From f7e73bff235035b837682ecee4d460d77ed40f8e Mon Sep 17 00:00:00 2001 From: arved Date: Fri, 9 May 2003 12:41:21 +0000 Subject: * Fix some problems with building the Kerberos IV and 5 mechs. * Made the port to optionally not build the mechs, define WITHOUT_[ANONYMOUS,CRAM,DIGEST,LOGIN,OTP,GSSAPI,PLAIN]. * The Kerberos IV case is special, as we can use the base kerberos 4x (<=5.0-RELEASE), or use the security/krb4 port. WITH_KERBEROS4 - use security/krb4 port if <=5.0-RELEASE, use krb4 port only if /usr/lib/libkrb.a doesn't exist WITHOUT_KERBEROS4 - disables using the base systems /usr/lib/libkrb.a (<=5.0), if it exists and MAKE_KERBEROS4 defined in /etc/make.conf * Changed the combined rcNG/rcOG scripts, so that the defaults are at the top of the rc.d script and not in an external file to the script. PR: 51505 Submitted by: maintainer --- security/cyrus-sasl/Makefile | 104 ++++++++++++++++----- security/cyrus-sasl/files/patch-ab | 42 ++++++++- .../cyrus-sasl/files/patch-plugins::kerberos4.c | 48 ++++++++++ security/cyrus-sasl/files/pwcheck.sh | 49 +++------- security/cyrus-sasl/files/saslauthd.sh | 46 ++------- security/cyrus-sasl/pkg-deinstall | 28 ++---- security/cyrus-sasl/pkg-install | 27 ++---- security/cyrus-sasl/pkg-message | 10 +- security/cyrus-sasl/pkg-plist | 30 +++--- security/cyrus-sasl/scripts/configure.sasl | 16 +--- 10 files changed, 228 insertions(+), 172 deletions(-) create mode 100644 security/cyrus-sasl/files/patch-plugins::kerberos4.c (limited to 'security') diff --git a/security/cyrus-sasl/Makefile b/security/cyrus-sasl/Makefile index 15f5c11d3806..89863bc363f8 100644 --- a/security/cyrus-sasl/Makefile +++ b/security/cyrus-sasl/Makefile @@ -7,7 +7,7 @@ PORTNAME= cyrus-sasl PORTVERSION= 1.5.28 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \ ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/ \ @@ -56,7 +56,6 @@ CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \ --with-dbpath=${PREFIX}/etc/sasldb \ --includedir=${PREFIX}/include/sasl1 \ --enable-static \ - --enable-login \ --with-saslauthd=/var/state/saslauthd1 \ --enable-auth-sasldb \ --with-pwcheck=/var/pwcheck \ @@ -76,17 +75,67 @@ SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \ JAVADIR?= jdk1.3.1 JAVALIBDIR?= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/ -.if defined(KRB5_HOME) && exists(${KRB5_HOME}) +.if defined(WITHOUT_ANONYMOUS) +CONFIGURE_ARGS+= --disable-anon +ANON= "@comment " +.endif + +.if defined(WITHOUT_CRAM) +CONFIGURE_ARGS+= --disable-cram +CRAM= "@comment " +.endif + +.if defined(WITHOUT_DIGEST) +CONFIGURE_ARGS+= --disable-digest +DIGEST= "@comment " +.endif + +# Outlook and Outlook Express requires the LOGIN mech +.if defined(WITHOUT_LOGIN) +CONFIGURE_ARGS+= --disable-login +LOGIN= "@comment " +.else +CONFIGURE_ARGS+= --enable-login +.endif + +.if defined(WITHOUT_OTP) +CONFIGURE_ARGS+= --disable-otp +OTP= "@comment " +.endif + +# Netscape requires the PLAIN mech +.if defined(WITHOUT_PLAIN) +CONFIGURE_ARGS+= --disable-plain +PLAIN= "@comment " +.endif + +.if !defined(WITHOUT_GSSAPI) && defined(KRB5_HOME) && exists(${KRB5_HOME}/lib/libgssapi_krb5.a) CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME} -.elif defined(HEIMDAL_HOME) && exists(${HEIMDAL_HOME}) +.elif !defined(WITHOUT_GSSAPI) && defined(HEIMDAL_HOME) && exists(${HEIMDAL_HOME}/lib/libgssapi.a) CONFIGURE_ARGS+= --enable-gssapi=${HEIMDAL_HOME} +.elif !defined(WITHOUT_GSSAPI) && defined(MAKE_KERBEROS5) && exists(/usr/lib/libkrb5.a) +CONFIGURE_ARGS+= --enable-gssapi .else CONFIGURE_ARGS+= --disable-gssapi GSSAPI= "@comment " .endif -.if exists(/usr/lib/libkrb.a) +.include + +# KERBEROS 4 was removed in FreeBSD 5.0-CURRENT +.if ${OSVERSION} > 500105 +.if defined(WITH_KERBEROS4) +LIB_DEPENDS+= krb.2:${PORTSDIR}/security/krb4 +CONFIGURE_ARGS+= --enable-krb4=${LOCALBASE}/krb4 +.else +CONFIGURE_ARGS+= --disable-krb4 +EBONES= "@comment " +.endif +.elif exists(/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4) && !defined(WITHOUT_KERBEROS4) CONFIGURE_ARGS+= --enable-krb4 +.elif !exists(/usr/lib/libkrb.a) && defined(WITH_KERBEROS4) +LIB_DEPENDS+= krb.2:${PORTSDIR}/security/krb4 +CONFIGURE_ARGS+= --enable-krb4=${LOCALBASE}/krb4 .else CONFIGURE_ARGS+= --disable-krb4 EBONES= "@comment " @@ -96,9 +145,18 @@ CONFIGURE_ENV+= LOCALBASE=${LOCALBASE} \ OPENSSLINC=${OPENSSLINC} \ OPENSSLLIB=${OPENSSLLIB} +CYRUS_USER?= cyrus +CYRUS_GROUP?= cyrus + DOCS= AUTHORS COPYING ChangeLog INSTALL NEWS README TODO PLIST_SUB= PREFIX=${PREFIX} \ + ANON=${ANON} \ + OTP=${OTP} \ + CRAM=${CRAM} \ + DIGEST=${DIGEST} \ + LOGIN=${LOGIN} \ + PLAIN=${PLAIN} \ GSSAPI=${GSSAPI} \ EBONES=${EBONES} \ DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \ @@ -110,7 +168,6 @@ PKGDEINSTALL= ${WRKDIR}/pkg-deinstall PKGINSTALL= ${WRKDIR}/pkg-install PKGMESSAGE= ${WRKDIR}/pkg-message -.include .if ${OSVERSION} < 450000 FMT= /usr/bin/fmt .else @@ -124,6 +181,21 @@ pre-fetch: .include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc" .endif +RC_SCRIPTS_SUB= PREFIX=${PREFIX} \ + PWCHECK=${PWCHECK} \ + ENABLE_PWCHECK=${ENABLE_PWCHECK} \ + ENABLE_SASLAUTHD=${ENABLE_SASLAUTHD} \ + MYSQL_REQ=${MYSQL_REQ} + +PKG_SCRIPTS_SUB= PREFIX=${PREFIX} \ + CYRUS_USER=${CYRUS_USER} \ + CYRUS_GROUP=${CYRUS_GROUP} \ + ENABLE_PWCHECK=${ENABLE_PWCHECK} \ + ENABLE_SASLAUTHD=${ENABLE_SASLAUTHD} \ + PWCHECK=${PWCHECK} \ + PWCHECK_METHOD=${PWCHECK_METHOD} \ + SASLDB=${SASLDB_NAME} + post-extract: @${CP} ${FILESDIR}/pwcheck_pam.c ${WRKSRC}/pwcheck @@ -132,17 +204,9 @@ pre-patch: # Fix pkg-{install/deinstall/messages} post-patch: - @${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \ - -e "s;%%PWCHECK%%;${PWCHECK};g" \ - -e "s;%%ENABLE_PWCHECK%%;${ENABLE_PWCHECK};g" \ - -e "s;%%PWCHECK_METHOD%%;${PWCHECK_METHOD};g" \ - -e "s;%%ENABLE_SASLAUTHD%%;${ENABLE_SASLAUTHD};g" \ + @${SED} ${PKG_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ ${.CURDIR}/pkg-install > ${PKGINSTALL} - @${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \ - -e "s;%%PWCHECK%%;${PWCHECK};g" \ - -e "s;%%ENABLE_PWCHECK%%;${ENABLE_PWCHECK};g" \ - -e "s;%%PWCHECK_METHOD%%;${PWCHECK_METHOD};g" \ - -e "s;%%ENABLE_SASLAUTHD%%;${ENABLE_SASLAUTHD};g" \ + @${SED} ${PKG_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ ${.CURDIR}/pkg-deinstall > ${PKGDEINSTALL} @${SED} -e "s;%%PWCHECK_METHOD%%;${PWCHECK_METHOD};g" \ -e "s;%%PREFIX%%;${PREFIX};g" \ @@ -182,8 +246,8 @@ post-install: @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ ${FILESDIR}/cyrus_sasl1 > ${PREFIX}/etc/rc.d/cyrus_sasl1 @${CHMOD} 755 ${PREFIX}/etc/rc.d/cyrus_sasl1 - ${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck - ${INSTALL} -d -m 770 -o cyrus -g cyrus /var/state/saslauthd1 + ${INSTALL} -d -m 770 -o ${CYRUS_USER} -g ${CYRUS_GROUP} /var/pwcheck + ${INSTALL} -d -m 770 -o ${CYRUS_USER} -g ${CYRUS_GROUP} /var/state/saslauthd1 .if !defined(NOPORTDOCS) @${MKDIR} ${DOCSDIR} .for file in ${DOCS} @@ -214,8 +278,4 @@ post-install: post-clean: @${RM} -f ${WRKDIRPREFIX}${.CURDIR}/Makefile.inc -#if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc) -#include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc" -#endif - .include diff --git a/security/cyrus-sasl/files/patch-ab b/security/cyrus-sasl/files/patch-ab index d87eafb4ba8b..acf1e6da4495 100644 --- a/security/cyrus-sasl/files/patch-ab +++ b/security/cyrus-sasl/files/patch-ab @@ -1,5 +1,5 @@ ---- configure.in.orig Tue Feb 18 13:18:11 2003 -+++ configure.in Tue Feb 18 14:34:11 2003 +--- configure.in.orig Wed Feb 26 23:00:39 2003 ++++ configure.in Wed Feb 26 23:22:03 2003 @@ -66,8 +66,12 @@ dnl check for -R, etc. switch CMU_GUESS_RUNPATH_SWITCH @@ -104,3 +104,41 @@ AC_SUBST(LIB_DES) +@@ -563,8 +595,8 @@ + AC_CHECK_HEADER(krb.h, + AC_CHECK_LIB(com_err, com_err, + AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err", +- krb4=no, -ldes -lcom_err), +- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", krb4=no, -ldes))) ++ krb4=no, ${LIB_DES} -lcrypt -lcom_err), ++ AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", krb4=no, ${LIB_DES}))) + + else + AC_WARN(No DES library found for Kerberos V4 support) +@@ -592,7 +624,7 @@ + AC_MSG_RESULT(enabled) + SASL_MECHS="$SASL_MECHS libkerberos4.la" + AC_DEFINE(HAVE_KRB) +- SASL_KRB_LIB="-lkrb -ldes $COM_ERR" ++ SASL_KRB_LIB="-lkrb $LIB_DES $COM_ERR" + AC_SUBST(SASL_KRB_LIB) + else + AC_MSG_RESULT(disabled) +@@ -631,7 +663,7 @@ + + # the base64_decode check fails because libroken has dependencies + # FIXME: this is probabally non-optimal as well +- AC_CHECK_LIB(krb5,krb5_vlog,gss_impl="heimdal",,) ++ AC_CHECK_LIB(krb5,krb5_vlog,gss_impl="heimdal",, -lasn1 ${LIB_DES} -lroken ${LIB_CRYPT} -lcom_err) + # AC_CHECK_LIB(roken,base64_decode,gss_impl="heimdal",, $LIB_CRYPT) + + if test -d ${gssapi}; then +@@ -641,7 +673,7 @@ + if test "$gss_impl" = mit; then + GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err" + elif test "$gss_impl" = "heimdal"; then +- GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 -ldes -lasn1 -lroken ${LIB_CRYPT} -lcom_err" ++ GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 ${LIB_DES} -lasn1 -lroken ${LIB_CRYPT} -lcom_err" + else + gssapi="no" + AC_WARN(Disabling GSSAPI) diff --git a/security/cyrus-sasl/files/patch-plugins::kerberos4.c b/security/cyrus-sasl/files/patch-plugins::kerberos4.c new file mode 100644 index 000000000000..efef81b3adde --- /dev/null +++ b/security/cyrus-sasl/files/patch-plugins::kerberos4.c @@ -0,0 +1,48 @@ +--- plugins/kerberos4.c.orig Wed Feb 26 22:20:04 2003 ++++ plugins/kerberos4.c Wed Feb 26 22:30:25 2003 +@@ -711,14 +730,18 @@ + #ifdef __FreeBSD__ + des_pcbc_encrypt((const unsigned char *)in, + (unsigned char *)in, ++ clientinlen, ++ text->init_keysched, ++ &text->session, ++ DES_DECRYPT); + #else + des_pcbc_encrypt((des_cblock *)in, + (des_cblock *)in, +-#endif + clientinlen, + text->init_keysched, + &text->session, + DES_DECRYPT); ++#endif + + testnum=(in[0]*256*256*256)+(in[1]*256*256)+(in[2]*256)+in[3]; + +@@ -1255,18 +1278,22 @@ + len++; + } + sout[len]=0; ++ + #ifdef __FreeBSD__ + des_pcbc_encrypt((const unsigned char *)sout, +- (unsigned char *)sout, ++ (unsigned char *)sout, ++ len, ++ text->init_keysched, ++ (des_cblock *)text->session, ++ DES_ENCRYPT); + #else +- + des_pcbc_encrypt((des_cblock *)sout, + (des_cblock *)sout, +-#endif + len, + text->init_keysched, + (des_cblock *)text->session, + DES_ENCRYPT); ++#endif + + *clientout = params->utils->malloc(len); + memcpy((char *) *clientout, sout, len); diff --git a/security/cyrus-sasl/files/pwcheck.sh b/security/cyrus-sasl/files/pwcheck.sh index fb0d6733a9ee..7dbfde8711d7 100644 --- a/security/cyrus-sasl/files/pwcheck.sh +++ b/security/cyrus-sasl/files/pwcheck.sh @@ -12,18 +12,18 @@ # If you want this script to start with the base rc scripts # move cyrus_pwcheck.sh to /etc/rc.d/cyrus_pwcheck -# Define the following cyrus_pwcheck_* variables in one of the following: -# /etc/rc.conf -# /etc/rc.conf.d/pwcheck -# ${prefix}/etc/rc.conf.d/pwcheck +prefix=%%PREFIX%% + +# Define these cyrus_pwcheck_* variables in one of these files: +# /etc/rc.conf +# /etc/rc.conf.local +# /etc/rc.conf.d/cyrus_pwcheck # -# cyrus_pwcheck_enable - Set to YES to enable pwcheck -# Default: %%ENABLE_PWCHECK%% +# DO NOT CHANGE THESE DEFAULT VALUES HERE # -# cyrus_pwcheck_program - Path to pwcheck program (pwcheck/pwcheck_pam) -# Default: ${prefix}/sbin/%%PWCHECK%% - -prefix=%%PREFIX%% +cyrus_pwcheck_enable="%%ENABLE_PWCHECK%%" # Enable pwcheck daemon +cyrus_pwcheck_program="${prefix}/sbin/%%PWCHECK%%" # pwcheck program to use + # (pwcheck/pwcheck_pam) if [ -f /etc/rc.subr ]; then . /etc/rc.subr @@ -33,22 +33,7 @@ if [ -f /etc/rc.subr ]; then command=${prefix}/sbin/%%PWCHECK%% pidfile="/var/run/pwcheck.pid" - # The below may be removed when load_local_rc_config is added to rc.subr - - if [ -f ${prefix}/etc/rc.conf.d/"$name" ]; then - debug "Sourcing ${prefix}/etc/rc.conf.d/${name}" - . ${prefix}/etc/rc.conf.d/"$name" - fi - load_rc_config $name - - if [ -z "${cyrus_pwcheck_enable}" ] ; then - cyrus_pwcheck_enable=%%ENABLE_PWCHECK%% - fi - - # The above may be removed when load_local_rc_config is added to rc.subr - # - # load_local_rc_config $name run_rc_command "$1" else # Suck in the configuration variables. @@ -61,23 +46,11 @@ else fi fi - if [ -f "${prefix}/etc/rc.conf.d/cyrus_pwcheck" ]; then - . ${prefix}/etc/rc.conf.d/cyrus_pwcheck - fi - - if [ -z "${cyrus_pwcheck_enable}" ] ; then - cyrus_pwcheck_enable=%%ENABLE_PWCHECK%% - fi - - if [ -z "${cyrus_pwcheck_program}" ]; then - cyrus_pwcheck_program=${prefix}/sbin/%%PWCHECK%% - fi - rc=0 case "${cyrus_pwcheck_enable}" in [Yy][Ee][Ss]) - case "${action}" in + case "${1}" in start) if [ -x ${cyrus_pwcheck_program} ] ; then diff --git a/security/cyrus-sasl/files/saslauthd.sh b/security/cyrus-sasl/files/saslauthd.sh index a477f80ab4a4..966179116d16 100644 --- a/security/cyrus-sasl/files/saslauthd.sh +++ b/security/cyrus-sasl/files/saslauthd.sh @@ -12,21 +12,18 @@ # If you want this script to start with the base rc scripts # move saslauthd1.sh to /etc/rc.d/saslauthd1 -# Define the following saslauthd1_* variables in one of the following: +prefix=%%PREFIX%% + +# Define these saslauthd1_* variables in one of these files: # /etc/rc.conf +# /etc/rc.conf.local # /etc/rc.conf.d/saslauthd1 -# ${prefix}/etc/rc.conf.d/saslauthd1 -# -# saslauthd1_enable - Set to YES to enable saslauthd -# Default: %%ENABLE_SASLAUTHD%% # -# saslauthd1_program - Path to saslauthd program -# Default: ${prefix}/sbin/saslauthd1 +# DO NOT CHANGE THESE DEFAULT VALUES HERE # -# saslauthd1_flags - Flags to saslauthd program -# Default: -a pam - -prefix=%%PREFIX%% +saslauthd1_enable="%%ENABLE_SASLAUTHD%%" # Enable saslauthd +#saslauthd1_program="${prefix}/sbin/saslauthd1" # Location of saslauthd1 +saslauthd1_flags="-a pam" # Flags to saslauthd program if [ -f /etc/rc.subr ]; then . /etc/rc.subr @@ -36,22 +33,7 @@ if [ -f /etc/rc.subr ]; then command="${prefix}/sbin/${name}" pidfile="/var/state/${name}/mux.pid" - # The below may be removed when load_local_rc_config is added to rc.subr - - if [ -f ${prefix}/etc/rc.conf.d/"$name" ]; then - debug "Sourcing ${prefix}/etc/rc.conf.d/${name}" - . ${prefix}/etc/rc.conf.d/"$name" - fi - load_rc_config $name - - if [ -z "${saslauthd1_enable}" ]; then - saslauthd1_enable=%%ENABLE_SASLAUTHD%% - fi - - # The above may be removed when load_local_rc_config is added to rc.subr - # - #load_local_rc_config $name run_rc_command "$1" else # Suck in the configuration variables. @@ -64,19 +46,11 @@ else fi fi - if [ -f ${prefix}/etc/rc.conf.d/saslauthd1 ]; then - . ${prefix}/etc/rc.conf.d/saslauthd1 - fi - if [ -n "${sasl_saslauthd1_enable}" ]; then echo "sasl_saslauthd1_enable has been depreciated, use saslauthd1_enable instead" saslauthd1_enable=$sasl_saslauthd1_enable fi - if [ -z "${saslauthd1_enable}" ]; then - saslauthd1_enable=%%ENABLE_SASLAUTHD%% - fi - if [ -z "${saslauthd1_program}" ]; then saslauthd1_program=${prefix}/sbin/saslauthd1 fi @@ -86,10 +60,6 @@ else saslauthd1_flags=$sasl_saslauthd1_flags fi - if [ -z "${saslauthd1_flags}" ]; then - saslauthd1_flags="-a pam" - fi - rc=0 case "${saslauthd1_enable}" in diff --git a/security/cyrus-sasl/pkg-deinstall b/security/cyrus-sasl/pkg-deinstall index 30fa993e9275..02d41095c0cf 100644 --- a/security/cyrus-sasl/pkg-deinstall +++ b/security/cyrus-sasl/pkg-deinstall @@ -12,6 +12,9 @@ PKG_PREFIX=${PKG_PREFIX:=/usr/local} SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%% +CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%} +CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%} + remove_file() { file=$1 @@ -22,22 +25,6 @@ remove_file() rm -f ${file}.tmp } -delete_rc_conf_d() { - PWCHECK_CONF=${PKG_PREFIX}/etc/rc.conf.d/cyrus_pwcheck - SASLAUTHD_CONF=${PKG_PREFIX}/etc/rc.conf.d/saslauthd1 - - if [ -f ${SASLAUTHD_CONF} ]; then - echo "saslauthd1_enable=%%ENABLE_SASLAUTHD%%" >> ${SASLAUTHD_CONF}.tmp - echo "saslauthd1_flags=\"-a pam\"" >> ${SASLAUTHD_CONF}.tmp - remove_file ${SASLAUTHD_CONF} - fi - if [ -f ${PWCHECK_CONF} ]; then - echo "cyrus_pwcheck_enable=%%ENABLE_PWCHECK%%" > ${PWCHECK_CONF}.tmp - echo "cyrus_pwcheck_program=${PKG_PREFIX}/sbin/%%PWCHECK%%" >> ${PWCHECK_CONF}.tmp - remove_file ${PWCHECK_CONF} - fi -} - # delete sasldb database delete_sasldb() { @@ -51,11 +38,11 @@ delete_sasldb() { } delete_user() { - if pw usershow cyrus 2>/dev/null 1>&2; then - echo "To delete Cyrus user permanently, use 'pw userdel cyrus'" + if pw usershow ${CYRUS_USER} 2>/dev/null 1>&2; then + echo "To delete Cyrus user permanently, use 'pw userdel ${CYRUS_USER}'" fi - if pw groupshow cyrus 2>/dev/null 1>&2; then - echo "To delete Cyrus group permanently, use 'pw groupdel cyrus'" + if pw groupshow ${CYRUS_GROUP} 2>/dev/null 1>&2; then + echo "To delete Cyrus group permanently, use 'pw groupdel ${CYRUS_GROUP}'" fi } @@ -72,7 +59,6 @@ sendmail_conf() { case $2 in DEINSTALL) delete_sasldb - delete_rc_conf_d sendmail_conf ;; POST-DEINSTALL) diff --git a/security/cyrus-sasl/pkg-install b/security/cyrus-sasl/pkg-install index be7e93a1ce9d..cb17283d9d0e 100644 --- a/security/cyrus-sasl/pkg-install +++ b/security/cyrus-sasl/pkg-install @@ -13,13 +13,16 @@ PKG_PREFIX=${PKG_PREFIX:=/usr/local} SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%% +CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%} +CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%} + # # create 'cyrus' user and group before installing # create_user() { - USER=cyrus - GROUP=cyrus + USER=${CYRUS_USER} + GROUP=${CYRUS_GROUP} PW=/usr/sbin/pw if [ -x /sbin/nologin ]; then @@ -76,7 +79,7 @@ create_sasldb() { echo "WARNING: Failed to create ${PKG_PREFIX}/etc/$SASLDB_NAME}" else ${PKG_PREFIX}/sbin/saslpasswd -d cyrus - chown cyrus:mail ${SASLDB_NAME} + chown ${CYRUS_USER}:mail ${SASLDB_NAME} chmod 640 ${SASLDB_NAME} fi fi @@ -90,23 +93,6 @@ sendmail_conf() { fi } -create_rc_conf_d() { - PWCHECK_CONF=${PKG_PREFIX}/etc/rc.conf.d/cyrus_pwcheck - SASLAUTHD_CONF=${PKG_PREFIX}/etc/rc.conf.d/saslauthd1 - - if [ ! -d ${PKG_PREFIX}/etc/rc.conf.d ]; then - mkdir ${PKG_PREFIX}/etc/rc.conf.d - fi - if [ ! -f ${SASLAUTHD_CONF} ]; then - echo "saslauthd1_enable=%%ENABLE_SASLAUTHD%%" > ${SASLAUTHD_CONF} - echo "saslauthd1_flags=\"-a pam\"" >> ${SASLAUTHD_CONF} - fi - if [ ! -f ${PWCHECK_CONF} ]; then - echo "cyrus_pwcheck_enable=%%ENABLE_PWCHECK%%" > ${PWCHECK_CONF} - echo "cyrus_pwcheck_program=${PKG_PREFIX}/sbin/%%PWCHECK%%" >> ${PWCHECK_CONF} - fi -} - case $2 in PRE-INSTALL) create_user @@ -114,7 +100,6 @@ case $2 in POST-INSTALL) if [ "${PKG_BATCH}" = "NO" ]; then create_sasldb - create_rc_conf_d sendmail_conf fi ;; diff --git a/security/cyrus-sasl/pkg-message b/security/cyrus-sasl/pkg-message index 2af802713957..e4cfeb9ce050 100644 --- a/security/cyrus-sasl/pkg-message +++ b/security/cyrus-sasl/pkg-message @@ -2,7 +2,7 @@ You may need to start the pwcheck or saslauthd daemon for authentication with the system password files: - %%PREFIX%%/etc/rc.d/pwcheck.sh start + %%PREFIX%%/etc/rc.d/cyrus_pwcheck.sh start or %%PREFIX%%/etc/rc.d/saslauthd1.sh start @@ -13,7 +13,9 @@ or you can use sasldb for authentication, to add users use: If you want to enable SMTP AUTH with the system Sendmail, read Sendmail.README NOTE: This port has been compiled with a default pwcheck_method of - %%PWCHECK_METHOD%%. Set sasl_pwcheck_method to %%PWCHECK_METHOD%%, - after installing the Cyrus-IMAPd 1.6.24 port. You should also check - the %%PREFIX%%/lib/sasl/*.conf files for the correct pwcheck_method. + %%PWCHECK_METHOD%%. You may need to set sasl_pwcheck_method to + %%PWCHECK_METHOD%% after installing either the Cyrus-IMAPd 1.6.24 + or 2.0.17 ports. + You should also check the %%PREFIX%%/lib/sasl/*.conf files for the + correct pwcheck_method. diff --git a/security/cyrus-sasl/pkg-plist b/security/cyrus-sasl/pkg-plist index eff53e2d4c82..40afd71276b9 100644 --- a/security/cyrus-sasl/pkg-plist +++ b/security/cyrus-sasl/pkg-plist @@ -18,27 +18,27 @@ include/sasl1/saslutil.h lib/libsasl.a lib/libsasl.so lib/libsasl.so.8 -lib/sasl/libanonymous.a -lib/sasl/libanonymous.so -lib/sasl/libanonymous.so.1 -lib/sasl/libcrammd5.a -lib/sasl/libcrammd5.so -lib/sasl/libcrammd5.so.1 -lib/sasl/libdigestmd5.a -lib/sasl/libdigestmd5.so -lib/sasl/libdigestmd5.so.0 +%%ANON%%lib/sasl/libanonymous.a +%%ANON%%lib/sasl/libanonymous.so +%%ANON%%lib/sasl/libanonymous.so.1 +%%CRAM%%lib/sasl/libcrammd5.a +%%CRAM%%lib/sasl/libcrammd5.so +%%CRAM%%lib/sasl/libcrammd5.so.1 +%%DIGEST%%lib/sasl/libdigestmd5.a +%%DIGEST%%lib/sasl/libdigestmd5.so +%%DIGEST%%lib/sasl/libdigestmd5.so.0 %%GSSAPI%%lib/sasl/libgssapiv2.a %%GSSAPI%%lib/sasl/libgssapiv2.so %%GSSAPI%%lib/sasl/libgssapiv2.so.1 %%EBONES%%lib/sasl/libkerberos4.a %%EBONES%%lib/sasl/libkerberos4.so %%EBONES%%lib/sasl/libkerberos4.so.1 -lib/sasl/liblogin.a -lib/sasl/liblogin.so -lib/sasl/liblogin.so.0 -lib/sasl/libplain.a -lib/sasl/libplain.so -lib/sasl/libplain.so.1 +%%LOGIN%%lib/sasl/liblogin.a +%%LOGIN%%lib/sasl/liblogin.so +%%LOGIN%%lib/sasl/liblogin.so.0 +%%PLAIN%%lib/sasl/libplain.a +%%PLAIN%%lib/sasl/libplain.so +%%PLAIN%%lib/sasl/libplain.so.1 sbin/sasldblistusers sbin/saslpasswd sbin/pwcheck diff --git a/security/cyrus-sasl/scripts/configure.sasl b/security/cyrus-sasl/scripts/configure.sasl index 5d3b662861b2..8a72e7bd256c 100644 --- a/security/cyrus-sasl/scripts/configure.sasl +++ b/security/cyrus-sasl/scripts/configure.sasl @@ -209,17 +209,6 @@ else ENABLE_SASLAUTHD=no fi -echo "PWCHECK= ${PWCHECK}" -echo "PWCHECK_METHOD= ${PWCHECK_METHOD}" -echo "ENABLE_PWCHECK= ${ENABLE_PWCHECK}" -echo "ENABLE_SASLAUTHD= ${ENABLE_SASLAUTHD}" - -echo "RC_SCRIPTS_SUB+= PREFIX=\${PREFIX} \\" -echo " PWCHECK=\${PWCHECK} \\" -echo " ENABLE_PWCHECK=\${ENABLE_PWCHECK} \\" -echo " ENABLE_SASLAUTHD=\${ENABLE_SASLAUTHD} \\" -echo " MYSQL_REQ=${MYSQL_REQ}" - if [ ! "${DEFJAVA}" ]; then echo "PLIST_SUB+= JAVASASL=\"@comment \"" fi @@ -228,6 +217,11 @@ if [ ! "${DBLIB}" ]; then echo "SASLDB_NAME= sasldb.db" fi +echo "PWCHECK= ${PWCHECK}" +echo "PWCHECK_METHOD= ${PWCHECK_METHOD}" +echo "ENABLE_PWCHECK= ${ENABLE_PWCHECK}" +echo "ENABLE_SASLAUTHD= ${ENABLE_SASLAUTHD}" + if [ "${MSG}" ]; then if [ -n "${LDAP_REQ}" ]; then METHOD="LDAP" -- cgit