmluL2VwYW0KKyUlUEFNJSVl
dGMvcGFtLmQvZWphYmJlcmQKIGxpYi9lcmxhbmcvbGliLyUlUE9SVE5BTUUlJS0lJVBPUlRW
RVJTSU9OJSUvZWJpbi9keW5hbWljX2NvbXBpbGUuYmVhbQogbGliL2VybGFuZy9saWIvJSVQ
T1JUTkFNRSUlLSUlUE9SVFZFUlNJT04lJS9lYmluL2VqYWJiZXJkX2NhcHRjaGEuYmVhbQog
bGliL2VybGFuZy9saWIvJSVQT1JUTkFNRSUlLSUlUE9SVFZFUlNJT04lJS9lYmluL2VqYWJi
ZXJkX2NvbW1hbmRzLmJlYW0KLS0tIGZpbGVzL3BhbV9lamFiYmVyZC5vcmlnCTIwMTEtMDMt
MDYgMTM6MDA6MTUuMDAwMDAwMDAwICsxMTAwCisrKyBmaWxlcy9wYW1fZWphYmJlcmQJMjAx
MS0wMy0wNiAxNDo0NToxMS4wMDAwMDAwMDAgKzExMDAKQEAgLTAsMCArMSw2IEBACisjCisj
IFBBTSBjb25maWd1cmF0aW9uIGZvciB0aGUgImVqYWJiZXJkIiBzZXJ2aWNlCisjCisKKyMg
YXV0aAorYXV0aAkJcmVxdWlyZWQJcGFtX3VuaXguc28JCW5vX3dhcm4gdHJ5X2ZpcnN0X3Bh
c3MK
--------------010305030507060809090602--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D7305C5.5040709>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation