Date: Mon, 28 Aug 2000 15:50:07 -0700 (PDT) From: Jimmy Olgeni <olgeni@uli.it> To: freebsd-ports@FreeBSD.org Subject: Re: ports/20887: [PATCH] LDAP support and fixes for cyrus-sasl Message-ID: <200008282250.PAA33396@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/20887; it has been noted by GNATS.
From: Jimmy Olgeni <olgeni@uli.it>
To: freebsd-gnats-submit@FreeBSD.org, olgeni@uli.it
Cc:
Subject: Re: ports/20887: [PATCH] LDAP support and fixes for cyrus-sasl
Date: Tue, 29 Aug 2000 00:42:58 +0200
New patch version.
Changes:
file pkg/PLIST:
if WITH_LDAP is defined, add conditional install/deinstall of
${PREFIX}/etc/pwcheck_ldap.conf
remove /var/pwcheck without giving an error message if the
directory does not exist (if pwcheck.sh has not ever been run).
file Makefile:
target post-install:
if WITH_LDAP is defined: in ${PREFIX}/etc, check if
pwcheck_ldap.conf does not exist. If so, copy
pwcheck_ldap.conf.sample over pwcheck_ldap.conf.
added @${CAT} ${PKGMESSAGE}
target post-extract:
move files/pwcheck_ldap.c to the right place in the
source. If WITH_LDAP is not used, it won't be compiled.
LIB_DEPENDS should handle all required dependencies (openldap)
added a conditional PKGMESSAGE to point to the right MESSAGE file
if WITH_LDAP is enabled.
NOTE: the -DWITH_LDAP is required with "make package" too.
file patch-ab:
combined with patch-af
file patch-ac:
removed (see patch-ba)
file patch-af:
removed
file patch-ae (was: patch-ag):
conditional support for LDAP in Makefile.in
file patch-ba:
patches to customize files/pwcheck_ldap.c
file files/pwcheck_ldap.c
the original file has been included, and the port specific
changes were stored in patch-ba. It should be easier to track
changes in the original file.
file pkg/MESSAGE:
changed: suggests to run saslpasswd to add users
file pkg/MESSAGE.ldap:
new file, suggests to edit PREFIX/etc/pwcheck_ldap.conf.
diff -rcN cyrus-sasl.orig/Makefile cyrus-sasl/Makefile
*** cyrus-sasl.orig/Makefile Sat Aug 12 22:47:01 2000
--- cyrus-sasl/Makefile Tue Aug 29 00:16:54 2000
***************
*** 15,20 ****
--- 15,22 ----
MAINTAINER= hetzels@westbend.net
+ LIB_DEPENDS= ldap.1:${PORTSDIR}/net/openldap
+
USE_OPENSSL= RSA
INSTALLS_SHLIB= yes
***************
*** 34,39 ****
--- 36,42 ----
USE_AUTOCONF= YES
USE_LIBTOOL= YES
+
CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \
--with-plugindir=${PREFIX}/lib/sasl \
--with-dbpath=${PREFIX}/etc/sasldb \
***************
*** 43,48 ****
--- 46,58 ----
--with-pwcheck=/var/pwcheck \
--with-rc4=openssl
+ .if defined(WITH_LDAP)
+ PKGMESSAGE= ${PKGDIR}/MESSAGE.ldap
+ CONFIGURE_ARGS+= --enable-ldap
+ .else
+ LDAP_SUPPORT= "@comment "
+ .endif
+
# JavaSASL is currently Broken
#JAVADIR= jdk1.1.8
#JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
***************
*** 91,104 ****
PLIST_SUB= PREFIX=${PREFIX} \
GSSAPI=${GSSAPI} \
EBONES=${EBONES} \
! NOPORTDOCS=${NODOCS}
# Create Cyrus user and group
pre-install:
@${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL
post-install:
! @${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
> ${PREFIX}/etc/rc.d/pwcheck.sh
@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
--- 101,124 ----
PLIST_SUB= PREFIX=${PREFIX} \
GSSAPI=${GSSAPI} \
EBONES=${EBONES} \
! NOPORTDOCS=${NODOCS} \
! LDAP_SUPPORT=${LDAP_SUPPORT}
!
! post-extract:
! ${CP} ${FILESDIR}/pwcheck_ldap.c ${WRKSRC}/pwcheck
# Create Cyrus user and group
pre-install:
@${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL
post-install:
! ${INSTALL} ${COPY} -m600 -o root -g wheel
${FILESDIR}/pwcheck_ldap.conf.sample ${PREFIX}/etc
! .if defined(WITH_LDAP)
! if [ ! -e ${PREFIX}/etc/pwcheck_ldap.conf ]; then \
! ${CP} ${PREFIX}/etc/pwcheck_ldap.conf.sample
${PREFIX}/etc/pwcheck_ldap.conf ; \
! fi
! .endif
! @${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
> ${PREFIX}/etc/rc.d/pwcheck.sh
@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
***************
*** 114,119 ****
--- 134,140 ----
@${INSTALL_DATA} ${WRKSRC}/doc/${file}.html
${PREFIX}/share/doc/SASL/html
.endfor
.endif
+ @${CAT} ${PKGMESSAGE}
.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
post-clean:
diff -rcN cyrus-sasl.orig/files/pwcheck.sh cyrus-sasl/files/pwcheck.sh
*** cyrus-sasl.orig/files/pwcheck.sh Mon Jan 24 06:22:15 2000
--- cyrus-sasl/files/pwcheck.sh Sun Aug 27 16:21:38 2000
***************
*** 5,10 ****
--- 5,17 ----
PREFIX=%%PREFIX%%
+ if [ -r ${PREFIX}/etc/pwcheck_ldap.conf ]; then
+ . ${PREFIX}/etc/pwcheck_ldap.conf
+ export SASL_LDAP_SERVER
+ export SASL_LDAP_BASEDN
+ export SASL_LDAP_UIDATTR
+ fi
+
case "$1" in
start)
diff -rcN cyrus-sasl.orig/files/pwcheck_ldap.c
cyrus-sasl/files/pwcheck_ldap.c
*** cyrus-sasl.orig/files/pwcheck_ldap.c Thu Jan 1 01:00:00 1970
--- cyrus-sasl/files/pwcheck_ldap.c Mon Aug 28 20:38:30 2000
***************
*** 0 ****
--- 1,129 ----
+ /* pwcheck_ldap.c -- check passwords using LDAP
+ *
+ * Author: Clayton Donley <donley@cig.mot.com>
+ * http://www.wwa.com/~donley/
+ * Version: 1.01
+ *
+ * Note: This works by finding a DN that matches an entered UID and
+ * binding to the LDAP server using this UID. This uses clear-text
+ * passwords. A better approach with servers that support SSL and
+ * new LDAPv3 servers that support SASL bind methods like CRAM-MD5
+ * and TSL.
+ *
+ * This version should work with both University of Michigan and
Netscape
+ * LDAP libraries. It also gets rid of the requirement for
userPassword
+ * attribute readability.
+ *
+ */
+
+ #include <stdio.h>
+ #include <lber.h>
+ #include <ldap.h>
+
+ /* Set These to your Local Environment */
+
+ #define MY_LDAP_SERVER "localhost"
+ #define MY_LDAP_BASEDN "o=JOFA, c=UK"
+ #define MY_LDAP_UIDATTR "uid"
+
+ char *pwcheck(userid, password)
+ char *userid;
+ char *password;
+ {
+ LDAP *ld;
+ LDAPMessage *result;
+ LDAPMessage *entry;
+ char *attrs[2];
+ char filter[200];
+ char *dn;
+ int ldbind_res;
+ char **vals;
+
+ /* If the password is NULL, reject the login...Otherwise the bind will
+ succeed as a reference bind. Not good... */
+
+ if (strcmp(password,"") == 0)
+ {
+ return "Null Password";
+ }
+
+ /* Open the LDAP connection. Change the second argument if your LDAP
+ server is not on port 389. */
+
+ if ((ld = ldap_open(MY_LDAP_SERVER,LDAP_PORT)) == NULL)
+ {
+ return "Init Failed";
+ }
+
+ /* Bind anonymously so that you can find the DN of the appropriate
user. */
+
+ if (ldap_simple_bind_s(ld,"","") != LDAP_SUCCESS)
+ {
+ ldap_unbind(ld);
+ return "Bind Failed";
+ }
+
+ /* Generate a filter that will return the entry with a matching UID */
+
+ sprintf(filter,"(%s=%s)",MY_LDAP_UIDATTR,userid);
+
+ /* Just return country...This doesn't actually matter, since we will
+ not read the attributes and values, only the DN */
+
+ attrs[0] = "c";
+ attrs[1] = NULL;
+
+ /* Perform the search... */
+
+ if
(ldap_search_s(ld,MY_LDAP_BASEDN,LDAP_SCOPE_SUBTREE,filter,attrs,1,&result)
!= LDAP_SUCCESS)
+ {
+ ldap_unbind(ld);
+ return "Search Failed";
+ }
+
+ /* If the entry count is not equal to one, either the UID was not
unique or
+ there was no match */
+
+ if (ldap_count_entries(ld,result) != 1)
+ {
+ ldap_msgfree(result);
+ ldap_unbind(ld);
+ return "UserID Unknown";
+ }
+
+ /* Get the first entry */
+
+ if ((entry = ldap_first_entry(ld,result)) == NULL)
+ {
+ ldap_msgfree(result);
+ ldap_unbind(ld);
+ return "UserID Unknown";
+ }
+
+ /* Get the DN of the entry */
+
+ if ((dn = ldap_get_dn(ld,entry)) == NULL)
+ {
+ ldap_msgfree(entry);
+ ldap_unbind(ld);
+ return "DN Not Found";
+ }
+
+ /* Now bind as the DN with the password supplied earlier...
+ Successful bind means the password was correct, otherwise the
+ password is invalid. */
+
+ if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS)
+ {
+ free(dn);
+ ldap_msgfree(entry);
+ ldap_unbind(ld);
+ return "Invalid Login or Password";
+ }
+
+ free(dn);
+ ldap_msgfree(entry);
+ ldap_unbind(ld);
+ return "OK";
+ }
+
diff -rcN cyrus-sasl.orig/files/pwcheck_ldap.conf.sample
cyrus-sasl/files/pwcheck_ldap.conf.sample
*** cyrus-sasl.orig/files/pwcheck_ldap.conf.sample Thu Jan 1 01:00:00
1970
--- cyrus-sasl/files/pwcheck_ldap.conf.sample Sun Aug 27 16:21:38 2000
***************
*** 0 ****
--- 1,3 ----
+ SASL_LDAP_SERVER="localhost"
+ SASL_LDAP_BASEDN="o=organization, c=US"
+ SASL_LDAP_UIDATTR="uid"
diff -rcN cyrus-sasl.orig/patches/patch-ab cyrus-sasl/patches/patch-ab
*** cyrus-sasl.orig/patches/patch-ab Sat Aug 12 22:47:01 2000
--- cyrus-sasl/patches/patch-ab Mon Aug 28 21:36:25 2000
***************
*** 1,14 ****
! --- configure.in.orig Thu Aug 3 14:34:08 2000
! +++ configure.in Thu Aug 3 14:39:24 2000
! @@ -66,8 +66,9 @@
! dnl check for -R, etc. switch
! CMU_GUESS_RUNPATH_SWITCH
! dnl let's just link against local. otherwise we never find anything
useful.
! -CPPFLAGS="-I/usr/local/include ${CPPFLAGS}"
! -CMU_ADD_LIBPATH("/usr/local/lib")
! +CPPFLAGS="-I${OPENSSLINC} -I${OPENSSLINC}/openssl ${CPPFLAGS}"
! +CMU_ADD_LIBPATH("${LOCALBASE}/lib")
! +CMU_ADD_LIBPATH("${OPENSSLLIB}")
!
! AM_DISABLE_STATIC
!
--- 1,73 ----
! *** configure.in.orig Mon Aug 28 21:36:06 2000
! --- configure.in Mon Aug 28 21:36:11 2000
! ***************
! *** 66,73 ****
! dnl check for -R, etc. switch
! CMU_GUESS_RUNPATH_SWITCH
! dnl let's just link against local. otherwise we never find anything
useful.
! ! CPPFLAGS="-I/usr/local/include ${CPPFLAGS}"
! ! CMU_ADD_LIBPATH("/usr/local/lib")
!
! AM_DISABLE_STATIC
!
! --- 66,74 ----
! dnl check for -R, etc. switch
! CMU_GUESS_RUNPATH_SWITCH
! dnl let's just link against local. otherwise we never find anything
useful.
! ! CPPFLAGS="-I${OPENSSLINC} -I${OPENSSLINC}/openssl ${CPPFLAGS}"
! ! CMU_ADD_LIBPATH("${LOCALBASE}/lib")
! ! CMU_ADD_LIBPATH("${OPENSSLLIB}")
!
! AM_DISABLE_STATIC
!
! ***************
! *** 296,301 ****
! --- 297,306 ----
! fi
! AC_SUBST(LIB_PAM)
!
! + AC_ARG_ENABLE(ldap, [ --enable-ldap enable ldap
authentication [no] ],
! + ldap=$enableval,
! + ldap=no)
! +
! AC_ARG_WITH(pwcheck,[ --with-pwcheck=DIR enable use of the
pwcheck daemonusing statedir DIR ],
! with_pwcheck=$withval,
! with_pwcheck=no)
! ***************
! *** 305,311 ****
! fi
! AC_DEFINE(HAVE_PWCHECK)
! AC_DEFINE_UNQUOTED(PWCHECKDIR, "$with_pwcheck")
! !
AC_CHECK_FUNC(getspnam,PWCHECKMETH="getspnam",PWCHECKMETH="getpwnam")
! AC_SUBST(PWCHECKMETH)
! fi
! AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no)
! --- 310,320 ----
! fi
! AC_DEFINE(HAVE_PWCHECK)
! AC_DEFINE_UNQUOTED(PWCHECKDIR, "$with_pwcheck")
! ! if test "$ldap" = yes; then
! ! PWCHECKMETH=ldap
! ! else
! !
AC_CHECK_FUNC(getspnam,PWCHECKMETH="getspnam",PWCHECKMETH="getpwnam")
! ! fi
! AC_SUBST(PWCHECKMETH)
! fi
! AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no)
! ***************
! *** 436,442 ****
! if test "$with_des" != no; then
! AC_CHECK_HEADER(krb.h,
! AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="",
! ! AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err",
! AC_WARN(No Kerberos V4 found); krb4=no, -ldes
-lcom_err),
! -ldes),
! AC_WARN(No Kerberos V4 found); krb4=no)
! --- 445,451 ----
! if test "$with_des" != no; then
! AC_CHECK_HEADER(krb.h,
! AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="",
! ! AC_CHECK_LIB(krb, krb_mk_err, COM_ERR="-lcom_err",
! AC_WARN(No Kerberos V4 found); krb4=no, -ldes
-lcom_err),
! -ldes),
! AC_WARN(No Kerberos V4 found); krb4=no)
diff -rcN cyrus-sasl.orig/patches/patch-ae cyrus-sasl/patches/patch-ae
*** cyrus-sasl.orig/patches/patch-ae Thu Jan 1 01:00:00 1970
--- cyrus-sasl/patches/patch-ae Sun Aug 27 18:02:03 2000
***************
*** 0 ****
--- 1,27 ----
+ *** pwcheck/Makefile.in.orig Fri Jul 21 04:36:07 2000
+ --- pwcheck/Makefile.in Sun Aug 27 18:01:44 2000
+ ***************
+ *** 144,151 ****
+ LIBS = @LIBS@
+ pwcheck_OBJECTS = pwcheck.o
+ pwcheck_DEPENDENCIES = pwcheck_@PWCHECKMETH@.lo
+ ! pwcheck_LDFLAGS =
+ CFLAGS = @CFLAGS@
+ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS)
$(AM_CFLAGS) $(CFLAGS)
+ LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES)
$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+ CCLD = $(CC)
+ --- 144,157 ----
+ LIBS = @LIBS@
+ pwcheck_OBJECTS = pwcheck.o
+ pwcheck_DEPENDENCIES = pwcheck_@PWCHECKMETH@.lo
+ ! PWCHECKMETH=@PWCHECKMETH@
+ ! .if ${PWCHECKMETH} == "ldap"
+ ! pwcheck_LDFLAGS = -llber -lldap
+ ! CFLAGS = @CFLAGS@ -I/usr/local/include
+ ! .else
+ ! pwcheck_LDFLAGS =
+ CFLAGS = @CFLAGS@
+ + .endif
+ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS)
$(AM_CFLAGS) $(CFLAGS)
+ LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES)
$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+ CCLD = $(CC)
diff -rcN cyrus-sasl.orig/patches/patch-ba cyrus-sasl/patches/patch-ba
*** cyrus-sasl.orig/patches/patch-ba Thu Jan 1 01:00:00 1970
--- cyrus-sasl/patches/patch-ba Tue Aug 29 00:40:31 2000
***************
*** 0 ****
--- 1,119 ----
+ *** pwcheck/pwcheck_ldap.c.orig Mon Aug 28 20:46:45 2000
+ --- pwcheck/pwcheck_ldap.c Mon Aug 28 20:48:31 2000
+ ***************
+ *** 14,30 ****
+ * LDAP libraries. It also gets rid of the requirement for
userPassword
+ * attribute readability.
+ *
+ */
+
+ #include <stdio.h>
+ #include <lber.h>
+ #include <ldap.h>
+
+ ! /* Set These to your Local Environment */
+
+ ! #define MY_LDAP_SERVER "localhost"
+ ! #define MY_LDAP_BASEDN "o=JOFA, c=UK"
+ ! #define MY_LDAP_UIDATTR "uid"
+
+ char *pwcheck(userid, password)
+ char *userid;
+ --- 14,37 ----
+ * LDAP libraries. It also gets rid of the requirement for
userPassword
+ * attribute readability.
+ *
+ + * changed-by: Mon Aug 28 2000 olgeni@uli.it - environment support
+ + *
+ */
+
+ #include <stdio.h>
+ + #include <stdlib.h>
+ #include <lber.h>
+ #include <ldap.h>
+
+ ! /*
+
+ ! The old #defines have been removed. This version uses 3 environment
variables:
+ !
+ ! SASL_LDAP_SERVER (ex: "localhost")
+ ! SASL_LDAP_BASEDN (ex: "o=organization, c=US")
+ ! SASL_LDAP_UIDATTR (ex: "uid")
+ !
+ ! */
+
+ char *pwcheck(userid, password)
+ char *userid;
+ ***************
+ *** 36,43 ****
+ char *attrs[2];
+ char filter[200];
+ char *dn;
+ - int ldbind_res;
+ - char **vals;
+
+ /* If the password is NULL, reject the login...Otherwise the bind
will
+ succeed as a reference bind. Not good... */
+ --- 43,48 ----
+ ***************
+ *** 50,56 ****
+ /* Open the LDAP connection. Change the second argument if your
LDAP
+ server is not on port 389. */
+
+ ! if ((ld = ldap_open(MY_LDAP_SERVER,LDAP_PORT)) == NULL)
+ {
+ return "Init Failed";
+ }
+ --- 55,61 ----
+ /* Open the LDAP connection. Change the second argument if your
LDAP
+ server is not on port 389. */
+
+ ! if ((ld = ldap_open(getenv("SASL_LDAP_SERVER"),LDAP_PORT)) ==
NULL)
+ {
+ return "Init Failed";
+ }
+ ***************
+ *** 65,71 ****
+
+ /* Generate a filter that will return the entry with a matching UID
*/
+
+ ! sprintf(filter,"(%s=%s)",MY_LDAP_UIDATTR,userid);
+
+ /* Just return country...This doesn't actually matter, since we will
+ not read the attributes and values, only the DN */
+ --- 70,76 ----
+
+ /* Generate a filter that will return the entry with a matching UID
*/
+
+ ! sprintf(filter,"(%s=%s)",getenv("SASL_LDAP_UIDATTR"),userid);
+
+ /* Just return country...This doesn't actually matter, since we will
+ not read the attributes and values, only the DN */
+ ***************
+ *** 75,81 ****
+
+ /* Perform the search... */
+
+ ! if
(ldap_search_s(ld,MY_LDAP_BASEDN,LDAP_SCOPE_SUBTREE,filter,attrs,1,&result)
!= LDAP_SUCCESS)
+ {
+ ldap_unbind(ld);
+ return "Search Failed";
+ --- 80,86 ----
+
+ /* Perform the search... */
+
+ ! if
(ldap_search_s(ld,getenv("SASL_LDAP_BASEDN"),LDAP_SCOPE_SUBTREE,filter,attrs,1,&result)
!= LDAP_SUCCESS)
+ {
+ ldap_unbind(ld);
+ return "Search Failed";
+ ***************
+ *** 112,117 ****
+ --- 117,124 ----
+ /* Now bind as the DN with the password supplied earlier...
+ Successful bind means the password was correct, otherwise the
+ password is invalid. */
+ +
+ + /* FIXME: This does not work with "{encryption-type}password"
entries... */
+
+ if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS)
+ {
diff -rcN cyrus-sasl.orig/pkg/MESSAGE cyrus-sasl/pkg/MESSAGE
*** cyrus-sasl.orig/pkg/MESSAGE Mon Jan 24 06:22:21 2000
--- cyrus-sasl/pkg/MESSAGE Tue Aug 29 00:23:04 2000
***************
*** 1,4 ****
! Start the pwcheck program to have clients use the SASL libraries
! as a non-root user:
! /usr/local/etc/rc.d/pwcheck.sh [start|stop]
--- 1,9 ----
! PREFIX/etc/cyrusdb.db now needs to be created
! before applications that depend on SASL are used.
! su cyrus
! PREFIX/sbin/saslpasswd -c userid
!
! You will also need to start the pwcheck daemon:
!
! PREFIX/etc/rc.d/pwcheck.sh start
diff -rcN cyrus-sasl.orig/pkg/MESSAGE.ldap cyrus-sasl/pkg/MESSAGE.ldap
*** cyrus-sasl.orig/pkg/MESSAGE.ldap Thu Jan 1 01:00:00 1970
--- cyrus-sasl/pkg/MESSAGE.ldap Tue Aug 29 00:11:19 2000
***************
*** 0 ****
--- 1,10 ----
+ PREFIX/etc/pwcheck_ldap.conf needs to be configured
+ to point to a LDAP server.
+
+ SASL_LDAP_SERVER: host name of the LDAP server.
+ SASL_LDAP_BASEDN: root of LDAP tree to perform the search on.
+ SASL_LDAP_UIDATTR: name of the UID field in your tree.
+
+ You will also need to start the pwcheck daemon:
+
+ PREFIX/etc/rc.d/pwcheck.sh start
diff -rcN cyrus-sasl.orig/pkg/PLIST cyrus-sasl/pkg/PLIST
*** cyrus-sasl.orig/pkg/PLIST Fri Jun 16 21:46:22 2000
--- cyrus-sasl/pkg/PLIST Mon Aug 28 21:50:37 2000
***************
*** 1,4 ****
--- 1,7 ----
@unexec %D/etc/rc.d/pwcheck.sh stop ; echo "pwcheck stopped."
+ %%LDAP_SUPPORT%%@unexec if cmp -s %D/etc/pwcheck_ldap.conf
%D/etc/pwcheck_ldap.conf.sample; then rm -f %D/etc/pwcheck_ldap.conf; fi
+ %%LDAP_SUPPORT%%etc/pwcheck_ldap.conf.sample
+ %%LDAP_SUPPORT%%@exec [ ! -f %B/pwcheck_ldap.conf ] && cp %B/%f
%B/pwcheck_ldap.conf
etc/rc.d/pwcheck.sh
include/sasl/hmac-md5.h
include/sasl/md5.h
***************
*** 60,66 ****
@exec mkdir pwcheck
@exec chown cyrus:cyrus pwcheck
@exec chmod go= pwcheck
! @comment This file gets create by the pwcheck program
! @unexec rm -f pwcheck/pwcheck
! @dirrm pwcheck
@cwd %%PREFIX%%
--- 63,69 ----
@exec mkdir pwcheck
@exec chown cyrus:cyrus pwcheck
@exec chmod go= pwcheck
! @comment This file gets created by the pwcheck program
! @unexec rm -f /var/pwcheck/pwcheck
! @unexec rmdir /var/pwcheck 2>/dev/null || true
@cwd %%PREFIX%%
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008282250.PAA33396>