Date: 23 Dec 2009 21:04:08 -0000 From: Thomas-Martin Seck <tmseck@web.de> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/141930: [Maintainer] www/squid: implement OPTIONS for Kerberos and YP authentication Message-ID: <20091223210408.3504.qmail@wcfields.tmseck.homedns.org> Resent-Message-ID: <200912232110.nBNLA1Yc070848@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 141930 >Category: ports >Synopsis: [Maintainer] www/squid: implement OPTIONS for Kerberos and YP authentication >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Wed Dec 23 21:10:01 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Thomas-Martin Seck >Release: FreeBSD 7.2-RELEASE i386 >Organization: a private site in Germany >Environment: FreeBSD ports collection as of December 23, 2009. >Description: - implement OPTIONS vor SQUID_KERBEROS_AUTH and SQUID_NIS_AUTH - add a CONFLICT with www/lusca-head - make the Squid configuration directory world readable in new installations to ease use of cachemgr.cgi - implement squid_conf in the rc script and document user settable variables >How-To-Repeat: >Fix: Apply this patch: Index: Makefile =================================================================== --- Makefile (.../www/squid) (Revision 1717) +++ Makefile (.../local/squid) (Revision 1717) @@ -76,7 +76,7 @@ PORTNAME= squid PORTVERSION= 2.7.${SQUID_STABLE_VER} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \ ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \ @@ -115,7 +115,7 @@ SQUID_STABLE_VER= 7 -CONFLICTS= squid-2.[^7]* squid-3.* cacheboy-[0-9]* +CONFLICTS= squid-2.[^7]* squid-3.* cacheboy-[0-9]* lusca-head-[0-9]* GNU_CONFIGURE= yes USE_BZIP2= yes USE_PERL5= yes @@ -131,7 +131,9 @@ SUB_FILES+= pkg-deinstall pkg-install pkg-message SUB_LIST+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID} -OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \ +OPTIONS= SQUID_KERB_AUTH "Install Kerberos authentication helpers" on \ + SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \ + SQUID_NIS_AUTH "Install NIS/YP authentication helpers" on \ SQUID_SASL_AUTH "Install SASL authentication helpers" off \ SQUID_DELAY_POOLS "Enable delay pools" off \ SQUID_SNMP "Enable SNMP support" off \ @@ -233,7 +235,8 @@ basic_auth+= SASL libexec+= sasl_auth .endif -.if !defined(NO_NIS) && !defined(WITHOUT_NIS) +# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too: +.if defined(WITH_SQUID_NIS_AUTH) && !defined(NO_NIS) && !defined(WITHOUT_NIS) basic_auth+= YP libexec+= yp_auth .endif @@ -242,7 +245,8 @@ --enable-digest-auth-helpers="${digest_auth}" \ --enable-external-acl-helpers="${external_acl}" \ --enable-ntlm-auth-helpers="SMB" -.if !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS) +# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too: +.if defined(WITH_SQUID_KERB_AUTH) && !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS) # XXX This currently only works with heimdal from the base system, # see files/patch-helpers_negotiate_auth-squid_kerb_auth_* CONFIGURE_ARGS+= --enable-negotiate-auth-helpers="squid_kerb_auth" Index: files/pkg-install.in =================================================================== --- files/pkg-install.in (.../www/squid) (Revision 1717) +++ files/pkg-install.in (.../local/squid) (Revision 1717) @@ -60,7 +60,7 @@ if [ ! -d ${squid_confdir} ]; then echo "Creating ${squid_confdir}..." install -d -o root -g ${squid_group} \ - -m 0750 ${squid_confdir} + -m 0755 ${squid_confdir} fi ;; POST-INSTALL) Index: files/squid.in =================================================================== --- files/squid.in (.../www/squid) (Revision 1717) +++ files/squid.in (.../local/squid) (Revision 1717) @@ -8,14 +8,37 @@ # # Note: # Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or -# /etc/rc.conf.d/squid to make this script actually do something. There -# you can also set squid_chdir, squid_pidfile, squid_user, and squid_flags. +# /etc/rc.conf.d/squid to activate Squid. # -# On FreeBSD 7.1 and beyond you can use squid_fib to set a different routing -# table for squid. See setfib(1) for details. +# Additional variables you can define in one of these files: # -# Please see squid(8), rc.conf(5) and rc(8) for further details. +# squid_chdir: the directory into which the rc system moves into before +# starting Squid. Default: %%PREFIX%%/squid # +# squid_conf: The configuration file that Squid should use. +# Default: %%PREFIX%%/etc/squid/squid.conf +# +# squid_fib: The alternative routing table id that Squid should use. +# Default: none +# See setfib(1) for further details. Note that the setfib(2) +# system call is not available in FreeBSD versions prior to 7.1. +# +# squid_user: The user id that should be used to run the Squid master +# process. Default: %%SQUID_UID%%. +# Note that you probably need to define "squid_user=root" if +# you want to run Squid in reverse proxy setups or if you want +# Squid to listen on a "privileged" port < 1024. +# +# squid_pidfile: +# The name (including the full path) of the Squid +# master process' PID file. +# Default: %%PREFIX%%/squid/squid.pid. +# You only need to change this if you changed the +# corresponding entry in your Squid configuration. +# +# squid_flags: Additional commandline arguments for Squid you might want to +# use. See squid(8) for further details. +# squid_checkrunning() { ${command} ${squid_flags} -k check 2>/dev/null @@ -51,24 +74,20 @@ load_rc_config ${name} squid_chdir=${squid_chdir:-"%%PREFIX%%/squid/logs"} +squid_conf=${squid_conf:-"%%PREFIX%%/etc/squid/squid.conf"} squid_enable=${squid_enable:-"NO"} squid_fib=${squid_fib:-"NONE"} squid_flags=${squid_flags-"-D"} squid_pidfile=${squid_pidfile:-"%%PREFIX%%/squid/logs/squid.pid"} squid_user=${squid_user:-%%SQUID_UID%%} -default_config=%%PREFIX%%/etc/squid/squid.conf pidfile=${squid_pidfile} required_dirs=${squid_chdir} -# squid(8) will not start if ${default_config} is not present so try +# squid(8) will not start if ${squid_conf} is not present so try # to catch that beforehand via ${required_files} rather than make # squid(8) crash. -# If you remove the default configuration file make sure to add -# '-f /path/to/your/squid.conf' to squid_flags -if [ -z "${squid_flags}" ]; then - required_files=${default_config} -fi +required_files=${squid_conf} run_rc_command "$1" >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091223210408.3504.qmail>