Date: Mon, 28 Aug 2000 15:50:07 -0700 (PDT) From: Jimmy Olgeni <olgeni@uli.it> To: freebsd-ports@FreeBSD.org Subject: Re: ports/20887: [PATCH] LDAP support and fixes for cyrus-sasl Message-ID: <200008282250.PAA33396@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/20887; it has been noted by GNATS. From: Jimmy Olgeni <olgeni@uli.it> To: freebsd-gnats-submit@FreeBSD.org, olgeni@uli.it Cc: Subject: Re: ports/20887: [PATCH] LDAP support and fixes for cyrus-sasl Date: Tue, 29 Aug 2000 00:42:58 +0200 New patch version. Changes: file pkg/PLIST: if WITH_LDAP is defined, add conditional install/deinstall of ${PREFIX}/etc/pwcheck_ldap.conf remove /var/pwcheck without giving an error message if the directory does not exist (if pwcheck.sh has not ever been run). file Makefile: target post-install: if WITH_LDAP is defined: in ${PREFIX}/etc, check if pwcheck_ldap.conf does not exist. If so, copy pwcheck_ldap.conf.sample over pwcheck_ldap.conf. added @${CAT} ${PKGMESSAGE} target post-extract: move files/pwcheck_ldap.c to the right place in the source. If WITH_LDAP is not used, it won't be compiled. LIB_DEPENDS should handle all required dependencies (openldap) added a conditional PKGMESSAGE to point to the right MESSAGE file if WITH_LDAP is enabled. NOTE: the -DWITH_LDAP is required with "make package" too. file patch-ab: combined with patch-af file patch-ac: removed (see patch-ba) file patch-af: removed file patch-ae (was: patch-ag): conditional support for LDAP in Makefile.in file patch-ba: patches to customize files/pwcheck_ldap.c file files/pwcheck_ldap.c the original file has been included, and the port specific changes were stored in patch-ba. It should be easier to track changes in the original file. file pkg/MESSAGE: changed: suggests to run saslpasswd to add users file pkg/MESSAGE.ldap: new file, suggests to edit PREFIX/etc/pwcheck_ldap.conf. diff -rcN cyrus-sasl.orig/Makefile cyrus-sasl/Makefile *** cyrus-sasl.orig/Makefile Sat Aug 12 22:47:01 2000 --- cyrus-sasl/Makefile Tue Aug 29 00:16:54 2000 *************** *** 15,20 **** --- 15,22 ---- MAINTAINER= hetzels@westbend.net + LIB_DEPENDS= ldap.1:${PORTSDIR}/net/openldap + USE_OPENSSL= RSA INSTALLS_SHLIB= yes *************** *** 34,39 **** --- 36,42 ---- USE_AUTOCONF= YES USE_LIBTOOL= YES + CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \ --with-plugindir=${PREFIX}/lib/sasl \ --with-dbpath=${PREFIX}/etc/sasldb \ *************** *** 43,48 **** --- 46,58 ---- --with-pwcheck=/var/pwcheck \ --with-rc4=openssl + .if defined(WITH_LDAP) + PKGMESSAGE= ${PKGDIR}/MESSAGE.ldap + CONFIGURE_ARGS+= --enable-ldap + .else + LDAP_SUPPORT= "@comment " + .endif + # JavaSASL is currently Broken #JAVADIR= jdk1.1.8 #JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/ *************** *** 91,104 **** PLIST_SUB= PREFIX=${PREFIX} \ GSSAPI=${GSSAPI} \ EBONES=${EBONES} \ ! NOPORTDOCS=${NODOCS} # Create Cyrus user and group pre-install: @${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL post-install: ! @${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \ > ${PREFIX}/etc/rc.d/pwcheck.sh @${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck --- 101,124 ---- PLIST_SUB= PREFIX=${PREFIX} \ GSSAPI=${GSSAPI} \ EBONES=${EBONES} \ ! NOPORTDOCS=${NODOCS} \ ! LDAP_SUPPORT=${LDAP_SUPPORT} ! ! post-extract: ! ${CP} ${FILESDIR}/pwcheck_ldap.c ${WRKSRC}/pwcheck # Create Cyrus user and group pre-install: @${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL post-install: ! ${INSTALL} ${COPY} -m600 -o root -g wheel ${FILESDIR}/pwcheck_ldap.conf.sample ${PREFIX}/etc ! .if defined(WITH_LDAP) ! if [ ! -e ${PREFIX}/etc/pwcheck_ldap.conf ]; then \ ! ${CP} ${PREFIX}/etc/pwcheck_ldap.conf.sample ${PREFIX}/etc/pwcheck_ldap.conf ; \ ! fi ! .endif ! @${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \ > ${PREFIX}/etc/rc.d/pwcheck.sh @${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck *************** *** 114,119 **** --- 134,140 ---- @${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html .endfor .endif + @${CAT} ${PKGMESSAGE} .if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc) post-clean: diff -rcN cyrus-sasl.orig/files/pwcheck.sh cyrus-sasl/files/pwcheck.sh *** cyrus-sasl.orig/files/pwcheck.sh Mon Jan 24 06:22:15 2000 --- cyrus-sasl/files/pwcheck.sh Sun Aug 27 16:21:38 2000 *************** *** 5,10 **** --- 5,17 ---- PREFIX=%%PREFIX%% + if [ -r ${PREFIX}/etc/pwcheck_ldap.conf ]; then + . ${PREFIX}/etc/pwcheck_ldap.conf + export SASL_LDAP_SERVER + export SASL_LDAP_BASEDN + export SASL_LDAP_UIDATTR + fi + case "$1" in start) diff -rcN cyrus-sasl.orig/files/pwcheck_ldap.c cyrus-sasl/files/pwcheck_ldap.c *** cyrus-sasl.orig/files/pwcheck_ldap.c Thu Jan 1 01:00:00 1970 --- cyrus-sasl/files/pwcheck_ldap.c Mon Aug 28 20:38:30 2000 *************** *** 0 **** --- 1,129 ---- + /* pwcheck_ldap.c -- check passwords using LDAP + * + * Author: Clayton Donley <donley@cig.mot.com> + * http://www.wwa.com/~donley/ + * Version: 1.01 + * + * Note: This works by finding a DN that matches an entered UID and + * binding to the LDAP server using this UID. This uses clear-text + * passwords. A better approach with servers that support SSL and + * new LDAPv3 servers that support SASL bind methods like CRAM-MD5 + * and TSL. + * + * This version should work with both University of Michigan and Netscape + * LDAP libraries. It also gets rid of the requirement for userPassword + * attribute readability. + * + */ + + #include <stdio.h> + #include <lber.h> + #include <ldap.h> + + /* Set These to your Local Environment */ + + #define MY_LDAP_SERVER "localhost" + #define MY_LDAP_BASEDN "o=JOFA, c=UK" + #define MY_LDAP_UIDATTR "uid" + + char *pwcheck(userid, password) + char *userid; + char *password; + { + LDAP *ld; + LDAPMessage *result; + LDAPMessage *entry; + char *attrs[2]; + char filter[200]; + char *dn; + int ldbind_res; + char **vals; + + /* If the password is NULL, reject the login...Otherwise the bind will + succeed as a reference bind. Not good... */ + + if (strcmp(password,"") == 0) + { + return "Null Password"; + } + + /* Open the LDAP connection. Change the second argument if your LDAP + server is not on port 389. */ + + if ((ld = ldap_open(MY_LDAP_SERVER,LDAP_PORT)) == NULL) + { + return "Init Failed"; + } + + /* Bind anonymously so that you can find the DN of the appropriate user. */ + + if (ldap_simple_bind_s(ld,"","") != LDAP_SUCCESS) + { + ldap_unbind(ld); + return "Bind Failed"; + } + + /* Generate a filter that will return the entry with a matching UID */ + + sprintf(filter,"(%s=%s)",MY_LDAP_UIDATTR,userid); + + /* Just return country...This doesn't actually matter, since we will + not read the attributes and values, only the DN */ + + attrs[0] = "c"; + attrs[1] = NULL; + + /* Perform the search... */ + + if (ldap_search_s(ld,MY_LDAP_BASEDN,LDAP_SCOPE_SUBTREE,filter,attrs,1,&result) != LDAP_SUCCESS) + { + ldap_unbind(ld); + return "Search Failed"; + } + + /* If the entry count is not equal to one, either the UID was not unique or + there was no match */ + + if (ldap_count_entries(ld,result) != 1) + { + ldap_msgfree(result); + ldap_unbind(ld); + return "UserID Unknown"; + } + + /* Get the first entry */ + + if ((entry = ldap_first_entry(ld,result)) == NULL) + { + ldap_msgfree(result); + ldap_unbind(ld); + return "UserID Unknown"; + } + + /* Get the DN of the entry */ + + if ((dn = ldap_get_dn(ld,entry)) == NULL) + { + ldap_msgfree(entry); + ldap_unbind(ld); + return "DN Not Found"; + } + + /* Now bind as the DN with the password supplied earlier... + Successful bind means the password was correct, otherwise the + password is invalid. */ + + if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS) + { + free(dn); + ldap_msgfree(entry); + ldap_unbind(ld); + return "Invalid Login or Password"; + } + + free(dn); + ldap_msgfree(entry); + ldap_unbind(ld); + return "OK"; + } + diff -rcN cyrus-sasl.orig/files/pwcheck_ldap.conf.sample cyrus-sasl/files/pwcheck_ldap.conf.sample *** cyrus-sasl.orig/files/pwcheck_ldap.conf.sample Thu Jan 1 01:00:00 1970 --- cyrus-sasl/files/pwcheck_ldap.conf.sample Sun Aug 27 16:21:38 2000 *************** *** 0 **** --- 1,3 ---- + SASL_LDAP_SERVER="localhost" + SASL_LDAP_BASEDN="o=organization, c=US" + SASL_LDAP_UIDATTR="uid" diff -rcN cyrus-sasl.orig/patches/patch-ab cyrus-sasl/patches/patch-ab *** cyrus-sasl.orig/patches/patch-ab Sat Aug 12 22:47:01 2000 --- cyrus-sasl/patches/patch-ab Mon Aug 28 21:36:25 2000 *************** *** 1,14 **** ! --- configure.in.orig Thu Aug 3 14:34:08 2000 ! +++ configure.in Thu Aug 3 14:39:24 2000 ! @@ -66,8 +66,9 @@ ! dnl check for -R, etc. switch ! CMU_GUESS_RUNPATH_SWITCH ! dnl let's just link against local. otherwise we never find anything useful. ! -CPPFLAGS="-I/usr/local/include ${CPPFLAGS}" ! -CMU_ADD_LIBPATH("/usr/local/lib") ! +CPPFLAGS="-I${OPENSSLINC} -I${OPENSSLINC}/openssl ${CPPFLAGS}" ! +CMU_ADD_LIBPATH("${LOCALBASE}/lib") ! +CMU_ADD_LIBPATH("${OPENSSLLIB}") ! ! AM_DISABLE_STATIC ! --- 1,73 ---- ! *** configure.in.orig Mon Aug 28 21:36:06 2000 ! --- configure.in Mon Aug 28 21:36:11 2000 ! *************** ! *** 66,73 **** ! dnl check for -R, etc. switch ! CMU_GUESS_RUNPATH_SWITCH ! dnl let's just link against local. otherwise we never find anything useful. ! ! CPPFLAGS="-I/usr/local/include ${CPPFLAGS}" ! ! CMU_ADD_LIBPATH("/usr/local/lib") ! ! AM_DISABLE_STATIC ! ! --- 66,74 ---- ! dnl check for -R, etc. switch ! CMU_GUESS_RUNPATH_SWITCH ! dnl let's just link against local. otherwise we never find anything useful. ! ! CPPFLAGS="-I${OPENSSLINC} -I${OPENSSLINC}/openssl ${CPPFLAGS}" ! ! CMU_ADD_LIBPATH("${LOCALBASE}/lib") ! ! CMU_ADD_LIBPATH("${OPENSSLLIB}") ! ! AM_DISABLE_STATIC ! ! *************** ! *** 296,301 **** ! --- 297,306 ---- ! fi ! AC_SUBST(LIB_PAM) ! ! + AC_ARG_ENABLE(ldap, [ --enable-ldap enable ldap authentication [no] ], ! + ldap=$enableval, ! + ldap=no) ! + ! AC_ARG_WITH(pwcheck,[ --with-pwcheck=DIR enable use of the pwcheck daemonusing statedir DIR ], ! with_pwcheck=$withval, ! with_pwcheck=no) ! *************** ! *** 305,311 **** ! fi ! AC_DEFINE(HAVE_PWCHECK) ! AC_DEFINE_UNQUOTED(PWCHECKDIR, "$with_pwcheck") ! ! AC_CHECK_FUNC(getspnam,PWCHECKMETH="getspnam",PWCHECKMETH="getpwnam") ! AC_SUBST(PWCHECKMETH) ! fi ! AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no) ! --- 310,320 ---- ! fi ! AC_DEFINE(HAVE_PWCHECK) ! AC_DEFINE_UNQUOTED(PWCHECKDIR, "$with_pwcheck") ! ! if test "$ldap" = yes; then ! ! PWCHECKMETH=ldap ! ! else ! ! AC_CHECK_FUNC(getspnam,PWCHECKMETH="getspnam",PWCHECKMETH="getpwnam") ! ! fi ! AC_SUBST(PWCHECKMETH) ! fi ! AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no) ! *************** ! *** 436,442 **** ! if test "$with_des" != no; then ! AC_CHECK_HEADER(krb.h, ! AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", ! ! AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err", ! AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err), ! -ldes), ! AC_WARN(No Kerberos V4 found); krb4=no) ! --- 445,451 ---- ! if test "$with_des" != no; then ! AC_CHECK_HEADER(krb.h, ! AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", ! ! AC_CHECK_LIB(krb, krb_mk_err, COM_ERR="-lcom_err", ! AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err), ! -ldes), ! AC_WARN(No Kerberos V4 found); krb4=no) diff -rcN cyrus-sasl.orig/patches/patch-ae cyrus-sasl/patches/patch-ae *** cyrus-sasl.orig/patches/patch-ae Thu Jan 1 01:00:00 1970 --- cyrus-sasl/patches/patch-ae Sun Aug 27 18:02:03 2000 *************** *** 0 **** --- 1,27 ---- + *** pwcheck/Makefile.in.orig Fri Jul 21 04:36:07 2000 + --- pwcheck/Makefile.in Sun Aug 27 18:01:44 2000 + *************** + *** 144,151 **** + LIBS = @LIBS@ + pwcheck_OBJECTS = pwcheck.o + pwcheck_DEPENDENCIES = pwcheck_@PWCHECKMETH@.lo + ! pwcheck_LDFLAGS = + CFLAGS = @CFLAGS@ + COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) + LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) + CCLD = $(CC) + --- 144,157 ---- + LIBS = @LIBS@ + pwcheck_OBJECTS = pwcheck.o + pwcheck_DEPENDENCIES = pwcheck_@PWCHECKMETH@.lo + ! PWCHECKMETH=@PWCHECKMETH@ + ! .if ${PWCHECKMETH} == "ldap" + ! pwcheck_LDFLAGS = -llber -lldap + ! CFLAGS = @CFLAGS@ -I/usr/local/include + ! .else + ! pwcheck_LDFLAGS = + CFLAGS = @CFLAGS@ + + .endif + COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) + LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) + CCLD = $(CC) diff -rcN cyrus-sasl.orig/patches/patch-ba cyrus-sasl/patches/patch-ba *** cyrus-sasl.orig/patches/patch-ba Thu Jan 1 01:00:00 1970 --- cyrus-sasl/patches/patch-ba Tue Aug 29 00:40:31 2000 *************** *** 0 **** --- 1,119 ---- + *** pwcheck/pwcheck_ldap.c.orig Mon Aug 28 20:46:45 2000 + --- pwcheck/pwcheck_ldap.c Mon Aug 28 20:48:31 2000 + *************** + *** 14,30 **** + * LDAP libraries. It also gets rid of the requirement for userPassword + * attribute readability. + * + */ + + #include <stdio.h> + #include <lber.h> + #include <ldap.h> + + ! /* Set These to your Local Environment */ + + ! #define MY_LDAP_SERVER "localhost" + ! #define MY_LDAP_BASEDN "o=JOFA, c=UK" + ! #define MY_LDAP_UIDATTR "uid" + + char *pwcheck(userid, password) + char *userid; + --- 14,37 ---- + * LDAP libraries. It also gets rid of the requirement for userPassword + * attribute readability. + * + + * changed-by: Mon Aug 28 2000 olgeni@uli.it - environment support + + * + */ + + #include <stdio.h> + + #include <stdlib.h> + #include <lber.h> + #include <ldap.h> + + ! /* + + ! The old #defines have been removed. This version uses 3 environment variables: + ! + ! SASL_LDAP_SERVER (ex: "localhost") + ! SASL_LDAP_BASEDN (ex: "o=organization, c=US") + ! SASL_LDAP_UIDATTR (ex: "uid") + ! + ! */ + + char *pwcheck(userid, password) + char *userid; + *************** + *** 36,43 **** + char *attrs[2]; + char filter[200]; + char *dn; + - int ldbind_res; + - char **vals; + + /* If the password is NULL, reject the login...Otherwise the bind will + succeed as a reference bind. Not good... */ + --- 43,48 ---- + *************** + *** 50,56 **** + /* Open the LDAP connection. Change the second argument if your LDAP + server is not on port 389. */ + + ! if ((ld = ldap_open(MY_LDAP_SERVER,LDAP_PORT)) == NULL) + { + return "Init Failed"; + } + --- 55,61 ---- + /* Open the LDAP connection. Change the second argument if your LDAP + server is not on port 389. */ + + ! if ((ld = ldap_open(getenv("SASL_LDAP_SERVER"),LDAP_PORT)) == NULL) + { + return "Init Failed"; + } + *************** + *** 65,71 **** + + /* Generate a filter that will return the entry with a matching UID */ + + ! sprintf(filter,"(%s=%s)",MY_LDAP_UIDATTR,userid); + + /* Just return country...This doesn't actually matter, since we will + not read the attributes and values, only the DN */ + --- 70,76 ---- + + /* Generate a filter that will return the entry with a matching UID */ + + ! sprintf(filter,"(%s=%s)",getenv("SASL_LDAP_UIDATTR"),userid); + + /* Just return country...This doesn't actually matter, since we will + not read the attributes and values, only the DN */ + *************** + *** 75,81 **** + + /* Perform the search... */ + + ! if (ldap_search_s(ld,MY_LDAP_BASEDN,LDAP_SCOPE_SUBTREE,filter,attrs,1,&result) != LDAP_SUCCESS) + { + ldap_unbind(ld); + return "Search Failed"; + --- 80,86 ---- + + /* Perform the search... */ + + ! if (ldap_search_s(ld,getenv("SASL_LDAP_BASEDN"),LDAP_SCOPE_SUBTREE,filter,attrs,1,&result) != LDAP_SUCCESS) + { + ldap_unbind(ld); + return "Search Failed"; + *************** + *** 112,117 **** + --- 117,124 ---- + /* Now bind as the DN with the password supplied earlier... + Successful bind means the password was correct, otherwise the + password is invalid. */ + + + + /* FIXME: This does not work with "{encryption-type}password" entries... */ + + if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS) + { diff -rcN cyrus-sasl.orig/pkg/MESSAGE cyrus-sasl/pkg/MESSAGE *** cyrus-sasl.orig/pkg/MESSAGE Mon Jan 24 06:22:21 2000 --- cyrus-sasl/pkg/MESSAGE Tue Aug 29 00:23:04 2000 *************** *** 1,4 **** ! Start the pwcheck program to have clients use the SASL libraries ! as a non-root user: ! /usr/local/etc/rc.d/pwcheck.sh [start|stop] --- 1,9 ---- ! PREFIX/etc/cyrusdb.db now needs to be created ! before applications that depend on SASL are used. ! su cyrus ! PREFIX/sbin/saslpasswd -c userid ! ! You will also need to start the pwcheck daemon: ! ! PREFIX/etc/rc.d/pwcheck.sh start diff -rcN cyrus-sasl.orig/pkg/MESSAGE.ldap cyrus-sasl/pkg/MESSAGE.ldap *** cyrus-sasl.orig/pkg/MESSAGE.ldap Thu Jan 1 01:00:00 1970 --- cyrus-sasl/pkg/MESSAGE.ldap Tue Aug 29 00:11:19 2000 *************** *** 0 **** --- 1,10 ---- + PREFIX/etc/pwcheck_ldap.conf needs to be configured + to point to a LDAP server. + + SASL_LDAP_SERVER: host name of the LDAP server. + SASL_LDAP_BASEDN: root of LDAP tree to perform the search on. + SASL_LDAP_UIDATTR: name of the UID field in your tree. + + You will also need to start the pwcheck daemon: + + PREFIX/etc/rc.d/pwcheck.sh start diff -rcN cyrus-sasl.orig/pkg/PLIST cyrus-sasl/pkg/PLIST *** cyrus-sasl.orig/pkg/PLIST Fri Jun 16 21:46:22 2000 --- cyrus-sasl/pkg/PLIST Mon Aug 28 21:50:37 2000 *************** *** 1,4 **** --- 1,7 ---- @unexec %D/etc/rc.d/pwcheck.sh stop ; echo "pwcheck stopped." + %%LDAP_SUPPORT%%@unexec if cmp -s %D/etc/pwcheck_ldap.conf %D/etc/pwcheck_ldap.conf.sample; then rm -f %D/etc/pwcheck_ldap.conf; fi + %%LDAP_SUPPORT%%etc/pwcheck_ldap.conf.sample + %%LDAP_SUPPORT%%@exec [ ! -f %B/pwcheck_ldap.conf ] && cp %B/%f %B/pwcheck_ldap.conf etc/rc.d/pwcheck.sh include/sasl/hmac-md5.h include/sasl/md5.h *************** *** 60,66 **** @exec mkdir pwcheck @exec chown cyrus:cyrus pwcheck @exec chmod go= pwcheck ! @comment This file gets create by the pwcheck program ! @unexec rm -f pwcheck/pwcheck ! @dirrm pwcheck @cwd %%PREFIX%% --- 63,69 ---- @exec mkdir pwcheck @exec chown cyrus:cyrus pwcheck @exec chmod go= pwcheck ! @comment This file gets created by the pwcheck program ! @unexec rm -f /var/pwcheck/pwcheck ! @unexec rmdir /var/pwcheck 2>/dev/null || true @cwd %%PREFIX%% To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008282250.PAA33396>