diff options
| author | girgen <girgen@FreeBSD.org> | 2015-07-24 18:54:41 +0800 |
|---|---|---|
| committer | girgen <girgen@FreeBSD.org> | 2015-07-24 18:54:41 +0800 |
| commit | 85c04791199f5bc6ff378bb33be12b4fe8546281 (patch) | |
| tree | 65795872f4bf16e30c14f915d06a6839e2341a78 /security | |
| parent | 25db6437060d5812d09817fc8c1bff5530b1d914 (diff) | |
| download | freebsd-ports-gnome-85c04791199f5bc6ff378bb33be12b4fe8546281.tar.gz freebsd-ports-gnome-85c04791199f5bc6ff378bb33be12b4fe8546281.tar.zst freebsd-ports-gnome-85c04791199f5bc6ff378bb33be12b4fe8546281.zip | |
The new shibboleth will refuse to accept -u when it was
already su:ed to that user. Trust shibboleth to change user.
Diffstat (limited to 'security')
| -rw-r--r-- | security/shibboleth2-sp/Makefile | 1 | ||||
| -rw-r--r-- | security/shibboleth2-sp/files/shibboleth-sp.in | 16 |
2 files changed, 9 insertions, 8 deletions
diff --git a/security/shibboleth2-sp/Makefile b/security/shibboleth2-sp/Makefile index abe23bdc6921..1db80afd9e79 100644 --- a/security/shibboleth2-sp/Makefile +++ b/security/shibboleth2-sp/Makefile @@ -3,6 +3,7 @@ PORTNAME= shibboleth-sp PORTVERSION= 2.5.5 +PORTREVISION= 1 CATEGORIES= security www MASTER_SITES= http://shibboleth.net/downloads/service-provider/${PORTVERSION}/ diff --git a/security/shibboleth2-sp/files/shibboleth-sp.in b/security/shibboleth2-sp/files/shibboleth-sp.in index f6c4690ab121..73c0059498dd 100644 --- a/security/shibboleth2-sp/files/shibboleth-sp.in +++ b/security/shibboleth2-sp/files/shibboleth-sp.in @@ -21,13 +21,13 @@ restart_precmd="shibboleth_sp_configtest" configtest_cmd="shibboleth_sp_configtest" keygen_cmd="shibboleth_sp_keygen" -shibboleth_sp_user=%%SHIBD_USER%% +shibboleth_sp_usr=%%SHIBD_USER%% shibboleth_sp_group=%%SHIBD_GROUP%% www_group=%%WWWGRP%% load_rc_config $name -command_args="-f -p ${pidfile} -u ${shibboleth_sp_user} -g ${shibboleth_sp_group}" +command_args="-f -p ${pidfile} -u ${shibboleth_sp_usr} -g ${shibboleth_sp_group}" confdir=${SHIBSP_CFGDIR:-%%PREFIX%%/etc}/shibboleth cert=sp-cert.pem key=sp-key.pem @@ -37,20 +37,20 @@ shibboleth_sp_configtest() { run_rc_command keygen else # update from 2.4.x, chown %%SHIBD_USER%% the key and cert - chown ${shibboleth_sp_user}:${shibboleth_sp_group} ${confdir}/${key} ${confdir}/${cert} + chown ${shibboleth_sp_usr}:${shibboleth_sp_group} ${confdir}/${key} ${confdir}/${cert} chmod 400 ${confdir}/${key} chmod 444 ${confdir}/${cert} fi # In FreeBSD 10 (r258664), /var/cache mode is corrected to 755. make sure we have that mode. chmod 755 /var/cache - install -d -o ${shibboleth_sp_user} -g ${shibboleth_sp_group} /var/log/shibboleth - install -d -o ${shibboleth_sp_user} -g ${shibboleth_sp_group} /var/cache/shibboleth - install -d -o ${shibboleth_sp_user} -g ${www_group} -m 750 /var/run/shibboleth - ${command} ${shibboleth_sp_flags} -u ${shibboleth_sp_user} -g ${shibboleth_sp_group} -t + install -d -o ${shibboleth_sp_usr} -g ${shibboleth_sp_group} /var/log/shibboleth + install -d -o ${shibboleth_sp_usr} -g ${shibboleth_sp_group} /var/cache/shibboleth + install -d -o ${shibboleth_sp_usr} -g ${www_group} -m 750 /var/run/shibboleth + ${command} ${shibboleth_sp_flags} -u ${shibboleth_sp_usr} -g ${shibboleth_sp_group} -t } shibboleth_sp_keygen() { - %%SH%% ${confdir}/keygen.sh -o ${confdir} -u ${shibboleth_sp_user} -g ${shibboleth_sp_group} + %%SH%% ${confdir}/keygen.sh -o ${confdir} -u ${shibboleth_sp_usr} -g ${shibboleth_sp_group} } extra_commands="configtest keygen" |