From owner-freebsd-ports@FreeBSD.ORG Fri Sep 1 18:05:38 2006 Return-Path: X-Original-To: ports@freebsd.org Delivered-To: freebsd-ports@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3615516A4DD for ; Fri, 1 Sep 2006 18:05:38 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx23.fluidhosting.com [204.14.89.6]) by mx1.FreeBSD.org (Postfix) with SMTP id AF9B943D45 for ; Fri, 1 Sep 2006 18:05:37 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 14569 invoked by uid 399); 1 Sep 2006 18:05:36 -0000 Received: from localhost (HELO ?192.168.0.10?) (dougb@dougbarton.us@127.0.0.1) by localhost with SMTP; 1 Sep 2006 18:05:36 -0000 Message-ID: <44F87677.4000604@FreeBSD.org> Date: Fri, 01 Sep 2006 11:05:43 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 1.5.0.5 (Windows/20060719) MIME-Version: 1.0 To: Brooks Davis References: <44F7C639.90905@FreeBSD.org> <20060901133519.GA14134@lor.one-eyed-alien.net> In-Reply-To: <20060901133519.GA14134@lor.one-eyed-alien.net> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: ports@freebsd.org, Jiawei Ye Subject: Re: Jabberd vs PostgreSQL X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 18:05:38 -0000 Brooks Davis wrote: > On Thu, Aug 31, 2006 at 10:33:45PM -0700, Doug Barton wrote: >> Jiawei Ye wrote: >> >>> I can see that postgresql requires LOGIN, but jabberd is BEFORE:LOGIN, >>> what is the proper solution? >> If I understand correctly, pgsql runs as an unprivileged user, which means >> it needs to REQUIRE LOGIN. OTOH, there is no reason that jabberd should run >> BEFORE LOGIN, and I suspect that is an artifact of copying and pasting a >> script that had that in it for no good reason. In fact, >> ports/net-im/jabber/files/jabberd.sh.in does not have that line, so I am >> wondering what port you're working with here. > > I'd agree that pgsql should REQUIRE LOGIN, but I think the reason is > subtilly different. In my mind the key with LOGIN is that the system > is ready security wise to allow users to interact with the machine via > methods other than the administrative console. This should mean the > secure level is elevated and any other security bootstrapping is done. > IIRC this is actually not the case and should be fixed. That's an interesting idea, I'll have to give it some more thought. >> In any case, the proper fix here seems to be to have jabber REQUIRE >> postgresql. Try that, and if it works, you're golden. > > There are a couple problems with "REQUIRE postgresql" in general: I wasn't speaking in general. :) I probably should have s/here/in your situation/ to make it more clear what I meant. > I think the right thing is create a stub DATABASE provider that mysql > and postgres can be BEFORE. Ports that want a database can just depend > on that. It will insure that ordering is correct if the server is local > without causing problems if it isn't or requiring script modifications > for ports that can use more than one database from the same package. No objections on my side, but I am not in a position to develop or test it, since I'm not using any database stuff at the moment and don't have any spare cycles. This topic came up on the -rc list a while back and no one bit the apple, so if there is a user (or committer) here who wants to work this one out, please feel free to take this project up, and report your findings on freebsd-rc@. Doug -- This .signature sanitized for your protection