Date: Mon, 20 Jan 2014 18:29:51 +0000 (UTC) From: Mathieu Arnold <mat@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r340439 - in head/security/snortsam: . files Message-ID: <201401201829.s0KITpJ0008427@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mat Date: Mon Jan 20 18:29:50 2014 New Revision: 340439 URL: http://svnweb.freebsd.org/changeset/ports/340439 QAT: https://qat.redports.org/buildarchive/r340439/ Log: * Fix build on 10 * Support staging * General cleanup Sponsored by: Absolight Modified: head/security/snortsam/Makefile head/security/snortsam/files/pkg-install.in Modified: head/security/snortsam/Makefile ============================================================================== --- head/security/snortsam/Makefile Mon Jan 20 18:28:51 2014 (r340438) +++ head/security/snortsam/Makefile Mon Jan 20 18:29:50 2014 (r340439) @@ -16,24 +16,17 @@ OPTIONS_DEFAULT= IPFW SAMTOOL IPFW_DESC= checks if configured tables are available SAMTOOL_DESC= install samtool -NO_STAGE= yes .include <bsd.port.pre.mk> USE_RC_SUBR= snortsam SUB_FILES= pkg-message \ pkg-install -HAS_CONFIGURE= yes -NO_BUILD= yes -CONFIGURE_SCRIPT= src/Makefile - -CONFIG_DIR?= ${PREFIX}/etc/snortsam - PLIST_DIRS= etc/snortsam PLIST_FILES= sbin/snortsam \ - etc/snortsam/snortsam.conf.sample \ - etc/snortsam/country-rootservers.conf.sample \ - etc/snortsam/rootservers.cfg.sample + %%ETCDIR%%/snortsam.conf.sample \ + %%ETCDIR%%/country-rootservers.conf.sample \ + %%ETCDIR%%/rootservers.cfg.sample .if ${PORT_OPTIONS:MSAMTOOL} PLIST_FILES+= sbin/samtool @@ -52,40 +45,34 @@ EXTRA_PATCHES+= ${FILESDIR}/ssp_ipfw2_no DEBUG=-DDEBUG .endif +# This seems silly, but the RC file gets into ${WRKDIR}/${PORTNAME} which +# without this, would exist and be a directory. post-extract: @${MV} ${WRKDIR}/${PORTNAME} ${WRKSRC} -pre-configure: - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c +post-patch: + @${REINPLACE_CMD} -e '/^CC/d' ${WRKSRC}/src/Makefile + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c @${CHMOD} +x ${WRKSRC}/makesnortsam.sh -do-configure: +do-build: @cd ${WRKSRC}/src && ${MAKE} ${DEBUG} @cd ${WRKSRC}/src && ${MAKE} samtool ${DEBUG} -# no access to snortsam.conf and samtool for non root users! do-install: - @${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin -.if ${PORT_OPTIONS:MSAMTOOL} - @${INSTALL} -o root -g wheel -m 500 ${WRKSRC}/samtool ${PREFIX}/sbin -.endif - @${MKDIR} -m 700 ${CONFIG_DIR} - @${INSTALL_DATA} -m 600 ${WRKSRC}/conf/snortsam.conf.sample ${CONFIG_DIR}/snortsam.conf.sample - @${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${CONFIG_DIR}/rootservers.cfg.sample - @${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${CONFIG_DIR}/country-rootservers.conf.sample + ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${STAGEDIR}${PREFIX}/sbin + ${INSTALL_PROGRAM} ${WRKSRC}/samtool ${STAGEDIR}${PREFIX}/sbin + @${MKDIR} ${STAGEDIR}${ETCDIR} + ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${STAGEDIR}${ETCDIR}/snortsam.conf.sample + ${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${STAGEDIR}${ETCDIR}/rootservers.cfg.sample + ${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${STAGEDIR}${ETCDIR}/country-rootservers.conf.sample -.if ${PORT_OPTIONS:MDOCS} - @${MKDIR} ${DOCSDIR} + @${MKDIR} ${STAGEDIR}${DOCSDIR} .for f in ${PORTDOCS} - @${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${STAGEDIR}${DOCSDIR} .endfor -.endif - -post-install: - @${SH} ${PKGINSTALL} ${DISTNAME} POST-INSTALL - @${CAT} ${PKGMESSAGE} .include <bsd.port.post.mk> Modified: head/security/snortsam/files/pkg-install.in ============================================================================== --- head/security/snortsam/files/pkg-install.in Mon Jan 20 18:28:51 2014 (r340438) +++ head/security/snortsam/files/pkg-install.in Mon Jan 20 18:29:50 2014 (r340439) @@ -3,15 +3,22 @@ # $FreeBSD$ ETCDIR=${ETCDIR:=%%ETCDIR%%} +PREFIX=${PREFIX:=%%PREFIX%%} # snortsam config file contain sensitive data like # passwords needed to block IP's on the firewalls. # Set permission of the config dir to 700 so only # root:wheel can access this directory. +# Also, samtool shouldn't be run by non root. if [ "$2" = "POST-INSTALL" ]; then if [ -d ${ETCDIR} ]; then /usr/sbin/chown root:wheel ${ETCDIR} /bin/chmod 700 ${ETCDIR} + /bin/chmod 600 ${ETCDIR}/snortsam.conf.sample + fi + if [ -x ${PREFIX}/sbin/samtool ] + then + /bin/chmod 500 ${PREFIX}/sbin/samtool fi fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201401201829.s0KITpJ0008427>