FreeBSD Mail Archives

Date:      Tue, 25 Jan 2005 17:00:15 +0100 (CET)
From:      Janos Mohacsi <janos.mohacsi@niif.hu>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/76669: [MAINTAINER] net-mgmt/flowd: [SUMMARIZE CHANGES]
Message-ID:  <200501251600.j0PG0F7M050811@scone.ki.iif.hu>
Resent-Message-ID: <200501251610.j0PGAUWX076146@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help


>Number:         76669
>Category:       ports
>Synopsis:       [MAINTAINER] net-mgmt/flowd: [SUMMARIZE CHANGES]
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 25 16:10:29 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Janos Mohacsi
>Release:        FreeBSD 5.3-STABLE i386
>Organization:
NIIF/HUNGARNET
>Environment:
System: FreeBSD scone.ki.iif.hu 5.3-STABLE FreeBSD 5.3-STABLE #5: Thu Nov 11 05:45:29 CET 2004
>Description:
Maintainer Update to net-mgmt/flowd to version 0.8 revision 1

Add privilege separation user handling. Thanks for  Egon Niederacher
to reporting the bug. 

Added file(s):
- files/patch-flowd.h
- pkg-deinstall
- pkg-install

Generated with FreeBSD Port Tools 0.63
>How-To-Repeat:
Apply this diff.

>Fix:

--- flowd-0.8_1.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/net-mgmt/flowd.orig/Makefile /usr/ports/net-mgmt/flowd/Makefile
--- /usr/ports/net-mgmt/flowd.orig/Makefile	Thu Jan 20 11:12:47 2005
+++ /usr/ports/net-mgmt/flowd/Makefile	Tue Jan 25 16:49:53 2005
@@ -7,6 +7,7 @@
 
 PORTNAME=	flowd
 PORTVERSION=	0.8
+PORTREVISION=	1
 CATEGORIES=	net-mgmt ipv6
 MASTER_SITES=	http://www2.mindrot.org/files/flowd/
 
@@ -16,9 +17,11 @@
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--localstatedir=/var
 USE_GMAKE=	yes
+USE_REINPLACE=	yes
 MAN8=		flowd.8 flowd-reader.8
 MAN5=		flowd.conf.5
 PORTDOCS=	README INSTALL
+FLOWD_USER?=	_flowd
 
 .if defined(WITH_PERL)
 USE_PERL5=	yes
@@ -50,6 +53,12 @@
 	@${ECHO_MSG} "You can enable Python bindings by defining WITH_PYTHON."
 .endif
 
+post-patch:
+	@${REINPLACE_CMD} -e "s;%%FLOWD_USER%%;${FLOWD_USER};g" \
+		${PKGDEINSTALL}
+	@${REINPLACE_CMD} -e "s;%%FLOWD_USER%%;${FLOWD_USER};g" \
+		${WRKSRC}/flowd.h
+
 post-install:
 .if !defined(NOPORTDOCS)
 	${MKDIR} ${DOCSDIR}
@@ -68,5 +77,7 @@
 	${PYTHON_CMD} setup.py build && \
 	${PYTHON_CMD} setup.py install
 .endif
+
+@FLOWD_USER=${FLOWD_USER} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
 
 .include <bsd.port.mk>
diff -ruN --exclude=CVS /usr/ports/net-mgmt/flowd.orig/files/patch-flowd.h /usr/ports/net-mgmt/flowd/files/patch-flowd.h
--- /usr/ports/net-mgmt/flowd.orig/files/patch-flowd.h	Thu Jan  1 01:00:00 1970
+++ /usr/ports/net-mgmt/flowd/files/patch-flowd.h	Tue Jan 25 16:48:43 2005
@@ -0,0 +1,14 @@
+
+$FreeBSD$
+
+--- flowd.h.orig
++++ flowd.h
+@@ -34,7 +34,7 @@
+ 
+ #define DEFAULT_CONFIG			SYSCONFDIR "/flowd.conf"
+ #define DEFAULT_PIDFILE			PIDFILEDIR "/flowd.pid"
+-#define PRIVSEP_USER			"_flowd"
++#define PRIVSEP_USER			"%%FLOWD_USER%%"
+ 
+ /* Initial stateholding limits */
+ /* XXX these are not actually tunable yet */
diff -ruN --exclude=CVS /usr/ports/net-mgmt/flowd.orig/pkg-deinstall /usr/ports/net-mgmt/flowd/pkg-deinstall
--- /usr/ports/net-mgmt/flowd.orig/pkg-deinstall	Thu Jan  1 01:00:00 1970
+++ /usr/ports/net-mgmt/flowd/pkg-deinstall	Tue Jan 25 16:51:48 2005
@@ -0,0 +1,20 @@
+#!/bin/sh
+#
+#	$FreeBSD$
+#
+
+FLOWD_USER=${FLOWD_USER:=_flowd}
+
+delete_user() {
+	if pw usershow ${FLOWD_USER} 2>/dev/null 1>&2; then
+		echo "To delete flowd privilege separation user permanently, use 'pw userdel ${FLOWD_USER}'"
+	fi
+
+}
+
+case $2 in
+	POST-DEINSTALL)
+		delete_user
+		;;
+
+esac
diff -ruN --exclude=CVS /usr/ports/net-mgmt/flowd.orig/pkg-install /usr/ports/net-mgmt/flowd/pkg-install
--- /usr/ports/net-mgmt/flowd.orig/pkg-install	Thu Jan  1 01:00:00 1970
+++ /usr/ports/net-mgmt/flowd/pkg-install	Tue Jan 25 16:22:14 2005
@@ -0,0 +1,42 @@
+#!/bin/sh
+#
+#	$FreeBSD$
+#
+# Based on cyrus-sasl2 port
+#
+# create 'flowd' user 
+#
+
+create_user() {
+	USER=${FLOWD_USER}
+	GROUP=nobody
+	PW=/usr/sbin/pw
+
+	if [ -x /usr/sbin/nologin ]; then
+		shell=/usr/sbin/nologin
+	elif [ -x /sbin/nologin ]; then
+		shell=/sbin/nologin
+	else
+		shell=/nonexistent
+	fi
+	uhome="/nonexistent"
+
+	if ! ${PW} show user ${USER} -q >/dev/null; then
+		if ! ${PW} add user ${USER} -g ${gid} -d "${uhome}" \
+				-c "flowd privilege separation user" -s "${shell}" -p "*" \
+				; then
+			e=$?
+			echo "*** Failed to add user \`${USER}'. Please add it manually."
+			exit ${e}
+		fi
+		echo "*** Added user \`${USER}' (id ${uid})"
+	else
+		echo "*** You already have user \`${USER}'."
+	fi
+}
+
+case $2 in
+	POST-INSTALL)
+		create_user
+		;;
+esac
--- flowd-0.8_1.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501251600.j0PG0F7M050811>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation