From owner-freebsd-ports  Tue Feb 19 15:40:28 2002
Delivered-To: freebsd-ports@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id A64B637B417
	for <freebsd-ports@hub.freebsd.org>; Tue, 19 Feb 2002 15:40:01 -0800 (PST)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g1JNe1p34415;
	Tue, 19 Feb 2002 15:40:01 -0800 (PST)
	(envelope-from gnats)
Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88])
	by hub.freebsd.org (Postfix) with ESMTP id 4DA8A37B419
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 19 Feb 2002 15:39:13 -0800 (PST)
Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc52.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020219233913.PNRA1147.rwcrmhc52.attbi.com@blossom.cjclark.org>;
          Tue, 19 Feb 2002 23:39:13 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g1JNdCt99299;
	Tue, 19 Feb 2002 15:39:12 -0800 (PST)
	(envelope-from cjc)
Message-Id: <200202192339.g1JNdCt99299@blossom.cjclark.org>
Date: Tue, 19 Feb 2002 15:39:12 -0800 (PST)
From: "Crist J. Clark" <cjc@freebsd.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: Cy.Schubert@uumail.gov.bc.ca
X-Send-Pr-Version: 3.113
Subject: ports/35127: [PATCH] Tripwire 1.3.1 install should be more configurable
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org


>Number:         35127
>Category:       ports
>Synopsis:       [PATCH] Tripwire 1.3.1 install should be more configurable
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Feb 19 15:40:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Crist J. Clark
>Release:        FreeBSD 4.5-RELEASE i386
>Organization:
>Environment:
	FreeBSD ports. 
>Description:
	Presently the Tripwire 1.3.1 port, ports/security/tripwire-131, 
automatically generates a tripwire database using the sample
configuration file provided with the port. There is no mechanism for
the user to (a) provided his own configuration file or (b) disable the
database build at the 'make install.'

	Building a tripwire database can take a considerable amount of
time. It is very possible, perhaps even likely, that the administrator
may wish to customize the tripwire configuration file for his site
before taking the time to build a database. If the admin interupts the
database build (say with an intr-character), he will not have a
properly installed port (e.g. nothing in /var/db/pkg). I am not aware
of a way to disable the build using the port-system's available knobs
(like something to disable 'post-install' targets in the Makefile).


>How-To-Repeat:
	# cd /usr/ports/security/tripwire131
	# make install

>Fix:
	The following simple patch provides examples for how to
correct both of these issues.

	The administrator may specify a custom tripwire configuration
file for use in the automatic database build by doing the following,

	# make TWCONFIG=/path/to/tw.config install

Or the admin may totally disable the database build at install time,

	# make -DNO_DB_BUILD install

Here's the patch,

Index: security/tripwire-131/Makefile
===================================================================
RCS file: /export/ncvs/ports/security/tripwire-131/Makefile,v
retrieving revision 1.13
diff -u -r1.13 Makefile
--- security/tripwire-131/Makefile	16 Jan 2001 17:32:22 -0000	1.13
+++ security/tripwire-131/Makefile	19 Feb 2002 23:15:54 -0000
@@ -19,6 +19,8 @@
 RESTRICTED=	"contains crypto class algorithms"
 WRKSRC=		${WRKDIR}/tw_ASR_1.3.1_src
 
+TWCONFIG?=	${FILESDIR}/tw.conf.freebsd2
+
 .include <bsd.port.pre.mk>
 
 .if !exists(${DISTDIR}/${DISTNAME}${EXTRACT_SUFX})
@@ -27,11 +29,12 @@
 
 pre-configure:
 	@ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs
-	@ ${CP} ${FILESDIR}/tw.conf.freebsd2 ${WRKSRC}/configs/tw.conf.freebsd2
+	@ ${CP} ${TWCONFIG} ${WRKSRC}/configs/tw.conf.freebsd2
 
 post-install:
 	@ ${MKDIR} /var/adm/tcheck
-	@ ${CP} ${FILESDIR}/tw.conf.freebsd2 /var/adm/tcheck/tw.config
+	@ ${CP} ${TWCONFIG} /var/adm/tcheck/tw.config
+.ifndef NO_DB_BUILD
 	@ ${ECHO} Creating tripwire database
 	@ (cd /var/adm/tcheck; tripwire -initialize)
 .if defined(TRIPWIRE_FLOPPY) && ${TRIPWIRE_FLOPPY} == YES
@@ -47,6 +50,7 @@
 	@ ${CHMOD} 555 /mnt/tripwire /mnt/gunzip /mnt/twcheck
 	@ umount /mnt
 	@ ${ECHO} Do not forget to remove and write-protect the floppy.
+.endif
 .endif
 
 .include <bsd.port.post.mk>
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message