Site Navigation

Date:      Wed, 23 Mar 2011 17:00:37 -0700
From:      Craig Leres <leres@ee.lbl.gov>
To:        FreeBSD-gnats-submit@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org
Subject:   Re: ports/155876: [PATCH] security/shibboleth2-sp: do not clobber/remove customizable files; rc.d script fixes
Message-ID:  <4D8A89A5.1060104@ee.lbl.gov>
In-Reply-To: <201103230110.p2N1A0s2010879@freefall.freebsd.org>
References:  <201103230110.p2N1A0s2010879@freefall.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

This is a multi-part message in MIME format.
--------------000101090306020208050806
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The patches I originally submitted were based my (mis)reading the
examples in section 7.3 of the Porter's Handbook. Using the
post-install section of the port Makefile means the non-dist configs
do not get installed when the port is installed from a package.

A new patch set that handles installation of the non-dist version
of the config files from pkg-plist is attached.

		Craig
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk2KiaUACgkQWxlAhAje3Js0HQCeIJ04AhmrPsSXk6R7AfvO7Yd6
NuYAn2PNIgf39Xz+5hejyawKIwWZyHjv
=gj+7
-----END PGP SIGNATURE-----

--------------000101090306020208050806
Content-Type: text/plain;
 name="patch-Makefile"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="patch-Makefile"

--- Makefile.orig	2010-12-04 00:49:02.000000000 -0800
+++ Makefile	2011-03-23 16:57:50.000000000 -0700
@@ -2,12 +2,12 @@
 # Date created:		17 Sept2008
 # Whom:			Janos Mohacsi <janos.mohacsi@bsd.hu>
 #
-# $FreeBSD: ports/security/shibboleth2-sp/Makefile,v 1.8 2010/12/04 07:33:31 ade Exp $
+# $FreeBSD$
 #
 
 PORTNAME=	shibboleth-sp
 PORTVERSION=	2.3.1
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security www
 MASTER_SITES=	http://shibboleth.internet2.edu/downloads/shibboleth/cppsp/${PORTVERSION}/
 

--------------000101090306020208050806
Content-Type: text/plain;
 name="patch-files-shibboleth-sp.in"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="patch-files-shibboleth-sp.in"

--- files/shibboleth-sp.in.orig	2010-03-27 04:27:29.000000000 -0700
+++ files/shibboleth-sp.in	2011-03-22 17:28:11.000000000 -0700
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $FreeBSD: ports/security/shibboleth2-sp/files/shibboleth-sp.in,v 1.3 2010/03/27 00:14:48 dougb Exp $
+# $FreeBSD$
 #
 # PROVIDE: shibboleth_sp
 # REQUIRE: DAEMON
@@ -11,10 +11,10 @@
 name="shibboleth_sp"
 rcvar=${name}_enable
 
-[ -z "$shibboleth_sp_enable" ] && shibboleth_sp_enable="NO"
-pidfile="/var/run/${name}.pid"
-command="%%PREFIX%%/sbin/shibd"
-start_cmd="${command} -f -p ${pidfile} &"
-
 load_rc_config $name
+
+command=${shibboleth_sp_program:-%%PREFIX%%/sbin/shibd}
+pidfile="${shibboleth_sp_pidfile:-/var/run/${name}.pid}"
+command_args="-f -p ${pidfile}"
+
 run_rc_command "$1"

--------------000101090306020208050806
Content-Type: text/plain;
 name="patch-pkg-plist"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="patch-pkg-plist"

--- pkg-plist.orig	2010-01-26 04:25:20.000000000 -0800
+++ pkg-plist	2011-03-23 16:55:44.000000000 -0700
@@ -1,38 +1,54 @@
 bin/mdquery
 bin/resolvertest
 etc/shibboleth/metagen.sh
-etc/shibboleth/native.logger
+@unexec if cmp -s %D/etc/shibboleth/native.logger.dist %D/etc/shibboleth/native.logger; then rm -f %D/etc/shibboleth/native.logger; fi
 etc/shibboleth/native.logger.dist
-etc/shibboleth/shibd.logger
+@exec if [ ! -f %D/etc/shibboleth/native.logger ] ; then cp -p %D/etc/shibboleth/native.logger.dist %D/etc/shibboleth/native.logger; fi
+@unexec if cmp -s %D/etc/shibboleth/shibd.logger.dist %D/etc/shibboleth/shibd.logger; then rm -f %D/etc/shibboleth/shibd.logger; fi
 etc/shibboleth/shibd.logger.dist
-etc/shibboleth/shibboleth2.xml
+@exec if [ ! -f %D/etc/shibboleth/shibd.logger ] ; then cp -p %D/etc/shibboleth/shibd.logger.dist %D/etc/shibboleth/shibd.logger; fi
+@unexec if cmp -s %D/etc/shibboleth/shibboleth2.xml.dist %D/etc/shibboleth/shibboleth2.xml; then rm -f %D/etc/shibboleth/shibboleth2.xml; fi
 etc/shibboleth/shibboleth2.xml.dist
-etc/shibboleth/attribute-map.xml
+@exec if [ ! -f %D/etc/shibboleth/shibboleth2.xml ] ; then cp -p %D/etc/shibboleth/shibboleth2.xml.dist %D/etc/shibboleth/shibboleth2.xml; fi
+@unexec if cmp -s %D/etc/shibboleth/attribute-map.xml.dist %D/etc/shibboleth/attribute-map.xml; then rm -f %D/etc/shibboleth/attribute-map.xml; fi
 etc/shibboleth/attribute-map.xml.dist
-etc/shibboleth/attribute-policy.xml
+@exec if [ ! -f %D/etc/shibboleth/attribute-map.xml ] ; then cp -p %D/etc/shibboleth/attribute-map.xml.dist %D/etc/shibboleth/attribute-map.xml; fi
+@unexec if cmp -s %D/etc/shibboleth/attribute-policy.xml.dist %D/etc/shibboleth/attribute-policy.xml; then rm -f %D/etc/shibboleth/attribute-policy.xml; fi
 etc/shibboleth/attribute-policy.xml.dist
-etc/shibboleth/example-metadata.xml
+@exec if [ ! -f %D/etc/shibboleth/attribute-policy.xml ] ; then cp -p %D/etc/shibboleth/attribute-policy.xml.dist %D/etc/shibboleth/attribute-policy.xml; fi
+@unexec if cmp -s %D/etc/shibboleth/example-metadata.xml.dist %D/etc/shibboleth/example-metadata.xml; then rm -f %D/etc/shibboleth/example-metadata.xml; fi
 etc/shibboleth/example-metadata.xml.dist
-etc/shibboleth/console.logger
+@exec if [ ! -f %D/etc/shibboleth/example-metadata.xml ] ; then cp -p %D/etc/shibboleth/example-metadata.xml.dist %D/etc/shibboleth/example-metadata.xml; fi
+@unexec if cmp -s %D/etc/shibboleth/console.logger.dist %D/etc/shibboleth/console.logger; then rm -f %D/etc/shibboleth/console.logger; fi
 etc/shibboleth/console.logger.dist
-etc/shibboleth/syslog.logger
+@exec if [ ! -f %D/etc/shibboleth/console.logger ] ; then cp -p %D/etc/shibboleth/console.logger.dist %D/etc/shibboleth/console.logger; fi
+@unexec if cmp -s %D/etc/shibboleth/syslog.logger.dist %D/etc/shibboleth/syslog.logger; then rm -f %D/etc/shibboleth/syslog.logger; fi
 etc/shibboleth/syslog.logger.dist
-etc/shibboleth/accessError.html
+@exec if [ ! -f %D/etc/shibboleth/syslog.logger ] ; then cp -p %D/etc/shibboleth/syslog.logger.dist %D/etc/shibboleth/syslog.logger; fi
+@unexec if cmp -s %D/etc/shibboleth/accessError.html.dist %D/etc/shibboleth/accessError.html; then rm -f %D/etc/shibboleth/accessError.html; fi
 etc/shibboleth/accessError.html.dist
-etc/shibboleth/sessionError.html
+@exec if [ ! -f %D/etc/shibboleth/accessError.html ] ; then cp -p %D/etc/shibboleth/accessError.html.dist %D/etc/shibboleth/accessError.html; fi
+@unexec if cmp -s %D/etc/shibboleth/sessionError.html.dist %D/etc/shibboleth/sessionError.html; then rm -f %D/etc/shibboleth/sessionError.html; fi
 etc/shibboleth/sessionError.html.dist
-etc/shibboleth/metadataError.html
+@exec if [ ! -f %D/etc/shibboleth/sessionError.html ] ; then cp -p %D/etc/shibboleth/sessionError.html.dist %D/etc/shibboleth/sessionError.html; fi
+@unexec if cmp -s %D/etc/shibboleth/metadataError.html.dist %D/etc/shibboleth/metadataError.html; then rm -f %D/etc/shibboleth/metadataError.html; fi
 etc/shibboleth/metadataError.html.dist
-etc/shibboleth/bindingTemplate.html
+@exec if [ ! -f %D/etc/shibboleth/metadataError.html ] ; then cp -p %D/etc/shibboleth/metadataError.html.dist %D/etc/shibboleth/metadataError.html; fi
+@unexec if cmp -s %D/etc/shibboleth/bindingTemplate.html.dist %D/etc/shibboleth/bindingTemplate.html; then rm -f %D/etc/shibboleth/bindingTemplate.html; fi
 etc/shibboleth/bindingTemplate.html.dist
-etc/shibboleth/discoveryTemplate.html
+@exec if [ ! -f %D/etc/shibboleth/bindingTemplate.html ] ; then cp -p %D/etc/shibboleth/bindingTemplate.html.dist %D/etc/shibboleth/bindingTemplate.html; fi
+@unexec if cmp -s %D/etc/shibboleth/discoveryTemplate.html.dist %D/etc/shibboleth/discoveryTemplate.html; then rm -f %D/etc/shibboleth/discoveryTemplate.html; fi
 etc/shibboleth/discoveryTemplate.html.dist
-etc/shibboleth/localLogout.html
+@exec if [ ! -f %D/etc/shibboleth/discoveryTemplate.html ] ; then cp -p %D/etc/shibboleth/discoveryTemplate.html.dist %D/etc/shibboleth/discoveryTemplate.html; fi
+@unexec if cmp -s %D/etc/shibboleth/localLogout.html.dist %D/etc/shibboleth/localLogout.html; then rm -f %D/etc/shibboleth/localLogout.html; fi
 etc/shibboleth/localLogout.html.dist
-etc/shibboleth/globalLogout.html
+@exec if [ ! -f %D/etc/shibboleth/localLogout.html ] ; then cp -p %D/etc/shibboleth/localLogout.html.dist %D/etc/shibboleth/localLogout.html; fi
+@unexec if cmp -s %D/etc/shibboleth/globalLogout.html.dist %D/etc/shibboleth/globalLogout.html; then rm -f %D/etc/shibboleth/globalLogout.html; fi
 etc/shibboleth/globalLogout.html.dist
-etc/shibboleth/sslError.html
+@exec if [ ! -f %D/etc/shibboleth/globalLogout.html ] ; then cp -p %D/etc/shibboleth/globalLogout.html.dist %D/etc/shibboleth/globalLogout.html; fi
+@unexec if cmp -s %D/etc/shibboleth/sslError.html.dist %D/etc/shibboleth/sslError.html; then rm -f %D/etc/shibboleth/sslError.html; fi
 etc/shibboleth/sslError.html.dist
+@exec if [ ! -f %D/etc/shibboleth/sslError.html ] ; then cp -p %D/etc/shibboleth/sslError.html.dist %D/etc/shibboleth/sslError.html; fi
 etc/shibboleth/shibd-redhat
 etc/shibboleth/shibd-debian
 etc/shibboleth/shibd-suse
@@ -44,10 +60,12 @@
 etc/shibboleth/upgrade.xsl
 etc/shibboleth/sp-key.pem
 etc/shibboleth/sp-cert.pem
-etc/shibboleth/postTemplate.html
+@unexec if cmp -s %D/etc/shibboleth/postTemplate.html.dist %D/etc/shibboleth/postTemplate.html; then rm -f %D/etc/shibboleth/postTemplate.html; fi
 etc/shibboleth/postTemplate.html.dist
-etc/shibboleth/partialLogout.html
+@exec if [ ! -f %D/etc/shibboleth/postTemplate.html ] ; then cp -p %D/etc/shibboleth/postTemplate.html.dist %D/etc/shibboleth/postTemplate.html; fi
+@unexec if cmp -s %D/etc/shibboleth/partialLogout.html.dist %D/etc/shibboleth/partialLogout.html; then rm -f %D/etc/shibboleth/partialLogout.html; fi
 etc/shibboleth/partialLogout.html.dist
+@exec if [ ! -f %D/etc/shibboleth/partialLogout.html ] ; then cp -p %D/etc/shibboleth/partialLogout.html.dist %D/etc/shibboleth/partialLogout.html; fi
 include/shibsp/attribute/filtering/AttributeFilter.h
 include/shibsp/attribute/filtering/BasicFilteringContext.h
 include/shibsp/attribute/filtering/FilteringContext.h

--------------000101090306020208050806
Content-Type: application/octet-stream;
 name="patch-Makefile.sig"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="patch-Makefile.sig"

iEYEABECAAYFAk2KiaUACgkQWxlAhAje3JtqAACfQ7NIJ9EeCjHxAYXWJrOpz2v/qqYAnRbD
5CBWbiIQ0b0gxActdXNJLFQ6
--------------000101090306020208050806
Content-Type: application/octet-stream; name="patch-files-shibboleth-sp.in.sig"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="patch-files-shibboleth-sp.in.sig"

iEYEABECAAYFAk2KiaUACgkQWxlAhAje3JvT6ACeI97+LTM6mNX3nQZnA0pcziz73XUAnRi4
wjja1IKATrytjMeboyRL5hx4
--------------000101090306020208050806
Content-Type: application/octet-stream;
 name="patch-pkg-plist.sig"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="patch-pkg-plist.sig"

iEYEABECAAYFAk2KiaUACgkQWxlAhAje3JsNIwCfSB1vnspdzrmu5e4P7kxIVtNiXQsAmwSF
M7bzYeqh8n6qg/hKNWW2jqN2
--------------000101090306020208050806--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D8A89A5.1060104>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact