From owner-p4-projects@FreeBSD.ORG Mon Jul 17 17:34:22 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id A6B4E16A4E1; Mon, 17 Jul 2006 17:34:22 +0000 (UTC) X-Original-To: perforce@FreeBSD.org Delivered-To: perforce@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4ABA416A4DD for ; Mon, 17 Jul 2006 17:34:22 +0000 (UTC) (envelope-from gabor@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F78443D45 for ; Mon, 17 Jul 2006 17:34:21 +0000 (GMT) (envelope-from gabor@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k6HHYLEC020776 for ; Mon, 17 Jul 2006 17:34:21 GMT (envelope-from gabor@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k6HHYLTm020773 for perforce@freebsd.org; Mon, 17 Jul 2006 17:34:21 GMT (envelope-from gabor@FreeBSD.org) Date: Mon, 17 Jul 2006 17:34:21 GMT Message-Id: <200607171734.k6HHYLTm020773@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to gabor@FreeBSD.org using -f From: Gabor Kovesdan To: Perforce Change Reviews Cc: Subject: PERFORCE change 101778 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2006 17:34:22 -0000 http://perforce.freebsd.org/chv.cgi?CH=101778 Change 101778 by gabor@gabor_spitfire on 2006/07/17 17:33:45 Fix the security report code in bsd.port.mk to respect DESTDIR. It seems that actually not this code is that runs on my system, so this needs a bit of further investigation. When does this code run? And what code runs in another cases? Affected files ... .. //depot/projects/soc2006/gabor_ports/Mk/bsd.port.mk#32 edit Differences ... ==== //depot/projects/soc2006/gabor_ports/Mk/bsd.port.mk#32 (text+ko) ==== @@ -3853,8 +3853,6 @@ .if !target(security-check) .if !defined(OLD_SECURITY_CHECK) -### FIXME: in the displayed checksum DESTDIR should be displayed if set - security-check: # Scan PLIST for: # 1. setugid files @@ -3945,30 +3943,57 @@ ${GREP} '^etc/rc.d/' ${TMPPLIST} > ${WRKDIR}/.PLIST.startup; \ if [ -s ${WRKDIR}/.PLIST.setuid -o -s ${WRKDIR}/.PLIST.network -o -s ${WRKDIR}/.PLIST.writable ]; then \ if [ -n "$$PORTS_AUDIT" ]; then \ - ${ECHO_MSG} "===> SECURITY REPORT (PARANOID MODE): "; \ + if [ -z "${DESTDIR}" ] ; \ + ${ECHO_MSG} "===> SECURITY REPORT (PARANOID MODE): "; \ + else \ + ${ECHO_MSG} "===> SECURITY REPORT FOR ${DESTDIR} (PARANOID MODE): "; \ + fi; \ else \ - ${ECHO_MSG} "===> SECURITY REPORT: "; \ + if [ -z "${DESTDIR}" ] ; \ + ${ECHO_MSG} "===> SECURITY REPORT: "; \ + else \ + ${ECHO_MSG} "===> SECURITY REPORT FOR ${DESTDIR}: "; \ + fi; \ fi; \ if [ -s ${WRKDIR}/.PLIST.setuid ] ; then \ - ${ECHO_MSG} " This port has installed the following binaries, which execute with"; \ - ${ECHO_MSG} " increased privileges."; \ + if [ -z "${DESTDIR}" ] ; then \ + ${ECHO_MSG} " This port has installed the following binaries,"; \ + else \ + ${ECHO_MSG} " This port has installed the following binaries into ${DESTDIR},"; \ + fi; \ + ${ECHO_MSG} " which execute with increased privileges."; \ ${CAT} ${WRKDIR}/.PLIST.setuid; \ ${ECHO_MSG}; \ fi; \ if [ -s ${WRKDIR}/.PLIST.network ] ; then \ - ${ECHO_MSG} " This port has installed the following files, which may act as network"; \ - ${ECHO_MSG} " servers and may therefore pose a remote security risk to the system."; \ + if [ -z "${DESTDIR}" ] ; then \ + ${ECHO_MSG} " This port has installed the following files, which may act as network"; \ + ${ECHO_MSG} " servers and may therefore pose a remote security risk to the system."; \ + else \ + ${ECHO_MSG} " This port has installed the following files into ${DESTDIR}, which may"; \ + ${ECHO_MSG} " act as network servers and may therefore pose a remote security risk to"; \ + ${ECHO_MSG} " the system."; \ + fi; \ ${CAT} ${WRKDIR}/.PLIST.network; \ ${ECHO_MSG}; \ if [ -s ${WRKDIR}/.PLIST.startup ] ; then \ - ${ECHO_MSG} " This port has installed the following startup scripts, which may cause"; \ - ${ECHO_MSG} " these network services to be started at boot time."; \ + if [ -z "${DESTDIR}" ] ; then \ + ${ECHO_MSG} " This port has installed the following startup scripts,"; \ + else \ + ${ECHO_MSG} " This port has installed the following startup scripts into ${DESTDIR},"; \ + fi; \ + ${ECHO_MSG} " which may cause these network services to be started at boot time."; \ ${SED} s,^,${PREFIX}/, < ${WRKDIR}/.PLIST.startup; \ ${ECHO_MSG}; \ fi; \ fi; \ if [ -s ${WRKDIR}/.PLIST.writable ] ; then \ - ${ECHO_MSG} " This port has installed the following world-writable files/directories."; \ + if [ -z "${DESTDIR}" ] ; then \ + ${ECHO_MSG} " This port has installed the following world-writable files/directories."; \ + else \ + ${ECHO_MSG} " This port has installed the following world-writable files/directories"; \ + ${ECHO_MSG} " into ${DESTDIR}."; \ + fi; \ ${CAT} ${WRKDIR}/.PLIST.writable; \ ${ECHO_MSG}; \ fi; \