aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authoradamw <adamw@FreeBSD.org>2005-01-15 03:25:56 +0800
committeradamw <adamw@FreeBSD.org>2005-01-15 03:25:56 +0800
commit9f7c072fd9186df5b8b696a5dcb1fc298b606dd0 (patch)
tree339b281dc1a3f7ae80346f869b187bc861fdd2af /security
parent1d92f67c5e548a798f07e25c047b471f3cdc9124 (diff)
downloadfreebsd-ports-gnome-9f7c072fd9186df5b8b696a5dcb1fc298b606dd0.tar.gz
freebsd-ports-gnome-9f7c072fd9186df5b8b696a5dcb1fc298b606dd0.tar.zst
freebsd-ports-gnome-9f7c072fd9186df5b8b696a5dcb1fc298b606dd0.zip
Extra super OMFG-I'd-be-screwed-without-you thanks to marcus for the
sleuthing here. - Stop libgnomesu from causing 4.x machines to catch fire and break all your dishes. - Don't install stuff into /etc/pam.d by default. - Install example "gnomesu-pam"s, and include a pkg-message explaining what to do with them (HINT: copy the appropriate one into /etc/pam.d and name it gnomesu-pam). - Fix a double-free. With these fixes, the gnomeu binary in libgnomesu provides a much more comprehensive GNOME su frontend, and the Great Red Eye of Adamwdor is now turned towards sysutils/gnomesu.
Diffstat (limited to 'security')
-rw-r--r--security/libgnomesu/Makefile15
-rw-r--r--security/libgnomesu/files/gnomesu-pam.4.x.sample3
-rw-r--r--security/libgnomesu/files/gnomesu-pam.5.x.sample3
-rw-r--r--security/libgnomesu/files/patch-pam-backend_Makefile.in11
-rw-r--r--security/libgnomesu/files/patch-pam-backend_pam.c12
-rw-r--r--security/libgnomesu/pkg-message17
-rw-r--r--security/libgnomesu/pkg-plist3
7 files changed, 54 insertions, 10 deletions
diff --git a/security/libgnomesu/Makefile b/security/libgnomesu/Makefile
index ad8f8433cc7c..a943c1ec01ac 100644
--- a/security/libgnomesu/Makefile
+++ b/security/libgnomesu/Makefile
@@ -7,11 +7,12 @@
PORTNAME= libgnomesu
PORTVERSION= 0.9.6
+PORTREVISION= 1
CATEGORIES= security gnome
MASTER_SITES= http://members1.chello.nl/~h.lai/libgnomesu/
MAINTAINER= adamw@FreeBSD.org
-COMMENT= Library for su integration with GNOME apps
+COMMENT= Library for and frontend for running commands as root
USE_X_PREFIX= yes
USE_GETOPT_LONG=yes
@@ -23,17 +24,15 @@ CONFIGURE_ENV+= CPPFLAGS="-I${LOCALBASE}/include" \
CONFLICTS= gnomesu-*
-.include <bsd.port.pre.mk>
-
-.if ${OSVERSION} < 500000
-IGNORE= Corrupts PAM configuration
-.endif
-
post-install:
+ ${MKDIR} ${EXAMPLESDIR}
+ ${INSTALL_DATA} ${FILESDIR}/gnomesu-pam.4.x.sample ${EXAMPLESDIR}
+ ${INSTALL_DATA} ${FILESDIR}/gnomesu-pam.5.x.sample ${EXAMPLESDIR}
.if !defined(NOPORTDOCS)
${MKDIR} ${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/doc/api.html ${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/doc/libgnomesu.css ${DOCSDIR}
.endif
+ @${SED} -e "s|%%EXAMPLESDIR%%|${EXAMPLESDIR}|g" ${PKGMESSAGE}
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>
diff --git a/security/libgnomesu/files/gnomesu-pam.4.x.sample b/security/libgnomesu/files/gnomesu-pam.4.x.sample
new file mode 100644
index 000000000000..abaa3ca0a885
--- /dev/null
+++ b/security/libgnomesu/files/gnomesu-pam.4.x.sample
@@ -0,0 +1,3 @@
+gnomesu-pam auth required pam_unix.so try_first_pass
+gnomesu-pam session required pam_permit.so
+gnomesu-pam account required pam_permit.so
diff --git a/security/libgnomesu/files/gnomesu-pam.5.x.sample b/security/libgnomesu/files/gnomesu-pam.5.x.sample
new file mode 100644
index 000000000000..22120ae72b10
--- /dev/null
+++ b/security/libgnomesu/files/gnomesu-pam.5.x.sample
@@ -0,0 +1,3 @@
+auth required pam_unix.so try_first_pass
+session required pam_permit.so
+account required pam_permit.so
diff --git a/security/libgnomesu/files/patch-pam-backend_Makefile.in b/security/libgnomesu/files/patch-pam-backend_Makefile.in
new file mode 100644
index 000000000000..fc57445b65f3
--- /dev/null
+++ b/security/libgnomesu/files/patch-pam-backend_Makefile.in
@@ -0,0 +1,11 @@
+--- pam-backend/Makefile.in.orig Fri Jan 14 12:47:56 2005
++++ pam-backend/Makefile.in Fri Jan 14 12:52:31 2005
+@@ -205,7 +205,7 @@
+ @HAVE_PAM_TRUE@gnomesu_pam_backend_DEPENDENCIES = $(top_srcdir)/su-backend/libcommon.la
+
+ @HAVE_PAM_TRUE@@INSTALL_PAM_TRUE@pamdir = $(PAMDIR)
+-@HAVE_PAM_TRUE@@INSTALL_PAM_TRUE@pam_DATA = gnomesu-pam
++@HAVE_PAM_TRUE@@INSTALL_PAM_FALSE@pam_DATA = gnomesu-pam
+
+ @HAVE_PAM_TRUE@installed_exe = $(DESTDIR)$(libexecdir)/`echo gnomesu-pam-backend | sed $(transform)`
+
diff --git a/security/libgnomesu/files/patch-pam-backend_pam.c b/security/libgnomesu/files/patch-pam-backend_pam.c
index e43d290cc2df..d75a74c675d4 100644
--- a/security/libgnomesu/files/patch-pam-backend_pam.c
+++ b/security/libgnomesu/files/patch-pam-backend_pam.c
@@ -1,5 +1,5 @@
---- pam-backend/pam.c.orig Thu Jan 13 23:43:53 2005
-+++ pam-backend/pam.c Thu Jan 13 23:43:59 2005
+--- pam-backend/pam.c.orig Wed Jan 12 07:16:27 2005
++++ pam-backend/pam.c Fri Jan 14 14:14:42 2005
@@ -17,7 +17,7 @@
*/
@@ -9,3 +9,11 @@
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
+@@ -276,7 +276,6 @@
+ #ifdef HAVE_SETFSUID
+ setfsuid (pw->pw_uid);
+ #endif /* HAVE_SETFSUID */
+- change_identity (pw);
+ initgroups (pw->pw_name, pw->pw_gid);
+ setgid (pw->pw_gid);
+ setuid (pw->pw_uid);
diff --git a/security/libgnomesu/pkg-message b/security/libgnomesu/pkg-message
new file mode 100644
index 000000000000..def29979104f
--- /dev/null
+++ b/security/libgnomesu/pkg-message
@@ -0,0 +1,17 @@
+
+####################################################
+
+The gnomesu part of libgnomesu will use su(1) without
+any further work. To utilize the PAM support, however,
+you must perform the following:
+
+On 4.x:
+ cp %%EXAMPLESDIR%%/gnomesu-pam.4.x.sample \
+ /etc/pam.d/gnomesu-pam
+
+On 5.x:
+ cp %%EXAMPLESDIR%%/gnomesu-pam.5.x.sample \
+ /etc/pam.d/gnomesu-pam
+
+####################################################
+
diff --git a/security/libgnomesu/pkg-plist b/security/libgnomesu/pkg-plist
index 6809005e8936..43bd8a8a3a13 100644
--- a/security/libgnomesu/pkg-plist
+++ b/security/libgnomesu/pkg-plist
@@ -9,6 +9,8 @@ libexec/gnomesu-backend
libexec/gnomesu-pam-backend
%%PORTDOCS%%%%DOCSDIR%%/api.html
%%PORTDOCS%%%%DOCSDIR%%/libgnomesu.css
+%%EXAMPLESDIR%%/gnomesu-pam.4.x.sample
+%%EXAMPLESDIR%%/gnomesu-pam.5.x.sample
share/gnome/application-registry/gnomesu-nautilus.applications
share/gnome/mime-info/gnomesu-nautilus.keys
share/locale/az/LC_MESSAGES/libgnomesu-1.0.mo
@@ -43,4 +45,5 @@ share/locale/sv/LC_MESSAGES/libgnomesu-1.0.mo
share/locale/zh_CN/LC_MESSAGES/libgnomesu-1.0.mo
share/locale/zh_TW/LC_MESSAGES/libgnomesu-1.0.mo
@dirrm include/libgnomesu-1.0/libgnomesu
+@dirrm %%EXAMPLESDIR%%
%%PORTDOCS%%@dirrm %%DOCSDIR%%