Date: Fri, 24 Jul 2015 10:54:42 +0000 (UTC) From: Palle Girgensohn <girgen@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r392817 - in head/security/shibboleth2-sp: . files Message-ID: <201507241054.t6OAsgF5041869@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: girgen Date: Fri Jul 24 10:54:41 2015 New Revision: 392817 URL: https://svnweb.freebsd.org/changeset/ports/392817 Log: The new shibboleth will refuse to accept -u when it was already su:ed to that user. Trust shibboleth to change user. Modified: head/security/shibboleth2-sp/Makefile head/security/shibboleth2-sp/files/shibboleth-sp.in Modified: head/security/shibboleth2-sp/Makefile ============================================================================== --- head/security/shibboleth2-sp/Makefile Fri Jul 24 10:11:18 2015 (r392816) +++ head/security/shibboleth2-sp/Makefile Fri Jul 24 10:54:41 2015 (r392817) @@ -3,6 +3,7 @@ PORTNAME= shibboleth-sp PORTVERSION= 2.5.5 +PORTREVISION= 1 CATEGORIES= security www MASTER_SITES= http://shibboleth.net/downloads/service-provider/${PORTVERSION}/ Modified: head/security/shibboleth2-sp/files/shibboleth-sp.in ============================================================================== --- head/security/shibboleth2-sp/files/shibboleth-sp.in Fri Jul 24 10:11:18 2015 (r392816) +++ head/security/shibboleth2-sp/files/shibboleth-sp.in Fri Jul 24 10:54:41 2015 (r392817) @@ -21,13 +21,13 @@ restart_precmd="shibboleth_sp_configtest configtest_cmd="shibboleth_sp_configtest" keygen_cmd="shibboleth_sp_keygen" -shibboleth_sp_user=%%SHIBD_USER%% +shibboleth_sp_usr=%%SHIBD_USER%% shibboleth_sp_group=%%SHIBD_GROUP%% www_group=%%WWWGRP%% load_rc_config $name -command_args="-f -p ${pidfile} -u ${shibboleth_sp_user} -g ${shibboleth_sp_group}" +command_args="-f -p ${pidfile} -u ${shibboleth_sp_usr} -g ${shibboleth_sp_group}" confdir=${SHIBSP_CFGDIR:-%%PREFIX%%/etc}/shibboleth cert=sp-cert.pem key=sp-key.pem @@ -37,20 +37,20 @@ shibboleth_sp_configtest() { run_rc_command keygen else # update from 2.4.x, chown %%SHIBD_USER%% the key and cert - chown ${shibboleth_sp_user}:${shibboleth_sp_group} ${confdir}/${key} ${confdir}/${cert} + chown ${shibboleth_sp_usr}:${shibboleth_sp_group} ${confdir}/${key} ${confdir}/${cert} chmod 400 ${confdir}/${key} chmod 444 ${confdir}/${cert} fi # In FreeBSD 10 (r258664), /var/cache mode is corrected to 755. make sure we have that mode. chmod 755 /var/cache - install -d -o ${shibboleth_sp_user} -g ${shibboleth_sp_group} /var/log/shibboleth - install -d -o ${shibboleth_sp_user} -g ${shibboleth_sp_group} /var/cache/shibboleth - install -d -o ${shibboleth_sp_user} -g ${www_group} -m 750 /var/run/shibboleth - ${command} ${shibboleth_sp_flags} -u ${shibboleth_sp_user} -g ${shibboleth_sp_group} -t + install -d -o ${shibboleth_sp_usr} -g ${shibboleth_sp_group} /var/log/shibboleth + install -d -o ${shibboleth_sp_usr} -g ${shibboleth_sp_group} /var/cache/shibboleth + install -d -o ${shibboleth_sp_usr} -g ${www_group} -m 750 /var/run/shibboleth + ${command} ${shibboleth_sp_flags} -u ${shibboleth_sp_usr} -g ${shibboleth_sp_group} -t } shibboleth_sp_keygen() { - %%SH%% ${confdir}/keygen.sh -o ${confdir} -u ${shibboleth_sp_user} -g ${shibboleth_sp_group} + %%SH%% ${confdir}/keygen.sh -o ${confdir} -u ${shibboleth_sp_usr} -g ${shibboleth_sp_group} } extra_commands="configtest keygen"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201507241054.t6OAsgF5041869>