From 3742fe1b56a624d5a02fa8ff98c2e0658769ee58 Mon Sep 17 00:00:00 2001 From: clsung Date: Thu, 27 Jul 2006 07:03:34 +0000 Subject: - Update to release 1.1.2 - Port now installs some extra documentation into ${DOCSDIR}. - Added pkg-message and pkg-plist to port. PR: ports/100897 Submitted by: maintainer (andrew_AT_arda dot homeunix) --- security/courierpasswd/Makefile | 17 ++++++++++--- security/courierpasswd/distinfo | 6 ++--- security/courierpasswd/pkg-message | 51 ++++++++++++++++++++++++++++++++++++++ security/courierpasswd/pkg-plist | 8 ++++++ 4 files changed, 76 insertions(+), 6 deletions(-) create mode 100644 security/courierpasswd/pkg-message create mode 100644 security/courierpasswd/pkg-plist (limited to 'security/courierpasswd') diff --git a/security/courierpasswd/Makefile b/security/courierpasswd/Makefile index 6563115245c..004936ebd04 100644 --- a/security/courierpasswd/Makefile +++ b/security/courierpasswd/Makefile @@ -5,7 +5,7 @@ # $FreeBSD$ PORTNAME= courierpasswd -PORTVERSION= 1.1.1 +PORTVERSION= 1.1.2 CATEGORIES= security mail MASTER_SITES= http://www.arda.homeunix.net/store/ @@ -18,7 +18,7 @@ RUN_DEPENDS= courierauthconfig:${PORTSDIR}/security/courier-authlib-base GNU_CONFIGURE= yes USE_GMAKE= yes CPPFLAGS+= -I${LOCALBASE}/include -LDFLAGS+= -L${LOCALBASE}/lib -lintl +LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ENV= CPPFLAGS='${CPPFLAGS}' LDFLAGS='${LDFLAGS}' MINUID?= 100 @@ -26,7 +26,6 @@ MINUID?= 100 CONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL} CONFIGURE_ARGS+= --with-minuid=${MINUID} -PLIST_FILES= sbin/courierpasswd MAN8= courierpasswd.8 pre-fetch: @@ -42,4 +41,16 @@ pre-fetch: @${ECHO} "#############################################################" @${ECHO} "" +post-install: +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/AUTHORS ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/ChangeLog ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/COPYING ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/INSTALL ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/NEWS ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR} +.endif + @${CAT} ${PKGMESSAGE} + .include diff --git a/security/courierpasswd/distinfo b/security/courierpasswd/distinfo index c2c5c0fa307..769da7a317a 100644 --- a/security/courierpasswd/distinfo +++ b/security/courierpasswd/distinfo @@ -1,3 +1,3 @@ -MD5 (courierpasswd-1.1.1.tar.gz) = b4ada51affabdf74cef1a028b9ffea5f -SHA256 (courierpasswd-1.1.1.tar.gz) = f7ba0da967ddf82cf6083604666b42dfe4dd15ccf634674e103cbf6ff3a24f15 -SIZE (courierpasswd-1.1.1.tar.gz) = 288765 +MD5 (courierpasswd-1.1.2.tar.gz) = f05b31baf5975e4e9f54296f676ff080 +SHA256 (courierpasswd-1.1.2.tar.gz) = 5b78f98be3321a99d33db1f69e59c7b561860448518dba04ade4323942d5c736 +SIZE (courierpasswd-1.1.2.tar.gz) = 287200 diff --git a/security/courierpasswd/pkg-message b/security/courierpasswd/pkg-message new file mode 100644 index 00000000000..ad105e6d6b5 --- /dev/null +++ b/security/courierpasswd/pkg-message @@ -0,0 +1,51 @@ + +######################################################################### +NOTES FOR RUNNING COURIERPASSWD + +In order to use courierpasswd, it must be able to access the +authdaemon domain socket, named 'socket'. When courierpasswd runs as +root, this presents no problem. However, if you need to run courierpasswd +as a non-root user, you have three options, all of which require some +manual work. + +Option 1: Add the user courierpasswd will run as to the group that +owns the authdaemon socket directory in /etc/group. More than one user +can be added to the group vector in this way. This arrangement works +well if courierpasswd will be run by only a small number of users. +If the authdaemon socket directory is owned by courier:courier and you +run courierpasswd as user vmail, your /etc/group file will have a line +something like this: + + courier:x:465:vmail + +Option 2: Some programs, such as tcpserver, allow you to separately set +the uid and gid of programs they call but don't honour the group vector +found in /etc/group. If you invoke courierpasswd from such a program, +set the gid to the group ownership of the authdaemon socket directory. +For tcpserver, you could do something like this: + + #!/bin/sh + + QMAILUID=`/usr/bin/id -u qmaild` + COURIERGID=`/usr/bin/id -g courier` + + exec /usr/local/bin/tcpserver -u "$QMAILUID" -g "$COURIERGID" \ + 0 smtp /var/qmail/bin/qmail-smtpd /usr/local/sbin/courierpasswd -- \ + /usr/bin/true 2>&1 + +Option 3: Change the permissions on courierpasswd to set gid to the +group ownership of the socket directory. Again, if the socket directory +is owned by courier:courier, change the ownership and permissions +of courierpasswd like so: + + chgrp courier courierpasswd + chmod g+s courierpasswd + +Be aware that courierpasswd does not provide any max-failed-retry +functionality so it is possible for local users to perform dictionary +attacks against account passwords if courierpasswd is set up this way. + +The location of the authdaemon domain socket is listed in the +authdaemonrc configuration file as the parameter authdaemonvar. + +######################################################################### diff --git a/security/courierpasswd/pkg-plist b/security/courierpasswd/pkg-plist new file mode 100644 index 00000000000..d5e7560e6ca --- /dev/null +++ b/security/courierpasswd/pkg-plist @@ -0,0 +1,8 @@ +sbin/courierpasswd +%%PORTDOCS%%%%DOCSDIR%%/AUTHORS +%%PORTDOCS%%%%DOCSDIR%%/ChangeLog +%%PORTDOCS%%%%DOCSDIR%%/COPYING +%%PORTDOCS%%%%DOCSDIR%%/INSTALL +%%PORTDOCS%%%%DOCSDIR%%/NEWS +%%PORTDOCS%%%%DOCSDIR%%/README +%%PORTDOCS%%@dirrm %%DOCSDIR%% -- cgit