git: f56da8ff57f8 - stable/14 - dma: Don't install dma.conf world-readable

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Dag-Erling Smørgrav <des_at_FreeBSD.org>
Date: Thu, 23 Oct 2025 13:32:37 UTC
The branch stable/14 has been updated by des:

URL: https://cgit.FreeBSD.org/src/commit/?id=f56da8ff57f8423f4798d6af48a735037f5d3021

commit f56da8ff57f8423f4798d6af48a735037f5d3021
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2025-07-26 09:59:53 +0000
Commit:     Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2025-10-23 13:32:27 +0000

    dma: Don't install dma.conf world-readable
    
    While here, install auth.conf into /etc as well.
    
    MFC after:      3 days
    PR:             288409
    Reviewed by:    ivy, bapt
    Differential Revision:  https://reviews.freebsd.org/D51529
    
    (cherry picked from commit a3d4ae7cf351cc283a670d8400a89518a6b31d63)
---
 ObsoleteFiles.inc                        | 3 +++
 libexec/dma/dmagent/Makefile             | 6 ++++--
 tools/build/mk/OptionalObsoleteFiles.inc | 2 +-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc
index 9d8c8a048041..de25b6608fe6 100644
--- a/ObsoleteFiles.inc
+++ b/ObsoleteFiles.inc
@@ -51,6 +51,9 @@
 #   xargs -n1 | sort | uniq -d;
 # done
 
+# 20251023: This file is now installed in /etc/dma
+OLD_FILES+=usr/share/examples/dma/auth.conf
+
 # 20251006: Remove libnss_tacplus.a (it never should have been installed)
 OLD_FILES+=usr/lib/libnss_tacplus.a
 
diff --git a/libexec/dma/dmagent/Makefile b/libexec/dma/dmagent/Makefile
index 0b38c5dca6b5..f73ca1ddccf1 100644
--- a/libexec/dma/dmagent/Makefile
+++ b/libexec/dma/dmagent/Makefile
@@ -18,12 +18,14 @@ SRCS=	aliases_parse.y \
 	util.c
 MAN8=	dma.8
 MLINKS=	dma.8 dma.conf.5
-CONFS=	dma.conf
+CONFSMODE=	0640
+CONFSGRP=	mail
+CONFS=	auth.conf dma.conf
 CONFSDIR=	${CONFDIR}/dma
 CFLAGS+=	-DOPENSSL_API_COMPAT=0x10100000L
 YFLAGS+=	-i
 CLEANFILES=	aliases_parse.i
-FILES=	auth.conf mailer.conf
+FILES=	mailer.conf
 FILESDIR=	${SHAREDIR}/examples/dma
 
 BINMODE=	2555
diff --git a/tools/build/mk/OptionalObsoleteFiles.inc b/tools/build/mk/OptionalObsoleteFiles.inc
index 331c88c0619b..5b49c713182a 100644
--- a/tools/build/mk/OptionalObsoleteFiles.inc
+++ b/tools/build/mk/OptionalObsoleteFiles.inc
@@ -1481,12 +1481,12 @@ OLD_DIRS+=usr/share/dict
 .endif
 
 .if ${MK_DMAGENT} == no
+OLD_FILES+=etc/dma/auth.conf
 OLD_FILES+=etc/dma/dma.conf
 OLD_DIRS+=etc/dma
 OLD_FILES+=usr/libexec/dma
 OLD_FILES+=usr/libexec/dma-mbox-create
 OLD_FILES+=usr/share/man/man8/dma.8.gz
-OLD_FILES+=usr/share/examples/dma/auth.conf
 OLD_FILES+=usr/share/examples/dma/mailer.conf
 OLD_DIRS+=usr/share/examples/dma
 .endif