From owner-freebsd-ports@FreeBSD.ORG Sun Jan 30 23:19:55 2011 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5CF3010656A3; Sun, 30 Jan 2011 23:19:55 +0000 (UTC) (envelope-from lstewart@freebsd.org) Received: from lauren.room52.net (lauren.room52.net [210.50.193.198]) by mx1.freebsd.org (Postfix) with ESMTP id 208F88FC17; Sun, 30 Jan 2011 23:19:55 +0000 (UTC) Received: from lawrence1.loshell.room52.net (ppp59-167-184-191.static.internode.on.net [59.167.184.191]) by lauren.room52.net (Postfix) with ESMTPSA id 871607E8D6; Mon, 31 Jan 2011 10:19:53 +1100 (EST) Message-ID: <4D45F219.6070207@freebsd.org> Date: Mon, 31 Jan 2011 10:19:53 +1100 From: Lawrence Stewart User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-AU; rv:1.9.2.13) Gecko/20101214 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: Ashish SHUKLA References: <4D44FD91.7070607@freebsd.org> <86r5buec8e.fsf@chateau.d.if> In-Reply-To: <86r5buec8e.fsf@chateau.d.if> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=0.0 required=5.0 tests=UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on lauren.room52.net Cc: freebsd-ports@freebsd.org Subject: Re: Adding a PAM config option to net-im/ejabberd X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Jan 2011 23:19:55 -0000 On 01/31/11 00:45, Ashish SHUKLA wrote: > Hi Lawrence, > > Lawrence Stewart writes: >> Hi Ashish, > >> What do you think about applying the attached patch to the ejabberd >> port? It installs some parts required to allow ejabberd to auth against >> PAM and is working great for me. > > Sure, I can apply it, once ports freeze is over. I also need to update > ejabberd. I'll do both together. Sounds good, thanks. One question: in order to get PAM auth working, you have to set uid root on the epam bits and chown them appropriately in order to allow things to work. Should the port installation process do these steps as well or should we leave them to the user? I would be inclined to have the port do them so that upgrading the port doesn't break PAM auth after the upgrade. We would want to print a big warning at the end of the port install about the set uid security aspects though. Cheers, Lawrence