ports/188835: [PATCH] security/sshguard unbreak rc file.

Mon Apr 21 01:30:00 UTC 2014

>Number:         188835
>Category:       ports
>Synopsis:       [PATCH] security/sshguard unbreak rc file.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 21 01:30:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     John Marshall
>Release:        FreeBSD 9.2-RELEASE-p4 amd64
>Organization:
Riverwillow Pty Ltd
>Environment:
System: FreeBSD rwsrv08.gfn.riverwillow.net.au 9.2-RELEASE-p4 FreeBSD 9.2-RELEASE-p4 #0 r264290M: Wed Apr 9 15:46:58 AEST 2014 root at rwsrv08.gfn.riverwillow.net.au:/usr/obj/usr/src/sys/RWSRV08 amd64


	
>Description:

r350643 made modifications to the rc file (files/sshguard.in) which
prevent the daemon starting.

1. pidfile=${sshguard_pidfile:-"/var/run/${name}.pid"}

The use of :- will not assign the default pidfile value to
sshguard_pidfile.  sshguard_pidfile is required by the later
command_args assignment.  Passing a null ${sshguard_pidfile} value to
the daemon's -i argument results in the daemon failing to start.

2. ${sshguard_watch_params} no longer set before command_args assignment

Failing to set ${sshguard_watch_params} prior to the command_args
assigment means that the list of log files to monitor is empty.  Again,
the daemon will not start.

>How-To-Repeat:
	
>Fix:

Suggested patch attached.  Works fine for me.

--- sshguard_r350643.diff begins here ---
Index: security/sshguard/files/sshguard.in
===================================================================
--- security/sshguard/files/sshguard.in	(revision 351653)
+++ security/sshguard/files/sshguard.in	(working copy)
@@ -74,7 +74,8 @@
 : ${sshguard_whitelistfile="%%PREFIX%%/etc/sshguard.whitelist"}
 : ${sshguard_watch_logs="/var/log/auth.log:/var/log/maillog"}
 
-pidfile=${sshguard_pidfile:-"/var/run/${name}.pid"}
+pidfile=${sshguard_pidfile:="/var/run/${name}.pid"}
+sshguard_watch_params=`echo ${sshguard_watch_logs} | tr : \\\n | sed -e s/^/-l\ /g | tr \\\n \ `
 
 command="/usr/sbin/daemon"
 actual_command="%%PREFIX%%/sbin/${name}"
@@ -87,7 +88,6 @@
 {
 	mkdir -p `dirname ${sshguard_blacklist##*:}`
 	[ -e ${sshguard_whitelistfile} ] || touch ${sshguard_whitelistfile}
-	sshguard_watch_params=`echo ${sshguard_watch_logs} | tr : \\\n | sed -e s/^/-l\ /g | tr \\\n \ `
 }
 
 run_rc_command "$1"
--- sshguard_r350643.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:
