Date: Mon, 30 Dec 2024 19:29:11 GMT From: Dirk Meyer <dinoex@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 121c0dbfd395 - main - security/tinc-devel: security/tinc: add user and group tinc Message-ID: <202412301929.4BUJTB9A071018@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by dinoex: URL: https://cgit.FreeBSD.org/ports/commit/?id=121c0dbfd3952f623ab39c1126d69ea7ca8ea4cc commit 121c0dbfd3952f623ab39c1126d69ea7ca8ea4cc Author: Dirk Meyer <dinoex@FreeBSD.org> AuthorDate: 2024-12-30 19:27:20 +0000 Commit: Dirk Meyer <dinoex@FreeBSD.org> CommitDate: 2024-12-30 19:28:44 +0000 security/tinc-devel: security/tinc: add user and group tinc The tinc daemon is now setgid The daemon can drop privileges with: sysrc tincd_flags=--user=tinc Reported by: Poul-Henning Kamp --- GIDs | 2 +- UIDs | 2 +- security/tinc-devel/Makefile | 6 ++++-- security/tinc/Makefile | 6 ++++-- 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/GIDs b/GIDs index 03596f6128e5..8c1d8a3b37cf 100644 --- a/GIDs +++ b/GIDs @@ -596,7 +596,7 @@ _xrdp:*:648: # free: 652 # free: 653 # free: 654 -# free: 655 +tinc:*:655: # free: 656 # free: 657 # free: 658 diff --git a/UIDs b/UIDs index 12bf78b790bc..bb47a9da489d 100644 --- a/UIDs +++ b/UIDs @@ -602,7 +602,7 @@ _xrdp:*:648:648::0:0:xrdp daemon:/nonexistent:/usr/sbin/nologin # free: 652 # free: 653 # free: 654 -# free: 655 +tinc:*:655:655::0:0:tinc daemon:/nonexistent:/usr/sbin/nologin # free: 656 # free: 657 # free: 658 diff --git a/security/tinc-devel/Makefile b/security/tinc-devel/Makefile index 36509ef02695..dbffc389914a 100644 --- a/security/tinc-devel/Makefile +++ b/security/tinc-devel/Makefile @@ -1,6 +1,6 @@ PORTNAME= tinc PORTVERSION= 1.1pre18 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security net-vpn MASTER_SITES= https://www.tinc-vpn.org/packages/ \ http://www.tinc-vpn.org/packages/ @@ -15,6 +15,8 @@ LICENSE_FILE= ${WRKSRC}/COPYING LIB_DEPENDS= liblzo2.so:archivers/lzo2 +USERS= tinc +GROUPS= tinc USES= cpe ssl makeinfo readline localbase:ldflags CPE_VENDOR= tinc-vpn GNU_CONFIGURE= yes @@ -22,7 +24,7 @@ GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share CONFIGURE_ARGS= --localstatedir=/var --with-curses=/usr USE_RC_SUBR= tincd INFO= tinc -PLIST_FILES= sbin/tincd sbin/tinc \ +PLIST_FILES= "@(root,tinc,2550) sbin/tincd" sbin/tinc \ share/bash-completion/completions/tinc \ share/man/man8/tinc-gui.8.gz share/man/man5/tinc.conf.5.gz \ share/man/man8/tinc.8.gz share/man/man8/tincd.8.gz diff --git a/security/tinc/Makefile b/security/tinc/Makefile index 4a99dd316315..39a42a4668a6 100644 --- a/security/tinc/Makefile +++ b/security/tinc/Makefile @@ -1,6 +1,6 @@ PORTNAME= tinc PORTVERSION= 1.0.36 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security net-vpn MASTER_SITES= https://www.tinc-vpn.org/packages/ \ http://www.tinc-vpn.org/packages/ @@ -13,6 +13,8 @@ LICENSE= GPLv3 LIB_DEPENDS= liblzo2.so:archivers/lzo2 +USERS= tinc +GROUPS= tinc USES= cpe ssl makeinfo CPE_VENDOR= tinc-vpn GNU_CONFIGURE= yes @@ -22,7 +24,7 @@ LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ARGS= --localstatedir=/var USE_RC_SUBR= tincd INFO= tinc -PLIST_FILES= sbin/tincd \ +PLIST_FILES= "@(root,tinc,2550) sbin/tincd" \ share/man/man5/tinc.conf.5.gz share/man/man8/tincd.8.gz .include <bsd.port.mk>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202412301929.4BUJTB9A071018>