From owner-svn-ports-all@FreeBSD.ORG Mon Jan 20 18:33:15 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 239FA8C0; Mon, 20 Jan 2014 18:33:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 033DA1D57; Mon, 20 Jan 2014 18:33:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id s0KIXEtD011877; Mon, 20 Jan 2014 18:33:14 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id s0KIXE6J011873; Mon, 20 Jan 2014 18:33:14 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201401201833.s0KIXE6J011873@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 20 Jan 2014 18:33:14 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r340443 - in branches/2014Q1/security/snortsam: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jan 2014 18:33:15 -0000 Author: mat Date: Mon Jan 20 18:33:14 2014 New Revision: 340443 URL: http://svnweb.freebsd.org/changeset/ports/340443 QAT: https://qat.redports.org/buildarchive/r340443/ Log: * Fix build on 10 * Support staging * General cleanup Sponsored by: Absolight Added: branches/2014Q1/security/snortsam/files/patch-src__ssp_pf2.c - copied unchanged from r340440, head/security/snortsam/files/patch-src__ssp_pf2.c Modified: branches/2014Q1/security/snortsam/Makefile branches/2014Q1/security/snortsam/files/pkg-install.in Directory Properties: branches/2014Q1/ (props changed) Modified: branches/2014Q1/security/snortsam/Makefile ============================================================================== --- branches/2014Q1/security/snortsam/Makefile Mon Jan 20 18:32:19 2014 (r340442) +++ branches/2014Q1/security/snortsam/Makefile Mon Jan 20 18:33:14 2014 (r340443) @@ -16,24 +16,17 @@ OPTIONS_DEFAULT= IPFW SAMTOOL IPFW_DESC= checks if configured tables are available SAMTOOL_DESC= install samtool -NO_STAGE= yes .include USE_RC_SUBR= snortsam SUB_FILES= pkg-message \ pkg-install -HAS_CONFIGURE= yes -NO_BUILD= yes -CONFIGURE_SCRIPT= src/Makefile - -CONFIG_DIR?= ${PREFIX}/etc/snortsam - PLIST_DIRS= etc/snortsam PLIST_FILES= sbin/snortsam \ - etc/snortsam/snortsam.conf.sample \ - etc/snortsam/country-rootservers.conf.sample \ - etc/snortsam/rootservers.cfg.sample + %%ETCDIR%%/snortsam.conf.sample \ + %%ETCDIR%%/country-rootservers.conf.sample \ + %%ETCDIR%%/rootservers.cfg.sample .if ${PORT_OPTIONS:MSAMTOOL} PLIST_FILES+= sbin/samtool @@ -52,40 +45,34 @@ EXTRA_PATCHES+= ${FILESDIR}/ssp_ipfw2_no DEBUG=-DDEBUG .endif +# This seems silly, but the RC file gets into ${WRKDIR}/${PORTNAME} which +# without this, would exist and be a directory. post-extract: @${MV} ${WRKDIR}/${PORTNAME} ${WRKSRC} -pre-configure: - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c +post-patch: + @${REINPLACE_CMD} -e '/^CC/d' ${WRKSRC}/src/Makefile + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c @${CHMOD} +x ${WRKSRC}/makesnortsam.sh -do-configure: +do-build: @cd ${WRKSRC}/src && ${MAKE} ${DEBUG} @cd ${WRKSRC}/src && ${MAKE} samtool ${DEBUG} -# no access to snortsam.conf and samtool for non root users! do-install: - @${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin -.if ${PORT_OPTIONS:MSAMTOOL} - @${INSTALL} -o root -g wheel -m 500 ${WRKSRC}/samtool ${PREFIX}/sbin -.endif - @${MKDIR} -m 700 ${CONFIG_DIR} - @${INSTALL_DATA} -m 600 ${WRKSRC}/conf/snortsam.conf.sample ${CONFIG_DIR}/snortsam.conf.sample - @${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${CONFIG_DIR}/rootservers.cfg.sample - @${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${CONFIG_DIR}/country-rootservers.conf.sample + ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${STAGEDIR}${PREFIX}/sbin + ${INSTALL_PROGRAM} ${WRKSRC}/samtool ${STAGEDIR}${PREFIX}/sbin + @${MKDIR} ${STAGEDIR}${ETCDIR} + ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${STAGEDIR}${ETCDIR}/snortsam.conf.sample + ${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${STAGEDIR}${ETCDIR}/rootservers.cfg.sample + ${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${STAGEDIR}${ETCDIR}/country-rootservers.conf.sample -.if ${PORT_OPTIONS:MDOCS} - @${MKDIR} ${DOCSDIR} + @${MKDIR} ${STAGEDIR}${DOCSDIR} .for f in ${PORTDOCS} - @${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${STAGEDIR}${DOCSDIR} .endfor -.endif - -post-install: - @${SH} ${PKGINSTALL} ${DISTNAME} POST-INSTALL - @${CAT} ${PKGMESSAGE} .include Copied: branches/2014Q1/security/snortsam/files/patch-src__ssp_pf2.c (from r340440, head/security/snortsam/files/patch-src__ssp_pf2.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q1/security/snortsam/files/patch-src__ssp_pf2.c Mon Jan 20 18:33:14 2014 (r340443, copy of r340440, head/security/snortsam/files/patch-src__ssp_pf2.c) @@ -0,0 +1,11 @@ +--- ./src/ssp_pf2.c.orig 2009-11-27 02:39:40.000000000 +0100 ++++ ./src/ssp_pf2.c 2014-01-20 19:03:47.000000000 +0100 +@@ -95,7 +95,7 @@ + } + } + +- return; ++ return 0; + } + + Modified: branches/2014Q1/security/snortsam/files/pkg-install.in ============================================================================== --- branches/2014Q1/security/snortsam/files/pkg-install.in Mon Jan 20 18:32:19 2014 (r340442) +++ branches/2014Q1/security/snortsam/files/pkg-install.in Mon Jan 20 18:33:14 2014 (r340443) @@ -3,15 +3,22 @@ # $FreeBSD$ ETCDIR=${ETCDIR:=%%ETCDIR%%} +PREFIX=${PREFIX:=%%PREFIX%%} # snortsam config file contain sensitive data like # passwords needed to block IP's on the firewalls. # Set permission of the config dir to 700 so only # root:wheel can access this directory. +# Also, samtool shouldn't be run by non root. if [ "$2" = "POST-INSTALL" ]; then if [ -d ${ETCDIR} ]; then /usr/sbin/chown root:wheel ${ETCDIR} /bin/chmod 700 ${ETCDIR} + /bin/chmod 600 ${ETCDIR}/snortsam.conf.sample + fi + if [ -x ${PREFIX}/sbin/samtool ] + then + /bin/chmod 500 ${PREFIX}/sbin/samtool fi fi