ports/123883: security/sguil-server, improve pkg-install script
Paul Schmehl
pauls at utdallas.edu
Thu May 22 00:20:08 UTC 2008
>Number: 123883
>Category: ports
>Synopsis: security/sguil-server, improve pkg-install script
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu May 22 00:20:08 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Paul Schmehl
>Release: FreeBSD 7.0-STABLE i386
>Organization:
The University of Texas at Dallas
>Environment:
System: FreeBSD hostname.utdallas.edu 7.0-STABLE FreeBSD 7.0-STABLE #6: Wed Apr 16 17:14:28 CDT 2008 root at hostname.utdallas.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
If a user opts out of the first part of the pkg-install script, but
elects to interact with the second part of the script and decides to
create new certs, the creation of the certs will fail silently if the
certs directory does not exist. This is because the certs directory
is created (if necessary) in the pre-install portion of the pkg-install
script, but the certs are created in the post-install part of the script.
This PR corrects this problem by moving the creation of the certs directory
to the same subroutine that the certs are created in.
It also increments the PORTREVISION value, as required.
>How-To-Repeat:
>Fix:
--- patch-Makefile begins here ---
--- Makefile.orig 2008-05-21 19:09:54.000000000 -0500
+++ Makefile 2008-05-21 19:10:11.000000000 -0500
@@ -7,7 +7,7 @@
PORTNAME= sguil-server
PORTVERSION= 0.7.0
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= SF
MASTER_SITE_SUBDIR= sguil
--- patch-Makefile ends here ---
--- patch-files-pkg-install.in begins here ---
--- files/pkg-install.in.orig 2008-05-21 15:12:37.000000000 -0500
+++ files/pkg-install.in 2008-05-21 15:15:05.000000000 -0500
@@ -77,13 +77,6 @@
pw usershow ${sguil_user}
fi
fi
- for dir in %%SGUILDIR%%/certs ; do
- if [ ! -d ${confdir}/${dir} ]; then
- echo "Creating ${confdir}/${dir} ...."
- install -d -o ${sguil_user} -g ${sguil_group} \
- -m 0750 ${confdir}/${dir}
- fi
- done
for dir in %%PREFIX%%/lib/%%SGUILDIR%% /var/run/%%SGUILDIR%% ; do
if [ ! -d ${dir} ]; then
echo "Creating ${dir} ...."
@@ -123,6 +116,13 @@
echo "Would you like to create certs now? (y for yes, n for no)"; read ans
case "$ans" in
y*|Y*)
+ for dir in %%SGUILDIR%%/certs ; do
+ if [ ! -d ${confdir}/${dir} ]; then
+ echo "Creating ${confdir}/${dir} ...."
+ install -d -o ${sguil_user} -g ${sguil_group} \
+ -m 0750 ${confdir}/${dir}
+ fi
+ done
echo -e "\033[1mFirst we need to create a password-protected CA cert."
echo ""
echo -e "\033[0m(The Common Name should be the FQHN of your squil server.)"
--- patch-files-pkg-install.in ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list