ports/141930: [Maintainer] www/squid: implement OPTIONS for Kerberos and YP authentication
Thomas-Martin Seck
tmseck at web.de
Wed Dec 23 21:10:03 UTC 2009
>Number: 141930
>Category: ports
>Synopsis: [Maintainer] www/squid: implement OPTIONS for Kerberos and YP authentication
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 23 21:10:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Thomas-Martin Seck
>Release: FreeBSD 7.2-RELEASE i386
>Organization:
a private site in Germany
>Environment:
FreeBSD ports collection as of December 23, 2009.
>Description:
- implement OPTIONS vor SQUID_KERBEROS_AUTH and SQUID_NIS_AUTH
- add a CONFLICT with www/lusca-head
- make the Squid configuration directory world readable in new installations
to ease use of cachemgr.cgi
- implement squid_conf in the rc script and document user settable variables
>How-To-Repeat:
>Fix:
Apply this patch:
Index: Makefile
===================================================================
--- Makefile (.../www/squid) (Revision 1717)
+++ Makefile (.../local/squid) (Revision 1717)
@@ -76,7 +76,7 @@
PORTNAME= squid
PORTVERSION= 2.7.${SQUID_STABLE_VER}
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= www
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
@@ -115,7 +115,7 @@
SQUID_STABLE_VER= 7
-CONFLICTS= squid-2.[^7]* squid-3.* cacheboy-[0-9]*
+CONFLICTS= squid-2.[^7]* squid-3.* cacheboy-[0-9]* lusca-head-[0-9]*
GNU_CONFIGURE= yes
USE_BZIP2= yes
USE_PERL5= yes
@@ -131,7 +131,9 @@
SUB_FILES+= pkg-deinstall pkg-install pkg-message
SUB_LIST+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
-OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
+OPTIONS= SQUID_KERB_AUTH "Install Kerberos authentication helpers" on \
+ SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
+ SQUID_NIS_AUTH "Install NIS/YP authentication helpers" on \
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
SQUID_DELAY_POOLS "Enable delay pools" off \
SQUID_SNMP "Enable SNMP support" off \
@@ -233,7 +235,8 @@
basic_auth+= SASL
libexec+= sasl_auth
.endif
-.if !defined(NO_NIS) && !defined(WITHOUT_NIS)
+# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
+.if defined(WITH_SQUID_NIS_AUTH) && !defined(NO_NIS) && !defined(WITHOUT_NIS)
basic_auth+= YP
libexec+= yp_auth
.endif
@@ -242,7 +245,8 @@
--enable-digest-auth-helpers="${digest_auth}" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB"
-.if !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
+# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
+.if defined(WITH_SQUID_KERB_AUTH) && !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
# XXX This currently only works with heimdal from the base system,
# see files/patch-helpers_negotiate_auth-squid_kerb_auth_*
CONFIGURE_ARGS+= --enable-negotiate-auth-helpers="squid_kerb_auth"
Index: files/pkg-install.in
===================================================================
--- files/pkg-install.in (.../www/squid) (Revision 1717)
+++ files/pkg-install.in (.../local/squid) (Revision 1717)
@@ -60,7 +60,7 @@
if [ ! -d ${squid_confdir} ]; then
echo "Creating ${squid_confdir}..."
install -d -o root -g ${squid_group} \
- -m 0750 ${squid_confdir}
+ -m 0755 ${squid_confdir}
fi
;;
POST-INSTALL)
Index: files/squid.in
===================================================================
--- files/squid.in (.../www/squid) (Revision 1717)
+++ files/squid.in (.../local/squid) (Revision 1717)
@@ -8,14 +8,37 @@
#
# Note:
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
-# /etc/rc.conf.d/squid to make this script actually do something. There
-# you can also set squid_chdir, squid_pidfile, squid_user, and squid_flags.
+# /etc/rc.conf.d/squid to activate Squid.
#
-# On FreeBSD 7.1 and beyond you can use squid_fib to set a different routing
-# table for squid. See setfib(1) for details.
+# Additional variables you can define in one of these files:
#
-# Please see squid(8), rc.conf(5) and rc(8) for further details.
+# squid_chdir: the directory into which the rc system moves into before
+# starting Squid. Default: %%PREFIX%%/squid
#
+# squid_conf: The configuration file that Squid should use.
+# Default: %%PREFIX%%/etc/squid/squid.conf
+#
+# squid_fib: The alternative routing table id that Squid should use.
+# Default: none
+# See setfib(1) for further details. Note that the setfib(2)
+# system call is not available in FreeBSD versions prior to 7.1.
+#
+# squid_user: The user id that should be used to run the Squid master
+# process. Default: %%SQUID_UID%%.
+# Note that you probably need to define "squid_user=root" if
+# you want to run Squid in reverse proxy setups or if you want
+# Squid to listen on a "privileged" port < 1024.
+#
+# squid_pidfile:
+# The name (including the full path) of the Squid
+# master process' PID file.
+# Default: %%PREFIX%%/squid/squid.pid.
+# You only need to change this if you changed the
+# corresponding entry in your Squid configuration.
+#
+# squid_flags: Additional commandline arguments for Squid you might want to
+# use. See squid(8) for further details.
+#
squid_checkrunning() {
${command} ${squid_flags} -k check 2>/dev/null
@@ -51,24 +74,20 @@
load_rc_config ${name}
squid_chdir=${squid_chdir:-"%%PREFIX%%/squid/logs"}
+squid_conf=${squid_conf:-"%%PREFIX%%/etc/squid/squid.conf"}
squid_enable=${squid_enable:-"NO"}
squid_fib=${squid_fib:-"NONE"}
squid_flags=${squid_flags-"-D"}
squid_pidfile=${squid_pidfile:-"%%PREFIX%%/squid/logs/squid.pid"}
squid_user=${squid_user:-%%SQUID_UID%%}
-default_config=%%PREFIX%%/etc/squid/squid.conf
pidfile=${squid_pidfile}
required_dirs=${squid_chdir}
-# squid(8) will not start if ${default_config} is not present so try
+# squid(8) will not start if ${squid_conf} is not present so try
# to catch that beforehand via ${required_files} rather than make
# squid(8) crash.
-# If you remove the default configuration file make sure to add
-# '-f /path/to/your/squid.conf' to squid_flags
-if [ -z "${squid_flags}" ]; then
- required_files=${default_config}
-fi
+required_files=${squid_conf}
run_rc_command "$1"
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list