From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Sep 5 19:26:09 2005 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFAAD16A41F for ; Mon, 5 Sep 2005 19:26:09 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id BD19443D55 for ; Mon, 5 Sep 2005 19:24:58 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j85JNm4R041688 for ; Mon, 5 Sep 2005 19:23:48 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j85JNmnP041687; Mon, 5 Sep 2005 19:23:48 GMT (envelope-from gnats) Resent-Date: Mon, 5 Sep 2005 19:23:48 GMT Resent-Message-Id: <200509051923.j85JNmnP041687@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Pawel Wieleba Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8363316A41F for ; Mon, 5 Sep 2005 19:16:19 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AF4B43D48 for ; Mon, 5 Sep 2005 19:15:09 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j85JE6Nw092595 for ; Mon, 5 Sep 2005 19:14:06 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id j85JE6oQ092589; Mon, 5 Sep 2005 19:14:06 GMT (envelope-from nobody) Message-Id: <200509051914.j85JE6oQ092589@www.freebsd.org> Date: Mon, 5 Sep 2005 19:14:06 GMT From: Pawel Wieleba To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: ports/85761: [PATCH] www/jakarta-tomcat55; enable possibility to specify tomcat deamon user/group; make it possible to add user/group even if UID/GID number is reserved X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Sep 2005 19:26:10 -0000 >Number: 85761 >Category: ports >Synopsis: [PATCH] www/jakarta-tomcat55; enable possibility to specify tomcat deamon user/group; make it possible to add user/group even if UID/GID number is reserved >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Sep 05 19:22:38 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Pawel Wieleba >Release: FreeBSD 5.4-stable >Organization: >Environment: FreeBSD srv 5.4-STABLE FreeBSD 5.4-STABLE #0: Sun Aug 28 23:43:13 CEST 2005 root@srv:/usr/obj/usr/src/sys/SRV i386 >Description: Now it is _impossible_ to specify what user is used to install and run tomcat with. I use user www with apache2 and want to run tomcat with a different user because of security reasons. I have written a patch to the jakarta-tomcat55 port to make it possible to install and run jakarta-tomcat55 server with an alternate user. >How-To-Repeat: >Fix: The patch consists of free files: Makefile.diff pkg-install.diff pkg-deinstall.diff The patch: srv# cat *.diff --- Makefile-ORG Mon Sep 5 20:50:10 2005 +++ Makefile Mon Sep 5 21:07:11 2005 @@ -66,6 +66,19 @@ STDOUT_LOG=${STDOUT_LOG} \ STDERR_LOG=${STDERR_LOG} +REPLACE_FILES+= ${PKGDIR}/pkg-install \ + ${PKGDIR}/pkg-deinstall +PKGINSTALL= ${WRKDIR}/pkg-install +PKGDEINSTALL= ${WRKDIR}/pkg-deinstall + +.if defined(TOMCAT_USER) +USER=${TOMCAT_USER} +.endif + +.if defined(TOMCAT_GROUP) +GROUP=${TOMCAT_GROUP} +.endif + .include .if ${JAVA_PORT_VERSION:C/^([0-9])\.([0-9])(.*)$/\1.\2/} == "1.4" @@ -91,7 +104,6 @@ @${ECHO_MSG} " Logfile stderr: ${STDERR_LOG}" @${ECHO_MSG} " Starting after install: ${AUTO_START}" @${ECHO_MSG} " Stop time-out: ${STOP_TIMEOUT} sec." - @PKG_PREFIX=${PREFIX} ${SH} pkg-install ${PKGNAME} PRE-INSTALL post-patch: @${ECHO_MSG} -n ">> Removing unneeded files..." @@ -129,6 +141,9 @@ $f > ${WRKDIR}/`basename $f` @${ECHO_MSG} " [ DONE ]" .endfor + +pre-install: + @PKG_PREFIX=${PREFIX} ${SH} pkg-install ${PKGNAME} PRE-INSTALL do-install: @${ECHO_MSG} -n ">> Creating destination directory..." --- pkg-deinstall-ORG Mon Sep 5 20:52:29 2005 +++ pkg-deinstall Mon Sep 5 20:42:24 2005 @@ -5,7 +5,7 @@ # * Checks if the PID file exists. If it does, it kills the # process and removes the PID file. # -# * Checks if the 'www' user exists. If it does, then it displays +# * Checks if the '%%USER%%' user exists. If it does, then it displays # a message. # # $FreeBSD: ports/www/jakarta-tomcat55/pkg-deinstall,v 1.2 2004/01/02 12:31:11 znerd Exp $ @@ -37,8 +37,8 @@ if [ "$2" = "POST-DEINSTALL" ]; then # If the user exists, then display a message - if pw usershow "www" 2>/dev/null 1>&2; then - echo "To delete the www user permanently, use 'pw userdel www'" + if pw usershow "%%USER%%" 2>/dev/null 1>&2; then + echo "To delete the %%USER%% user permanently, use 'pw userdel %%USER%%'" fi fi --- pkg-install-ORG Mon Sep 5 20:52:16 2005 +++ pkg-install Mon Sep 5 20:42:20 2005 @@ -1,6 +1,6 @@ #!/bin/sh # -# Checks if the 'www' user and group exist. If they don't, then +# Checks if the '%%USER%%' user and %%GROUP%% group exist. If they don't, then # an attempt is made to create both. # # $FreeBSD: ports/www/jakarta-tomcat55/pkg-install,v 1.2 2005/06/13 14:08:34 hq Exp $ @@ -12,34 +12,39 @@ fi # Set some constants -USER=www -GROUP=${USER} UID=80 GID=${UID} # See if the group already exists -if ! pw groupshow "${GROUP}" 2>/dev/null 1>&2; then +if ! pw groupshow "%%GROUP%%" 2>/dev/null 1>&2; then # If not, try to create it - if pw groupadd ${GROUP} -g ${GID}; then - echo "Added group \"${GROUP}\"." + if pw groupadd "%%GROUP%%" -g ${GID}; then + echo "Added group \"%%GROUP%%\"." + elif pw groupadd "%%GROUP%%"; then + echo "Added group \"%%GROUP%%\"." else - echo "Adding group \"${GROUP}\" failed..." + echo "Adding group \"%%GROUP%%\" failed..." exit 1 fi fi # See if the user already exists -if ! pw usershow "${USER}" 2>/dev/null 1>&2; then +if ! pw usershow "%%USER%%" 2>/dev/null 1>&2; then # If not, try to create it - if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \ - -s "/sbin/nologin" -d "/nonexistent" \ - -c "World Wide Web Owner"; \ + if pw useradd "%%USER%%" -u ${UID} -g "%%GROUP%%" -h - \ + -s "/sbin/nologin" -d "/nonexistent" \ + -c "World Wide Web Owner"; then - echo "Added user \"${USER}\"." + echo "Added user \"%%USER%%\"." + elif pw useradd "%%USER%%" -g "%%GROUP%%" -h - \ + -s "/sbin/nologin" -d "/nonexistent" \ + -c "World Wide Web Owner"; + then + echo "Added user \"%%USER%%\"." else - echo "Adding user \"${USER}\" failed..." + echo "Adding user \"%%USER%%\" failed..." exit 1 fi fi I hope this patch or similar will be added to this port soon. Best 4 you Pawel Wieleba >Release-Note: >Audit-Trail: >Unformatted: