Site Navigation

Date:      Sat, 25 May 2002 05:20:10 -0700 (PDT)
From:      Jason Stone <jason-fbsd-ports-sfs@shalott.net>
To:        freebsd-ports@FreeBSD.org
Subject:   Re: ports/34691: new port for sfs - the self-certifying filesystem
Message-ID:  <200205251220.g4PCKAr58711@freefall.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

The following reply was made to PR ports/34691; it has been noted by GNATS.

From: Jason Stone <jason-fbsd-ports-sfs@shalott.net>
To: Kris Kennaway <kris@obsecurity.org>
Cc: <freebsd-gnats-submit@FreeBSD.org>
Subject: Re: ports/34691: new port for sfs - the self-certifying filesystem
Date: Sat, 25 May 2002 05:11:14 -0700 (PDT)

 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
 - -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
 On Sat, 25 May 2002, Kris Kennaway wrote:
 
 > I'd love to get this committed, but unfortunately it doesn't build on
 > 4.6:
 
 The following should work on current RELENG_4 installs (4.5, 4.6-PRE), and
 also fixes a couple typos in the pkg-install script:
 
 
 #!/bin/sh
 # This is a shell archive.  Save it in a file, remove anything before
 # this line, and then unpack it by entering "sh file".  Note, it may
 # create directories; files and directories will be owned by you and
 # have default permissions.
 #
 # This archive contains:
 #
 #	sfs
 #	sfs/pkg-deinstall
 #	sfs/Makefile
 #	sfs/distinfo
 #	sfs/pkg-comment
 #	sfs/pkg-descr
 #	sfs/pkg-plist
 #	sfs/pkg-install
 #	sfs/pkg-message
 #	sfs/files
 #	sfs/files/patch-aa
 #
 echo c - sfs
 mkdir -p sfs > /dev/null 2>&1
 echo x - sfs/pkg-deinstall
 sed 's/^X//' >sfs/pkg-deinstall << 'END-of-sfs/pkg-deinstall'
 X#!/bin/sh
 X
 Xif [ "$2" != "POST-DEINSTALL" ]; then
 X    exit 0
 Xfi
 X
 XUSER=sfs
 XGROUP=sfs
 X
 Xpw del group ${GROUP}
 Xpw del user ${USER}
 X
 Xexit 0
 END-of-sfs/pkg-deinstall
 echo x - sfs/Makefile
 sed 's/^X//' >sfs/Makefile << 'END-of-sfs/Makefile'
 X# New ports collection makefile for:	sfs
 X# Date created:		2 Feb 2002
 X# Whom:			Jason Stone <jason-fbsd-ports-sfs@shalott.net>
 X#
 X# $FreeBSD$
 X#
 X
 XPORTNAME=	sfs
 XPORTVERSION=	0.5k
 XPORTREVISION=	1
 XCATEGORIES=	security
 XMASTER_SITES=	http://www.fs.net/download/
 XWRKSRC=		${WRKDIR}/${PORTNAME}-0.5
 X
 XMAINTAINER=	jason-fbsd-ports-sfs@shalott.net
 X
 XGNU_CONFIGURE=	yes
 XCONFIGURE_ARGS=	--with-etcdir=${PREFIX}/etc -with-sfsuser=sfs -with-sfsgroup=sfs
 X
 XINSTALL_TARGET=	install-strip
 X
 Xpost-install:
 X.if !defined(BATCH) && !defined(PACKAGE_BUILDING)
 X	@${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
 X	@${CAT} ${PKGMESSAGE}
 X.endif
 X	install-info ${PREFIX}/info/${PORTNAME}.info ${PREFIX}/info/dir
 X
 X.include <bsd.port.mk>
 END-of-sfs/Makefile
 echo x - sfs/distinfo
 sed 's/^X//' >sfs/distinfo << 'END-of-sfs/distinfo'
 XMD5 (sfs-0.5k.tar.gz) = 74d49ffa8472afb0e28b097bec3e7df5
 END-of-sfs/distinfo
 echo x - sfs/pkg-comment
 sed 's/^X//' >sfs/pkg-comment << 'END-of-sfs/pkg-comment'
 XSFS is a secure, global file system with completely decentralized control
 END-of-sfs/pkg-comment
 echo x - sfs/pkg-descr
 sed 's/^X//' >sfs/pkg-descr << 'END-of-sfs/pkg-descr'
 XSelf-certifying File System
 X
 XSFS is a secure, global file system with completely decentralized
 Xcontrol.  SFS lets you access your files from anywhere and share them
 Xwith anyone, anywhere. Anyone can set up an SFS server, and any user
 Xcan access any server from any client. SFS lets you share files across
 Xadministrative realms without involving administrators or
 Xcertification authorities.
 X
 XWWW: http://www.fs.net/
 END-of-sfs/pkg-descr
 echo x - sfs/pkg-plist
 sed 's/^X//' >sfs/pkg-plist << 'END-of-sfs/pkg-plist'
 Xbin/dirsearch
 Xbin/newaid
 Xbin/rpcc
 Xbin/sfsagent
 Xbin/sfskey
 Xbin/ssu
 Xinclude/sfs
 Xinclude/sfs-0.5/aclnt.h
 Xinclude/sfs-0.5/aes.h
 Xinclude/sfs-0.5/afsnode.h
 Xinclude/sfs-0.5/agentconn.h
 Xinclude/sfs-0.5/aiod.h
 Xinclude/sfs-0.5/aiod_prot.h
 Xinclude/sfs-0.5/aios.h
 Xinclude/sfs-0.5/amisc.h
 Xinclude/sfs-0.5/arc4.h
 Xinclude/sfs-0.5/arena.h
 Xinclude/sfs-0.5/arpc.h
 Xinclude/sfs-0.5/array.h
 Xinclude/sfs-0.5/asrv.h
 Xinclude/sfs-0.5/async.h
 Xinclude/sfs-0.5/autoconf.h
 Xinclude/sfs-0.5/axprt.h
 Xinclude/sfs-0.5/axprt_crypt.h
 Xinclude/sfs-0.5/backoff.h
 Xinclude/sfs-0.5/bbuddy.h
 Xinclude/sfs-0.5/bench.h
 Xinclude/sfs-0.5/bigint.h
 Xinclude/sfs-0.5/bitvec.h
 Xinclude/sfs-0.5/blowfish.h
 Xinclude/sfs-0.5/callback.h
 Xinclude/sfs-0.5/cbuf.h
 Xinclude/sfs-0.5/crypt.h
 Xinclude/sfs-0.5/crypt_prot.h
 Xinclude/sfs-0.5/crypt_prot.x
 Xinclude/sfs-0.5/crypthash.h
 Xinclude/sfs-0.5/dns.h
 Xinclude/sfs-0.5/dnsparse.h
 Xinclude/sfs-0.5/err.h
 Xinclude/sfs-0.5/esign.h
 Xinclude/sfs-0.5/fdlim.h
 Xinclude/sfs-0.5/getfh3.h
 Xinclude/sfs-0.5/hashcash.h
 Xinclude/sfs-0.5/ihash.h
 Xinclude/sfs-0.5/init.h
 Xinclude/sfs-0.5/itree.h
 Xinclude/sfs-0.5/keyfunc.h
 Xinclude/sfs-0.5/list.h
 Xinclude/sfs-0.5/modalg.h
 Xinclude/sfs-0.5/mount_prot.h
 Xinclude/sfs-0.5/mount_prot.x
 Xinclude/sfs-0.5/msb.h
 Xinclude/sfs-0.5/nfs3_ext.x
 Xinclude/sfs-0.5/nfs3_nonnul.h
 Xinclude/sfs-0.5/nfs3_prot.h
 Xinclude/sfs-0.5/nfs3_prot.x
 Xinclude/sfs-0.5/nfs3exp_prot.h
 Xinclude/sfs-0.5/nfs3exp_prot.x
 Xinclude/sfs-0.5/nfs_prot.h
 Xinclude/sfs-0.5/nfs_prot.x
 Xinclude/sfs-0.5/nfsmounter.h
 Xinclude/sfs-0.5/nfsmounter.x
 Xinclude/sfs-0.5/nfsserv.h
 Xinclude/sfs-0.5/nfstrans.h
 Xinclude/sfs-0.5/opnew.h
 Xinclude/sfs-0.5/parseopt.h
 Xinclude/sfs-0.5/password.h
 Xinclude/sfs-0.5/pcre.h
 Xinclude/sfs-0.5/pmap_prot.h
 Xinclude/sfs-0.5/pmap_prot.x
 Xinclude/sfs-0.5/prime.h
 Xinclude/sfs-0.5/prng.h
 Xinclude/sfs-0.5/qhash.h
 Xinclude/sfs-0.5/rabin.h
 Xinclude/sfs-0.5/refcnt.h
 Xinclude/sfs-0.5/rex.h
 Xinclude/sfs-0.5/rex_prot.h
 Xinclude/sfs-0.5/rex_prot.x
 Xinclude/sfs-0.5/rpctypes.h
 Xinclude/sfs-0.5/rwfd.h
 Xinclude/sfs-0.5/rxx.h
 Xinclude/sfs-0.5/seqno.h
 Xinclude/sfs-0.5/serial.h
 Xinclude/sfs-0.5/sfs-internal.h
 Xinclude/sfs-0.5/sfs_prot.h
 Xinclude/sfs-0.5/sfs_prot.x
 Xinclude/sfs-0.5/sfsagent.h
 Xinclude/sfs-0.5/sfsagent.x
 Xinclude/sfs-0.5/sfsauth_prot.h
 Xinclude/sfs-0.5/sfsauth_prot.x
 Xinclude/sfs-0.5/sfscd_prot.h
 Xinclude/sfs-0.5/sfscd_prot.x
 Xinclude/sfs-0.5/sfsclient.h
 Xinclude/sfs-0.5/sfsconnect.h
 Xinclude/sfs-0.5/sfsmisc.h
 Xinclude/sfs-0.5/sfsro_prot.h
 Xinclude/sfs-0.5/sfsro_prot.x
 Xinclude/sfs-0.5/sfsserv.h
 Xinclude/sfs-0.5/sha1.h
 Xinclude/sfs-0.5/srp.h
 Xinclude/sfs-0.5/stllike.h
 Xinclude/sfs-0.5/str.h
 Xinclude/sfs-0.5/suio++.h
 Xinclude/sfs-0.5/sysconf.h
 Xinclude/sfs-0.5/tiger.h
 Xinclude/sfs-0.5/union.h
 Xinclude/sfs-0.5/uvfstrans.h
 Xinclude/sfs-0.5/vatmpl.h
 Xinclude/sfs-0.5/vec.h
 Xinclude/sfs-0.5/wmstr.h
 Xinclude/sfs-0.5/xdr_suio.h
 Xinclude/sfs-0.5/xdrmisc.h
 Xinclude/sfs-0.5/xhinfo.h
 Xinclude/sfs.h
 X@unexec install-info --delete %D/info/sfs.info %D/info/dir
 Xinfo/sfs.info
 Xinfo/sfs.info-1
 Xinfo/sfs.info-2
 X@exec install-info %D/info/sfs.info %D/info/dir
 Xlib/libsfs.a
 Xlib/sfs
 Xlib/sfs-0.5/aiod
 Xlib/sfs-0.5/libarpc.a
 Xlib/sfs-0.5/libarpc.la
 Xlib/sfs-0.5/libasync.a
 Xlib/sfs-0.5/libasync.la
 Xlib/sfs-0.5/libsfscrypt.a
 Xlib/sfs-0.5/libsfscrypt.la
 Xlib/sfs-0.5/libsfsmisc.a
 Xlib/sfs-0.5/libsfsmisc.la
 Xlib/sfs-0.5/libsvc.a
 Xlib/sfs-0.5/libsvc.la
 Xlib/sfs-0.5/mallock.o
 Xlib/sfs-0.5/newaid
 Xlib/sfs-0.5/nfsmounter
 Xlib/sfs-0.5/pathinfo
 Xlib/sfs-0.5/sfsauthd
 Xlib/sfs-0.5/sfsrwcd
 Xlib/sfs-0.5/sfsrwsd
 Xlib/sfs-0.5/suidconnect
 Xlib/sfs-0.5/xfer
 Xsbin/funmount
 Xsbin/sfscd
 Xsbin/sfssd
 Xshare/sfs/sfs_config
 Xshare/sfs/sfs_srp_parms
 Xshare/sfs/sfsauthd_config
 Xshare/sfs/sfscd_config
 Xshare/sfs/sfssd_config
 X@dirrm include/sfs-0.5
 X@dirrm lib/sfs-0.5
 X@dirrm share/sfs
 X@unexec rm -f /var/sfs/sockets/*.sock
 X@unexec rm -f /var/sfs/random_seed
 X@unexec rmdir /var/sfs/sockets
 X@unexec rmdir /var/sfs
 END-of-sfs/pkg-plist
 echo x - sfs/pkg-install
 sed 's/^X//' >sfs/pkg-install << 'END-of-sfs/pkg-install'
 X#!/bin/sh
 X
 Xif [ -n "${PACKAGE_BUILDING}" ]; then
 X	exit 0
 Xfi
 X
 Xif [ "$2" = "POST-INSTALL" ]; then
 X	USER=sfs
 X	GROUP=${USER}
 X	UID=51
 X	GID=${UID}
 X	PW=/usr/sbin/pw
 X
 X	if ${PW} group show "${GROUP}" 2>/dev/null; then
 X		echo "You already have a group \"${GROUP}\", so I will use it."
 X	else
 X		if ${PW} groupadd ${GROUP} -g ${GID}; then
 X			echo "Added group \"${GROUP}\"."
 X		else
 X			echo "Adding group \"${GROUP}\" failed..."
 X			exit 1
 X		fi
 X	fi
 X
 X	if ${PW} user show "${USER}" 2>/dev/null; then
 X		echo "You already have a user \"${USER}\", so I will use it."
 X	else
 X		if ${PW} useradd ${USER} -u ${UID} -g ${GROUP} -h - \
 X			-d "/nonexistent" -s /nonexistent -c "sfs"
 X		then
 X			echo "Added user \"${USER}\"."
 X		else
 X			echo "Adding user \"${USER}\" failed..."
 X			exit 1
 X		fi
 X	fi
 X
 X	chgrp ${GROUP} ${PKG_PREFIX}/lib/sfs-0.5/suidconnect
 X	chmod 2551 ${PKG_PREFIX}/lib/sfs-0.5/suidconnect
 X	mkdir /var/sfs
 X	mkdir /var/sfs/sockets
 X	chmod 755 /var/sfs
 X	chmod 750 /var/sfs/sockets
 X	chown ${USER}:${GROUP} /var/sfs
 X	chown ${USER}:${GROUP} /var/sfs/sockets
 X	exit 0
 Xfi
 END-of-sfs/pkg-install
 echo x - sfs/pkg-message
 sed 's/^X//' >sfs/pkg-message << 'END-of-sfs/pkg-message'
 XThe sfs base system is now installed - after it is installed, try running
 X"sfscd ; cat /sfs/sfs.fs.net:eu4cvv6wcnzscer98yn4qjpjnn9iv6pi/CONGRATULATIONS"
 XIf you see the text "You have set up a working SFS client." then you have, as
 Xit says, correctly installed the sfs client.
 X
 XIf you want to set up an sfs server, you'll have to generate keys with sfskey
 Xand set up exports.  Exporting files involves first exporting them to localhost
 Xvia nfs, and then configuring sfssd to export them by editing
 X${PREFIX}/etc/sfsrwsd_config.  Read the info documentation for more details
 X("info sfs").
 X
 XUsers will have to run sfskey on the server to generate their own keys and
 Xsfsagent on the client to use remote filesystems.
 X
 X---SECURITY NOTE---
 X
 XIf you run the sfs server, make sure that you set weak_mountd_authentication=NO
 Xand nfs_reserved_port_only=YES in your /etc/rc.conf - if you think that you need
 Xthose options to be set otherwise, be sure to read the sfs documentation and
 Xunderstand the risks.
 END-of-sfs/pkg-message
 echo c - sfs/files
 mkdir -p sfs/files > /dev/null 2>&1
 echo x - sfs/files/patch-aa
 sed 's/^X//' >sfs/files/patch-aa << 'END-of-sfs/files/patch-aa'
 X--- sfsmisc/mallock.C.orig	Fri May 10 02:46:02 2002
 X+++ sfsmisc/mallock.C	Fri May 10 02:46:21 2002
 X@@ -1589,7 +1589,7 @@
 X {
 X   char *ret;
 X   if (size < 0) {
 X-    ret = sbrk (0) - size;
 X+    ret = (char *)sbrk(0) - size;
 X     if (ret < maxpinned) {
 X       if (munlock (ret, maxpinned - ret) < 0)
 X 	fprintf (stderr, "mallock: munlock heap failed (%d)\n", errno);
 END-of-sfs/files/patch-aa
 exit
 
 
  -Jason
 
  -----------------------------------------------------------------------
  I worry about my child and the Internet all the time, even though she's
  too young to have logged on yet.  Here's what I worry about.  I worry
  that 10 or 15 years from now, she will come to me and say "Daddy, where
  were you when they took freedom of the press away from the Internet?"
 	-- Mike Godwin
 
 - -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.0.6 (FreeBSD)
 Comment: See https://private.idealab.com/public/jason/jason.gpg
 
 iD4DBQE87384swXMWWtptckRArKUAJ9Tft1fqRijC35pbJxaPGLCASWFAwCXazJ/
 MQE0BZjwK+Zp3cKmGolX+Q==
 =G7E3
 - -----END PGP SIGNATURE-----
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.0.6 (FreeBSD)
 Comment: See https://private.idealab.com/public/jason/jason.gpg
 
 iD8DBQE8739iswXMWWtptckRAiKHAKCvDJzmQCxqg1dAOT01ghJsj3qrgQCgohBb
 qOeTUKlotef+ePcGUIL8cJE=
 =M4A9
 -----END PGP SIGNATURE-----
 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205251220.g4PCKAr58711>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact