ports/162924: Mk.bsd.port.mk -- report more information at port/pkg installation
Matthew Seaman
m.seaman at infracaninophile.co.uk
Mon Nov 28 15:20:09 UTC 2011
>Number: 162924
>Category: ports
>Synopsis: Mk.bsd.port.mk -- report more information at port/pkg installation
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Nov 28 15:20:08 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Matthew Seaman
>Release: FreeBSD 8.2-STABLE amd64
>Organization:
Infracaninophile
>Environment:
System: FreeBSD lucid-nonsense.infracaninophile.co.uk 8.2-STABLE FreeBSD 8.2-STABLE #24 r227991: Sat Nov 26 13:33:22 GMT 2011 root at lucid-nonsense.infracaninophile.co.uk:/usr/obj/usr/src/sys/LUCID-NONSENSE amd64
>Description:
This was inspired by one of the interminable threads on
freebsd-ports at ... resulting from necessary work to prune out no-longer
viable ports. In short, there were complaints that a port could be
deprecated and then pass an expiry date however far in the future and
be removed with users none the wiser until that port had actually
disappeared. The idea is to add messages to the package (similarly to
the way pkg-message works) whenever certain conditions are detected.
If PORTREVISION is incremented at the same time as eg. EXPIRATION_DATE
is set, then users should see the message as the do the consequent
update, irrespective of whether the user updates by compiling from
ports or by installing pre-compiled packages.
As it includes those messages into any generated packages, those
choosing to install from per-compiled packages will see the same
information, and anyone can use 'pkg_info -D' to recall it after
installation. This also has the benefit that the messages are printed
out at the end of a portmaster(8) run, instead of just scrolling past
in the middle of all sorts of other output.
In detail:
If any of DEPRECATED, FORBIDDEN, BROKEN, RESTRICTED, NO_PACKAGE,
NO_CDROM or EXPIRATION_DATE are set, their value is displayed.
FORBIDDEN, BROKEN, RETRICTED or NO_PACKAGE will usually abort the
build process before the display code is reached, but can be
overridden, in which case a message should be produced.
If MAINTAINER is ports at FreeBSD.org, a message is printed
soliciting volunteers to assume maintainership.
If the security-report target produces any output, it is also
recorded in the package data.
Including these extra messages adds at most a few kilobytes of extra
data to affected packages /before/ compression.
Having the RESTRICTED, NO_PACKAGE and NO_CDROM messages included
directly in packages should help prevent mistakes leading to
inappropriate redistribution of software under restrictive licenses.
Example results:
% pkg_info -D p5-Text-WikiFormat-0.79
Information for p5-Text-WikiFormat-0.79:
Install notice:
===> The p5-Text-WikiFormat port currently lacks a MAINTAINER
Anyone interested in volunteering please enquire
via the freebsd-ports at freebsd.org mailing list
===>>> pkg-message for php5-5.3.8
***************************************************************
Make sure index.php is part of your DirectoryIndex.
You should add the following to your Apache configuration file:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
***************************************************************
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/libexec/apache22/libphp5.so
/usr/local/bin/php
/usr/local/bin/php-cgi
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://www.php.net/
===>>> pkg-message for tarsnap-1.0.31
================================================================================
If you have never used tarsnap before, you will need to create an account
with the tarsnap service and deposit money into the account before you
can start using tarsnap; see
https://www.tarsnap.com/gettingstarted.html
for details.
Once you have a tarsnap account you will need to create a key file using
the tarsnap-keygen utility before you start storing archives; this key
file MUST BE KEPT IN A SAFE LOCATION since you will not be able to read
your backups without it.
================================================================================
===> This port is RESTRICTED:
license restricts redistribution of source and binaries
>How-To-Repeat:
>Fix:
--- bpm.diff begins here ---
Index: bsd.port.mk
===================================================================
RCS file: /home/ncvs/ports/Mk/bsd.port.mk,v
retrieving revision 1.699
diff -u -u -r1.699 bsd.port.mk
--- bsd.port.mk 9 Nov 2011 08:53:12 -0000 1.699
+++ bsd.port.mk 28 Nov 2011 13:08:25 -0000
@@ -2406,6 +2406,8 @@
PKGREQ?= ${PKGDIR}/pkg-req
PKGMESSAGE?= ${PKGDIR}/pkg-message
+PKGNOTICES?= ${WRKDIR}/pkg-notices
+SECURITY_REPORT= ${WRKDIR}/security-report
TMPPLIST?= ${WRKDIR}/.PLIST.mktmp
TMPGUCMD?= ${WRKDIR}/.PLIST.gucmd
@@ -4246,7 +4248,10 @@
${ECHO_MSG} " status of this software, see the following webpage: "; \
${ECHO_MSG} "$${www_site}"; \
fi; \
- fi
+ fi > ${SECURITY_REPORT} ; \
+ if [ -s ${SECURITY_REPORT} ] ; then \
+ ${CAT} ${SECURITY_REPORT} ; \
+ fi;
.endif
.else # i.e. defined(DISABLE_SECURITY_CHECK)
security-check:
@@ -4293,15 +4298,16 @@
_BUILD_SEQ= build-message pre-build pre-build-script do-build \
post-build post-build-script
_INSTALL_DEP= build
-_INSTALL_SEQ= install-message check-install-conflicts run-depends lib-depends apply-slist pre-install \
- pre-install-script generate-plist check-already-installed
+_INSTALL_SEQ= install-message check-install-conflicts run-depends lib-depends \
+ apply-slist add-pkg-notices pre-install pre-install-script \
+ generate-plist check-already-installed
_INSTALL_SUSEQ= check-umask install-mtree pre-su-install \
pre-su-install-script create-users-groups do-install \
install-desktop-entries install-license install-rc-script \
- post-install post-install-script add-plist-info \
+ post-install post-install-script show-pkg-notices add-plist-info \
add-plist-docs add-plist-examples add-plist-data \
add-plist-post fix-plist-sequence compress-man \
- install-ldconfig-file fake-pkg security-check
+ install-ldconfig-file security-check fake-pkg
_PACKAGE_DEP= install
_PACKAGE_SEQ= package-message pre-package pre-package-script \
do-package post-package-script
@@ -5615,6 +5621,48 @@
.endif
.endif
+# Add notices automatically when certain conditions are flagged. This
+# will be appended to any pre-existing pkg-message in a generated pkg,
+# and displayed after installation, either from ports or from .pkg.
+#
+# FORBIDDEN, BROKEN, RESTRICTED, NO_PACKAGE will usually cause this code
+# to be not-reached, but can be overridden, in which case a suitable
+# message should be produced.
+
+.if !target(add-pkg-notices)
+add-pkg-notices:
+ @${RM} -f ${PKGNOTICES}
+.if defined(DEPRECATED) || defined(FORBIDDEN) || defined(BROKEN) || \
+ defined(RESTRICTED) || defined(NO_PACKAGE) || defined(NO_CDROM) || \
+ defined(EXPIRATION_DATE) || \
+ ( defined(MAINTAINER) && ${MAINTAINER:L} == ports at freebsd.org )
+.for i in DEPRECATED FORBIDDEN BROKEN RESTRICTED
+.if defined(${i})
+ @( ${ECHO_CMD} "===> This port is ${i}:"; \
+ ${ECHO_CMD} " "${${i}:Q} | ${FMT} 72 72 ) >> ${PKGNOTICES}
+.endif
+.endfor
+.if defined(NO_PACKAGE)
+ @( ${ECHO_CMD} "===> Not for public redistribution as a PACKAGE:"; \
+ ${ECHO_CMD} " "${NO_PACKAGE:Q} | ${FMT} 72 72 ) >> ${PKGNOTICES}
+.endif
+.if defined(NO_CDROM)
+ @( ${ECHO_CMD} "===> Not for resale via CDROM/DVD set:"; \
+ ${ECHO_CMD} " "${NO_CDROM:Q} | ${FMT} 72 72 ) >> ${PKGNOTICES}
+.endif
+.if defined(EXPIRATION_DATE)
+ @( ${ECHO_CMD} "===> EXPIRATION DATE is set to:"; \
+ ${ECHO_CMD} " "${EXPIRATION_DATE:Q} ) >> ${PKGNOTICES}
+.endif
+.if defined(MAINTAINER) && ${MAINTAINER:L} == ports at freebsd.org
+ @( ${ECHO_CMD} "===> The ${UNIQUENAME} port currently lacks a MAINTAINER"; \
+ ${ECHO_CMD} " Anyone interested in volunteering please enquire"; \
+ ${ECHO_CMD} " via the freebsd-ports at freebsd.org mailing list" ) \
+ >> ${PKGNOTICES}
+.endif
+.endif
+.endif
+
# Generate packing list. Also tests to make sure all required package
# files exist.
@@ -5884,8 +5932,16 @@
if [ -f ${PKGREQ} ]; then \
${CP} ${PKGREQ} ${PKG_DBDIR}/${PKGNAME}/+REQUIRE; \
fi; \
- if [ -f ${PKGMESSAGE} ]; then \
- ${CP} ${PKGMESSAGE} ${PKG_DBDIR}/${PKGNAME}/+DISPLAY; \
+ if [ -f ${PKGMESSAGE} -o -f ${PKGNOTICES} -o -s ${SECURITY_REPORT} ]; then \
+ if [ -f ${PKGMESSAGE} ]; then \
+ ${CP} ${PKGMESSAGE} ${PKG_DBDIR}/${PKGNAME}/+DISPLAY; \
+ fi; \
+ if [ -f ${PKGNOTICES} ]; then \
+ ${CAT} ${PKGNOTICES} >> ${PKG_DBDIR}/${PKGNAME}/+DISPLAY; \
+ fi; \
+ if [ -s ${SECURITY_REPORT} ]; then \
+ ${CAT} ${SECURITY_REPORT} >> ${PKG_DBDIR}/${PKGNAME}/+DISPLAY; \
+ fi; \
${ECHO_CMD} "@display +DISPLAY" >> ${PKG_DBDIR}/${PKGNAME}/+CONTENTS; \
fi; \
for dep in `${PKG_INFO} -qf ${PKGNAME} | ${AWK} '/^@pkgdep / {print $$2}' | ${SORT} -u`; do \
@@ -5911,6 +5967,13 @@
.endif
.endif
+.if !target(show-pkg-notices)
+show-pkg-notices:
+ @if [ -f ${PKGNOTICES} ] ; then \
+ ${CAT} ${PKGNOTICES} ; \
+ fi
+.endif
+
# Depend is generally meaningless for arbitrary ports, but if someone wants
# one they can override this. This is just to catch people who've gotten into
# the habit of typing `make depend all install' as a matter of course.
--- bpm.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list