From owner-svn-ports-head@FreeBSD.ORG Wed May 14 01:54:19 2014 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3C063282; Wed, 14 May 2014 01:54:19 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.feld.me", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3EDF2279D; Wed, 14 May 2014 01:54:18 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id 000729d6; Tue, 13 May 2014 20:54:13 -0500 (CDT) Received: from feld@feld.me by mail.feld.me (Archiveopteryx 3.2.0) with esmtpa id 1400032452-9679-9675/5/1; Wed, 14 May 2014 01:54:12 +0000 Content-Type: text/plain Mime-Version: 1.0 Subject: Re: svn commit: r353977 - head/security/py-fail2ban From: Mark Felder In-Reply-To: <805981A4-2E52-4C2A-B2B8-B751D484279A@adamw.org> Date: Tue, 13 May 2014 20:54:09 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <5D7360F1-ABE8-417C-B666-355611AD79AB@FreeBSD.org> References: <201405131830.s4DIUNGm023128@svn.freebsd.org> <5CC317FA-F4BD-40C4-ACD8-04AB16902C4A@FreeBSD.org> <805981A4-2E52-4C2A-B2B8-B751D484279A@adamw.org> To: Adam Weinberger X-Mailer: Apple Mail (2.1874) Sender: feld@feld.me Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, Adam Weinberger , ports-committers@FreeBSD.org X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 01:54:19 -0000 On May 13, 2014, at 20:36, Adam Weinberger wrote: > On 13 May 2014, at 17:12, Mark Felder wrote: >=20 >> On May 13, 2014, at 13:30, Adam Weinberger wrote: >>=20 >>>=20 >>> post-install: >>> - @${MKDIR} ${STAGEDIR}${FAIL2BAN_DBDIR} >>> + @${MKDIR} ${STAGEDIR}${FAIL2BAN_DBDIR} ${STAGEDIR}/var/run/fail2ban >>> @${MKDIR} ${STAGEDIR}${DOCSDIR} >>> (cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}) >>> .for file in fail2ban-client fail2ban-regex fail2ban-server fail2ban >>>=20 >>=20 >>=20 >> Pkg ignores items in ${STAGEDIR}/var (and probably all of base), so = this won't actually make it into a package. In fact, since the creation = of the stage dir it won't even make it if installed from a port (as a = package is created before being installed). Anything you need created = for the port to run that must exist in base such as /var/run/, /var/db/, = /var/log/, etc should be handled in the rc script start_precmd so it = gets created if necessary just before the daemon is launched. >>=20 >> Just drop something in like >>=20 >> start_precmd=3Dfail2ban_prestart >>=20 >> fail2ban_prestart() >> { >> for i in run db; do >> if [ ! -d /var/${i}/fail2ban ]; then >> install -d -o fail2ban /dev/null /var/${i}/fail2ban >> fi >> done >> } >>=20 >> (or more verbose, but two actions -- mkdir and then chown) >>=20 >> and then you can remove those MKDIRs in post-install >=20 > That part about pkg ignoring /var doesn't seem right... The .keep_me = files in /var/run/fail2ban and /var/db/fail2ban are installed by pkg, as = expected. >=20 > Putting the stuff into the rc script seems like a good idea, but I'm = missing where the current version isn't working. >=20 You're right; my wires were crossed. I believe what I was thinking of is = that pkg won't track those dirs and tell you they are leftovers.