First port, any comments are helpful tested on amd64, should work everywhere there is python3
ok? Index: Makefile =================================================================== RCS file: /cvs/ports/security/jailkit/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile 12 Jul 2019 20:49:03 -0000 1.15 +++ Makefile 8 Apr 2020 22:46:16 -0000 @@ -2,7 +2,7 @@ COMMENT= utilities for jailing a user or process -DISTNAME= jailkit-2.19 +DISTNAME= jailkit-2.21 CATEGORIES= security sysutils HOMEPAGE= http://olivier.sessink.nl/jailkit/ @@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl PERMIT_PACKAGE= Yes MODULES= lang/python + +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} + WANTLIB += c pthread NO_TEST= Yes @@ -34,9 +37,9 @@ pre-configure: ${SUBST_CMD} ${WRKSRC}/man/$${i}; done post-install: - # recreate the .pyc file, otherwise it would change - # after installation + # remove the .pyc file, as we are in python 3 rm ${PREFIX}/share/jailkit/jk_lib.pyc + # now compile the new file so that it is added ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ ${PREFIX}/share/jailkit Index: distinfo =================================================================== RCS file: /cvs/ports/security/jailkit/distinfo,v retrieving revision 1.8 diff -u -p -r1.8 distinfo --- distinfo 20 Dec 2015 15:43:46 -0000 1.8 +++ distinfo 8 Apr 2020 22:46:16 -0000 @@ -1,2 +1,2 @@ -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= -SIZE (jailkit-2.19.tar.gz) = 142280 +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= +SIZE (jailkit-2.21.tar.gz) = 141341 Index: patches/patch-ini_jk_init_ini =================================================================== RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v retrieving revision 1.3 diff -u -p -r1.3 patch-ini_jk_init_ini --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 -0000 1.3 +++ patches/patch-ini_jk_init_ini 8 Apr 2020 22:46:16 -0000 @@ -1,32 +1,10 @@ -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ -fix some default paths in the jail creation configuration file +A lot of additions to fixing installation directories and fixing line numbers ---- ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 -+++ ini/jk_init.ini Wed Dec 25 16:04:26 2013 -@@ -2,18 +2,18 @@ - # this section probably needs adjustment on 64bit systems - # or non-Linux systems - comment = common files for all jails that need user/group information --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, ${SYSCONFDIR}/ld.so.conf - # Solaris needs --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, /etc/nsswitch.conf -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, ${SYSCONFDIR}/nsswitch.conf - - [netbasics] - comment = common files for all jails that need any internet connectivity --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services -+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, ${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts, ${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services - # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure - - [logbasics] - comment = timezone information and log sockets --paths = /etc/localtime -+paths = ${SYSCONFDIR}/localtime - need_logsocket = 1 - # Solaris does not need logsocket - # but needs +Index: ini/jk_init.ini +--- ini/jk_init.ini.orig ++++ ini/jk_init.ini @@ -21,7 +21,7 @@ need_logsocket = 1 [jk_lsh] @@ -68,7 +46,7 @@ fix some default paths in the jail creat [netutils] comment = several internet utilities like wget, ftp, rsync, scp, ssh -@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils +@@ -110,17 +110,16 @@ includesections = extendedshell, netutils, apacheutils [openvpn] comment = jail for the openvpn daemon @@ -76,8 +54,10 @@ fix some default paths in the jail creat +paths = ${LOCALBASE}/sbin/openvpn users = root,nobody groups = root,nogroup - includesections = netbasics -@@ -120,7 +120,7 @@ need_logsocket = 1 +-includesections = netbasics + devices = /dev/urandom, /dev/random, /dev/net/tun + includesections = netbasics, uidbasics + need_logsocket = 1 [apache] comment = the apache webserver, very basic setup, probably too limited for you @@ -86,7 +66,7 @@ fix some default paths in the jail creat users = root, www-data groups = root, www-data includesections = netbasics, uidbasics -@@ -131,16 +131,16 @@ paths = perl, /usr/lib/perl, /usr/lib/perl5, /usr/shar +@@ -131,16 +130,16 @@ paths = perl, /usr/lib/perl, /usr/lib/perl5, /usr/shar [xauth] comment = getting X authentication to work @@ -106,7 +86,7 @@ fix some default paths in the jail creat includesections = xclients [ping] -@@ -149,5 +149,5 @@ paths_w_setuid = /bin/ping +@@ -149,5 +148,5 @@ paths_w_setuid = /bin/ping #[xterm] #comment = xterm Index: patches/patch-man_Makefile_in =================================================================== RCS file: /cvs/ports/security/jailkit/patches/patch-man_Makefile_in,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 patch-man_Makefile_in --- patches/patch-man_Makefile_in 20 Sep 2010 07:15:30 -0000 1.1.1.1 +++ patches/patch-man_Makefile_in 8 Apr 2020 22:46:16 -0000 @@ -1,7 +1,11 @@ -$OpenBSD: patch-man_Makefile_in,v 1.1.1.1 2010/09/20 07:15:30 sebastia Exp $ ---- man/Makefile.in.orig Mon Oct 20 00:03:54 2008 -+++ man/Makefile.in Mon Oct 20 00:05:31 2008 -@@ -21,7 +21,7 @@ SRCS = \ +$OpenBSD: patch-man_Makefile_in,v 1.1.1.1 2020/04/08 16:41:32 aisha Exp $ + +Fixed line numbering for previous patch + +Index: man/Makefile.in +--- man/Makefile.in.orig ++++ man/Makefile.in +@@ -20,7 +20,7 @@ SRCS = \ @HAVEPROCMAIL_TRUE@SRCS += jk_procmailwrapper.8 Index: patches/patch-man_jailkit_8 =================================================================== RCS file: /cvs/ports/security/jailkit/patches/patch-man_jailkit_8,v retrieving revision 1.2 diff -u -p -r1.2 patch-man_jailkit_8 --- patches/patch-man_jailkit_8 26 Mar 2014 17:38:27 -0000 1.2 +++ patches/patch-man_jailkit_8 8 Apr 2020 22:46:16 -0000 @@ -1,6 +1,10 @@ -$OpenBSD: patch-man_jailkit_8,v 1.2 2014/03/26 17:38:27 gonzalo Exp $ ---- man/jailkit.8.orig Sat Dec 21 18:05:22 2013 -+++ man/jailkit.8 Wed Dec 25 16:01:05 2013 +$OpenBSD: patch-man_jailkit_8,v 1.2 2020/04/08 16:38:22 aisha Exp $ + +FIxed line numbering for previous patch + +Index: man/jailkit.8 +--- man/jailkit.8.orig ++++ man/jailkit.8 @@ -36,7 +36,7 @@ This section gives summary sketches of the various pro .BR jk_init @@ -53,7 +57,7 @@ $OpenBSD: patch-man_jailkit_8,v 1.2 2014 . .BR jk_list -@@ -127,9 +127,9 @@ tail /var/log/daemon.log /var/log/auth.log +@@ -129,9 +129,9 @@ journalctl --since=-1h .SH FILES The jailkit configuration files are located in Index: patches/patch-py_jk_lib_py =================================================================== RCS file: /cvs/ports/security/jailkit/patches/patch-py_jk_lib_py,v retrieving revision 1.3 diff -u -p -r1.3 patch-py_jk_lib_py --- patches/patch-py_jk_lib_py 24 Apr 2013 12:47:39 -0000 1.3 +++ patches/patch-py_jk_lib_py 8 Apr 2020 22:46:16 -0000 @@ -1,18 +1,46 @@ -$OpenBSD: patch-py_jk_lib_py,v 1.3 2013/04/24 12:47:39 gonzalo Exp $ +$OpenBSD: patch-py_jk_lib_py,v 1.4 2020/04/08 16:36:23 aisha Exp $ -Fix running jk_init trying to create a jail the first time +More checks for directory creation, handling edge cases ---- py/jk_lib.py.orig Thu Aug 2 14:55:28 2012 -+++ py/jk_lib.py Tue Apr 23 06:35:23 2013 -@@ -461,7 +461,10 @@ def create_parent_path(chroot,path,be_verbose=0, copy_ +Index: py/jk_lib.py +--- py/jk_lib.py.orig ++++ py/jk_lib.py +@@ -404,7 +404,11 @@ def OLD_create_parent_path(chroot, path, be_verbose=0, + chrootname = resolve_realpath(chroot+directory[:indx],chroot) + if (be_verbose): + print('Creating directory '+chrootname) +- os.mkdir(chrootname, dir_mode) ++ try: ++ os.mkdir(chrootname, dir_mode) ++ except OSError as e: ++ _, stderror = e.args ++ sys.stderr.write('ERROR: failed to make directory "'+chrootname+'": ' + stderror + '\n') + if (copy_permissions): + try: + copy_time_and_permissions(directory[:indx], chrootname, be_verbose, allow_suid, copy_ownership) +@@ -482,7 +486,11 @@ def create_parent_path(chroot,path,be_verbose=0, copy_ if (stat.S_ISDIR(sb.st_mode)): if (be_verbose): - print 'Create directory '+jailpath -- os.mkdir(jailpath, 0755) + print('Create directory '+jailpath) +- os.mkdir(jailpath, dir_mode) + try: -+ os.mkdir(jailpath, 0755) -+ except OSError, (errno,strerror): -+ sys.stderr.write('NOTE: Jail directory already existed:\n') ++ os.mkdir(jailpath, dir_mode) ++ except OSError as e: ++ _, stderror = e.args ++ sys.stderr.write('ERROR: failed to make directory "'+jailpath+'": ' + stderror + '\n') if (copy_permissions): try: copy_time_and_permissions(origpath, jailpath, be_verbose, allow_suid, copy_ownership) +@@ -515,7 +523,11 @@ def copy_dir_with_permissions_and_owner(srcdir,dstdir, + try: + if (be_verbose): + print('Creating directory'+dstdir) +- os.mkdir(dstdir) ++ try: ++ os.mkdir(dstdir, dir_mode) ++ except OSError as e: ++ _, stderror = e.args ++ sys.stderr.write('ERROR: failed to make directory "'+dstdir+'": ' + stderror + '\n') + copy_time_and_permissions(srcdir, dstdir, be_verbose, allow_suid=0, copy_ownership=1) + except (IOError, OSError) as e: + _, strerror = e.args Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/security/jailkit/pkg/PLIST,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 PLIST --- pkg/PLIST 20 Sep 2010 07:15:30 -0000 1.1.1.1 +++ pkg/PLIST 8 Apr 2020 22:46:16 -0000 @@ -3,7 +3,6 @@ @bin bin/jk_uchroot @mode @man man/man8/jailkit.8 -@man man/man8/jk_addjailuser.8 @man man/man8/jk_check.8 @man man/man8/jk_chrootlaunch.8 @man man/man8/jk_chrootsh.8 @@ -16,7 +15,6 @@ @man man/man8/jk_socketd.8 @man man/man8/jk_uchroot.8 @man man/man8/jk_update.8 -sbin/jk_addjailuser sbin/jk_check @bin sbin/jk_chrootlaunch @mode 4755 @@ -50,4 +48,5 @@ share/examples/jailkit/jk_update.ini @sample /etc/jailkit/jk_update.ini share/jailkit/ share/jailkit/jk_lib.py -share/jailkit/jk_lib.pyc +share/jailkit/__pycache__/ +share/jailkit/__pycache__/jk_lib.cpython-37.pyc