ports/168338: [PATCH] net/nss-pam-ldapd: update to 0.8.9
Mel FLynn
rflynn at acsalaska.net
Fri May 25 15:20:01 UTC 2012
>Number: 168338
>Category: ports
>Synopsis: [PATCH] net/nss-pam-ldapd: update to 0.8.9
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri May 25 15:20:01 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Mel FLynn
>Release: FreeBSD 8.2-STABLE amd64
>Organization:
>Environment:
System: FreeBSD datakitty.lan.rachie.is-a-geek.net 8.2-STABLE FreeBSD 8.2-STABLE #6 r230977: Sun Feb 5 06:20:11
>Description:
- Update to 0.8.9
- Make it a master port to support net/nss-pam-ldapd-sasl so that packages
work correctly.
- Rework some basics of the port, most notably a pkg-message so that users
that use only packages also get our useful information.
- Remove patches that have been applied upstream. This is not a myth.
Note that SASL is now not provided as OPTION anymore, but exclusively by
the slave port to mitigate issues relating to PORTORIGIN.
This might need an entry in UPDATING as follows:
The net/nss-pam-ldapd port no longer provides an option for SASL. This has
been sourced out to the new net/nss-pam-ldapd-sasl port, to accomodate
users using packages (see ports/162240). Users with openldap-sasl-client
installed are encouraged to change the port's origin to:
net/nss-pam-ldapd-sasl
using their favorite ports management tool. Example for portmaster:
portmaster -o net/nss-pam-ldapd-sasl nss-pam-ldapd
For comitter:
2 short builds to make sure removing the SASL option did not break anything:
https://redports.org/buildarchive/20120525141520-95657
https://redports.org/buildarchive/20120525141546-53658
More elaborate builds, only diff being SASL option still in:
https://redports.org/buildarchive/20120524101239-91353
Files to 'cvs rm':
- files/patch-Makefile.in
- files/patch-nss_shadow.c
- files/patch-r*
Generated with FreeBSD Port Tools 0.99_5 (mode: update, diff: suffix)
>How-To-Repeat:
>Fix:
--- nss-pam-ldapd-0.8.9.patch begins here ---
diff -ruN --exclude=CVS ../nss-pam-ldapd.orig/Makefile ./Makefile
--- ../nss-pam-ldapd.orig/Makefile 2012-04-01 09:04:27.000000000 -0800
+++ ./Makefile 2012-05-24 14:10:16.000000000 -0800
@@ -3,32 +3,45 @@
# Whom: melifaro at ipfw.ru
#
# $FreeBSD: ports/net/nss-pam-ldapd/Makefile,v 1.13 2012/04/01 17:04:27 crees Exp $
+#
+# vim: ft=pmake tw=78 fo=cq
#
PORTNAME= nss-pam-ldapd
-PORTVERSION= 0.8.6
+PORTVERSION= 0.8.9
CATEGORIES= net
-MASTER_SITES= http://arthurdejong.org/nss-pam-ldapd/ \
- http://static.ipfw.ru/files/
+MASTER_SITES= http://arthurdejong.org/nss-pam-ldapd/
-MAINTAINER= rflynn at acsalaska.net
-COMMENT= Advanced fork of nss_ldap
+MAINTAINER?= rflynn at acsalaska.net
+COMMENT?= Advanced fork of nss_ldap
LICENSE= LGPL21 LGPL3
LICENSE_COMB= dual
GNU_CONFIGURE= yes
-USE_GMAKE= yes
+# Gmake seems to be not really needed anymore.
+# Gmake specific constructs are limited to maintainer targets
+# USE_GMAKE= yes
USE_OPENLDAP= yes
USE_RC_SUBR= nslcd
PAM_LDAP_SHMAJOR= 1
NSS_LDAP_SHMAJOR= 1
+PKGMESSAGE= ${WRKDIR}/pkg-message
+SUB_FILES+= pkg-message
NSLCD_PIDFILE?= /var/run/nslcd.pid
NSLCD_SOCKET?= /var/run/nslcd.ctl
-OPTIONS= SASL "Enable SASL" off \
+.if defined(SLAVE_PORT)
+OPTIONS= PAM "Build pam_ldap" on \
+ NSS "Build nss support" on
+WITH_SASL=yes
+CONFLICTS+= nss-pam-ldapd-[0-9]*
+.else
+OPTIONS= NSS "Build nss support" on \
PAM "Build pam_ldap" on
+CONFLICTS+= nss-pam-ldapd-sasl-[0-9]*
+.endif
USERS= nslcd
GROUPS= nslcd
@@ -45,7 +58,8 @@
CONFIG_FILE= "nslcd.conf"
CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/${CONFIG_FILE}
-PLIST_SUB+= CONFIG=${CONFIG_FILE}
+PLIST_SUB+= CONFIG="${CONFIG_FILE}"
+SUB_LIST+= CONFIG_FILE="${PREFIX}/etc/${CONFIG_FILE}"
.if defined(WITH_SASL)
WANT_OPENLDAP_SASL= yes
@@ -69,12 +83,17 @@
.if defined(WITHOUT_NSS)
CONFIGURE_ARGS+= --disable-nss
PLIST_SUB+= NSS="@comment "
+SUB_LIST+= NSS_MESSAGE=""
.else
CONFIGURE_ARGS+= --enable-nss
CONFLICTS+= nss_ldap-1.*
PLIST_SUB+= NSS=""
+SUB_LIST+= NSS_MESSAGE="WARNING: Be sure to set uid and gid configuration parameters to make nslcd run under unprivileged user."
.endif
+# Won't hook this in to OPTIONS until PADL ports are at least DEPRECATED.
+# It doesn't do the software any good to run as replacement for the PADL ports
+# without running the daemon.
.if defined(WITHOUT_NSLCD)
CONFIGURE_ARGS+= --disable-nslcd
PLIST_SUB+= NSLCD="@comment "
@@ -85,33 +104,29 @@
MAN8+= nslcd.8
.endif
+.if defined(WITHOUT_NSS) && defined(WITHOUT_PAM)
+BROKEN= Software is useless if both NSS and PAM are disabled.\
+ Rerun 'make config' or 'portmaster --force-config'.
+.endif
+
post-extract:
@${REINPLACE_CMD} -e 's/\(INSTALL_\)\(.*\)) -D /\1\2) /' ${WRKSRC}/Makefile.in ${WRKSRC}/nss/Makefile.in
post-configure:
${REINPLACE_CMD} -e 's/^\(CFLAGS.*\) \-O2 \(.*\)$$/\1 -O0 \2/' ${WRKSRC}/nss/Makefile
-post-install:
+show-pkgmessage::
+ @${ECHO_CMD}; ${CAT} ${PKGMESSAGE} | ${FMT} 75 79; ${ECHO_CMD}
+
+# We take care of the sample file, upstream install target installs the actual
+# file if it does not exist yet.
+post-install: show-pkgmessage
+ @${INSTALL_DATA} ${WRKSRC}/nslcd.conf ${PREFIX}/etc/nslcd.conf.sample
.if !defined(WITHOUT_NSS)
- @cd ${PREFIX}/lib && ${LN} -fs nss_ldap.so.${NSS_LDAP_SHMAJOR} \
- nss_ldap.so
+ @${LN} -fs nss_ldap.so.${NSS_LDAP_SHMAJOR} ${PREFIX}/lib/nss_ldap.so
.endif
.if !defined(WITHOUT_PAM)
- @cd ${PREFIX}/lib && ${LN} -fs pam_ldap.so.${PAM_LDAP_SHMAJOR} \
- pam_ldap.so
-.endif
- @${ECHO_MSG}
- @${ECHO_MSG} =====================================================================
- @${ECHO_MSG}
- @${ECHO_MSG} " LDAP configuration: ${PREFIX}/etc/${CONFIG_FILE}"
- @${ECHO_MSG} " Sample configuration: ${PREFIX}/etc/${CONFIG_FILE}.sample"
- @${ECHO_MSG}
-.if !defined(WITHOUT_NSS)
- @${ECHO_MSG} " WARNING: Be sure to set uid and gid configuration parameters"
- @${ECHO_MSG} " WARNING: to make nslcd run under unprivileged user"
+ @${LN} -fs pam_ldap.so.${PAM_LDAP_SHMAJOR} ${PREFIX}/lib/pam_ldap.so
.endif
- @${ECHO_MSG}
- @${ECHO_MSG} =====================================================================
- @${ECHO_MSG}
.include <bsd.port.mk>
diff -ruN --exclude=CVS ../nss-pam-ldapd.orig/distinfo ./distinfo
--- ../nss-pam-ldapd.orig/distinfo 2012-04-01 09:04:27.000000000 -0800
+++ ./distinfo 2012-05-24 14:10:16.000000000 -0800
@@ -1,2 +1,2 @@
-SHA256 (nss-pam-ldapd-0.8.6.tar.gz) = 549f58c83c18ce8017f546138414e831b255a6edc5dfd8ff141aef52d94f25df
-SIZE (nss-pam-ldapd-0.8.6.tar.gz) = 466292
+SHA256 (nss-pam-ldapd-0.8.9.tar.gz) = 722a010718c0a5073207d05f1f091e679aa32f2643a3c173dc6f916c2bfcc0d2
+SIZE (nss-pam-ldapd-0.8.9.tar.gz) = 475138
diff -ruN --exclude=CVS ../nss-pam-ldapd.orig/files/patch-Makefile.in ./files/patch-Makefile.in
--- ../nss-pam-ldapd.orig/files/patch-Makefile.in 2012-04-01 09:04:27.000000000 -0800
+++ ./files/patch-Makefile.in 1969-12-31 14:00:00.000000000 -1000
@@ -1,19 +0,0 @@
---- Makefile.in.orig 2012-03-02 12:50:47.000000000 -0900
-+++ Makefile.in 2012-03-02 13:01:13.000000000 -0900
-@@ -774,6 +774,7 @@
-
- # install a default configuration file if it is not already there
- install-nslcd_conf:
-+ $(INSTALL_DATA) $(srcdir)/nslcd.conf $(DESTDIR)/$(NSLCD_CONF_PATH).sample
- @if [ -f $(DESTDIR)$(NSLCD_CONF_PATH) ]; then \
- echo "$(DESTDIR)$(NSLCD_CONF_PATH) already exists, install will not overwrite"; \
- else \
-@@ -781,7 +782,7 @@
- $(INSTALL_DATA) $(srcdir)/nslcd.conf $(DESTDIR)$(NSLCD_CONF_PATH); \
- fi
- uninstall-nslcd_conf:
-- -rm -f $(DESTDIR)$(NSLCD_CONF_PATH)
-+ -rm -f $(DESTDIR)$(NSLCD_CONF_PATH).sample
-
- # fix permissions before distributing
- dist-hook:
diff -ruN --exclude=CVS ../nss-pam-ldapd.orig/files/patch-nss__shadow.c ./files/patch-nss__shadow.c
--- ../nss-pam-ldapd.orig/files/patch-nss__shadow.c 2010-01-09 13:45:55.000000000 -0900
+++ ./files/patch-nss__shadow.c 1969-12-31 14:00:00.000000000 -1000
@@ -1,17 +0,0 @@
---- nss/shadow.c.orig 2009-05-29 21:23:03.000000000 +0000
-+++ nss/shadow.c 2009-08-02 22:32:27.000000000 +0000
-@@ -22,6 +22,7 @@
-
- #include "config.h"
-
-+#ifdef HAVE_SHADOW_H
- #include <string.h>
- #include <nss.h>
- #include <errno.h>
-@@ -73,3 +74,6 @@
- {
- NSS_ENDENT(spentfp);
- }
-+
-+#endif
-+
diff -ruN --exclude=CVS ../nss-pam-ldapd.orig/files/patch-r1626 ./files/patch-r1626
--- ../nss-pam-ldapd.orig/files/patch-r1626 2012-04-01 09:04:27.000000000 -0800
+++ ./files/patch-r1626 1969-12-31 14:00:00.000000000 -1000
@@ -1,50 +0,0 @@
-Modified: compat/ldap_compat.h
-==============================================================================
---- compat/ldap_compat.h Wed Feb 29 22:44:31 2012 (r1625)
-+++ compat/ldap_compat.h Mon Mar 5 22:53:54 2012 (r1626)
-@@ -62,4 +62,12 @@
- #define LDAP_SASL_QUIET 2U
- #endif /* not LDAP_SASL_QUIET */
-
-+/* on some systems LDAP_OPT_DIAGNOSTIC_MESSAGE isn't there but
-+ LDAP_OPT_ERROR_STRING is */
-+#ifndef LDAP_OPT_DIAGNOSTIC_MESSAGE
-+#ifdef LDAP_OPT_ERROR_STRING
-+#define LDAP_OPT_DIAGNOSTIC_MESSAGE LDAP_OPT_ERROR_STRING
-+#endif /* LDAP_OPT_ERROR_STRING */
-+#endif /* not LDAP_OPT_DIAGNOSTIC_MESSAGE */
-+
- #endif /* COMPAT__LDAP_COMPAT_H */
-
-Modified: nslcd/myldap.c
-==============================================================================
---- nslcd/myldap.c Wed Feb 29 22:44:31 2012 (r1625)
-+++ nslcd/myldap.c Mon Mar 5 22:53:54 2012 (r1626)
-@@ -378,6 +378,7 @@
- static int do_bind(LDAP *ld,const char *binddn,const char *bindpw,const char *uri)
- {
- int rc;
-+ char *msg=NULL;
- #ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
- #ifndef HAVE_SASL_INTERACT_T
- struct berval cred;
-@@ -392,9 +393,16 @@
- rc=ldap_start_tls_s(ld,NULL,NULL);
- if (rc!=LDAP_SUCCESS)
- {
-- log_log(LOG_WARNING,"ldap_start_tls_s() failed: %s%s%s (uri=\"%s\")",
-- ldap_err2string(rc),(errno==0)?"":": ",
-- (errno==0)?"":strerror(errno),uri);
-+#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
-+ ldap_get_option(ld,LDAP_OPT_DIAGNOSTIC_MESSAGE,&msg);
-+#endif /* LDAP_OPT_DIAGNOSTIC_MESSAGE */
-+ log_log(LOG_WARNING,"ldap_start_tls_s() failed: %s%s%s%s%s (uri=\"%s\")",
-+ ldap_err2string(rc),
-+ (msg==NULL)?"":": ",(msg==NULL)?"":msg,
-+ (errno==0)?"":": ",(errno==0)?"":strerror(errno),
-+ uri);
-+ if (msg)
-+ ldap_memfree(msg);
- return rc;
- }
- }
diff -ruN --exclude=CVS ../nss-pam-ldapd.orig/files/patch-r1631 ./files/patch-r1631
--- ../nss-pam-ldapd.orig/files/patch-r1631 2012-04-01 09:04:27.000000000 -0800
+++ ./files/patch-r1631 1969-12-31 14:00:00.000000000 -1000
@@ -1,21 +0,0 @@
-Modified: nslcd/common.h
-==============================================================================
---- nslcd/common.h Sat Mar 10 21:31:58 2012 (r1630)
-+++ nslcd/common.h Sat Mar 10 21:41:37 2012 (r1631)
-@@ -3,7 +3,7 @@
- This file is part of the nss-pam-ldapd library.
-
- Copyright (C) 2006 West Consulting
-- Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
-+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
-@@ -25,6 +25,7 @@
- #define NSLCD__COMMON_H 1
-
- #include <errno.h>
-+#include <limits.h>
-
- #include "nslcd.h"
- #include "common/nslcd-prot.h"
diff -ruN --exclude=CVS ../nss-pam-ldapd.orig/files/pkg-message.in ./files/pkg-message.in
--- ../nss-pam-ldapd.orig/files/pkg-message.in 1969-12-31 14:00:00.000000000 -1000
+++ ./files/pkg-message.in 2012-04-07 09:45:06.000000000 -0800
@@ -0,0 +1,12 @@
+=====================================================================
+
+LDAP and nslcd daemon parameters should be set in %%CONFIG_FILE%%. When upgrading review %%CONFIG_FILE%%.sample for additional or changed parameters.
+
+%%NSS_MESSAGE%%
+
+To start nslcd add nslcd_enable="YES" to /etc/rc.conf and run:
+
+ # service nslcd start
+
+See the comments in %%PREFIX%%/etc/rc.d/nslcd for additional tunables.
+=====================================================================
--- nss-pam-ldapd-0.8.9.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list