svn commit: r353977 - head/security/py-fail2ban

Mathieu Arnold mat at FreeBSD.org
Wed May 14 23:33:05 UTC 2014 


+--On 13 mai 2014 20:54:09 -0500 Mark Felder <feld at freebsd.org> wrote:
| 
| On May 13, 2014, at 20:36, Adam Weinberger <adamw at adamw.org> wrote:
| 
|> On 13 May 2014, at 17:12, Mark Felder wrote:
|> 
|>> On May 13, 2014, at 13:30, Adam Weinberger <adamw at FreeBSD.org> wrote:
|>> 
|>>> 
|>>> post-install:
|>>> -	@${MKDIR} ${STAGEDIR}${FAIL2BAN_DBDIR}
|>>> +	@${MKDIR} ${STAGEDIR}${FAIL2BAN_DBDIR} ${STAGEDIR}/var/run/fail2ban
|>>> 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
|>>> 	(cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR})
|>>> .for file in fail2ban-client fail2ban-regex fail2ban-server fail2ban
|>>> 
|>> 
|>> 
|>> Pkg ignores items in ${STAGEDIR}/var (and probably all of base), so
|>> this won't actually make it into a package. In fact, since the creation
|>> of the stage dir it won't even make it if installed from a port (as a
|>> package is created before being installed). Anything you need created
|>> for the port to run that must exist in base such as /var/run/,
|>> /var/db/, /var/log/, etc should be handled in the rc script
|>> start_precmd so it gets created if necessary just before the daemon is
|>> launched.
|>> 
|>> Just drop something in like
|>> 
|>> start_precmd=fail2ban_prestart
|>> 
|>> fail2ban_prestart()
|>> {
|>> for i in run db; do
|>>     if [ ! -d /var/${i}/fail2ban ]; then
|>>       install -d -o fail2ban /dev/null /var/${i}/fail2ban
|>>     fi
|>> done
|>> }
|>> 
|>> (or more verbose, but two actions -- mkdir and then chown)
|>> 
|>> and then you can remove those MKDIRs in post-install
|> 
|> That part about pkg ignoring /var doesn't seem right... The .keep_me
|> files in /var/run/fail2ban and /var/db/fail2ban are installed by pkg, as
|> expected.
|> 
|> Putting the stuff into the rc script seems like a good idea, but I'm
|> missing where the current version isn't working.
|> 
| 
| You're right; my wires were crossed. I believe what I was thinking of is
| that pkg won't track those dirs and tell you they are leftovers.

It tracks them all right, look at dns/bind10 (well, don't look at it if you
value your sanity), it's pkg_install that fails to see and use them.

-- 
Mathieu Arnold

More information about the svn-ports-all mailing list