[Bug 290216] security/portacl-rc
Date: Mon, 13 Oct 2025 19:27:36 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290216
Bug ID: 290216
Summary: security/portacl-rc
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: ports-bugs@FreeBSD.org
Reporter: ale@biancalanas.net
CC: tom@hur.st
CC: tom@hur.st
Flags: maintainer-feedback?(tom@hur.st)
I'm using this port on a jail host to allow jails to bind on privileged ports.
To that work, I need to do the portacl_user* on the host.
Today portacl expect to have a username in the config, like this:
portacl_users="www"
portacl_user_www_tcp="http https"
So i need to have the user created in the host.
I'm wondering if it couldn't be only the user id, something like:
portacl_users="266"
portacl_user_266_tcp="http https"
So I don't have to have the user created at the host, only in the jail.
Actually I've implemented this and is working:
--- portacl.orig 2025-10-13 19:26:53.669497000 +0000
+++ portacl 2025-10-13 18:56:14.476602000 +0000
@@ -111,10 +111,14 @@
eval ident_list="\${${name}_${kind}s}"
for ident in ${ident_list}
do
- id=$(${ID} "${idflag}" "${ident}" 2>/dev/null)
- if [ -z "${id}" ]; then
- warn "unknown ${kind} ${ident}"
- continue
+ if is_integer "${ident}"; then
+ id=${ident}
+ else
+ id=$(${ID} "${idflag}" "${ident}" 2>/dev/null)
+ if [ -z "${id}" ]; then
+ warn "unknown ${kind} ${ident}"
+ continue
+ fi
fi
--
You are receiving this mail because:
You are the assignee for the bug.