From nobody Thu May 30 03:53:40 2024 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VqXRS5Rysz5LlGM for ; Thu, 30 May 2024 03:53:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VqXRS2q3Dz4Ztm for ; Thu, 30 May 2024 03:53:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1717041220; a=rsa-sha256; cv=none; b=BQPM1frcwTAMXxKwfgyaXAbz37Fo88IDgHLZQX+ULOO+LNDLWy05yfuinrcofIjijYFST/ haL/OPfgepS7bdT+9jJHUhtStrpg5Ft1ObSCp1jIr/M05liDMWjELkufN7iFt3aVQMoNyz MC8cG4HUmJqBBCrKv8J0EXG2JgS6YB+CHq3LE1T95QLt1dSFIaIk+ixS7ZffxqS4mC3YeW 47172LTuWgKFpQaC+xrdRM2BSuP4LQIt5etSKI6/w7oZI36zjMBHWEXpmdubJB25KsHMGc ufrRk2deKarNpBc0EyiiDqQ0c0s+SVHCEX5wkOsNOzc6eFDvGAq3nn9cg+wuQQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1717041220; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lMPuChVwTE8ZqOMQ8DmHyrLHBJYl6bP+pgw1inW0RJg=; b=hvYGQPRvd2thgI+Bfra4B2VOrCALNtwQ/JIcNoLdwaRImJQAnzOizGO+1isMz8W67linO7 QDgU7vA0MFPKYJcDUImUzVcLJgID4m451ffIXYaS3JmN9IyfGf/NBDuFJhAnyVEupgbsa0 b/ZRg7QBKUmo9vyFXBhchkytML9VKW30JvWhvnv47X0XF08rZsZUVPg8AF0Vd8rvE3TNqo vIeSv8xF65AYeB63kcs1lIi3EfmC8kxiTFvZDwyPngPCcVIgrO0LqsSIXSw3HLLmiWNq0c 8rNNGod5QVOdRt5LEJ6iyXHH36qGw75JgC/qjdA4FFAksvo+XYEcDvm1f6rX5g== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VqXRS2QrZzPT3 for ; Thu, 30 May 2024 03:53:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 44U3reUe091598 for ; Thu, 30 May 2024 03:53:40 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 44U3repQ091597 for ports-bugs@FreeBSD.org; Thu, 30 May 2024 03:53:40 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 279391] www/xcaddy: With default xcaddy config, Caddy runs as root Date: Thu, 30 May 2024 03:53:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: bob@vesterman.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: olgeni@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-ports-bugs@freebsd.org Sender: owner-freebsd-ports-bugs@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D279391 Bug ID: 279391 Summary: www/xcaddy: With default xcaddy config, Caddy runs as root Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: olgeni@FreeBSD.org Reporter: bob@vesterman.com Assignee: olgeni@FreeBSD.org Flags: maintainer-feedback?(olgeni@FreeBSD.org) I guess this is not a *bug*, strictly speaking, but unless I'm missing something, it seems pretty concerning: www/xcaddy suggests (in pkg-message or pkg-description or some such place) using an rc script for Caddy which can be found in /usr/ports/www/xcaddy/fi= les. This rc script, by default, will cause Caddy to run as root. This surprised me very much. Poking around on the web, I found this page on= the FreeBSD wiki explaining the situation and how to deal with it: https://wiki.freebsd.org/ThomasHurst/Caddy The steps involved are clear and simple, but they are NOT obvious. Nor is t= he location of this information (random page on a wiki) obvious. As far as I c= an see, there's nothing in xcaddy's pkg-message/whatever mentioning the issue,= how to resolve it, or where to look for the detailed information about how to resolve it. Instead, it just... runs as root by default and doesn't mention it's going to do that. While typing up this bug report, I noticed that similar ones were submitted= for www/caddy itself (as opposed to www/xcaddy), and it has been marked as "fix= ed". Here's what seems to be the main one: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273181 I think the same sort of fix should be carried over to www/xcaddy. --=20 You are receiving this mail because: You are the assignee for the bug.=