ports/65464: ports/www/axis - use MASTER_SITE_APACHE
Jason Harris
jharris at widomaker.com
Fri May 7 14:28:34 PDT 2004
On Wed, Apr 21, 2004 at 05:51:09AM -0500, Jacques A. Vidrine wrote:
> On Fri, Apr 16, 2004 at 11:31:02AM -0400, Jason Harris wrote:
> > Also, I see no reason why the distinfo files can't be clearsigned
> > starting immediately. This will not use another inode per port
> Interesting thoughts. I do not like `clearsign' format, or separate
> provide some security. But we are off course from the original
> discussion re: checking PGP sigs of distfiles.
Getting back on course...
On Thu, May 06, 2004 at 02:00:38PM -0500, Jacques A. Vidrine wrote:
> On Thu, May 06, 2004 at 06:41:41AM -0700, Pav Lucistnik wrote:
> > pav 2004/05/06 06:41:41 PDT
> >
> > FreeBSD ports repository
> >
> > Modified files:
> > sysutils Makefile
> > Added files:
> > sysutils/pv Makefile distinfo pkg-descr
> > Log:
> > Pipe Viewer (pv) is a terminal-based tool for monitoring the
> > progress of data through a pipeline. It can be inserted into
> > any normal pipeline between two processes to give a visual
> > indication of how quickly data is passing through, how long
> > it has taken, how near to completion it is, and an estimate
> > of how long it will be until completion.
> >
> > Author: Andrew Wood <andrew.wood at ivarch.com>
> > WWW: http://www.ivarch.com/programs/pv.shtml
>
> That's really nifty! I wish I'd have thought to create something like
> that long ago.
This port has a PGP signature, but only on the gzip (v. bzip2)
tarball, and only on two mirrors (but not SourceForge). It is
interesting because it shows that specifying DISTFILES/EXTRACT_ONLY
explicitly is sometimes necessary to pick up the PGP signatures from
specific MASTER_SITES (as well as to get the signatures onto the
FreeBSD distfile mirrors, esp. for those without the Sergei's patch).
Given that USE_GPG/SIG_FILES is a no-op for those not tracking
Sergei's patch, how do portmgr@ and security-team@ feel about the
patch below?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message
cvs server: Diffing .
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/sysutils/pv/Makefile,v
retrieving revision 1.1
diff -u -r1.1 Makefile
--- Makefile 6 May 2004 13:41:40 -0000 1.1
+++ Makefile 7 May 2004 21:18:19 -0000
@@ -9,13 +9,19 @@
PORTVERSION= 0.8.5
CATEGORIES= sysutils
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} \
- http://dragon.roe.ch/mirrors/distfiles/pv/
+ http://dragon.roe.ch/mirrors/distfiles/pv/ \
+ http://dragon.roe.ch/mirrors/distfiles/pv/:sig \
+ http://www.ivarch.com/programs/sources/:sig
MASTER_SITE_SUBDIR= pipeviewer
+DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc:sig
+EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX}
MAINTAINER= daniel at roe.ch
COMMENT= A pipe throughput monitor
-USE_BZIP2= yes
+USE_GPG?= yes
+SIG_FILES= ${DISTNAME}${EXTRACT_SUFX}.asc
+#USE_BZIP2= yes
USE_GMAKE= yes
GNU_CONFIGURE= yes
MAN1= pv.1
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/sysutils/pv/distinfo,v
retrieving revision 1.1
diff -u -r1.1 distinfo
--- distinfo 6 May 2004 13:41:40 -0000 1.1
+++ distinfo 7 May 2004 21:18:19 -0000
@@ -1,2 +1,5 @@
MD5 (pv-0.8.5.tar.bz2) = a6eeadbc2fbd9c23e329f47ff37b8c83
SIZE (pv-0.8.5.tar.bz2) = 84289
+MD5 (pv-0.8.5.tar.gz) = 48c9d7a64035d9634ecf4e6d4414da02
+SIZE (pv-0.8.5.tar.gz) = 94927
+MD5 (pv-0.8.5.tar.gz.asc) = c233f04e23a30745ff02e013805c42c3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAm/02SypIl9OdoOMRAsl4AJ0QgmVJ3FFsMztQ1QfXF910Yy4dAQCfaWta
IkUXkIhiypi0imD9Zo7I6LA=
=tR0G
-----END PGP SIGNATURE-----
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-all/attachments/20040507/96b74e76/attachment.bin
More information about the cvs-all
mailing list