Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 31 Mar 2023 00:02:34 GMT
From:      Muhammad Moinur Rahman <bofh@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 301d2b57c411 - main - security/teleport: Update version 4.4.12=>5.2.5
Message-ID:  <202303310002.32V02Yft018825@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch main has been updated by bofh:

URL: https://cgit.FreeBSD.org/ports/commit/?id=301d2b57c411477e53b659039c91bf72557ea765

commit 301d2b57c411477e53b659039c91bf72557ea765
Author:     Muhammad Moinur Rahman <bofh@FreeBSD.org>
AuthorDate: 2023-03-30 20:06:43 +0000
Commit:     Muhammad Moinur Rahman <bofh@FreeBSD.org>
CommitDate: 2023-03-30 23:59:59 +0000

    security/teleport: Update version 4.4.12=>5.2.5
    
    This port was marked to expire on 2023-03-31 but there was another port
    security/teleport5 with more recent version from upstream. So move
    security/teleport5 to security/teleport.
    
    Pet portlint/portclippy while I am here.
    
    Approved by:    portmgr (blanket)
---
 MOVED                                              |   1 +
 security/Makefile                                  |   1 -
 security/teleport/Makefile                         |  15 +--
 security/teleport/distinfo                         |  10 +-
 .../files/patch-docs_pages_config-reference.mdx    |  68 -------------
 security/teleport/files/pkg-message.in             |  12 +--
 security/teleport/files/teleport.in                |   2 +-
 security/teleport/pkg-descr                        |   8 +-
 security/teleport5/Makefile                        |  78 ---------------
 security/teleport5/distinfo                        |   5 -
 .../teleport5/files/patch-lib_defaults_defaults.go |  11 ---
 .../teleport5/files/patch-lib_events_auditlog.go   |  11 ---
 security/teleport5/files/patch-lib_events_doc.go   | 110 ---------------------
 .../teleport5/files/patch-lib_services_server.go   |  11 ---
 .../patch-tool_teleport_common_teleport__test.go   |  20 ----
 ...dor_github.com_kr_pty_ztypes__freebsd__arm64.go |  16 ---
 security/teleport5/files/patch-version.mk          |   8 --
 security/teleport5/files/pkg-message.in            |  33 -------
 security/teleport5/files/teleport.in               |  55 -----------
 security/teleport5/pkg-descr                       |  15 ---
 20 files changed, 23 insertions(+), 467 deletions(-)

diff --git a/MOVED b/MOVED
index eb2f108f6be6..a477c5a5b053 100644
--- a/MOVED
+++ b/MOVED
@@ -17886,3 +17886,4 @@ devel/horde-content||2023-03-31|Has expired: Requires php74
 devel/horde-timeobjects||2023-03-31|Has expired: Requires php74
 www/horde-base||2023-03-31|Has expired: Requires php74
 multimedia/transcode||2023-03-31|Has expired: abandoned by upstream and does not build
+security/teleport5|security/teleport|2023-03-31|More recent version than expired teleport port
diff --git a/security/Makefile b/security/Makefile
index db69d7838389..034e957031c0 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -1268,7 +1268,6 @@
     SUBDIR += tclsasl
     SUBDIR += tcpcrypt
     SUBDIR += teleport
-    SUBDIR += teleport5
     SUBDIR += testssl.sh
     SUBDIR += tfhe
     SUBDIR += tfsec
diff --git a/security/teleport/Makefile b/security/teleport/Makefile
index 8ae972fbd15b..3c4d23f4e9e7 100644
--- a/security/teleport/Makefile
+++ b/security/teleport/Makefile
@@ -1,7 +1,6 @@
 PORTNAME=	teleport
 DISTVERSIONPREFIX=	v
-DISTVERSION=	4.4.12
-PORTREVISION=	5
+DISTVERSION=	5.2.5
 CATEGORIES=	security
 
 MAINTAINER=	kraileth@elderlinux.org
@@ -10,9 +9,6 @@ WWW=		https://goteleport.com/teleport
 
 LICENSE=	APACHE20
 
-DEPRECATED=	End of life, users are recommended to use security/teleport5 as an upgrade path
-EXPIRATION_DATE=2023-03-31
-
 NOT_FOR_ARCHS=	i386
 NOT_FOR_ARCHS_REASON=	Uses 64bit types
 
@@ -21,19 +17,16 @@ BUILD_DEPENDS=	zip:archivers/zip
 # If you need the auth service to work, you need to compile this port with
 # Go 1.17 or older. In case tsh is what you're after, Go 1.19 is fine.
 USES=		compiler gmake go
-
 USE_GITHUB=		yes
 GH_ACCOUNT=		gravitational
-GH_TUPLE=		gravitational:webassets:2ee76aa:webassets/webassets
-GH_COMMIT_SHORT=	fabee242d
+GH_TUPLE=		gravitational:webassets:8ace0cf:webassets/webassets
+GH_COMMIT_SHORT=	f8ba4afd9
 GH_TAG_COMMIT=		${DISTVERSIONPREFIX}${DISTVERSION}-0-g${GH_COMMIT_SHORT}
-
 USE_RC_SUBR=	teleport
 
 # Extra assets are stored in the binary and must not be inadvertently removed
 STRIP=
 NOPRECIOUSMAKEVARS=	YES
-
 SUB_FILES=	pkg-message
 
 PLIST_FILES=	bin/tctl \
@@ -48,6 +41,8 @@ post-patch:
 	@${MKDIR} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}
 	@${REINPLACE_CMD} -e 's|%%GH_TAG_COMMIT%%|${GH_TAG_COMMIT}|' \
 		${WRKSRC}/version.mk
+	@${FIND} ${WRKSRC}/docs/pages -iname '*.mdx' | ${XARGS} \
+		${REINPLACE_CMD} -i '' -e 's|/var/lib|/var/db|g'
 	@${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/vendor/* ${WRKDIR}/src/
 	@${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/* ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/
 
diff --git a/security/teleport/distinfo b/security/teleport/distinfo
index 362cf0489a3b..cd05976249ca 100644
--- a/security/teleport/distinfo
+++ b/security/teleport/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1665730213
-SHA256 (gravitational-teleport-v4.4.12_GH0.tar.gz) = 097537273bd0579b3b833870cab74ce1da5432357a14c5501db7a2c525fbcb15
-SIZE (gravitational-teleport-v4.4.12_GH0.tar.gz) = 37824023
-SHA256 (gravitational-webassets-2ee76aa_GH0.tar.gz) = 16c5fbdc43723c392d46163073053c850cae7d355fb97b5ba8fd298246be85c4
-SIZE (gravitational-webassets-2ee76aa_GH0.tar.gz) = 4684443
+TIMESTAMP = 1670876102
+SHA256 (gravitational-teleport-v5.2.5_GH0.tar.gz) = 81b48678ead350ca40183ffef70c4afe0ffdcf1e895d04c0bc62eab180b41065
+SIZE (gravitational-teleport-v5.2.5_GH0.tar.gz) = 41856905
+SHA256 (gravitational-webassets-8ace0cf_GH0.tar.gz) = 87b4a3beff4259ff48d30a03cb2e5ac580dc964eac5218518ac89ede450d2220
+SIZE (gravitational-webassets-8ace0cf_GH0.tar.gz) = 4719723
diff --git a/security/teleport/files/patch-docs_pages_config-reference.mdx b/security/teleport/files/patch-docs_pages_config-reference.mdx
deleted file mode 100644
index b5a8eabc6bb0..000000000000
--- a/security/teleport/files/patch-docs_pages_config-reference.mdx
+++ /dev/null
@@ -1,68 +0,0 @@
---- docs/pages/config-reference.mdx.orig	2022-02-23 04:58:43 UTC
-+++ docs/pages/config-reference.mdx
-@@ -21,7 +21,7 @@ teleport:
-
-     # Data directory where Teleport daemon keeps its data.
-     # See "Filesystem Layout" section above for more details.
--    data_dir: /var/lib/teleport
-+    data_dir: /var/db/teleport
-
-     # Invitation token used to join a cluster. it is not used on
-     # subsequent starts
-@@ -52,11 +52,11 @@ teleport:
-         max_connections: 1000
-         max_users: 250
-
--    # Logging configuration. Possible output values to disk via '/var/lib/teleport/teleport.log',
-+    # Logging configuration. Possible output values to disk via '/var/db/teleport/teleport.log',
-     # 'stdout', 'stderr' and 'syslog'. Possible severity values are INFO, WARN
-     # and ERROR (default). Possible format values include: timestamp, component, caller, and level.
-     log:
--        output: /var/lib/teleport/teleport.log
-+        output: /var/db/teleport/teleport.log
-         severity: ERROR
-         format: [level, timestamp, component, caller]
-     # Configuration for the storage back-end used for the cluster state and the
-@@ -68,11 +68,11 @@ teleport:
-         type: dir
-
-         # List of locations where the audit log events will be stored. By default,
--        # they are stored in `/var/lib/teleport/log`
-+        # they are stored in `/var/db/teleport/log`
-         # When specifying multiple destinations like this, make sure that any highly-available
-         # storage methods (like DynamoDB or Firestore) are specified first, as this is what the
-         # Teleport web UI uses as its source of events to display.
--        audit_events_uri: ['dynamodb://events_table_name', 'firestore://events_table_name', 'file:///var/lib/teleport/log', 'stdout://']
-+        audit_events_uri: ['dynamodb://events_table_name', 'firestore://events_table_name', 'file:///var/db/teleport/log', 'stdout://']
-
-         # Use this setting to configure teleport to store the recorded sessions in
-         # an AWS S3 bucket or use GCP Storage with 'gs://'. See "Using Amazon S3"
-@@ -131,7 +131,7 @@ auth_service:
-     # By default an automatically generated name is used (not recommended)
-     #
-     # IMPORTANT: if you change cluster_name, it will invalidate all generated
--    # certificates and keys (may need to wipe out /var/lib/teleport directory)
-+    # certificates and keys (may need to wipe out /var/db/teleport directory)
-     cluster_name: "main"
-
-     authentication:
-@@ -223,7 +223,7 @@ auth_service:
-     #
-     # If not set, by default Teleport will look for the `license.pem` file in
-     # the configured `data_dir` .
--    license_file: /var/lib/teleport/license.pem
-+    license_file: /var/db/teleport/license.pem
-
- # This section configures the 'node service':
- ssh_service:
-@@ -320,8 +320,8 @@ proxy_service:
-
-     # TLS certificate for the HTTPS connection. Configuring these properly is
-     # critical for Teleport security.
--    https_key_file: /var/lib/teleport/webproxy_key.pem
--    https_cert_file: /var/lib/teleport/webproxy_cert.pem
-+    https_key_file: /var/db/teleport/webproxy_key.pem
-+    https_cert_file: /var/db/teleport/webproxy_cert.pem
-
-     # This section configures the Kubernetes proxy service
-     kubernetes:
diff --git a/security/teleport/files/pkg-message.in b/security/teleport/files/pkg-message.in
index f15cd53d3bfc..6559d0153a15 100644
--- a/security/teleport/files/pkg-message.in
+++ b/security/teleport/files/pkg-message.in
@@ -3,7 +3,7 @@
   message: <<EOM
 ATTENTION! This version of Teleport is very old and likely to contain unfixed
 ATTENTION! vulnerabilities. It's only provided to allow for a working upgrade
-ATTENTION! path from 4.3. Watch for an upgrade to teleport5 next.
+ATTENTION! path from 4.4. Watch for an upgrade to teleport6 next.
 ATTENTION! New installations are STRONGLY discouraged (wait for version 7).
 
 Quick getting started guide:
@@ -23,11 +23,11 @@ To add a new node to the cluster, on the auth server:
 
 See the docs for additional details:
 
-Quick start:	https://github.com/gravitational/teleport/blob/branch/4.4/docs/pages/quickstart.mdx
-Admin Manual:	https://github.com/gravitational/teleport/blob/branch/4.4/docs/pages/admin-guide.mdx
-User Manual:	https://github.com/gravitational/teleport/blob/branch/4.4/docs/pages/user-manual.mdx
-Architecture:	https://github.com/gravitational/teleport/blob/branch/4.4/docs/pages/architecture/overview.mdx
-FAQ:		https://github.com/gravitational/teleport/blob/branch/4.4/docs/pages/faq.mdx
+Quick start:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/quickstart.mdx
+Admin Manual:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/admin-guide.mdx
+User Manual:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/user-manual.mdx
+Architecture:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/architecture/overview.mdx
+FAQ:		https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/faq.mdx
 EOM
 }
 ]
diff --git a/security/teleport/files/teleport.in b/security/teleport/files/teleport.in
index 0f1a39b43e08..248b0d7dc441 100644
--- a/security/teleport/files/teleport.in
+++ b/security/teleport/files/teleport.in
@@ -16,7 +16,7 @@
 # teleport_roles (dir):         Set roles to run teleport in.
 #                               Default is "node".
 #                               Can be any combination of
-#                               "proxy" "node" and "auth", separated by commas
+#                               "node", "app", "proxy" and "auth", separated by commas
 
 . /etc/rc.subr
 
diff --git a/security/teleport/pkg-descr b/security/teleport/pkg-descr
index e9cb0029b1fa..4485b972f7a7 100644
--- a/security/teleport/pkg-descr
+++ b/security/teleport/pkg-descr
@@ -8,6 +8,8 @@ used instead for additional functionality.
 With Teleport it is simple to adopt SSH best practices like using
 certificate-based access and enabling 2FA via TOTP (e.g. Google
 Authenticator), U2F or an SSO provider. Cluster nodes can be accessed via
-a CLI (tsh) or a Web UI which both allow for session sharing. Teleport
-provides centralized user management as well as full session recordings
-that can be played back for knowledge sharing or auditing purposes.
+a CLI (tsh) or a Web UI which both allow for session sharing.
+
+Teleport provides centralized user management as well as full session
+recordings that can be played back for knowledge sharing or auditing
+purposes. It can also be used to protect Web applications like dashboards.
diff --git a/security/teleport5/Makefile b/security/teleport5/Makefile
deleted file mode 100644
index fcf418b69497..000000000000
--- a/security/teleport5/Makefile
+++ /dev/null
@@ -1,78 +0,0 @@
-PORTNAME=	teleport
-DISTVERSIONPREFIX=	v
-DISTVERSION=	5.2.5
-PORTREVISION=	4
-CATEGORIES=	security
-PKGNAMESUFFIX=	5
-
-MAINTAINER=	kraileth@elderlinux.org
-COMMENT=	Centralized access gateway using the SSH protocol
-WWW=		https://goteleport.com/teleport
-
-LICENSE=	APACHE20
-
-NOT_FOR_ARCHS=	i386
-NOT_FOR_ARCHS_REASON=	Uses 64bit types
-
-BUILD_DEPENDS=	zip:archivers/zip
-
-# If you need the auth service to work, you need to compile this port with
-# Go 1.17 or older. In case tsh is what you're after, Go 1.19 is fine.
-USES=		compiler gmake go
-
-USE_GITHUB=		yes
-GH_ACCOUNT=		gravitational
-GH_TUPLE=		gravitational:webassets:8ace0cf:webassets/webassets
-GH_COMMIT_SHORT=	f8ba4afd9
-GH_TAG_COMMIT=		${DISTVERSIONPREFIX}${DISTVERSION}-0-g${GH_COMMIT_SHORT}
-
-USE_RC_SUBR=	teleport
-
-# Extra assets are stored in the binary and must not be inadvertently removed
-STRIP=
-NOPRECIOUSMAKEVARS=	YES
-
-SUB_FILES=	pkg-message
-
-PLIST_FILES=	bin/tctl \
-		bin/teleport \
-		bin/tsh \
-		"@sample etc/teleport.yaml.sample"
-
-GO_TELEPORT_SRC_DIR=	src/github.com/gravitational/teleport
-PRE_GOPATH_DIR=		${PORTNAME}-${DISTVERSION}${DISTVERSIONSUFFIX}
-
-post-patch:
-	@${MKDIR} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}
-	@${REINPLACE_CMD} -e 's|%%GH_TAG_COMMIT%%|${GH_TAG_COMMIT}|' \
-		${WRKSRC}/version.mk
-	@${FIND} ${WRKSRC}/docs/pages -iname '*.mdx' | ${XARGS} \
-		${REINPLACE_CMD} -i '' -e 's|/var/lib|/var/db|g'
-	@${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/vendor/* ${WRKDIR}/src/
-	@${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/* ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/
-
-do-build:
-	@cd ${WRKDIR}/${GO_TELEPORT_SRC_DIR} && \
-		${SETENV} ${MAKE_ENV} ${BUILD_ENV} ${GO_ENV} \
-		CGO_ENABLED=1 GOPATH=${WRKDIR} \
-		${GMAKE} full
-
-do-install:
-	${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/teleport configure > ${STAGEDIR}${PREFIX}/etc/teleport.yaml.sample
-	@${SED} -i '' \
-		-e "s|nodename: .*|nodename: |g" \
-		-e "s|cluster-join-token||g" \
-		${STAGEDIR}${PREFIX}/etc/teleport.yaml.sample
-	${INSTALL_PROGRAM} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/teleport ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_PROGRAM} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/tsh ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_PROGRAM} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/tctl ${STAGEDIR}${PREFIX}/bin
-
-.include <bsd.port.pre.mk>
-
-# golang assumes that if clang is in use, it is called "clang" and not "cc". If
-# it's called "cc", go fails.
-.if ${COMPILER_TYPE} == clang
-BUILD_ENV=	CC=clang
-.endif
-
-.include <bsd.port.post.mk>
diff --git a/security/teleport5/distinfo b/security/teleport5/distinfo
deleted file mode 100644
index cd05976249ca..000000000000
--- a/security/teleport5/distinfo
+++ /dev/null
@@ -1,5 +0,0 @@
-TIMESTAMP = 1670876102
-SHA256 (gravitational-teleport-v5.2.5_GH0.tar.gz) = 81b48678ead350ca40183ffef70c4afe0ffdcf1e895d04c0bc62eab180b41065
-SIZE (gravitational-teleport-v5.2.5_GH0.tar.gz) = 41856905
-SHA256 (gravitational-webassets-8ace0cf_GH0.tar.gz) = 87b4a3beff4259ff48d30a03cb2e5ac580dc964eac5218518ac89ede450d2220
-SIZE (gravitational-webassets-8ace0cf_GH0.tar.gz) = 4719723
diff --git a/security/teleport5/files/patch-lib_defaults_defaults.go b/security/teleport5/files/patch-lib_defaults_defaults.go
deleted file mode 100644
index a0ec9693613e..000000000000
--- a/security/teleport5/files/patch-lib_defaults_defaults.go
+++ /dev/null
@@ -1,11 +0,0 @@
---- lib/defaults/defaults.go.orig	2022-02-23 04:58:43 UTC
-+++ lib/defaults/defaults.go
-@@ -466,7 +466,7 @@ var (
- 
- 	// DataDir is where all mutable data is stored (user keys, recorded sessions,
- 	// registered SSH servers, etc):
--	DataDir = "/var/lib/teleport"
-+	DataDir = "/var/db/teleport"
- 
- 	// StartRoles is default roles teleport assumes when started via 'start' command
- 	StartRoles = []string{RoleProxy, RoleNode, RoleAuthService}
diff --git a/security/teleport5/files/patch-lib_events_auditlog.go b/security/teleport5/files/patch-lib_events_auditlog.go
deleted file mode 100644
index ab0c4e04e7bf..000000000000
--- a/security/teleport5/files/patch-lib_events_auditlog.go
+++ /dev/null
@@ -1,11 +0,0 @@
---- lib/events/auditlog.go.orig	2022-02-23 04:58:43 UTC
-+++ lib/events/auditlog.go
-@@ -45,7 +45,7 @@ import (
- const (
- 	// SessionLogsDir is a subdirectory inside the eventlog data dir
- 	// where all session-specific logs and streams are stored, like
--	// in /var/lib/teleport/logs/sessions
-+	// in /var/db/teleport/logs/sessions
- 	SessionLogsDir = "sessions"
- 
-	// StreamingLogsDir is a subdirectory of sessions /var/lib/teleport/logs/streaming
diff --git a/security/teleport5/files/patch-lib_events_doc.go b/security/teleport5/files/patch-lib_events_doc.go
deleted file mode 100644
index 570c0aba3879..000000000000
--- a/security/teleport5/files/patch-lib_events_doc.go
+++ /dev/null
@@ -1,110 +0,0 @@
---- lib/events/doc.go.orig	2022-02-23 04:58:43 UTC
-+++ lib/events/doc.go
-@@ -85,7 +85,7 @@ Main Audit Log Format
- 
- The main log files are saved as:
- 
--	/var/lib/teleport/log/<auth-server-id>/<date>.log
-+	/var/db/teleport/log/<auth-server-id>/<date>.log
- 
- The log file is rotated every 24 hours. The old files must be cleaned
- up or archived by an external tool.
-@@ -111,7 +111,7 @@ Each session has its own session log stored as several
- 
- Index file contains a list of event files and chunks files associated with a session:
- 
--	/var/lib/teleport/log/sessions/<auth-server-id>/<session-id>.index
-+	/var/db/teleport/log/sessions/<auth-server-id>/<session-id>.index
- 
- The format of the index file contains of two or more lines with pointers to other files:
- 
-@@ -120,8 +120,8 @@ The format of the index file contains of two or more l
- 
- Files:
- 
--	/var/lib/teleport/log/<auth-server-id>/<session-id>-<first-event-in-file-index>.events
--	/var/lib/teleport/log/<auth-server-id>/<session-id>-<first-chunk-in-file-offset>.chunks
-+	/var/db/teleport/log/<auth-server-id>/<session-id>-<first-event-in-file-index>.events
-+	/var/db/teleport/log/<auth-server-id>/<session-id>-<first-chunk-in-file-offset>.chunks
- 
- Where:
- 	- .events   (same events as in the main log, but related to the session)
-@@ -135,7 +135,7 @@ Examples
- In the simplest case, single auth server a1 log for a single session id s1
- will consist of three files:
- 
--/var/lib/teleport/a1/s1.index
-+/var/db/teleport/a1/s1.index
- 
- With contents:
- 
-@@ -146,14 +146,14 @@ This means that all session events are located in s1-0
- the first event with index 0 and all chunks are located in file s1-0.chunks file
- with the byte offset from the start - 0.
- 
--File with session events /var/lib/teleport/a1/s1-0.events will contain:
-+File with session events /var/db/teleport/a1/s1-0.events will contain:
- 
- {"ei":0,"event":"session.start", ...}
- {"ei":1,"event":"resize",...}
- {"ei":2,"ci":0, "event":"print","bytes":40,"offset":0}
- {"ei":3,"event":"session.end", ...}
- 
--File with recorded session /var/lib/teleport/a1/s1-0.chunks will contain 40 bytes
-+File with recorded session /var/db/teleport/a1/s1-0.chunks will contain 40 bytes
- emitted by print event with chunk index 0
- 
- **Multiple Auth Servers**
-@@ -164,7 +164,7 @@ In high availability mode scenario, multiple auth serv
- Any auth server can go down during session and clients will retry the delivery
- to the other auth server.
- 
--Both auth servers have mounted /var/lib/teleport/log as a shared NFS folder.
-+Both auth servers have mounted /var/db/teleport/log as a shared NFS folder.
- 
- To make sure that only one auth server writes to a file at a time,
- each auth server writes to it's own file in a sub folder named
-@@ -176,37 +176,37 @@ and the second batch of event to the second server a2.
- 
- Server a1 will produce the following file:
- 
--/var/lib/teleport/a1/s1.index
-+/var/db/teleport/a1/s1.index
- 
- With contents:
- 
- {"file_name":"s1-0.events","type":"events","index":0}
- {"file_name":"s1-0.chunks","type":"chunks","offset":0}
- 
--Events file /var/lib/teleport/a1/s1-0.events will contain:
-+Events file /var/db/teleport/a1/s1-0.events will contain:
- 
- {"ei":0,"event":"session.start", ...}
- {"ei":1,"event":"resize",...}
- {"ei":2,"ci":0, "event":"print","bytes":40,"offset":0}
- 
--Events file /var/lib/teleport/a1/s1-0.chunks will contain 40 bytes
-+Events file /var/db/teleport/a1/s1-0.chunks will contain 40 bytes
- emitted by print event with chunk index.
- 
- Server a2 will produce the following file:
- 
--/var/lib/teleport/a2/s1.index
-+/var/db/teleport/a2/s1.index
- 
- With contents:
- 
- {"file_name":"s1-3.events","type":"events","index":3}
- {"file_name":"s1-40.chunks","type":"chunks","offset":40}
- 
--Events file /var/lib/teleport/a2/s1-4.events will contain:
-+Events file /var/db/teleport/a2/s1-4.events will contain:
- 
- {"ei":3,"ci":1, "event":"print","bytes":15,"ms":713,"offset":40}
- {"ei":4,"event":"session.end", ...}
- 
--Events file /var/lib/teleport/a2/s1-40.chunks will contain 15 bytes emitted
-+Events file /var/db/teleport/a2/s1-40.chunks will contain 15 bytes emitted
- by print event with chunk index 1 and comes after delay of 713 milliseconds.
- 
- Offset 40 indicates that the first chunk stored in the file s1-40.chunks
diff --git a/security/teleport5/files/patch-lib_services_server.go b/security/teleport5/files/patch-lib_services_server.go
deleted file mode 100644
index a93f72ee384f..000000000000
--- a/security/teleport5/files/patch-lib_services_server.go
+++ /dev/null
@@ -1,11 +0,0 @@
---- lib/services/server.go.orig	2022-02-23 04:58:43 UTC
-+++ lib/services/server.go
-@@ -578,7 +578,7 @@ type CommandLabelV1 struct {
- 	// Period is a time between command runs
- 	Period time.Duration `json:"period"`
- 	// Command is a command to run
--	Command []string `json:"command"` //["/usr/bin/hostname", "--long"]
-+	Command []string `json:"command"` //["/bin/hostname", "--long"]
- 	// Result captures standard output
- 	Result string `json:"result"`
- }
diff --git a/security/teleport5/files/patch-tool_teleport_common_teleport__test.go b/security/teleport5/files/patch-tool_teleport_common_teleport__test.go
deleted file mode 100644
index cccc072a243f..000000000000
--- a/security/teleport5/files/patch-tool_teleport_common_teleport__test.go
+++ /dev/null
@@ -1,20 +0,0 @@
---- tool/teleport/common/teleport_test.go.orig	2022-02-23 04:58:43 UTC
-+++ tool/teleport/common/teleport_test.go
-@@ -62,7 +62,7 @@ func (s *MainTestSuite) SetUpSuite(c *check.C) {
- 
- 	// set imprtant defaults to test-mode (non-existing files&locations)
- 	defaults.ConfigFilePath = "/tmp/teleport/etc/teleport.yaml"
--	defaults.DataDir = "/tmp/teleport/var/lib/teleport"
-+	defaults.DataDir = "/tmp/teleport/var/db/teleport"
- }
- 
- func (s *MainTestSuite) TestDefault(c *check.C) {
-@@ -72,7 +72,7 @@ func (s *MainTestSuite) TestDefault(c *check.C) {
- 	})
- 	c.Assert(cmd, check.Equals, "start")
- 	c.Assert(conf.Hostname, check.Equals, s.hostname)
--	c.Assert(conf.DataDir, check.Equals, "/tmp/teleport/var/lib/teleport")
-+	c.Assert(conf.DataDir, check.Equals, "/tmp/teleport/var/db/teleport")
- 	c.Assert(conf.Auth.Enabled, check.Equals, true)
- 	c.Assert(conf.SSH.Enabled, check.Equals, true)
- 	c.Assert(conf.Proxy.Enabled, check.Equals, true)
diff --git a/security/teleport5/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go b/security/teleport5/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go
deleted file mode 100644
index 3178f17f721b..000000000000
--- a/security/teleport5/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go
+++ /dev/null
@@ -1,16 +0,0 @@
---- vendor/github.com/kr/pty/ztypes_freebsd_arm64.go.orig	2022-10-14 07:07:07 UTC
-+++ vendor/github.com/kr/pty/ztypes_freebsd_arm64.go
-@@ -0,0 +1,13 @@
-+// Created by cgo -godefs - DO NOT EDIT
-+// cgo -godefs types_freebsd.go
-+
-+package pty
-+
-+const (
-+	_C_SPECNAMELEN = 0x3f
-+)
-+
-+type fiodgnameArg struct {
-+	Len       int32
-+	Buf       *byte
-+}
diff --git a/security/teleport5/files/patch-version.mk b/security/teleport5/files/patch-version.mk
deleted file mode 100644
index 1457af7a19fc..000000000000
--- a/security/teleport5/files/patch-version.mk
+++ /dev/null
@@ -1,8 +0,0 @@
---- version.mk.orig	2022-02-23 04:58:43 UTC
-+++ version.mk
-@@ -1,4 +1,4 @@
--GITREF=`git describe --dirty --long --tags`
-+GITREF=%%GH_TAG_COMMIT%%
- 
- # $(VERSION_GO) will be written to version.go
- VERSION_GO="/* DO NOT EDIT THIS FILE. IT IS GENERATED BY 'make setver'*/\n\n\
diff --git a/security/teleport5/files/pkg-message.in b/security/teleport5/files/pkg-message.in
deleted file mode 100644
index 6559d0153a15..000000000000
--- a/security/teleport5/files/pkg-message.in
+++ /dev/null
@@ -1,33 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-ATTENTION! This version of Teleport is very old and likely to contain unfixed
-ATTENTION! vulnerabilities. It's only provided to allow for a working upgrade
-ATTENTION! path from 4.4. Watch for an upgrade to teleport6 next.
-ATTENTION! New installations are STRONGLY discouraged (wait for version 7).
-
-Quick getting started guide:
-
-1. Read through the Quick Start Guide (see below).
-2. Start teleport: su -c 'sysrc teleport_enable=YES'
-3. If not just setting up a node: su -c 'sysrc teleport_roles=auth,proxy,node'
-4. Review and edit /usr/local/etc/teleport.yaml
-5. Start teleport: su -c 'service teleport start'
-6. Add yourself as a user on the auth server: su -c "tctl users add $USER"
-7. Create a password and 2FA code using the URL emitted during
-   the previous step.
-
-To add a new node to the cluster, on the auth server:
-
-   $ tctl nodes add --ttl=5m --roles=node,proxy
-
-See the docs for additional details:
-
-Quick start:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/quickstart.mdx
-Admin Manual:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/admin-guide.mdx
-User Manual:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/user-manual.mdx
-Architecture:	https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/architecture/overview.mdx
-FAQ:		https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/faq.mdx
-EOM
-}
-]
diff --git a/security/teleport5/files/teleport.in b/security/teleport5/files/teleport.in
deleted file mode 100644
index 248b0d7dc441..000000000000
--- a/security/teleport5/files/teleport.in
+++ /dev/null
@@ -1,55 +0,0 @@
-#!/bin/sh
-
-# PROVIDE: teleport
-# REQUIRE: NETWORKING SERVERS DAEMON
-# KEYWORD: shutdown
-#
-# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
-# to enable this service:
-#
-# teleport_enable (bool):       Set to NO by default.
-#                               Set it to YES to enable teleport.
-# teleport_config (str):        Configuration file.
-#                               Default is "${LOCALBASE}/etc/teleport.yaml"
-# teleport_dir (dir):           Set dir to run teleport in.
-#                               Default is "/var/db/teleport".
-# teleport_roles (dir):         Set roles to run teleport in.
-#                               Default is "node".
-#                               Can be any combination of
-#                               "node", "app", "proxy" and "auth", separated by commas
-
-. /etc/rc.subr
-
-name=teleport
-rcvar=teleport_enable
-
-load_rc_config $name
-
-: ${teleport_enable:="NO"}
-: ${teleport_config:="%%PREFIX%%/etc/teleport.yaml"}
-: ${teleport_args:="--config=${teleport_config}"}
-: ${teleport_dir:="/var/db/teleport"}
-: ${teleport_roles:="node"}
-
-pidfile=/var/run/teleport.pid
-required_files="${teleport_config}"
-procname="%%PREFIX%%/bin/teleport"
-command="/usr/sbin/daemon"
-
-DAEMON=$(daemon 2>&1 | grep -q syslog ; echo $?)
-if [ ${DAEMON} -eq 0 ]; then
-  DAEMON_SYSLOG_FLAGS="-S -T teleport -s info -m 3"
-else
-  DAEMON_SYSLOG_FLAGS=""
-fi
-
-command_args="${DAEMON_SYSLOG_FLAGS} -f -p ${pidfile} /usr/bin/env ${teleport_env} ${procname} start --roles=${teleport_roles} ${teleport_args}"
-
-start_precmd="teleport_prestart"
-
-teleport_prestart()
-{
-	mkdir -p ${teleport_dir}
-}
-
-run_rc_command "$1"
diff --git a/security/teleport5/pkg-descr b/security/teleport5/pkg-descr
deleted file mode 100644
index 4485b972f7a7..000000000000
--- a/security/teleport5/pkg-descr
+++ /dev/null
@@ -1,15 +0,0 @@
-What is Teleport?
-=================
-Teleport is a gateway for managing access to clusters of *nix servers via
-SSH or the Kubernetes API. While it does also support connecting to
-servers running traditional OpenSSH, its own node deamon is intended to be
-used instead for additional functionality.
-
-With Teleport it is simple to adopt SSH best practices like using
-certificate-based access and enabling 2FA via TOTP (e.g. Google
-Authenticator), U2F or an SSO provider. Cluster nodes can be accessed via
-a CLI (tsh) or a Web UI which both allow for session sharing.
-
-Teleport provides centralized user management as well as full session
-recordings that can be played back for knowledge sharing or auditing
-purposes. It can also be used to protect Web applications like dashboards.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202303310002.32V02Yft018825>