aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorarved <arved@FreeBSD.org>2003-05-09 20:41:21 +0800
committerarved <arved@FreeBSD.org>2003-05-09 20:41:21 +0800
commitf7e73bff235035b837682ecee4d460d77ed40f8e (patch)
treea0d75a0fbf1ce6a3a94a0669aa5023d41b1c8be5 /security
parent036970f8f9688fc9f45a9fca64feebb05baf1ded (diff)
downloadfreebsd-ports-gnome-f7e73bff235035b837682ecee4d460d77ed40f8e.tar.gz
freebsd-ports-gnome-f7e73bff235035b837682ecee4d460d77ed40f8e.tar.zst
freebsd-ports-gnome-f7e73bff235035b837682ecee4d460d77ed40f8e.zip
* Fix some problems with building the Kerberos IV and 5 mechs.
* Made the port to optionally not build the mechs, define WITHOUT_[ANONYMOUS,CRAM,DIGEST,LOGIN,OTP,GSSAPI,PLAIN]. * The Kerberos IV case is special, as we can use the base kerberos 4x (<=5.0-RELEASE), or use the security/krb4 port. WITH_KERBEROS4 - use security/krb4 port if <=5.0-RELEASE, use krb4 port only if /usr/lib/libkrb.a doesn't exist WITHOUT_KERBEROS4 - disables using the base systems /usr/lib/libkrb.a (<=5.0), if it exists and MAKE_KERBEROS4 defined in /etc/make.conf * Changed the combined rcNG/rcOG scripts, so that the defaults are at the top of the rc.d script and not in an external file to the script. PR: 51505 Submitted by: maintainer
Diffstat (limited to 'security')
-rw-r--r--security/cyrus-sasl/Makefile104
-rw-r--r--security/cyrus-sasl/files/patch-ab42
-rw-r--r--security/cyrus-sasl/files/patch-plugins::kerberos4.c48
-rw-r--r--security/cyrus-sasl/files/pwcheck.sh49
-rw-r--r--security/cyrus-sasl/files/saslauthd.sh46
-rw-r--r--security/cyrus-sasl/pkg-deinstall28
-rw-r--r--security/cyrus-sasl/pkg-install27
-rw-r--r--security/cyrus-sasl/pkg-message10
-rw-r--r--security/cyrus-sasl/pkg-plist30
-rw-r--r--security/cyrus-sasl/scripts/configure.sasl16
10 files changed, 228 insertions, 172 deletions
diff --git a/security/cyrus-sasl/Makefile b/security/cyrus-sasl/Makefile
index 15f5c11d3806..89863bc363f8 100644
--- a/security/cyrus-sasl/Makefile
+++ b/security/cyrus-sasl/Makefile
@@ -7,7 +7,7 @@
PORTNAME= cyrus-sasl
PORTVERSION= 1.5.28
-PORTREVISION= 0
+PORTREVISION= 1
CATEGORIES= security ipv6
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/ \
@@ -56,7 +56,6 @@ CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \
--with-dbpath=${PREFIX}/etc/sasldb \
--includedir=${PREFIX}/include/sasl1 \
--enable-static \
- --enable-login \
--with-saslauthd=/var/state/saslauthd1 \
--enable-auth-sasldb \
--with-pwcheck=/var/pwcheck \
@@ -76,17 +75,67 @@ SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \
JAVADIR?= jdk1.3.1
JAVALIBDIR?= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
-.if defined(KRB5_HOME) && exists(${KRB5_HOME})
+.if defined(WITHOUT_ANONYMOUS)
+CONFIGURE_ARGS+= --disable-anon
+ANON= "@comment "
+.endif
+
+.if defined(WITHOUT_CRAM)
+CONFIGURE_ARGS+= --disable-cram
+CRAM= "@comment "
+.endif
+
+.if defined(WITHOUT_DIGEST)
+CONFIGURE_ARGS+= --disable-digest
+DIGEST= "@comment "
+.endif
+
+# Outlook and Outlook Express requires the LOGIN mech
+.if defined(WITHOUT_LOGIN)
+CONFIGURE_ARGS+= --disable-login
+LOGIN= "@comment "
+.else
+CONFIGURE_ARGS+= --enable-login
+.endif
+
+.if defined(WITHOUT_OTP)
+CONFIGURE_ARGS+= --disable-otp
+OTP= "@comment "
+.endif
+
+# Netscape requires the PLAIN mech
+.if defined(WITHOUT_PLAIN)
+CONFIGURE_ARGS+= --disable-plain
+PLAIN= "@comment "
+.endif
+
+.if !defined(WITHOUT_GSSAPI) && defined(KRB5_HOME) && exists(${KRB5_HOME}/lib/libgssapi_krb5.a)
CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME}
-.elif defined(HEIMDAL_HOME) && exists(${HEIMDAL_HOME})
+.elif !defined(WITHOUT_GSSAPI) && defined(HEIMDAL_HOME) && exists(${HEIMDAL_HOME}/lib/libgssapi.a)
CONFIGURE_ARGS+= --enable-gssapi=${HEIMDAL_HOME}
+.elif !defined(WITHOUT_GSSAPI) && defined(MAKE_KERBEROS5) && exists(/usr/lib/libkrb5.a)
+CONFIGURE_ARGS+= --enable-gssapi
.else
CONFIGURE_ARGS+= --disable-gssapi
GSSAPI= "@comment "
.endif
-.if exists(/usr/lib/libkrb.a)
+.include <bsd.port.pre.mk>
+
+# KERBEROS 4 was removed in FreeBSD 5.0-CURRENT
+.if ${OSVERSION} > 500105
+.if defined(WITH_KERBEROS4)
+LIB_DEPENDS+= krb.2:${PORTSDIR}/security/krb4
+CONFIGURE_ARGS+= --enable-krb4=${LOCALBASE}/krb4
+.else
+CONFIGURE_ARGS+= --disable-krb4
+EBONES= "@comment "
+.endif
+.elif exists(/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4) && !defined(WITHOUT_KERBEROS4)
CONFIGURE_ARGS+= --enable-krb4
+.elif !exists(/usr/lib/libkrb.a) && defined(WITH_KERBEROS4)
+LIB_DEPENDS+= krb.2:${PORTSDIR}/security/krb4
+CONFIGURE_ARGS+= --enable-krb4=${LOCALBASE}/krb4
.else
CONFIGURE_ARGS+= --disable-krb4
EBONES= "@comment "
@@ -96,9 +145,18 @@ CONFIGURE_ENV+= LOCALBASE=${LOCALBASE} \
OPENSSLINC=${OPENSSLINC} \
OPENSSLLIB=${OPENSSLLIB}
+CYRUS_USER?= cyrus
+CYRUS_GROUP?= cyrus
+
DOCS= AUTHORS COPYING ChangeLog INSTALL NEWS README TODO
PLIST_SUB= PREFIX=${PREFIX} \
+ ANON=${ANON} \
+ OTP=${OTP} \
+ CRAM=${CRAM} \
+ DIGEST=${DIGEST} \
+ LOGIN=${LOGIN} \
+ PLAIN=${PLAIN} \
GSSAPI=${GSSAPI} \
EBONES=${EBONES} \
DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \
@@ -110,7 +168,6 @@ PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
PKGINSTALL= ${WRKDIR}/pkg-install
PKGMESSAGE= ${WRKDIR}/pkg-message
-.include <bsd.port.pre.mk>
.if ${OSVERSION} < 450000
FMT= /usr/bin/fmt
.else
@@ -124,6 +181,21 @@ pre-fetch:
.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
.endif
+RC_SCRIPTS_SUB= PREFIX=${PREFIX} \
+ PWCHECK=${PWCHECK} \
+ ENABLE_PWCHECK=${ENABLE_PWCHECK} \
+ ENABLE_SASLAUTHD=${ENABLE_SASLAUTHD} \
+ MYSQL_REQ=${MYSQL_REQ}
+
+PKG_SCRIPTS_SUB= PREFIX=${PREFIX} \
+ CYRUS_USER=${CYRUS_USER} \
+ CYRUS_GROUP=${CYRUS_GROUP} \
+ ENABLE_PWCHECK=${ENABLE_PWCHECK} \
+ ENABLE_SASLAUTHD=${ENABLE_SASLAUTHD} \
+ PWCHECK=${PWCHECK} \
+ PWCHECK_METHOD=${PWCHECK_METHOD} \
+ SASLDB=${SASLDB_NAME}
+
post-extract:
@${CP} ${FILESDIR}/pwcheck_pam.c ${WRKSRC}/pwcheck
@@ -132,17 +204,9 @@ pre-patch:
# Fix pkg-{install/deinstall/messages}
post-patch:
- @${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
- -e "s;%%PWCHECK%%;${PWCHECK};g" \
- -e "s;%%ENABLE_PWCHECK%%;${ENABLE_PWCHECK};g" \
- -e "s;%%PWCHECK_METHOD%%;${PWCHECK_METHOD};g" \
- -e "s;%%ENABLE_SASLAUTHD%%;${ENABLE_SASLAUTHD};g" \
+ @${SED} ${PKG_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
${.CURDIR}/pkg-install > ${PKGINSTALL}
- @${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
- -e "s;%%PWCHECK%%;${PWCHECK};g" \
- -e "s;%%ENABLE_PWCHECK%%;${ENABLE_PWCHECK};g" \
- -e "s;%%PWCHECK_METHOD%%;${PWCHECK_METHOD};g" \
- -e "s;%%ENABLE_SASLAUTHD%%;${ENABLE_SASLAUTHD};g" \
+ @${SED} ${PKG_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
${.CURDIR}/pkg-deinstall > ${PKGDEINSTALL}
@${SED} -e "s;%%PWCHECK_METHOD%%;${PWCHECK_METHOD};g" \
-e "s;%%PREFIX%%;${PREFIX};g" \
@@ -182,8 +246,8 @@ post-install:
@${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
${FILESDIR}/cyrus_sasl1 > ${PREFIX}/etc/rc.d/cyrus_sasl1
@${CHMOD} 755 ${PREFIX}/etc/rc.d/cyrus_sasl1
- ${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck
- ${INSTALL} -d -m 770 -o cyrus -g cyrus /var/state/saslauthd1
+ ${INSTALL} -d -m 770 -o ${CYRUS_USER} -g ${CYRUS_GROUP} /var/pwcheck
+ ${INSTALL} -d -m 770 -o ${CYRUS_USER} -g ${CYRUS_GROUP} /var/state/saslauthd1
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
.for file in ${DOCS}
@@ -214,8 +278,4 @@ post-install:
post-clean:
@${RM} -f ${WRKDIRPREFIX}${.CURDIR}/Makefile.inc
-#if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
-#include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
-#endif
-
.include <bsd.port.post.mk>
diff --git a/security/cyrus-sasl/files/patch-ab b/security/cyrus-sasl/files/patch-ab
index d87eafb4ba8b..acf1e6da4495 100644
--- a/security/cyrus-sasl/files/patch-ab
+++ b/security/cyrus-sasl/files/patch-ab
@@ -1,5 +1,5 @@
---- configure.in.orig Tue Feb 18 13:18:11 2003
-+++ configure.in Tue Feb 18 14:34:11 2003
+--- configure.in.orig Wed Feb 26 23:00:39 2003
++++ configure.in Wed Feb 26 23:22:03 2003
@@ -66,8 +66,12 @@
dnl check for -R, etc. switch
CMU_GUESS_RUNPATH_SWITCH
@@ -104,3 +104,41 @@
AC_SUBST(LIB_DES)
+@@ -563,8 +595,8 @@
+ AC_CHECK_HEADER(krb.h,
+ AC_CHECK_LIB(com_err, com_err,
+ AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err",
+- krb4=no, -ldes -lcom_err),
+- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", krb4=no, -ldes)))
++ krb4=no, ${LIB_DES} -lcrypt -lcom_err),
++ AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", krb4=no, ${LIB_DES})))
+
+ else
+ AC_WARN(No DES library found for Kerberos V4 support)
+@@ -592,7 +624,7 @@
+ AC_MSG_RESULT(enabled)
+ SASL_MECHS="$SASL_MECHS libkerberos4.la"
+ AC_DEFINE(HAVE_KRB)
+- SASL_KRB_LIB="-lkrb -ldes $COM_ERR"
++ SASL_KRB_LIB="-lkrb $LIB_DES $COM_ERR"
+ AC_SUBST(SASL_KRB_LIB)
+ else
+ AC_MSG_RESULT(disabled)
+@@ -631,7 +663,7 @@
+
+ # the base64_decode check fails because libroken has dependencies
+ # FIXME: this is probabally non-optimal as well
+- AC_CHECK_LIB(krb5,krb5_vlog,gss_impl="heimdal",,)
++ AC_CHECK_LIB(krb5,krb5_vlog,gss_impl="heimdal",, -lasn1 ${LIB_DES} -lroken ${LIB_CRYPT} -lcom_err)
+ # AC_CHECK_LIB(roken,base64_decode,gss_impl="heimdal",, $LIB_CRYPT)
+
+ if test -d ${gssapi}; then
+@@ -641,7 +673,7 @@
+ if test "$gss_impl" = mit; then
+ GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err"
+ elif test "$gss_impl" = "heimdal"; then
+- GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 -ldes -lasn1 -lroken ${LIB_CRYPT} -lcom_err"
++ GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 ${LIB_DES} -lasn1 -lroken ${LIB_CRYPT} -lcom_err"
+ else
+ gssapi="no"
+ AC_WARN(Disabling GSSAPI)
diff --git a/security/cyrus-sasl/files/patch-plugins::kerberos4.c b/security/cyrus-sasl/files/patch-plugins::kerberos4.c
new file mode 100644
index 000000000000..efef81b3adde
--- /dev/null
+++ b/security/cyrus-sasl/files/patch-plugins::kerberos4.c
@@ -0,0 +1,48 @@
+--- plugins/kerberos4.c.orig Wed Feb 26 22:20:04 2003
++++ plugins/kerberos4.c Wed Feb 26 22:30:25 2003
+@@ -711,14 +730,18 @@
+ #ifdef __FreeBSD__
+ des_pcbc_encrypt((const unsigned char *)in,
+ (unsigned char *)in,
++ clientinlen,
++ text->init_keysched,
++ &text->session,
++ DES_DECRYPT);
+ #else
+ des_pcbc_encrypt((des_cblock *)in,
+ (des_cblock *)in,
+-#endif
+ clientinlen,
+ text->init_keysched,
+ &text->session,
+ DES_DECRYPT);
++#endif
+
+ testnum=(in[0]*256*256*256)+(in[1]*256*256)+(in[2]*256)+in[3];
+
+@@ -1255,18 +1278,22 @@
+ len++;
+ }
+ sout[len]=0;
++
+ #ifdef __FreeBSD__
+ des_pcbc_encrypt((const unsigned char *)sout,
+- (unsigned char *)sout,
++ (unsigned char *)sout,
++ len,
++ text->init_keysched,
++ (des_cblock *)text->session,
++ DES_ENCRYPT);
+ #else
+-
+ des_pcbc_encrypt((des_cblock *)sout,
+ (des_cblock *)sout,
+-#endif
+ len,
+ text->init_keysched,
+ (des_cblock *)text->session,
+ DES_ENCRYPT);
++#endif
+
+ *clientout = params->utils->malloc(len);
+ memcpy((char *) *clientout, sout, len);
diff --git a/security/cyrus-sasl/files/pwcheck.sh b/security/cyrus-sasl/files/pwcheck.sh
index fb0d6733a9ee..7dbfde8711d7 100644
--- a/security/cyrus-sasl/files/pwcheck.sh
+++ b/security/cyrus-sasl/files/pwcheck.sh
@@ -12,18 +12,18 @@
# If you want this script to start with the base rc scripts
# move cyrus_pwcheck.sh to /etc/rc.d/cyrus_pwcheck
-# Define the following cyrus_pwcheck_* variables in one of the following:
-# /etc/rc.conf
-# /etc/rc.conf.d/pwcheck
-# ${prefix}/etc/rc.conf.d/pwcheck
+prefix=%%PREFIX%%
+
+# Define these cyrus_pwcheck_* variables in one of these files:
+# /etc/rc.conf
+# /etc/rc.conf.local
+# /etc/rc.conf.d/cyrus_pwcheck
#
-# cyrus_pwcheck_enable - Set to YES to enable pwcheck
-# Default: %%ENABLE_PWCHECK%%
+# DO NOT CHANGE THESE DEFAULT VALUES HERE
#
-# cyrus_pwcheck_program - Path to pwcheck program (pwcheck/pwcheck_pam)
-# Default: ${prefix}/sbin/%%PWCHECK%%
-
-prefix=%%PREFIX%%
+cyrus_pwcheck_enable="%%ENABLE_PWCHECK%%" # Enable pwcheck daemon
+cyrus_pwcheck_program="${prefix}/sbin/%%PWCHECK%%" # pwcheck program to use
+ # (pwcheck/pwcheck_pam)
if [ -f /etc/rc.subr ]; then
. /etc/rc.subr
@@ -33,22 +33,7 @@ if [ -f /etc/rc.subr ]; then
command=${prefix}/sbin/%%PWCHECK%%
pidfile="/var/run/pwcheck.pid"
- # The below may be removed when load_local_rc_config is added to rc.subr
-
- if [ -f ${prefix}/etc/rc.conf.d/"$name" ]; then
- debug "Sourcing ${prefix}/etc/rc.conf.d/${name}"
- . ${prefix}/etc/rc.conf.d/"$name"
- fi
-
load_rc_config $name
-
- if [ -z "${cyrus_pwcheck_enable}" ] ; then
- cyrus_pwcheck_enable=%%ENABLE_PWCHECK%%
- fi
-
- # The above may be removed when load_local_rc_config is added to rc.subr
- #
- # load_local_rc_config $name
run_rc_command "$1"
else
# Suck in the configuration variables.
@@ -61,23 +46,11 @@ else
fi
fi
- if [ -f "${prefix}/etc/rc.conf.d/cyrus_pwcheck" ]; then
- . ${prefix}/etc/rc.conf.d/cyrus_pwcheck
- fi
-
- if [ -z "${cyrus_pwcheck_enable}" ] ; then
- cyrus_pwcheck_enable=%%ENABLE_PWCHECK%%
- fi
-
- if [ -z "${cyrus_pwcheck_program}" ]; then
- cyrus_pwcheck_program=${prefix}/sbin/%%PWCHECK%%
- fi
-
rc=0
case "${cyrus_pwcheck_enable}" in
[Yy][Ee][Ss])
- case "${action}" in
+ case "${1}" in
start)
if [ -x ${cyrus_pwcheck_program} ] ; then
diff --git a/security/cyrus-sasl/files/saslauthd.sh b/security/cyrus-sasl/files/saslauthd.sh
index a477f80ab4a4..966179116d16 100644
--- a/security/cyrus-sasl/files/saslauthd.sh
+++ b/security/cyrus-sasl/files/saslauthd.sh
@@ -12,21 +12,18 @@
# If you want this script to start with the base rc scripts
# move saslauthd1.sh to /etc/rc.d/saslauthd1
-# Define the following saslauthd1_* variables in one of the following:
+prefix=%%PREFIX%%
+
+# Define these saslauthd1_* variables in one of these files:
# /etc/rc.conf
+# /etc/rc.conf.local
# /etc/rc.conf.d/saslauthd1
-# ${prefix}/etc/rc.conf.d/saslauthd1
-#
-# saslauthd1_enable - Set to YES to enable saslauthd
-# Default: %%ENABLE_SASLAUTHD%%
#
-# saslauthd1_program - Path to saslauthd program
-# Default: ${prefix}/sbin/saslauthd1
+# DO NOT CHANGE THESE DEFAULT VALUES HERE
#
-# saslauthd1_flags - Flags to saslauthd program
-# Default: -a pam
-
-prefix=%%PREFIX%%
+saslauthd1_enable="%%ENABLE_SASLAUTHD%%" # Enable saslauthd
+#saslauthd1_program="${prefix}/sbin/saslauthd1" # Location of saslauthd1
+saslauthd1_flags="-a pam" # Flags to saslauthd program
if [ -f /etc/rc.subr ]; then
. /etc/rc.subr
@@ -36,22 +33,7 @@ if [ -f /etc/rc.subr ]; then
command="${prefix}/sbin/${name}"
pidfile="/var/state/${name}/mux.pid"
- # The below may be removed when load_local_rc_config is added to rc.subr
-
- if [ -f ${prefix}/etc/rc.conf.d/"$name" ]; then
- debug "Sourcing ${prefix}/etc/rc.conf.d/${name}"
- . ${prefix}/etc/rc.conf.d/"$name"
- fi
-
load_rc_config $name
-
- if [ -z "${saslauthd1_enable}" ]; then
- saslauthd1_enable=%%ENABLE_SASLAUTHD%%
- fi
-
- # The above may be removed when load_local_rc_config is added to rc.subr
- #
- #load_local_rc_config $name
run_rc_command "$1"
else
# Suck in the configuration variables.
@@ -64,19 +46,11 @@ else
fi
fi
- if [ -f ${prefix}/etc/rc.conf.d/saslauthd1 ]; then
- . ${prefix}/etc/rc.conf.d/saslauthd1
- fi
-
if [ -n "${sasl_saslauthd1_enable}" ]; then
echo "sasl_saslauthd1_enable has been depreciated, use saslauthd1_enable instead"
saslauthd1_enable=$sasl_saslauthd1_enable
fi
- if [ -z "${saslauthd1_enable}" ]; then
- saslauthd1_enable=%%ENABLE_SASLAUTHD%%
- fi
-
if [ -z "${saslauthd1_program}" ]; then
saslauthd1_program=${prefix}/sbin/saslauthd1
fi
@@ -86,10 +60,6 @@ else
saslauthd1_flags=$sasl_saslauthd1_flags
fi
- if [ -z "${saslauthd1_flags}" ]; then
- saslauthd1_flags="-a pam"
- fi
-
rc=0
case "${saslauthd1_enable}" in
diff --git a/security/cyrus-sasl/pkg-deinstall b/security/cyrus-sasl/pkg-deinstall
index 30fa993e9275..02d41095c0cf 100644
--- a/security/cyrus-sasl/pkg-deinstall
+++ b/security/cyrus-sasl/pkg-deinstall
@@ -12,6 +12,9 @@ PKG_PREFIX=${PKG_PREFIX:=/usr/local}
SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%%
+CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
+CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%}
+
remove_file()
{
file=$1
@@ -22,22 +25,6 @@ remove_file()
rm -f ${file}.tmp
}
-delete_rc_conf_d() {
- PWCHECK_CONF=${PKG_PREFIX}/etc/rc.conf.d/cyrus_pwcheck
- SASLAUTHD_CONF=${PKG_PREFIX}/etc/rc.conf.d/saslauthd1
-
- if [ -f ${SASLAUTHD_CONF} ]; then
- echo "saslauthd1_enable=%%ENABLE_SASLAUTHD%%" >> ${SASLAUTHD_CONF}.tmp
- echo "saslauthd1_flags=\"-a pam\"" >> ${SASLAUTHD_CONF}.tmp
- remove_file ${SASLAUTHD_CONF}
- fi
- if [ -f ${PWCHECK_CONF} ]; then
- echo "cyrus_pwcheck_enable=%%ENABLE_PWCHECK%%" > ${PWCHECK_CONF}.tmp
- echo "cyrus_pwcheck_program=${PKG_PREFIX}/sbin/%%PWCHECK%%" >> ${PWCHECK_CONF}.tmp
- remove_file ${PWCHECK_CONF}
- fi
-}
-
# delete sasldb database
delete_sasldb() {
@@ -51,11 +38,11 @@ delete_sasldb() {
}
delete_user() {
- if pw usershow cyrus 2>/dev/null 1>&2; then
- echo "To delete Cyrus user permanently, use 'pw userdel cyrus'"
+ if pw usershow ${CYRUS_USER} 2>/dev/null 1>&2; then
+ echo "To delete Cyrus user permanently, use 'pw userdel ${CYRUS_USER}'"
fi
- if pw groupshow cyrus 2>/dev/null 1>&2; then
- echo "To delete Cyrus group permanently, use 'pw groupdel cyrus'"
+ if pw groupshow ${CYRUS_GROUP} 2>/dev/null 1>&2; then
+ echo "To delete Cyrus group permanently, use 'pw groupdel ${CYRUS_GROUP}'"
fi
}
@@ -72,7 +59,6 @@ sendmail_conf() {
case $2 in
DEINSTALL)
delete_sasldb
- delete_rc_conf_d
sendmail_conf
;;
POST-DEINSTALL)
diff --git a/security/cyrus-sasl/pkg-install b/security/cyrus-sasl/pkg-install
index be7e93a1ce9d..cb17283d9d0e 100644
--- a/security/cyrus-sasl/pkg-install
+++ b/security/cyrus-sasl/pkg-install
@@ -13,13 +13,16 @@ PKG_PREFIX=${PKG_PREFIX:=/usr/local}
SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%%
+CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
+CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%}
+
#
# create 'cyrus' user and group before installing
#
create_user() {
- USER=cyrus
- GROUP=cyrus
+ USER=${CYRUS_USER}
+ GROUP=${CYRUS_GROUP}
PW=/usr/sbin/pw
if [ -x /sbin/nologin ]; then
@@ -76,7 +79,7 @@ create_sasldb() {
echo "WARNING: Failed to create ${PKG_PREFIX}/etc/$SASLDB_NAME}"
else
${PKG_PREFIX}/sbin/saslpasswd -d cyrus
- chown cyrus:mail ${SASLDB_NAME}
+ chown ${CYRUS_USER}:mail ${SASLDB_NAME}
chmod 640 ${SASLDB_NAME}
fi
fi
@@ -90,23 +93,6 @@ sendmail_conf() {
fi
}
-create_rc_conf_d() {
- PWCHECK_CONF=${PKG_PREFIX}/etc/rc.conf.d/cyrus_pwcheck
- SASLAUTHD_CONF=${PKG_PREFIX}/etc/rc.conf.d/saslauthd1
-
- if [ ! -d ${PKG_PREFIX}/etc/rc.conf.d ]; then
- mkdir ${PKG_PREFIX}/etc/rc.conf.d
- fi
- if [ ! -f ${SASLAUTHD_CONF} ]; then
- echo "saslauthd1_enable=%%ENABLE_SASLAUTHD%%" > ${SASLAUTHD_CONF}
- echo "saslauthd1_flags=\"-a pam\"" >> ${SASLAUTHD_CONF}
- fi
- if [ ! -f ${PWCHECK_CONF} ]; then
- echo "cyrus_pwcheck_enable=%%ENABLE_PWCHECK%%" > ${PWCHECK_CONF}
- echo "cyrus_pwcheck_program=${PKG_PREFIX}/sbin/%%PWCHECK%%" >> ${PWCHECK_CONF}
- fi
-}
-
case $2 in
PRE-INSTALL)
create_user
@@ -114,7 +100,6 @@ case $2 in
POST-INSTALL)
if [ "${PKG_BATCH}" = "NO" ]; then
create_sasldb
- create_rc_conf_d
sendmail_conf
fi
;;
diff --git a/security/cyrus-sasl/pkg-message b/security/cyrus-sasl/pkg-message
index 2af802713957..e4cfeb9ce050 100644
--- a/security/cyrus-sasl/pkg-message
+++ b/security/cyrus-sasl/pkg-message
@@ -2,7 +2,7 @@
You may need to start the pwcheck or saslauthd daemon for authentication
with the system password files:
- %%PREFIX%%/etc/rc.d/pwcheck.sh start
+ %%PREFIX%%/etc/rc.d/cyrus_pwcheck.sh start
or
%%PREFIX%%/etc/rc.d/saslauthd1.sh start
@@ -13,7 +13,9 @@ or you can use sasldb for authentication, to add users use:
If you want to enable SMTP AUTH with the system Sendmail, read Sendmail.README
NOTE: This port has been compiled with a default pwcheck_method of
- %%PWCHECK_METHOD%%. Set sasl_pwcheck_method to %%PWCHECK_METHOD%%,
- after installing the Cyrus-IMAPd 1.6.24 port. You should also check
- the %%PREFIX%%/lib/sasl/*.conf files for the correct pwcheck_method.
+ %%PWCHECK_METHOD%%. You may need to set sasl_pwcheck_method to
+ %%PWCHECK_METHOD%% after installing either the Cyrus-IMAPd 1.6.24
+ or 2.0.17 ports.
+ You should also check the %%PREFIX%%/lib/sasl/*.conf files for the
+ correct pwcheck_method.
diff --git a/security/cyrus-sasl/pkg-plist b/security/cyrus-sasl/pkg-plist
index eff53e2d4c82..40afd71276b9 100644
--- a/security/cyrus-sasl/pkg-plist
+++ b/security/cyrus-sasl/pkg-plist
@@ -18,27 +18,27 @@ include/sasl1/saslutil.h
lib/libsasl.a
lib/libsasl.so
lib/libsasl.so.8
-lib/sasl/libanonymous.a
-lib/sasl/libanonymous.so
-lib/sasl/libanonymous.so.1
-lib/sasl/libcrammd5.a
-lib/sasl/libcrammd5.so
-lib/sasl/libcrammd5.so.1
-lib/sasl/libdigestmd5.a
-lib/sasl/libdigestmd5.so
-lib/sasl/libdigestmd5.so.0
+%%ANON%%lib/sasl/libanonymous.a
+%%ANON%%lib/sasl/libanonymous.so
+%%ANON%%lib/sasl/libanonymous.so.1
+%%CRAM%%lib/sasl/libcrammd5.a
+%%CRAM%%lib/sasl/libcrammd5.so
+%%CRAM%%lib/sasl/libcrammd5.so.1
+%%DIGEST%%lib/sasl/libdigestmd5.a
+%%DIGEST%%lib/sasl/libdigestmd5.so
+%%DIGEST%%lib/sasl/libdigestmd5.so.0
%%GSSAPI%%lib/sasl/libgssapiv2.a
%%GSSAPI%%lib/sasl/libgssapiv2.so
%%GSSAPI%%lib/sasl/libgssapiv2.so.1
%%EBONES%%lib/sasl/libkerberos4.a
%%EBONES%%lib/sasl/libkerberos4.so
%%EBONES%%lib/sasl/libkerberos4.so.1
-lib/sasl/liblogin.a
-lib/sasl/liblogin.so
-lib/sasl/liblogin.so.0
-lib/sasl/libplain.a
-lib/sasl/libplain.so
-lib/sasl/libplain.so.1
+%%LOGIN%%lib/sasl/liblogin.a
+%%LOGIN%%lib/sasl/liblogin.so
+%%LOGIN%%lib/sasl/liblogin.so.0
+%%PLAIN%%lib/sasl/libplain.a
+%%PLAIN%%lib/sasl/libplain.so
+%%PLAIN%%lib/sasl/libplain.so.1
sbin/sasldblistusers
sbin/saslpasswd
sbin/pwcheck
diff --git a/security/cyrus-sasl/scripts/configure.sasl b/security/cyrus-sasl/scripts/configure.sasl
index 5d3b662861b2..8a72e7bd256c 100644
--- a/security/cyrus-sasl/scripts/configure.sasl
+++ b/security/cyrus-sasl/scripts/configure.sasl
@@ -209,17 +209,6 @@ else
ENABLE_SASLAUTHD=no
fi
-echo "PWCHECK= ${PWCHECK}"
-echo "PWCHECK_METHOD= ${PWCHECK_METHOD}"
-echo "ENABLE_PWCHECK= ${ENABLE_PWCHECK}"
-echo "ENABLE_SASLAUTHD= ${ENABLE_SASLAUTHD}"
-
-echo "RC_SCRIPTS_SUB+= PREFIX=\${PREFIX} \\"
-echo " PWCHECK=\${PWCHECK} \\"
-echo " ENABLE_PWCHECK=\${ENABLE_PWCHECK} \\"
-echo " ENABLE_SASLAUTHD=\${ENABLE_SASLAUTHD} \\"
-echo " MYSQL_REQ=${MYSQL_REQ}"
-
if [ ! "${DEFJAVA}" ]; then
echo "PLIST_SUB+= JAVASASL=\"@comment \""
fi
@@ -228,6 +217,11 @@ if [ ! "${DBLIB}" ]; then
echo "SASLDB_NAME= sasldb.db"
fi
+echo "PWCHECK= ${PWCHECK}"
+echo "PWCHECK_METHOD= ${PWCHECK_METHOD}"
+echo "ENABLE_PWCHECK= ${ENABLE_PWCHECK}"
+echo "ENABLE_SASLAUTHD= ${ENABLE_SASLAUTHD}"
+
if [ "${MSG}" ]; then
if [ -n "${LDAP_REQ}" ]; then
METHOD="LDAP"