splitting courier-authlib into master+slave ports

Yarema yds at CoolRat.org
Wed Apr 20 11:27:10 PDT 2005

--On Wednesday, April 20, 2005 12:12:54 +0200 Oliver Lehmann 
<lehmann at ans-netz.de> wrote:

> Milan Obuch wrote:
>> On Tuesday 19 April 2005 17:30, Oliver Lehmann wrote:
>> > Jose M Rodriguez wrote:
>> > >
>> > > Hope this may be on time.  Can you consider work this?
>> > >
>> > > - maintain couier-auhlib just as a metaport selector.
>> > > - add a courier-authlib-base port
>> > > - maintain the courier-authlib-method ports, but working against
>> > > courier-authlib-base.
>> >
>> > That sounds cool. then OPTIONs could be put into the metaport. I'll
>> > work on this.
>> I like this idea too. Actually I was trying to formulate tha same. You
>> were  quicker :)
>> Milan
> Can you try the tar.gz once more? I uploaded an "adjusted" version ;)

FWIW I'd like to weigh in with my opinion.  I think this move to a meta 
port just so we can have OPTIONS selectable dependencies does little to 
improve usability.  As I've argued before in an email to Oliver there's 
little need to have more than one courier-authlib-method port installed 
unless one is transitioning from one auth-method to another or just 

So why is it better to:
% cd courier-authlib && make config && make install
rather than just:
% cd courier-authlib-METHOD && make install

(Yes, I know the 'make config' is not necessary ;) my point still stands.)

We're just adding unnecessary complexity just because we can.  A 
pkg-message in the base port (without OPTIONS) is sufficient to indicate to 
the user that other method ports are available IMHO.

The "adjusted" versions of courier-authlib as I presented it to Oliver can 
be found at  <http://yds.CoolRat.org/freebsd/>

The most recent one one incorporates some of the adjustments Oliver made to 
his version.

One difference between the courier-authlib-20050408.00.tgz version and 
courier-authlib-20050420.00.tgz is that I make --with-authpam part of the 
base port's CONFIGURE_ARGS. This prevents libauthpwd.so.0 from being built 
and instead builds lib/courier-authlib/libauthpam.so.0.  authpwd is 
discouraged as per <http://www.courier-mta.org/authlib/README_authlib.html>:

NOTE:  It might be tempting to throw in a towel and use authshadow or 
authpwd if you cannot figure out how to install PAM support, however that 
is not advisable. It is highly recommended to use authpam wherever the PAM 
library is available.

The authpwd module is also documented in the same README to use "the C 
library's getpw() functions" which in turn are documented to be made "made 
obsolete by getpwuid(3)" in the FreeBSD getpw(3) man page.

So given the above two citations from both courier-authlib docs and 
FreeBSD's docs why not just do away with authpam being optional and make it 
the default part of the base package?

Some notes on the how what I did differs from Oliver's version and why:

USE_RCORDER=    authdaemond.sh

instead of


${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
                ${FILESDIR}/courier-authdaemond.sh > 

I rewrote and renamed ${FILESDIR}/courier-authdaemond.sh as 
${FILESDIR}/authdaemond.sh.in because the SED idiom Oliver used is already 
in <bsd.port.mk> so there's no need to write it explicitly if one just 
assigns a filename to USE_RCORDER= without the .in suffix.  Search for 
every occurrence of SUB_FILES in <bsd.port.mk> to see what I mean.

Also the way I rewrote ${FILESDIR}/authdaemond.sh.in loads it at about the 
same spot on the RCORDER as cyrus-sasl.  And using cyrus-sasl as a model 
why call it courier-authdaemond.sh when the executable is authdaemond? 
saslauthd.sh is not named cyrus-saslauthd.sh...

In short my version of the startup script is smaller without taking away 
any checks or functionality and without duplicating code already in 

Getting back to the Makefile.. Olivers current version has a

regardless weather it's a base or method port.  Since dependencies are 
inherited there's no need for this.

And the major difference is mainly organizational.. I elected to construct 
PLISTs for all the method ports dynamically within the main Makefile rather 
than using a file for each.  This allows for a rudimentary form of code 
reuse to generate the TMPPLIST and cuts down on the number of files that 
make up a port.  The latter is a Good Thing considering how many inodes the 
ports tree uses already. :)

And that
	@${GREP} '^@exec ' ${TMPPLIST} \
	| ${SED} -e 's:^@exec ::' -e 's:%D:${PREFIX}:g' \
	> ${WRKDIR}/.PLIST.exec \
	&& ${SH} ${WRKDIR}/.PLIST.exec

that I like also helps to eliminate a lot of code redundancy.  Otherwise 
one needs to be really careful to add the code producing the same results 
to both the Makefile and the PLIST file so that the pkg_add and 'make 
install' produce the same result.  I find it easier to just use the above 
grep(1)/sed(1) idiom and put all the code in just one place, the PLIST. 
Not the prettiest solution but less cumbersome than duplicate code.

Oliver, now that you've hacked at this for a while please take a look at 
the way I did things again.  The OPTIONS/metaport stuff is just not woth 
the effort, me thinks.  And it does nothing for the pkg_add user who never 
sees the menus, but might be even more confused by having even more ports 
to chose from.  With authpam in the base port just installing 
courier-authlib should suffice for the majority of users.  For the rest all 
they have to do is install the method port they need and the base gets 
sucked in as a dependency.

Perhaps instead of courier-authlib being the meta port create a 
courier-authlib-meta or -menu and leave courier-authlib as the base.  Helps 
preserve the consistency of suffixes used only for method ports in the 
Makefile code.  And doesn't force anyone to use the OPTIONS/meta port.


More information about the freebsd-ports mailing list