On 2020/04/10 07:21, Aisha Tammy wrote: > Dammit I totally missed that. > Seems like my thunderbird mail has default wrapping on. > I've disabled it and have copied the diff, hopefully correctly this time. > > Thanks a lot.
Thanks, that applies now. > HOMEPAGE= http://olivier.sessink.nl/jailkit/ > @@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl These can use https now. > post-install: > - # recreate the .pyc file, otherwise it would change > - # after installation > + # remove the .pyc file, as we are in python 3 this comment doesn't make much sense to me.. > rm ${PREFIX}/share/jailkit/jk_lib.pyc > + # now compile the new file so that it is added > ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ > ${PREFIX}/share/jailkit > > Index: distinfo > =================================================================== > RCS file: /cvs/ports/security/jailkit/distinfo,v > retrieving revision 1.8 > diff -u -p -r1.8 distinfo > --- distinfo 20 Dec 2015 15:43:46 -0000 1.8 > +++ distinfo 10 Apr 2020 11:14:57 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= > -SIZE (jailkit-2.19.tar.gz) = 142280 > +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= > +SIZE (jailkit-2.21.tar.gz) = 141341 > Index: patches/patch-ini_jk_init_ini > =================================================================== > RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-ini_jk_init_ini > --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 -0000 1.3 > +++ patches/patch-ini_jk_init_ini 10 Apr 2020 11:14:57 -0000 > @@ -1,32 +1,10 @@ > -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ > +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ doesn't matter now, but please leave the $OpenBSD$ lines alone, they are handled by cvs. > > -fix some default paths in the jail creation configuration file > +A lot of additions to fixing installation directories and fixing line numbers The comments in the patches should describe the patch, not what has been changed since the last version of the patch. Old comment makes sense here. > > ---- ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 > -+++ ini/jk_init.ini Wed Dec 25 16:04:26 2013 > -@@ -2,18 +2,18 @@ > - # this section probably needs adjustment on 64bit systems > - # or non-Linux systems > - comment = common files for all jails that need user/group information > --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf > -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, > ${SYSCONFDIR}/ld.so.conf > - # Solaris needs > --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, > /etc/nsswitch.conf > -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, > ${SYSCONFDIR}/nsswitch.conf > - > - [netbasics] > - comment = common files for all jails that need any internet connectivity > --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /etc/resolv.conf, > /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services > -+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, > ${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts, > ${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services > - # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure > - > - [logbasics] > - comment = timezone information and log sockets > --paths = /etc/localtime > -+paths = ${SYSCONFDIR}/localtime > - need_logsocket = 1 > - # Solaris does not need logsocket > - # but needs > +Index: ini/jk_init.ini > +--- ini/jk_init.ini.orig > ++++ ini/jk_init.ini > @@ -21,7 +21,7 @@ need_logsocket = 1 > > [jk_lsh] > @@ -68,7 +46,7 @@ fix some default paths in the jail creat > > [netutils] > comment = several internet utilities like wget, ftp, rsync, scp, ssh > -@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils > +@@ -110,17 +110,16 @@ includesections = extendedshell, netutils, apacheutils > > [openvpn] > comment = jail for the openvpn daemon > @@ -76,8 +54,10 @@ fix some default paths in the jail creat > +paths = ${LOCALBASE}/sbin/openvpn > users = root,nobody > groups = root,nogroup > - includesections = netbasics > -@@ -120,7 +120,7 @@ need_logsocket = 1 > +-includesections = netbasics > + devices = /dev/urandom, /dev/random, /dev/net/tun > + includesections = netbasics, uidbasics > + need_logsocket = 1 > > [apache] > comment = the apache webserver, very basic setup, probably too limited for > you > @@ -86,7 +66,7 @@ fix some default paths in the jail creat > users = root, www-data > groups = root, www-data > includesections = netbasics, uidbasics > -@@ -131,16 +131,16 @@ paths = perl, /usr/lib/perl, /usr/lib/perl5, /usr/shar > +@@ -131,16 +130,16 @@ paths = perl, /usr/lib/perl, /usr/lib/perl5, /usr/shar > > [xauth] > comment = getting X authentication to work > @@ -106,7 +86,7 @@ fix some default paths in the jail creat > includesections = xclients > > [ping] > -@@ -149,5 +149,5 @@ paths_w_setuid = /bin/ping > +@@ -149,5 +148,5 @@ paths_w_setuid = /bin/ping > > #[xterm] > #comment = xterm > Index: patches/patch-man_Makefile_in > =================================================================== > RCS file: /cvs/ports/security/jailkit/patches/patch-man_Makefile_in,v > retrieving revision 1.1.1.1 > diff -u -p -r1.1.1.1 patch-man_Makefile_in > --- patches/patch-man_Makefile_in 20 Sep 2010 07:15:30 -0000 1.1.1.1 > +++ patches/patch-man_Makefile_in 10 Apr 2020 11:14:57 -0000 > @@ -1,7 +1,11 @@ > -$OpenBSD: patch-man_Makefile_in,v 1.1.1.1 2010/09/20 07:15:30 sebastia Exp $ > ---- man/Makefile.in.orig Mon Oct 20 00:03:54 2008 > -+++ man/Makefile.in Mon Oct 20 00:05:31 2008 > -@@ -21,7 +21,7 @@ SRCS = \ > +$OpenBSD: patch-man_Makefile_in,v 1.1.1.1 2020/04/08 16:41:32 aisha Exp $ > + > +Fixed line numbering for previous patch same. > + > +Index: man/Makefile.in > +--- man/Makefile.in.orig > ++++ man/Makefile.in > +@@ -20,7 +20,7 @@ SRCS = \ > > @HAVEPROCMAIL_TRUE@SRCS += jk_procmailwrapper.8 > > Index: patches/patch-man_jailkit_8 > =================================================================== > RCS file: /cvs/ports/security/jailkit/patches/patch-man_jailkit_8,v > retrieving revision 1.2 > diff -u -p -r1.2 patch-man_jailkit_8 > --- patches/patch-man_jailkit_8 26 Mar 2014 17:38:27 -0000 1.2 > +++ patches/patch-man_jailkit_8 10 Apr 2020 11:14:57 -0000 > @@ -1,6 +1,10 @@ > -$OpenBSD: patch-man_jailkit_8,v 1.2 2014/03/26 17:38:27 gonzalo Exp $ > ---- man/jailkit.8.orig Sat Dec 21 18:05:22 2013 > -+++ man/jailkit.8 Wed Dec 25 16:01:05 2013 > +$OpenBSD: patch-man_jailkit_8,v 1.2 2020/04/08 16:38:22 aisha Exp $ > + > +FIxed line numbering for previous patch same. > + > +Index: man/jailkit.8 > +--- man/jailkit.8.orig > ++++ man/jailkit.8 > @@ -36,7 +36,7 @@ This section gives summary sketches of the various pro > > .BR jk_init > @@ -53,7 +57,7 @@ $OpenBSD: patch-man_jailkit_8,v 1.2 2014 > . > > .BR jk_list > -@@ -127,9 +127,9 @@ tail /var/log/daemon.log /var/log/auth.log > +@@ -129,9 +129,9 @@ journalctl --since=-1h > .SH FILES > > The jailkit configuration files are located in > Index: patches/patch-py_jk_lib_py > =================================================================== > RCS file: /cvs/ports/security/jailkit/patches/patch-py_jk_lib_py,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-py_jk_lib_py > --- patches/patch-py_jk_lib_py 24 Apr 2013 12:47:39 -0000 1.3 > +++ patches/patch-py_jk_lib_py 10 Apr 2020 11:14:57 -0000 > @@ -1,18 +1,73 @@ > -$OpenBSD: patch-py_jk_lib_py,v 1.3 2013/04/24 12:47:39 gonzalo Exp $ > +$OpenBSD: patch-py_jk_lib_py,v 1.4 2020/04/08 16:36:23 aisha Exp $ > > -Fix running jk_init trying to create a jail the first time > +More checks for directory creation, handling edge cases > +A lot more streamlined major/minor handling > > ---- py/jk_lib.py.orig Thu Aug 2 14:55:28 2012 > -+++ py/jk_lib.py Tue Apr 23 06:35:23 2013 > -@@ -461,7 +461,10 @@ def create_parent_path(chroot,path,be_verbose=0, copy_ > +Index: py/jk_lib.py > +--- py/jk_lib.py.orig > ++++ py/jk_lib.py > +@@ -404,7 +404,11 @@ def OLD_create_parent_path(chroot, path, be_verbose=0, > + chrootname = > resolve_realpath(chroot+directory[:indx],chroot) > + if (be_verbose): > + print('Creating directory '+chrootname) > +- os.mkdir(chrootname, dir_mode) > ++ try: > ++ os.mkdir(chrootname, dir_mode) > ++ except OSError as e: > ++ _, stderror = e.args > ++ sys.stderr.write('ERROR: failed to make > directory "'+chrootname+'": ' + stderror + '\n') > + if (copy_permissions): > + try: > + > copy_time_and_permissions(directory[:indx], chrootname, be_verbose, > allow_suid, copy_ownership) > +@@ -482,7 +486,11 @@ def create_parent_path(chroot,path,be_verbose=0, copy_ > if (stat.S_ISDIR(sb.st_mode)): > if (be_verbose): > - print 'Create directory '+jailpath > -- os.mkdir(jailpath, 0755) > + print('Create directory '+jailpath) > +- os.mkdir(jailpath, dir_mode) > + try: > -+ os.mkdir(jailpath, 0755) > -+ except OSError, (errno,strerror): > -+ sys.stderr.write('NOTE: Jail directory already > existed:\n') > ++ os.mkdir(jailpath, dir_mode) > ++ except OSError as e: > ++ _, stderror = e.args > ++ sys.stderr.write('ERROR: failed to make > directory "'+jailpath+'": ' + stderror + '\n') > if (copy_permissions): > try: > copy_time_and_permissions(origpath, > jailpath, be_verbose, allow_suid, copy_ownership) > +@@ -515,7 +523,11 @@ def copy_dir_with_permissions_and_owner(srcdir,dstdir, > + try: > + if (be_verbose): > + print('Creating directory'+dstdir) > +- os.mkdir(dstdir) > ++ try: > ++ os.mkdir(dstdir, dir_mode) > ++ except OSError as e: > ++ _, stderror = e.args > ++ sys.stderr.write('ERROR: failed to make directory > "'+dstdir+'": ' + stderror + '\n') > + copy_time_and_permissions(srcdir, dstdir, be_verbose, > allow_suid=0, copy_ownership=1) > + except (IOError, OSError) as e: > + _, strerror = e.args > +@@ -575,22 +587,10 @@ def copy_device(chroot, path, be_verbose=1, retain_own > + if (os.path.exists(chrootpath)): > + print('Device '+chrootpath+' does exist already') > + return > +- sb = os.stat(path) > ++ sb = os.lstat(path) > + try: > +- if (sys.platform[:5] == 'linux'): > +- major = sb.st_rdev / 256 #major = st_rdev divided by > 256 (8bit reserved for the minor number) > +- minor = sb.st_rdev % 256 #minor = remainder of st_rdev > divided by 256 > +- elif (sys.platform == 'sunos5'): > +- if (sys.maxint == 2147483647): > +- major = sb.st_rdev / 262144 #major = st_rdev > divided by 256 (18 bits reserved for the minor number) > +- minor = sb.st_rdev % 262144 #minor = remainder > of st_rdev divided by 256 > +- else: > +- #64 bit solaris has 32 bit minor/32bit major > +- major = sb.st_rdev / 2147483647 > +- minor = sb.st_rdev % 2147483647 > +- else: > +- major = sb.st_rdev / 256 #major = st_rdev divided by 256 > +- minor = sb.st_rdev % 256 #minor = remainder of st_rdev > divided by 256 > ++ major=os.major(sb.st_rdev) > ++ minor=os.minor(sb.st_rdev) > + if (stat.S_ISCHR(sb.st_mode)): > + mode = 'c' > + elif (stat.S_ISBLK(sb.st_mode)): > Index: pkg/PLIST > =================================================================== > RCS file: /cvs/ports/security/jailkit/pkg/PLIST,v > retrieving revision 1.1.1.1 > diff -u -p -r1.1.1.1 PLIST > --- pkg/PLIST 20 Sep 2010 07:15:30 -0000 1.1.1.1 > +++ pkg/PLIST 10 Apr 2020 11:14:57 -0000 > @@ -3,7 +3,6 @@ > @bin bin/jk_uchroot > @mode > @man man/man8/jailkit.8 > -@man man/man8/jk_addjailuser.8 > @man man/man8/jk_check.8 > @man man/man8/jk_chrootlaunch.8 > @man man/man8/jk_chrootsh.8 > @@ -16,7 +15,6 @@ > @man man/man8/jk_socketd.8 > @man man/man8/jk_uchroot.8 > @man man/man8/jk_update.8 > -sbin/jk_addjailuser > sbin/jk_check > @bin sbin/jk_chrootlaunch > @mode 4755 > @@ -50,4 +48,5 @@ share/examples/jailkit/jk_update.ini > @sample /etc/jailkit/jk_update.ini > share/jailkit/ > share/jailkit/jk_lib.py > -share/jailkit/jk_lib.pyc > +share/jailkit/__pycache__/ > +share/jailkit/__pycache__/jk_lib.cpython-37.pyc > use "make plist" to update the plist, which will fix some problems with the one you sent (some problems which already existed in the commited version, some which are new).
