Re: Call for testers: www/shellinabox (Shell in a Box)
Olivier Cochard-Labbé wrote: > I've just finished my port of Shell in a Box: It's a secure web server > that provide ajax terminal emulator. > More information on the official website: > http://code.google.com/p/shellinabox/ After looking at the port for a while, I have some suggestions. The port creates ${PREFIX}/etc/shellinabox directory, chowns it to nobody and chmods it to 777. The reason for this is that shellinabox creates certificates during the runtime and stores them into that directory, but it only does that after dropping to "nobody" user. As the author of shellinabox notes [1], this is a bad idea, because any user can read and modify your keys this way. I also have a vague feeling that storing variable files in ${PREFIX}/etc/shellinabox is a bad idea as well (to compare, Debian port uses /var/lib/shellinabox). So what I propose is this: 1. Create "shellinabox" user and group (via USERS and GROUPS). 2. Update rc script to start shellinaboxd with that user and group. 3. Make the certificate directory 700, owned by shellinabox:shellinabox. 4. Move the certificate directory to /var/shellinabox or similar (what's our conventional location for this kind of files?). I'm not sure on the 4 though. Any thoughts? [1] http://code.google.com/p/shellinabox/issues/detail?id=22#c2 ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Possibly unbuildable ports reminder
Dear porters, This is just a reminder to please periodically check the list of unbuildable ports at http://pointyhat.freebsd.org/errorlogs/ . A list by MAINTAINER is http://people.freebsd.org/~fenner/errorlogs/ so you can easily check the status of ports that you maintain. In addition, the list of ports with no MAINTAINER with build problems is http://people.freebsd.org/~fenner/errorlogs/po...@freebsd.org.html Since no one is responsible for these ports, the problem won't get fixed unless someone on this list takes the initiative. Thanks for your help! Bill "annoying port email" Fenner ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Early CONFLICTS detection is POLA viloation?
On 27/06/2010 20:04, Lev Serebryakov wrote: > Hello, Freebsd-ports. > > I understand, that this change (ports/137855, bsd.port.mk:1.632) was > made 6 months ago, but I've > noticed it only now (twice in one day!). > > Am I only person, who thinks, that this change is HUGE POLA > violation? Definitely not, I actually got abuse reported by portmgr for my very upset e-mails. I'm kinda mystified who was offended in which way, I have reread my e-mails and though they were born of my annoyance I find nothing there that would have offended me had I been at the receiving end. -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Current unassigned ports problem reports
(Note: an HTML version of this report is available at http://www.freebsd.org/cgi/query-pr-summary.cgi?category=ports .) The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description o ports/148198[MAINTAINER UPDATE] sysutils/rdup: update to 1.1.7 f ports/148195[patch] fix \ prefixed mapping for textproc/scim-kmfl- o ports/148188Update port: print/latex-csquotes update to 5.0a o ports/148187update mail/vm to 8.1.0 o ports/148182[patch] Font-size in www/webkit-gtk2 error template. o ports/148181games/ftjava: wrong site address f ports/148170net/sslh: patch that add rc startup script f ports/148168[PATCH] update deskutils/alexandria to 0.6.6 o ports/148158[PATCH] net/p5-IO-Socket-INET6: update to 2.65 o ports/148156[MAINTAINER] devel/doxygen: update to 1.7.1 f ports/148145print/cups-samba: Add ability to use difference samba o ports/148142Update port: astro/glunarclock version update 0.34.1 f ports/148141Update port: net/ssltunnel-client f ports/148140Update and unbreak port: net/ssltunnel-server o ports/148135[MAINTAINER] databases/pgsphere: fix deinstallation wh o ports/148131Update port: java/castor to version 1.3.1 o ports/148122Update Port: deve/libdombey => 1.2 o ports/148115[PATCH] devel/nant: update to 0.90, take maintainershi o ports/148114Update port: java/jgraph Update and claim maintainersh o ports/148113Maintainer update: textproc/atom change MASTER_SITES o ports/148099patch available for emacs movemail vulnerability. o ports/148098new port: math/x12arima s ports/148090[PATCH] security/ike: update to 2.1.5 o ports/148085Port update: comms/uhso-kmod - Update to v20100416 f ports/148082Update port: audio/musicpd from 0.15.8 to 0.15.10 o ports/148075[PATCH] oss/files path issue with soundon script o ports/148065net-mgmt/rate: rate program put interface in promiscuo f ports/148057[patch] upgrade of security/ossec-hids-server and secu o ports/148044www/squid31: Updating squid 3.1.3 to 3.1.4 fails on Fr f ports/148036[PATCH] ports-mgmt/p5-FreeBSD-Ports-INDEXhash: require f ports/148028[PATCH] net/haproxy: update to 1.4.8 o ports/148027New port: graphics/ramenhdr, node based video composit o ports/148025When you open the zip file, mc looking unzip down the o ports/148021irc/minbif port update (1.0.2->1.0.3) o ports/148020[Patch] audio/cmus update to 2.3.3 o ports/148014[update] libticonv/libtifiles2/libticables2/libticalcs o ports/148012[maintainer update] net/ucarp: cosmetic fixes. o ports/148010bug in net/freeswitch-core o ports/148007[UPDATE] arabic/kacst_fonts f ports/147997[UPDATE] Update mail/dovecot-sieve to 0.1.17 f ports/147996[UPDATE] Update mail/dovecot to 1.2.12 o ports/147994[PATCH] www/scloader: update to 0.32 f ports/147993[patch] mail/dkim-milter -- plist problems o ports/147987ftp/hsftp update f ports/147982[patch] multimedia/xmms-weasel fix depends o ports/147981[patch] multimedia/xmms-status-plugin fix depends f ports/147977[patch] irc/ratbox-services mark MAKE_JOBS_UNSAFE f ports/147973[patch] audio/xmmsctrl fix depends f ports/147970net/quagga: Ipv6 addresses cannot be assigned to inter o ports/147958[MAINTAINER] sysutils/luckybackup: Update to 0.4.0 o ports/147944[NEW PORT] net/gogoc: GogoCLIENT, which is needed to c o ports/147943New port: net/radsecproxy Radsecproxy is a generic RAD o ports/147942www/moinmoin sends wrong http header when in editor mo o ports/147936New port: sysutils/dtpstree Display a tree of processe o ports/147930[ports] maintainer update: devel/google-perftools f ports/147922[PATCH] audio/aumix: update to 2.9.1 f ports/147921add reload command to rc script of audio/icecast2 f ports/147916[PATCH] net/empty: update to 0.6.18b o ports/147911[PATCH] net-im/ejabberd: update to 2.1.4 f ports/147907[patch] www/tclhttpd don't hardcode -j2 o ports/147898[patch] sysutils/uhidd: open /usr/local/etc/uhidd.conf o ports/147895[MAINTAINER] sysutils/fusefs-mhddfs: update to 0.1.35 o ports/147889New port: devel/maven-ant-tasks Allows Maven's handlin o ports/147882Maintainer
Re: Call for testers: www/shellinabox (Shell in a Box)
> From: Vitaly Magerya [SNIP] > 4. Move the certificate directory to /var/shellinabox or similar >(what's our conventional location for this kind of files?). > > I'm not sure on the 4 though. Any thoughts? Id say possibly /var/db/shellinabox /var/db/ seems to be used by a fair number of services for record keeping of various things. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Call for testers: www/shellinabox (Shell in a Box)
2010/6/28 Vitaly Magerya : > > So what I propose is this: > 1. Create "shellinabox" user and group (via USERS and GROUPS). > 2. Update rc script to start shellinaboxd with that user and group. > 3. Make the certificate directory 700, owned by shellinabox:shellinabox. Thanks for your tips, I've updated the port, here how to proceed now: cd /usr/port/www fetch http://gugus69.free.fr/tools/shellinabox.tgz tar zxvf shellinabox.tgz cd shellinabox patch ../../UIDs UIDs.diff patch ../../GIDs GIDs.diff make install clean /usr/local/etc/rc.d/shellinaboxd onestart For information: MD5 (shellinabox.tgz) = c553fd6b05d0b136cbef95f8cb808072 I've used the UID/GID 139 that seem available. > 4. Move the certificate directory to /var/shellinabox or similar > (what's our conventional location for this kind of files?). > > I'm not sure on the 4 though. Any thoughts? I let the certificate in /usr/local/etc/shellinabox (on my nanoBSD, /var is a volatile RAM disk). Regards, Olivier ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Call for testers: www/shellinabox (Shell in a Box)
Olivier Cochard-Labbé wrote: > Thanks for your tips, I've updated the port Looks good. Works with --disable-ssl on my VirtualBox (but, as before, not without it). ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Call for testers: www/shellinabox (Shell in a Box)
2010/6/28 Olivier Cochard-Labbé : > patch ../../UIDs UIDs.diff > patch ../../GIDs GIDs.diff > > For information: > I've used the UID/GID 139 that seem available. Oh, bother. I was getting ready to use that for mail/ecartis (ecartis:ecartis). OK, I'll find another slot. Jim ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: flag to tell ports that you are only building for yourself
> Any case where it would be useful besides -march/-mtune/-mmmx/-msse*? > Not that I could think of at the moment. I think this solution works better. -- Eitan Adler ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: flag to tell ports that you are only building for yourself
On Sun, 27 Jun 2010 23:09:47 -0400 Eitan Adler wrote: > I'd like to add a flag to tell ports that you are building only for > yourself that and optimizations that typically are not enabled could > be turned on. You can do this yourself. If you add in make.conf something like .if defined(BUILD_FOR_SELF) CPUTYPE?= athlon64 .endif # cd /ports/www/squid # make -V CFLAGS -O2 -pipe -fno-strict-aliasing # setenv BUILD_FOR_SELF yes # make -V CFLAGS -O2 -pipe -march=athlon-mp -fno-strict-aliasing ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
net/Sockets
Hello. Any news on updating this port? Latest version is 2.3.9.2. We have: net/Sockets = 2.1.4 net/Sockets-devel = 1.9.9 (!!!) Is anyone working on this? If not I might give a try at updating this port. bye & Thanks av. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: net/Sockets
On Mon, Jun 28, 2010 at 09:19:05PM +0200, Andrea Venturoli wrote: > Any news on updating this port? They're unmaintained, so it's probably up to you to do it :-) mcl ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
This construction doesn't work
I'm working on a port update for one of the ports that I maintain, and I've run into a problem that I can't seem to solve. I use this construction to ensure that the port doesn't overwrite the conf file, if one exists: .for f in barnyard2.conf ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample [ -f ${PREFIX}/etc/${f} ] || \ ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f} .endfor But it gets overwritten anyway. What am I doing wrong? I thought this worked before, but I can't be sure. Testing proves that it does not work now. I tried to changing to an if [ ! -f construction, but that didn't do a thing. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: This construction doesn't work
Em 2010.06.29. 0:24, Paul Schmehl escreveu: I'm working on a port update for one of the ports that I maintain, and I've run into a problem that I can't seem to solve. I use this construction to ensure that the port doesn't overwrite the conf file, if one exists: .for f in barnyard2.conf ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample [ -f ${PREFIX}/etc/${f} ] || \ ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f} .endfor But it gets overwritten anyway. What am I doing wrong? I thought this worked before, but I can't be sure. Testing proves that it does not work now. I tried to changing to an if [ ! -f construction, but that didn't do a thing. I think it should work, I used to write the same in audio/shoutcast. Are you testing by installing from port or from package? It should work for ports but for packages, you need some more magic in pkg-plist. You can also refer to audio/shoutcast how it is done there. Maybe is it what you missed? Regards, Gabor ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Fwd: [sudo-workers] sudo 1.7.3rc1 available
See below for the changes to sudo 1.7.3 which is set to be released soon. If you want to test out the 1.7.3rc1 update please fetch the patch from http://people.freebsd.org/~wxs/sudo.diff, apply it and rebuild. Please reply back to me privately with reports of success or failures. I'll probably get the update in the tree sometime early or mid-July. -- WXS - Forwarded message from "Todd C. Miller" - Date: Mon, 28 Jun 2010 09:56:10 -0400 From: "Todd C. Miller" To: sudo-work...@sudo.ws Cc: sudo-us...@sudo.ws Subject: [sudo-workers] sudo 1.7.3rc1 available The first release candidate of sudo 1.7.3 is now available. Sudo 1.7.3 is scheduled for release on June 30th. Download links: http://www.sudo.ws/sudo/dist/beta/sudo-1.7.3rc1.tar.gz ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.7.3rc1.tar.gz Major changes between sudo 1.7.2p7 and 1.7.3rc1: * Support for logging I/O for the command being run. For more information, see the documentation for the "log_input" and "log_output" Defaults options in the sudoers manual. Also see the sudoreplay manual for how to replay I/O log sessions. * The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled. * On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only). * On AIX systems, the registry setting in /etc/security/user is now taken into account when looking up users and groups. Sudo now applies the correct the user and group ids when running a command as a user whose account details come from a different source (e.g. LDAP or DCE vs. local files). * Support for multiple 'sudoers_base' and 'uri' entries in ldap.conf. When multiple entries are listed, sudo will try each one in the order in which they are specified. * Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal. * Sudo will now use the Linux audit system with configure with the --with-linux-audit flag. * Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this. * When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of "unknown". As a consequence, if a user has no terminal device, sudo will now always prompt for a password. * The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values. * Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed. sudo-workers mailing list For list information, options, or to unsubscribe, visit: http://www.sudo.ws/mailman/listinfo/sudo-workers - End forwarded message - ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Confirming a bug in clang++ (freeBSD
Can anyone with FreeBSD 8.1-RC1 i386 or FreeBSD 8.1-RC2 i386 confirm that the following code compiles and fails with the version of clang++ from ports? This works with g++ and fails with clang++ for me. Here is the original code #include int main() { std::cout << 1; return 1; } My bug report is here: http://llvm.org/bugs/show_bug.cgi?id=7489 I want to know if this is my problem or a clang++ problem or a bug somewhere else. -- Eitan Adler ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Confirming a bug in clang++ (freeBSD
Eitan Adler wrote: Can anyone with FreeBSD 8.1-RC1 i386 or FreeBSD 8.1-RC2 i386 confirm that the following code compiles and fails with the version of clang++ from ports? This works with g++ and fails with clang++ for me. Here is the original code #include int main() { std::cout << 1; return 1; } My bug report is here: http://llvm.org/bugs/show_bug.cgi?id=7489 I want to know if this is my problem or a clang++ problem or a bug somewhere else. Works fine here: # uname -a FreeBSD peer 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #2: Mon Feb 22 23:18:53 EST 2010 r...@peer:/usr/obj/usr/src/sys/PEER i386 # clang++ -v clang version 1.1 (branches/release_27) Target: i386-portbld-freebsd8.0 Thread model: posix I can try it on a recent CURRENT machine tomorrow, but perhaps you'd best share your environment. I've compiled non-trivial C++ programs with clang++ and they've behaved properly. -Boris ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Confirming a bug in clang++ (freeBSD
Boris Kochergin wrote: Eitan Adler wrote: Can anyone with FreeBSD 8.1-RC1 i386 or FreeBSD 8.1-RC2 i386 confirm that the following code compiles and fails with the version of clang++ from ports? This works with g++ and fails with clang++ for me. Here is the original code #include int main() { std::cout << 1; return 1; } My bug report is here: http://llvm.org/bugs/show_bug.cgi?id=7489 I want to know if this is my problem or a clang++ problem or a bug somewhere else. Works fine here: # uname -a FreeBSD peer 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #2: Mon Feb 22 23:18:53 EST 2010 r...@peer:/usr/obj/usr/src/sys/PEER i386 # clang++ -v clang version 1.1 (branches/release_27) Target: i386-portbld-freebsd8.0 Thread model: posix I can try it on a recent CURRENT machine tomorrow, but perhaps you'd best share your environment. I've compiled non-trivial C++ programs with clang++ and they've behaved properly. -Boris One difference I notice between your environment and mine is that, according to your bug report, your program links against /usr/local/lib/gcc46/libstdc++.so.6, while mine links against /usr/lib/libstdc++.so.6. -Boris ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: This construction doesn't work
Paul Schmehl wrote: I'm working on a port update for one of the ports that I maintain, and I've run into a problem that I can't seem to solve. I use this construction to ensure that the port doesn't overwrite the conf file, if one exists: .for f in barnyard2.conf ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample [ -f ${PREFIX}/etc/${f} ] || \ ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f} .endfor But it gets overwritten anyway. What am I doing wrong? I thought this worked before, but I can't be sure. Testing proves that it does not work now. I tried to changing to an if [ ! -f construction, but that didn't do a thing. Instead of doing this in Makefile, do it in pkg-plist: @unexec if cmp -s %D/etc/barnyard2.conf.sample %D/etc/barnyard2.conf; then rm -f %D/etc/barnyard2.conf; fi etc/barnyard2.conf.sample @exec if [ ! -f %D/etc/barnyard2.conf ] ; then cp -p %D/%F %D/etc/barnyard2.conf && chmod 600 %D/etc/barnyard2.conf; fi Relevant section of the Porter's Handbook: http://www.freebsd.org/doc/en/books/porters-handbook/plist-config.html ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"