On Wed, Jun 03, 2020 at 08:19:40AM +0200, Landry Breuil wrote:
> On Tue, Jun 02, 2020 at 05:01:06PM -0500, Lucas Raab wrote:
> > Hello,
> >
> > Here are three new ports, two deps, and the one piece de resistance,
> > web2ldap.
> >
> > sysutils/web2ldap - web-based LDAP client
> > devel/py-xlwt - dep for exporting LDAP query results as XLS files
> > devel/py-ldap0 - web2ldap's interface to the OpenLDAP libraries
> >
> > The author of web2ldap and py-ldap0 has been very responsive to some
> > questions I had a few months ago and accepted a change to make it
> > easier to manage on the BSDs as a whole.
> >
> > More information here: https://web2ldap.de/
> > Project upstream here: https://gitlab.com/ae-dir/web2ldap
> >
> > I've been using this in my own tree for several months now with no
> > issues. That being said, I hope I didn't get complacent in the
> > submission.
> >
> > Completely understand if this is too niche to warrant being included in
> > the tree. If not so terribly niche, feedback?
>
> That looks interesting and a very complete ldap client/admin tool. Will
> have to try it on some of my servers, but some porting nits first:
>
> - WANTLIB = python3.7m -> use ${MODPY_WANTLIB}
> - use MODPY_EGG_VERSION in web2ldap, this way it gets substituted in the
> PLIST
See above about complacency :) I'll get those updated.
> - are *all* those @sample required in ${SYSCONFDIR}/web2ldap ? that looks
> a lot.
I suppose not. I was going for a `pkg_add web2ldap` and
`rcctl start web2ldap` style where moving files around was already
sorted out for the user. Being too helpful there? It is rather a lot of
files to manage in the PLIST...
> - instead of using 'nobody', create a new separate user for the daemon,
> look for examples in other ports' PLIST (@newuser/@newgroup, +
> db/user.list line)
My rationale here was that there aren't any files that an extra user
would need to own for web2ldap to run. Using nobody seemed the simplest
approach to nulling out any privileges for the service to work.
>
> Landry
>
