diff options
| author | feld <feld@FreeBSD.org> | 2015-03-24 22:15:43 +0800 |
|---|---|---|
| committer | feld <feld@FreeBSD.org> | 2015-03-24 22:15:43 +0800 |
| commit | 8a049dbfccd3c00fc870b5ca81113bcc47e86117 (patch) | |
| tree | c264d72b50c8b809d38b4ee3c723874234d3d9e4 /net-mgmt/unifi2 | |
| parent | 0473a8468e8edba33dc7860c36a348e8d13b11c9 (diff) | |
| download | freebsd-ports-gnome-8a049dbfccd3c00fc870b5ca81113bcc47e86117.tar.gz freebsd-ports-gnome-8a049dbfccd3c00fc870b5ca81113bcc47e86117.tar.zst freebsd-ports-gnome-8a049dbfccd3c00fc870b5ca81113bcc47e86117.zip | |
Improve default file permissions
Ensure unifi cannot write to itself in the event of an exploit
Unifi only needs write access to: data, log, run, and work directories
Diffstat (limited to 'net-mgmt/unifi2')
| -rw-r--r-- | net-mgmt/unifi2/Makefile | 6 | ||||
| -rw-r--r-- | net-mgmt/unifi2/pkg-plist | 54 |
2 files changed, 10 insertions, 50 deletions
diff --git a/net-mgmt/unifi2/Makefile b/net-mgmt/unifi2/Makefile index 6f3758ef8a77..7be8f35eef6f 100644 --- a/net-mgmt/unifi2/Makefile +++ b/net-mgmt/unifi2/Makefile @@ -3,7 +3,7 @@ PORTNAME= unifi2 PORTVERSION= 2.4.6 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= net-mgmt java MASTER_SITES= http://dl.ubnt.com/unifi/${PORTVERSION}/ DISTNAME= UniFi.unix @@ -45,5 +45,9 @@ do-install: ${MKDIR} ${STAGEDIR}${JAVASHAREDIR}/unifi (cd ${WRKSRC} && ${COPYTREE_SHARE} \* ${STAGEDIR}${JAVASHAREDIR}/unifi/) ${LN} -sf ${PREFIX}/bin/mongod ${STAGEDIR}${JAVASHAREDIR}/unifi/bin/mongod +# Create directories that will be writable by unifi +.for i in data logs run work + ${MKDIR} ${STAGEDIR}/${JAVASHAREDIR}/unifi/${i} +.endfor .include <bsd.port.mk> diff --git a/net-mgmt/unifi2/pkg-plist b/net-mgmt/unifi2/pkg-plist index 8798ceff7926..68ccf43acc44 100644 --- a/net-mgmt/unifi2/pkg-plist +++ b/net-mgmt/unifi2/pkg-plist @@ -220,52 +220,8 @@ %%JAVASHAREDIR%%/unifi/webapps/ROOT/upnp.jsp %%JAVASHAREDIR%%/unifi/webapps/ROOT/waiting.jsp %%JAVASHAREDIR%%/unifi/webapps/ROOT/wizard.jsp -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/temp -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/pages -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/wizard -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/settings -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/global -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/p2N -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U7P -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U7O -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U7E -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U5O -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U2S48 -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U2O -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U2M -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U2L48 -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog/U2HSR -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/dialog -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/data-table -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media/alerts -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/media -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/library/swf -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/library/js/flex -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/library/js -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/library/css -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/library -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/includes/tabs -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/includes/settings -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/includes/panels -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/includes/dialogs -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/includes -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/WEB-INF -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT/META-INF -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps/ROOT -@dirrmtry %%JAVASHAREDIR%%/unifi/webapps -@dirrmtry %%JAVASHAREDIR%%/unifi/lib -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/U7P/2.4.6.2178 -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/U7P -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/U7E/2.4.6.2178 -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/U7E -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/U2S48/2.4.6.2178 -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/U2S48 -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/BZ2/2.4.6.2178 -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware/BZ2 -@dirrmtry %%JAVASHAREDIR%%/unifi/dl/firmware -@dirrmtry %%JAVASHAREDIR%%/unifi/dl -@dirrmtry %%JAVASHAREDIR%%/unifi/data -@dirrmtry %%JAVASHAREDIR%%/unifi/conf -@dirrmtry %%JAVASHAREDIR%%/unifi/bin -@dirrmtry %%JAVASHAREDIR%%/unifi -@exec chown -R unifi:unifi %D/%%JAVASHAREDIR%%/unifi +@dir(root,wheel,755) %%JAVASHAREDIR%%/unifi +@dir(unifi,wheel,755) %%JAVASHAREDIR%%/unifi/data +@dir(unifi,wheel,755) %%JAVASHAREDIR%%/unifi/logs +@dir(unifi,wheel,755) %%JAVASHAREDIR%%/unifi/run +@dir(unifi,wheel,755) %%JAVASHAREDIR%%/unifi/work |