Date: Wed, 12 Dec 2012 07:19:40 +0000 From: Chris Rees <utisoft@gmail.com> To: Maxim Sobolev <sobomax@freebsd.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r308734 - in head/net/rtpproxy: . files Message-ID: <CADLo839Bo86kA2XcMWSDQDnsXk1R2-VKNyyGK=10Hi4kkj6Tfg@mail.gmail.com> In-Reply-To: <201212120208.qBC28YTk039216@svn.freebsd.org> References: <201212120208.qBC28YTk039216@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12 Dec 2012 02:08, "Maxim Sobolev" <sobomax@freebsd.org> wrote: > > XXX Ports RC script present > Author: sobomax > Date: Wed Dec 12 02:08:33 2012 > New Revision: 308734 > URL: http://svnweb.freebsd.org/changeset/ports/308734 > > Log: > Add unprivileged user to run under, so it's more secure. > > Reminded by: Olle E. Johansson > > Added: > head/net/rtpproxy/files/ > head/net/rtpproxy/files/patch-freebsd_rtpproxy.in (contents, props changed) > head/net/rtpproxy/pkg-install (contents, props changed) > Modified: > head/net/rtpproxy/Makefile > > Modified: head/net/rtpproxy/Makefile > ============================================================================== > --- head/net/rtpproxy/Makefile Wed Dec 12 02:02:55 2012 (r308733) > +++ head/net/rtpproxy/Makefile Wed Dec 12 02:08:33 2012 (r308734) > @@ -7,6 +7,7 @@ > > PORTNAME= rtpproxy > PORTVERSION= 1.2.1 > +PORTREVISION= 1 > CATEGORIES= net > MASTER_SITES= http://www.rtpproxy.org/chrome/site/ > > @@ -25,6 +26,9 @@ post-build: > ${SED} 's|%%PREFIX%%|${PREFIX}|g ; s|%%RC_SUBR%%|/etc/rc.subr|g' \ > ${WRKSRC}/freebsd/rtpproxy.in > ${WRKDIR}/rtpproxy > > +pre-install: > + @PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL > + > post-install: > ${INSTALL_SCRIPT} ${WRKDIR}/rtpproxy ${PREFIX}/etc/rc.d/rtpproxy > > > Added: head/net/rtpproxy/files/patch-freebsd_rtpproxy.in > ============================================================================== > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/net/rtpproxy/files/patch-freebsd_rtpproxy.in Wed Dec 12 02:08:33 2012 (r308734) > @@ -0,0 +1,17 @@ > + > +$FreeBSD$ > + > +--- freebsd/rtpproxy.in.orig > ++++ freebsd/rtpproxy.in > +@@ -25,7 +25,10 @@ > + > + rtpproxy_enable=${rtpproxy_enable:-"NO"} > + rtpproxy_laddr=${rtpproxy_laddr:-"0.0.0.0"} > ++rtpproxy_usr=${rtpproxy_usr:-"rtpproxy"} > ++rtpproxy_grp=${rtpproxy_grp:-"rtpproxy"} > + > +-command_args="-l ${rtpproxy_laddr} -p /var/run/rtpproxy.pid" > ++command_args="-l ${rtpproxy_laddr} -p /var/run/rtpproxy.pid \ > ++ -u ${rtpproxy_usr}:${rtpproxy_grp}" > + > + run_rc_command "${1}" > > Added: head/net/rtpproxy/pkg-install > ============================================================================== > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/net/rtpproxy/pkg-install Wed Dec 12 02:08:33 2012 (r308734) > @@ -0,0 +1,35 @@ > +#!/bin/sh > +# $FreeBSD$ > +# > + > +if [ "$2" != "PRE-INSTALL" ]; then > + exit 0 > +fi > + > +RTPPROXY_USER=rtpproxy > +RTPPROXY_GROUP=${RTPPROXY_USER} > +RTPPROXY_UID=222 > +RTPPROXY_GID=${RTPPROXY_UID} > + > +if ! pw groupshow "${RTPPROXY_GROUP}" 2>/dev/null 1>&2; then > + if pw groupadd ${RTPPROXY_GROUP} -g ${RTPPROXY_GID}; then > + echo "Added group \"${RTPPROXY_GROUP}\"." > + else > + echo "Adding group \"${RTPPROXY_GROUP}\" failed..." > + exit 1 > + fi > +fi > + > +if ! pw usershow "${RTPPROXY_USER}" 2>/dev/null 1>&2; then > + if pw useradd ${RTPPROXY_USER} -u ${RTPPROXY_UID} -g ${RTPPROXY_GROUP} -h - \ > + -s "/sbin/nologin" -d "/nonexistent" \ > + -c "RTP Proxy"; \ > + then > + echo "Added user \"${RTPPROXY_USER}\"." > + else > + echo "Adding user \"${RTPPROXY_USER}\" failed..." > + exit 1 > + fi > +fi > + > +exit 0 This is the wrong way to create users; please use the USERS and GROUPS Makefile variables instead. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo839Bo86kA2XcMWSDQDnsXk1R2-VKNyyGK=10Hi4kkj6Tfg>