Date: Wed, 21 May 2008 19:17:02 -0500 (CDT) From: Paul Schmehl <pauls@utdallas.edu> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/123883: security/sguil-server, improve pkg-install script Message-ID: <20080522001702.EC40F34781C@utd65257.utdallas.edu> Resent-Message-ID: <200805220020.m4M0K8Uh096408@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 123883
>Category: ports
>Synopsis: security/sguil-server, improve pkg-install script
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu May 22 00:20:08 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Paul Schmehl
>Release: FreeBSD 7.0-STABLE i386
>Organization:
The University of Texas at Dallas
>Environment:
System: FreeBSD hostname.utdallas.edu 7.0-STABLE FreeBSD 7.0-STABLE #6: Wed Apr 16 17:14:28 CDT 2008 root@hostname.utdallas.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
If a user opts out of the first part of the pkg-install script, but
elects to interact with the second part of the script and decides to
create new certs, the creation of the certs will fail silently if the
certs directory does not exist. This is because the certs directory
is created (if necessary) in the pre-install portion of the pkg-install
script, but the certs are created in the post-install part of the script.
This PR corrects this problem by moving the creation of the certs directory
to the same subroutine that the certs are created in.
It also increments the PORTREVISION value, as required.
>How-To-Repeat:
>Fix:
--- patch-Makefile begins here ---
--- Makefile.orig 2008-05-21 19:09:54.000000000 -0500
+++ Makefile 2008-05-21 19:10:11.000000000 -0500
@@ -7,7 +7,7 @@
PORTNAME= sguil-server
PORTVERSION= 0.7.0
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= SF
MASTER_SITE_SUBDIR= sguil
--- patch-Makefile ends here ---
--- patch-files-pkg-install.in begins here ---
--- files/pkg-install.in.orig 2008-05-21 15:12:37.000000000 -0500
+++ files/pkg-install.in 2008-05-21 15:15:05.000000000 -0500
@@ -77,13 +77,6 @@
pw usershow ${sguil_user}
fi
fi
- for dir in %%SGUILDIR%%/certs ; do
- if [ ! -d ${confdir}/${dir} ]; then
- echo "Creating ${confdir}/${dir} ...."
- install -d -o ${sguil_user} -g ${sguil_group} \
- -m 0750 ${confdir}/${dir}
- fi
- done
for dir in %%PREFIX%%/lib/%%SGUILDIR%% /var/run/%%SGUILDIR%% ; do
if [ ! -d ${dir} ]; then
echo "Creating ${dir} ...."
@@ -123,6 +116,13 @@
echo "Would you like to create certs now? (y for yes, n for no)"; read ans
case "$ans" in
y*|Y*)
+ for dir in %%SGUILDIR%%/certs ; do
+ if [ ! -d ${confdir}/${dir} ]; then
+ echo "Creating ${confdir}/${dir} ...."
+ install -d -o ${sguil_user} -g ${sguil_group} \
+ -m 0750 ${confdir}/${dir}
+ fi
+ done
echo -e "\033[1mFirst we need to create a password-protected CA cert."
echo ""
echo -e "\033[0m(The Common Name should be the FQHN of your squil server.)"
--- patch-files-pkg-install.in ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080522001702.EC40F34781C>