From owner-freebsd-ports@FreeBSD.ORG Sun Mar 6 15:44:07 2011 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: from chateau.d.if (localhost [IPv6:::1]) by hub.freebsd.org (Postfix) with ESMTP id 13906106564A; Sun, 6 Mar 2011 15:44:07 +0000 (UTC) (envelope-from ashish@freebsd.org) Received: from chateau.d.if (chateau.d.if [IPv6:::1]) by chateau.d.if (Postfix) with ESMTP id 7EF1745612; Sun, 6 Mar 2011 21:14:05 +0530 (IST) From: ashish@FreeBSD.org (Ashish SHUKLA) To: Lawrence Stewart Organization: The FreeBSD Project References: <4D44FD91.7070607@freebsd.org> <86r5buec8e.fsf@chateau.d.if> <4D45F219.6070207@freebsd.org> <86ipx5esde.fsf@chateau.d.if> <4D7305C5.5040709@freebsd.org> X-Face: )vGQ9yK7Y$Flebu1C>(B\gYBm)[$zfKM+p&TT[[JWl6:]S>cc$%-z7-`46Zf0B*syL.C]oCq[upTG~zuS0.$"_%)|Q@$hA=9{3l{%u^h3jJ^Zl; t7 X-Uptime: 9:12PM up 18:23, 16 users, load averages: 0.03, 0.07, 0.03 X-URL: http://people.freebsd.org/~ashish/ X-Operating-System: FreeBSD/FreeBSD 8.2-RELEASE/amd64 X-OpenPGP-Fingerprint: F682 CDCC 39DC 0FEA E116 20B6 C746 CFA9 E74F A4B0 X-Attribution: =?utf-8?B?4KSG4KS24KWA4KS3?= Organisation: The FreeBSD Project Date: Sun, 06 Mar 2011 21:14:04 +0530 In-Reply-To: <4D7305C5.5040709@freebsd.org> (Lawrence Stewart's message of "Sun, 06 Mar 2011 14:55:49 +1100") Message-ID: <86sjv05k57.fsf@chateau.d.if> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (amd64-portbld-freebsd8.1) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAJ1BMVEWpqal/f39tbW1jY2Md HR2goKCenp6UlJROTk7////9/f35+fnT09ORJdieAAACVklEQVQ4jXXUP2vbQBQA8AvUTkgz5OzY Z0iGWhpS6BSrkECn0mvx0MEJ6AjtYrfoBCVDlD8naJYmNlRfwZq8+mkKlIZaGpJSYmP7Q/XkJDrJ Td8i/H68u3vHPaPufwLdf32AMA4A6GcAgvAamY1pOJiDIFqicTwLswDhfr3uxfFtkAY/GFHPMwzD 8zpnACmIOnE6js7rQb+v4NJrG9od0C+QgpHMy5jBewV+UDSMWiw1Y4fWfyV7+NGFzDsYa3pth9LJ Q4XvXxFHcJRvHOmygn5NAEabnDcQQguarnfoiwSCJ99jmKKcphsZONmWsDK9Ro7cvZOCtQdg8nje egLhc2LNlkLmsezzTFUUy5w18ocox/f0LaLgJy0zO75zk+9pp85GAj36xjqhdI0y3tq2m4dqqcWX zQWBTz8L1irvolXV4J+3q7eCDgVnttjNq6X8H+9KOZsuNk1uCzx8pSp+E9HImfJOTLdcGqo+YKnG EIovizkEn48V7BO+ch2DXcD4ENSpWiU+q8hjjbgTBZCXnZtyj0Ws4Q1Q0B2WXFtYZo65Bbyeeldw RS6qFueM80LlLA29YlVwGRYvFD+kwI/0O+A2PlpOP9GwslUVciHuYGechuBTp922YiDZCrghTknm XSyOM+D3aoRZlo0Jb42zY7DN4p2x4AeZ+QAYutx1sHwTHzMT5cMNduQ9yW3GczN4KZ86kb0c9O8T yXDeFqpl2fryPEAYGXIlezAPXYh2NgVr/gvdoHIuDwuPwOhcWE8f8mmICq41eATkn8x0kuRTIKcB wE9+/QUtiiAnYcaN7wAAAABJRU5ErkJggg== MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Cc: Ashish SHUKLA , freebsd-ports@FreeBSD.org Subject: Re: Adding a PAM config option to net-im/ejabberd X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Mar 2011 15:44:07 -0000 --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Lawrence Stewart writes: > On 01/31/11 13:09, Ashish SHUKLA wrote: >> Lawrence Stewart writes: >>> On 01/31/11 00:45, Ashish SHUKLA wrote: >>>> Hi Lawrence, >>>>=20 >>>> Lawrence Stewart writes: >>>>> Hi Ashish, >>>>=20 >>>>> What do you think about applying the attached patch to the ejabberd >>>>> port? It installs some parts required to allow ejabberd to auth again= st >>>>> PAM and is working great for me. >>>>=20 >>>> Sure, I can apply it, once ports freeze is over. I also need to update >>>> ejabberd. I'll do both together. >>=20 >>> Sounds good, thanks. One question: in order to get PAM auth working, you >>> have to set uid root on the epam bits and chown them appropriately in >>> order to allow things to work. Should the port installation process do >>> these steps as well or should we leave them to the user? I would be >>> inclined to have the port do them so that upgrading the port doesn't >>> break PAM auth after the upgrade. We would want to print a big warning >>> at the end of the port install about the set uid security aspects thoug= h. >>=20 >> Thanks for the mention, I suggest adding mention of setuid bit in the >> description of the OPTION. And ofcourse port is going to set the setuid = bit >> during installation. >>=20 >> And `security-check' target in bsd.port.mk will catch the setuid bit set= on >> the installed executable, and will inform the user as well. So, adding a >> warning about setuid bit be redundant, IMHO. > Updated patch attached. Feel like committing it for me? Sure. I'm doing an update to 2.1.6 this week, and will include your diff. Thanks =2D-=20 Ashish SHUKLA | GPG: F682 CDCC 39DC 0FEA E116 20B6 C746 CFA9 E74F A4B0 freebsd.org!ashish | http://people.freebsd.org/~ashish/ Avoid Success At All Costs !! --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iQIcBAEBCgAGBQJNc6vFAAoJEMdGz6nnT6SwpXIP/Rd2Hkepmr1+XSbjMWl2ZtyT sME2XmhyNMcAvgPWPtzvhkBhxOLVP/WeyZXHr4FjAIkirOA8yzeLW5AVcXiszl5E AF0iWYgIg3ovloYZgP7qB9X5wMDxLTPpANksCTtS7RLADKWmSiuRBhFyCgjy+UWA wLtOHnbO0Jyw/inxCin+WI5/hpL0P1JqlE/h0wra+zHzaAr+49tOu1UR1D1alxqe /KnGis6WxcnnjFpsATo50m6Z2mj023rx83p65BVJqQ86QjiCD7bYsdU2U8RhohYL 3qcBRp0I1B9vp1Ba4memGxzDvQUF/fwYXwBPnz1CK1l+8bxkn1aC3TkELl/F6hzY K1Eg0WdwlKf943lJh0gUOIGPIsJkRyak0l6KPQqcR3VK1sDb6USgLjH3rIM49sWR fXce6Oah7168mzVP2Z1R7Xu+iIn6bi/DY4HUNNZ69J5srNGHzxmK4xv05yIH8/Wg Erv6ZXRlVQiyBz6euRUPw/i39ZB8SDXZEfSOvqOnDpbgG6Rp+/b8/THgku0+UVeg MqCsGjVau77wCDMqda9anBPEq9ndFeAIZ3aGm4xJB5Fee2vSHajTaEzq6/VIMZ6T 3nPaoJvvSNKr7csMz4/NKUypn+4XXvFA/aT3Y4A7KPCwCj9bDBNoHqG/g6BUaUBh S7UWdeQg+CftW+4zKjeR =rt4G -----END PGP SIGNATURE----- --=-=-=--