Re: update jailkit to 2.21 and move to python3
Hi Gonzalo, I've not managed to apply your diff yet, but it seems like your patch is not patching up the jk_lib.py to properly handle `/dev/*` creation. The authors program is a bit borked and doesn't manage to create devs. This is noticeable when you try to chroot into the directory and terminal complains that /dev/tty is not a device. Currently the program asks you to manually make them, but I've managed to simplify and patch it up. Could you let me know if you are able to create the /dev/s using jailkit? I'll test it out then. Thanks a lot for the work! Totally lit. Aisha On 4/12/20 12:37 PM, Gonzalo L. Rodriguez wrote: > On Fri, 10 Apr 2020 at 09:26:02 -0400, Aisha Tammy wrote: >> Hi Stuart, >> Dope comments, thanks a lot! >> The plist was the sickest, it even did the __pycache__ :O >> I totally did not expect so much complexity from just plist, I did read it >> but like thought it was just going to do what I did, like, just add and >> subtract 1 or 2 lines. >> Next time I'm just gonna keep running all possible commands. >> >> I am in totally love with make clean patch/build/fake, repeat. Its a hugely >> productive pipeline, makes life so much simpler. >> I wish gentoo was as simple, but emerge is also super dope. I really like >> how their stuff is so similar to ports :D :D >> >> I should stop rambling, I have a habit of just going on and on and on. >> >> I have handled all of the comments, hopefully not adding any more mistakes. >> Lemme know if I need to make more changes, this process of porting is super >> fun. >> jailkit is dank, I'm doing all my cancerous nodejs and django self hosting >> in chroots now. >> I'm also writing up common inits on github, maybe I can also add that to the >> pkg-readme if I get time. >> Maybe someday we can have actualy jails, but till then i can get my daily >> fix from this :D >> >> Cheers, >> Aisha >> >> Index: Makefile >> === >> RCS file: /cvs/ports/security/jailkit/Makefile,v >> retrieving revision 1.15 >> diff -u -p -r1.15 Makefile >> --- Makefile 12 Jul 2019 20:49:03 - 1.15 >> +++ Makefile 10 Apr 2020 13:10:05 - >> @@ -2,18 +2,21 @@ >> >> COMMENT=utilities for jailing a user or process >> >> -DISTNAME= jailkit-2.19 >> +DISTNAME= jailkit-2.21 >> CATEGORIES= security sysutils >> >> -HOMEPAGE= http://olivier.sessink.nl/jailkit/ >> +HOMEPAGE= https://olivier.sessink.nl/jailkit/ >> >> -MASTER_SITES= http://olivier.sessink.nl/jailkit/ >> +MASTER_SITES= https://olivier.sessink.nl/jailkit/ >> >> # BSD - LGPLv2 >> -PERMIT_PACKAGE= Yes >> +PERMIT_PACKAGE= Yes >> >> MODULES=lang/python >> -WANTLIB += c pthread >> + >> +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} >> + >> +WANTLIB+= c pthread >> >> NO_TEST=Yes >> >> @@ -34,9 +37,8 @@ pre-configure: >> ${SUBST_CMD} ${WRKSRC}/man/$${i}; done >> >> post-install: >> -# recreate the .pyc file, otherwise it would change >> -# after installation >> -rm ${PREFIX}/share/jailkit/jk_lib.pyc >> +# compile the jailkit python files so that they >> +# are removed correctly when uninstalling >> ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ >> ${PREFIX}/share/jailkit >> >> Index: distinfo >> === >> RCS file: /cvs/ports/security/jailkit/distinfo,v >> retrieving revision 1.8 >> diff -u -p -r1.8 distinfo >> --- distinfo 20 Dec 2015 15:43:46 - 1.8 >> +++ distinfo 10 Apr 2020 13:10:05 - >> @@ -1,2 +1,2 @@ >> -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= >> -SIZE (jailkit-2.19.tar.gz) = 142280 >> +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= >> +SIZE (jailkit-2.21.tar.gz) = 141341 >> Index: patches/patch-ini_jk_init_ini >> === >> RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v >> retrieving revision 1.3 >> diff -u -p -r1.3 patch-ini_jk_init_ini >> --- patches/patch-ini_jk_init_ini26 Mar 2014 17:38:27 - 1.3 >> +++ patches/patch-ini_jk_init_ini10 Apr 2020 13:10:05 - >> @@ -1,32 +1,10 @@ >> -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ >> +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ >> >> -fix some default paths in the jail creation configuration file >> +fix installation directories and default paths in the jail creation >> configuration file >> >> ini/jk_init.ini.origMon Dec 23 06:02:42 2013 >> -+++ ini/jk_init.ini Wed Dec 25 16:04:26 2013 >> -@@ -2,18 +2,18 @@ >> - # this section probably needs adjustment on 64bit systems >> - # or non-Linux systems >> - comment = common files for all jails that need user/group informat
Re: update jailkit to 2.21 and move to python3
On Fri, 10 Apr 2020 at 09:26:02 -0400, Aisha Tammy wrote: > Hi Stuart, > Dope comments, thanks a lot! > The plist was the sickest, it even did the __pycache__ :O > I totally did not expect so much complexity from just plist, I did read it > but like thought it was just going to do what I did, like, just add and > subtract 1 or 2 lines. > Next time I'm just gonna keep running all possible commands. > > I am in totally love with make clean patch/build/fake, repeat. Its a hugely > productive pipeline, makes life so much simpler. > I wish gentoo was as simple, but emerge is also super dope. I really like how > their stuff is so similar to ports :D :D > > I should stop rambling, I have a habit of just going on and on and on. > > I have handled all of the comments, hopefully not adding any more mistakes. > Lemme know if I need to make more changes, this process of porting is super > fun. > jailkit is dank, I'm doing all my cancerous nodejs and django self hosting in > chroots now. > I'm also writing up common inits on github, maybe I can also add that to the > pkg-readme if I get time. > Maybe someday we can have actualy jails, but till then i can get my daily fix > from this :D > > Cheers, > Aisha > > Index: Makefile > === > RCS file: /cvs/ports/security/jailkit/Makefile,v > retrieving revision 1.15 > diff -u -p -r1.15 Makefile > --- Makefile 12 Jul 2019 20:49:03 - 1.15 > +++ Makefile 10 Apr 2020 13:10:05 - > @@ -2,18 +2,21 @@ > > COMMENT= utilities for jailing a user or process > > -DISTNAME=jailkit-2.19 > +DISTNAME=jailkit-2.21 > CATEGORIES= security sysutils > > -HOMEPAGE=http://olivier.sessink.nl/jailkit/ > +HOMEPAGE=https://olivier.sessink.nl/jailkit/ > > -MASTER_SITES=http://olivier.sessink.nl/jailkit/ > +MASTER_SITES=https://olivier.sessink.nl/jailkit/ > > # BSD - LGPLv2 > -PERMIT_PACKAGE= Yes > +PERMIT_PACKAGE= Yes > > MODULES= lang/python > -WANTLIB += c pthread > + > +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} > + > +WANTLIB+=c pthread > > NO_TEST= Yes > > @@ -34,9 +37,8 @@ pre-configure: > ${SUBST_CMD} ${WRKSRC}/man/$${i}; done > > post-install: > - # recreate the .pyc file, otherwise it would change > - # after installation > - rm ${PREFIX}/share/jailkit/jk_lib.pyc > + # compile the jailkit python files so that they > + # are removed correctly when uninstalling > ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ > ${PREFIX}/share/jailkit > > Index: distinfo > === > RCS file: /cvs/ports/security/jailkit/distinfo,v > retrieving revision 1.8 > diff -u -p -r1.8 distinfo > --- distinfo 20 Dec 2015 15:43:46 - 1.8 > +++ distinfo 10 Apr 2020 13:10:05 - > @@ -1,2 +1,2 @@ > -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= > -SIZE (jailkit-2.19.tar.gz) = 142280 > +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= > +SIZE (jailkit-2.21.tar.gz) = 141341 > Index: patches/patch-ini_jk_init_ini > === > RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-ini_jk_init_ini > --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 - 1.3 > +++ patches/patch-ini_jk_init_ini 10 Apr 2020 13:10:05 - > @@ -1,32 +1,10 @@ > -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ > +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ > > -fix some default paths in the jail creation configuration file > +fix installation directories and default paths in the jail creation > configuration file > > ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 > -+++ ini/jk_init.ini Wed Dec 25 16:04:26 2013 > -@@ -2,18 +2,18 @@ > - # this section probably needs adjustment on 64bit systems > - # or non-Linux systems > - comment = common files for all jails that need user/group information > --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf > -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, > ${SYSCONFDIR}/ld.so.conf > - # Solaris needs > --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, > /etc/nsswitch.conf > -+# paths = ${SYSCONFDIR}/defau
Re: update jailkit to 2.21 and move to python3
Hi Stuart, Dope comments, thanks a lot! The plist was the sickest, it even did the __pycache__ :O I totally did not expect so much complexity from just plist, I did read it but like thought it was just going to do what I did, like, just add and subtract 1 or 2 lines. Next time I'm just gonna keep running all possible commands. I am in totally love with make clean patch/build/fake, repeat. Its a hugely productive pipeline, makes life so much simpler. I wish gentoo was as simple, but emerge is also super dope. I really like how their stuff is so similar to ports :D :D I should stop rambling, I have a habit of just going on and on and on. I have handled all of the comments, hopefully not adding any more mistakes. Lemme know if I need to make more changes, this process of porting is super fun. jailkit is dank, I'm doing all my cancerous nodejs and django self hosting in chroots now. I'm also writing up common inits on github, maybe I can also add that to the pkg-readme if I get time. Maybe someday we can have actualy jails, but till then i can get my daily fix from this :D Cheers, Aisha Index: Makefile === RCS file: /cvs/ports/security/jailkit/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile12 Jul 2019 20:49:03 - 1.15 +++ Makefile10 Apr 2020 13:10:05 - @@ -2,18 +2,21 @@ COMMENT= utilities for jailing a user or process -DISTNAME= jailkit-2.19 +DISTNAME= jailkit-2.21 CATEGORIES=security sysutils -HOMEPAGE= http://olivier.sessink.nl/jailkit/ +HOMEPAGE= https://olivier.sessink.nl/jailkit/ -MASTER_SITES= http://olivier.sessink.nl/jailkit/ +MASTER_SITES= https://olivier.sessink.nl/jailkit/ # BSD - LGPLv2 -PERMIT_PACKAGE=Yes +PERMIT_PACKAGE=Yes MODULES= lang/python -WANTLIB += c pthread + +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} + +WANTLIB+= c pthread NO_TEST= Yes @@ -34,9 +37,8 @@ pre-configure: ${SUBST_CMD} ${WRKSRC}/man/$${i}; done post-install: - # recreate the .pyc file, otherwise it would change - # after installation - rm ${PREFIX}/share/jailkit/jk_lib.pyc + # compile the jailkit python files so that they + # are removed correctly when uninstalling ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ ${PREFIX}/share/jailkit Index: distinfo === RCS file: /cvs/ports/security/jailkit/distinfo,v retrieving revision 1.8 diff -u -p -r1.8 distinfo --- distinfo20 Dec 2015 15:43:46 - 1.8 +++ distinfo10 Apr 2020 13:10:05 - @@ -1,2 +1,2 @@ -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= -SIZE (jailkit-2.19.tar.gz) = 142280 +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= +SIZE (jailkit-2.21.tar.gz) = 141341 Index: patches/patch-ini_jk_init_ini === RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v retrieving revision 1.3 diff -u -p -r1.3 patch-ini_jk_init_ini --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 - 1.3 +++ patches/patch-ini_jk_init_ini 10 Apr 2020 13:10:05 - @@ -1,32 +1,10 @@ -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ -fix some default paths in the jail creation configuration file +fix installation directories and default paths in the jail creation configuration file ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 -+++ ini/jk_init.iniWed Dec 25 16:04:26 2013 -@@ -2,18 +2,18 @@ - # this section probably needs adjustment on 64bit systems - # or non-Linux systems - comment = common files for all jails that need user/group information --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, ${SYSCONFDIR}/ld.so.conf - # Solaris needs --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, /etc/nsswitch.conf -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, ${SYSCONFDIR}/nsswitch.conf - - [netbasics] - comment = common files for all jails that need any internet connectivity --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /etc/resolv.conf, /etc/host.conf, /etc
Re: update jailkit to 2.21 and move to python3
On 2020/04/10 07:21, Aisha Tammy wrote: > Dammit I totally missed that. > Seems like my thunderbird mail has default wrapping on. > I've disabled it and have copied the diff, hopefully correctly this time. > > Thanks a lot. Thanks, that applies now. > HOMEPAGE=http://olivier.sessink.nl/jailkit/ > @@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl These can use https now. > post-install: > - # recreate the .pyc file, otherwise it would change > - # after installation > + # remove the .pyc file, as we are in python 3 this comment doesn't make much sense to me.. > rm ${PREFIX}/share/jailkit/jk_lib.pyc > + # now compile the new file so that it is added > ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ > ${PREFIX}/share/jailkit > > Index: distinfo > === > RCS file: /cvs/ports/security/jailkit/distinfo,v > retrieving revision 1.8 > diff -u -p -r1.8 distinfo > --- distinfo 20 Dec 2015 15:43:46 - 1.8 > +++ distinfo 10 Apr 2020 11:14:57 - > @@ -1,2 +1,2 @@ > -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= > -SIZE (jailkit-2.19.tar.gz) = 142280 > +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= > +SIZE (jailkit-2.21.tar.gz) = 141341 > Index: patches/patch-ini_jk_init_ini > === > RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-ini_jk_init_ini > --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 - 1.3 > +++ patches/patch-ini_jk_init_ini 10 Apr 2020 11:14:57 - > @@ -1,32 +1,10 @@ > -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ > +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ doesn't matter now, but please leave the $OpenBSD$ lines alone, they are handled by cvs. > > -fix some default paths in the jail creation configuration file > +A lot of additions to fixing installation directories and fixing line numbers The comments in the patches should describe the patch, not what has been changed since the last version of the patch. Old comment makes sense here. > > ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 > -+++ ini/jk_init.ini Wed Dec 25 16:04:26 2013 > -@@ -2,18 +2,18 @@ > - # this section probably needs adjustment on 64bit systems > - # or non-Linux systems > - comment = common files for all jails that need user/group information > --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf > -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, > ${SYSCONFDIR}/ld.so.conf > - # Solaris needs > --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, > /etc/nsswitch.conf > -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, > ${SYSCONFDIR}/nsswitch.conf > - > - [netbasics] > - comment = common files for all jails that need any internet connectivity > --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /etc/resolv.conf, > /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services > -+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, > ${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts, > ${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services > - # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure > - > - [logbasics] > - comment = timezone information and log sockets > --paths = /etc/localtime > -+paths = ${SYSCONFDIR}/localtime > - need_logsocket = 1 > - # Solaris does not need logsocket > - # but needs > +Index: ini/jk_init.ini > +--- ini/jk_init.ini.orig > ini/jk_init.ini > @@ -21,7 +21,7 @@ need_logsocket = 1 > > [jk_lsh] > @@ -68,7 +46,7 @@ fix some default paths in the jail creat > > [netutils] > comment = several internet utilities like wget, ftp, rsync, scp, ssh > -@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils > +@@ -110,17 +110,16 @@ includesections = extendedshell, netutils, apacheutils > > [openvpn] > comment = jail for the openvpn daemon > @@ -76,8 +54,10 @@ fix some default paths in the jail creat > +paths = ${LOCALBASE}/sbin/openvpn > users = root,nobody > groups = root,nogroup > - includesections = netbasics > -@@ -120,7 +120,7 @@ need_logsocket = 1 > +-includesections = netbasics > + devices = /dev/urandom, /dev/random, /dev/net/tun > + includesections = netbasics, uidbasics > + need_logsocket = 1 > >
Re: update jailkit to 2.21 and move to python3
Dammit I totally missed that. Seems like my thunderbird mail has default wrapping on. I've disabled it and have copied the diff, hopefully correctly this time. Thanks a lot. Index: Makefile === RCS file: /cvs/ports/security/jailkit/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile12 Jul 2019 20:49:03 - 1.15 +++ Makefile10 Apr 2020 11:14:57 - @@ -2,7 +2,7 @@ COMMENT= utilities for jailing a user or process -DISTNAME= jailkit-2.19 +DISTNAME= jailkit-2.21 CATEGORIES=security sysutils HOMEPAGE= http://olivier.sessink.nl/jailkit/ @@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl PERMIT_PACKAGE=Yes MODULES= lang/python + +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} + WANTLIB += c pthread NO_TEST= Yes @@ -34,9 +37,9 @@ pre-configure: ${SUBST_CMD} ${WRKSRC}/man/$${i}; done post-install: - # recreate the .pyc file, otherwise it would change - # after installation + # remove the .pyc file, as we are in python 3 rm ${PREFIX}/share/jailkit/jk_lib.pyc + # now compile the new file so that it is added ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ ${PREFIX}/share/jailkit Index: distinfo === RCS file: /cvs/ports/security/jailkit/distinfo,v retrieving revision 1.8 diff -u -p -r1.8 distinfo --- distinfo20 Dec 2015 15:43:46 - 1.8 +++ distinfo10 Apr 2020 11:14:57 - @@ -1,2 +1,2 @@ -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= -SIZE (jailkit-2.19.tar.gz) = 142280 +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= +SIZE (jailkit-2.21.tar.gz) = 141341 Index: patches/patch-ini_jk_init_ini === RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v retrieving revision 1.3 diff -u -p -r1.3 patch-ini_jk_init_ini --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 - 1.3 +++ patches/patch-ini_jk_init_ini 10 Apr 2020 11:14:57 - @@ -1,32 +1,10 @@ -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ -fix some default paths in the jail creation configuration file +A lot of additions to fixing installation directories and fixing line numbers ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 -+++ ini/jk_init.iniWed Dec 25 16:04:26 2013 -@@ -2,18 +2,18 @@ - # this section probably needs adjustment on 64bit systems - # or non-Linux systems - comment = common files for all jails that need user/group information --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, ${SYSCONFDIR}/ld.so.conf - # Solaris needs --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, /etc/nsswitch.conf -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, ${SYSCONFDIR}/nsswitch.conf - - [netbasics] - comment = common files for all jails that need any internet connectivity --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services -+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, ${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts, ${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services - # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure - - [logbasics] - comment = timezone information and log sockets --paths = /etc/localtime -+paths = ${SYSCONFDIR}/localtime - need_logsocket = 1 - # Solaris does not need logsocket - # but needs +Index: ini/jk_init.ini +--- ini/jk_init.ini.orig ini/jk_init.ini @@ -21,7 +21,7 @@ need_logsocket = 1 [jk_lsh] @@ -68,7 +46,7 @@ fix some default paths in the jail creat [netutils] comment = several internet utilities like wget, ftp, rsync, scp, ssh -@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils +@@ -110,17 +110,16 @@ includesections = extendedshell, netutils, apacheutils [openvpn] comment = jail for the openvpn daemon @@ -76,8 +54,10 @@ fix some default paths in the jail creat +paths = ${LOCALBASE}/sbin/openvpn users = root,nobody groups = root,nogroup - includesections = netbasics -@@ -120,7 +1
Re: update jailkit to 2.21 and move to python3
Your diff is unusable, it is word-wrapped. On 2020/04/09 23:38, Aisha Tammy wrote: > a much larger diff for correcting upstream errors > I have contacted the dev, but it might be a while and this will only > come in the next release > > comments? ok? > > aisha > > Index: Makefile > === > RCS file: /cvs/ports/security/jailkit/Makefile,v > retrieving revision 1.15 > diff -u -p -r1.15 Makefile > --- Makefile 12 Jul 2019 20:49:03 - 1.15 > +++ Makefile 10 Apr 2020 03:35:29 - > @@ -2,7 +2,7 @@ > > COMMENT= utilities for jailing a user or process > > -DISTNAME=jailkit-2.19 > +DISTNAME=jailkit-2.21 > CATEGORIES= security sysutils > > HOMEPAGE=http://olivier.sessink.nl/jailkit/ > @@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl > PERMIT_PACKAGE= Yes > > MODULES= lang/python > + > +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} > + > WANTLIB += c pthread > > NO_TEST= Yes > @@ -34,9 +37,9 @@ pre-configure: > ${SUBST_CMD} ${WRKSRC}/man/$${i}; done > > post-install: > - # recreate the .pyc file, otherwise it would change > - # after installation > + # remove the .pyc file, as we are in python 3 > rm ${PREFIX}/share/jailkit/jk_lib.pyc > + # now compile the new file so that it is added > ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ > ${PREFIX}/share/jailkit > > Index: distinfo > === > RCS file: /cvs/ports/security/jailkit/distinfo,v > retrieving revision 1.8 > diff -u -p -r1.8 distinfo > --- distinfo 20 Dec 2015 15:43:46 - 1.8 > +++ distinfo 10 Apr 2020 03:35:29 - > @@ -1,2 +1,2 @@ > -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= > -SIZE (jailkit-2.19.tar.gz) = 142280 > +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= > +SIZE (jailkit-2.21.tar.gz) = 141341 > Index: patches/patch-ini_jk_init_ini > === > RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-ini_jk_init_ini > --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 - 1.3 > +++ patches/patch-ini_jk_init_ini 10 Apr 2020 03:35:29 - > @@ -1,32 +1,10 @@ > -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ > +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ > > -fix some default paths in the jail creation configuration file > +A lot of additions to fixing installation directories and fixing line > numbers > > ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 > -+++ ini/jk_init.ini Wed Dec 25 16:04:26 2013 > -@@ -2,18 +2,18 @@ > - # this section probably needs adjustment on 64bit systems > - # or non-Linux systems > - comment = common files for all jails that need user/group information > --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf > -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, > /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, > /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, > /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, > ${SYSCONFDIR}/ld.so.conf > - # Solaris needs > --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, > /etc/nsswitch.conf > -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, > /usr/lib/nss_*.so.1, ${SYSCONFDIR}/nsswitch.conf > - > - [netbasics] > - comment = common files for all jails that need any internet connectivity > --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, > /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services > -+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, > ${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts, > ${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services > - # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure > - > - [logbasics] > - comment = timezone information and log sockets > --paths = /etc/localtime > -+paths = ${SYSCONFDIR}/localtime > - need_logsocket = 1 > - # Solaris does not need logsocket > - # but needs > +Index: ini/jk_init.ini > +--- ini/jk_init.ini.orig > ini/jk_init.ini > @@ -21,7 +21,7 @@ need_logsocket = 1 > > [jk_lsh] > @@ -68,7 +46,7 @@ fix some default paths in the jail creat > > [netutils] > comment = several internet utilities like wget, ftp, rsync, scp, ssh > -@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils > +@@ -110,17 +110,16 @@ includesections = extendedshell, netutils,
Re: update jailkit to 2.21 and move to python3
a much larger diff for correcting upstream errors I have contacted the dev, but it might be a while and this will only come in the next release comments? ok? aisha Index: Makefile === RCS file: /cvs/ports/security/jailkit/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile12 Jul 2019 20:49:03 - 1.15 +++ Makefile10 Apr 2020 03:35:29 - @@ -2,7 +2,7 @@ COMMENT= utilities for jailing a user or process -DISTNAME= jailkit-2.19 +DISTNAME= jailkit-2.21 CATEGORIES=security sysutils HOMEPAGE= http://olivier.sessink.nl/jailkit/ @@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl PERMIT_PACKAGE=Yes MODULES= lang/python + +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} + WANTLIB += c pthread NO_TEST= Yes @@ -34,9 +37,9 @@ pre-configure: ${SUBST_CMD} ${WRKSRC}/man/$${i}; done post-install: - # recreate the .pyc file, otherwise it would change - # after installation + # remove the .pyc file, as we are in python 3 rm ${PREFIX}/share/jailkit/jk_lib.pyc + # now compile the new file so that it is added ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ ${PREFIX}/share/jailkit Index: distinfo === RCS file: /cvs/ports/security/jailkit/distinfo,v retrieving revision 1.8 diff -u -p -r1.8 distinfo --- distinfo20 Dec 2015 15:43:46 - 1.8 +++ distinfo10 Apr 2020 03:35:29 - @@ -1,2 +1,2 @@ -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= -SIZE (jailkit-2.19.tar.gz) = 142280 +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= +SIZE (jailkit-2.21.tar.gz) = 141341 Index: patches/patch-ini_jk_init_ini === RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v retrieving revision 1.3 diff -u -p -r1.3 patch-ini_jk_init_ini --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 - 1.3 +++ patches/patch-ini_jk_init_ini 10 Apr 2020 03:35:29 - @@ -1,32 +1,10 @@ -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ -fix some default paths in the jail creation configuration file +A lot of additions to fixing installation directories and fixing line numbers ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 -+++ ini/jk_init.iniWed Dec 25 16:04:26 2013 -@@ -2,18 +2,18 @@ - # this section probably needs adjustment on 64bit systems - # or non-Linux systems - comment = common files for all jails that need user/group information --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, ${SYSCONFDIR}/ld.so.conf - # Solaris needs --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, /etc/nsswitch.conf -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, ${SYSCONFDIR}/nsswitch.conf - - [netbasics] - comment = common files for all jails that need any internet connectivity --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services -+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, ${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts, ${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services - # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure - - [logbasics] - comment = timezone information and log sockets --paths = /etc/localtime -+paths = ${SYSCONFDIR}/localtime - need_logsocket = 1 - # Solaris does not need logsocket - # but needs +Index: ini/jk_init.ini +--- ini/jk_init.ini.orig ini/jk_init.ini @@ -21,7 +21,7 @@ need_logsocket = 1 [jk_lsh] @@ -68,7 +46,7 @@ fix some default paths in the jail creat [netutils] comment = several internet utilities like wget, ftp, rsync, scp, ssh -@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils +@@ -110,17 +110,16 @@ includesections = extendedshell, netutils, apacheutils [openvpn] comment = jail for the openvpn daemon @@ -76,8 +54,10 @@ fix some default paths in the jail creat +paths = ${LOCALBASE}/sbin/openvpn users = root,nobody groups = root,nogroup - includesections = netbasics -@@ -120,7 +120,7 @@ need_logsocket = 1 +-includesecti
update jailkit to 2.21 and move to python3
First port, any comments are helpful tested on amd64, should work everywhere there is python3 ok? Index: Makefile === RCS file: /cvs/ports/security/jailkit/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile12 Jul 2019 20:49:03 - 1.15 +++ Makefile8 Apr 2020 22:46:16 - @@ -2,7 +2,7 @@ COMMENT= utilities for jailing a user or process -DISTNAME= jailkit-2.19 +DISTNAME= jailkit-2.21 CATEGORIES=security sysutils HOMEPAGE= http://olivier.sessink.nl/jailkit/ @@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl PERMIT_PACKAGE=Yes MODULES= lang/python + +MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3} + WANTLIB += c pthread NO_TEST= Yes @@ -34,9 +37,9 @@ pre-configure: ${SUBST_CMD} ${WRKSRC}/man/$${i}; done post-install: - # recreate the .pyc file, otherwise it would change - # after installation + # remove the .pyc file, as we are in python 3 rm ${PREFIX}/share/jailkit/jk_lib.pyc + # now compile the new file so that it is added ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \ ${PREFIX}/share/jailkit Index: distinfo === RCS file: /cvs/ports/security/jailkit/distinfo,v retrieving revision 1.8 diff -u -p -r1.8 distinfo --- distinfo20 Dec 2015 15:43:46 - 1.8 +++ distinfo8 Apr 2020 22:46:16 - @@ -1,2 +1,2 @@ -SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig= -SIZE (jailkit-2.19.tar.gz) = 142280 +SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ= +SIZE (jailkit-2.21.tar.gz) = 141341 Index: patches/patch-ini_jk_init_ini === RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v retrieving revision 1.3 diff -u -p -r1.3 patch-ini_jk_init_ini --- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 - 1.3 +++ patches/patch-ini_jk_init_ini 8 Apr 2020 22:46:16 - @@ -1,32 +1,10 @@ -$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $ +$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $ -fix some default paths in the jail creation configuration file +A lot of additions to fixing installation directories and fixing line numbers ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013 -+++ ini/jk_init.iniWed Dec 25 16:04:26 2013 -@@ -2,18 +2,18 @@ - # this section probably needs adjustment on 64bit systems - # or non-Linux systems - comment = common files for all jails that need user/group information --paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf -+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1, /lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1, /lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf, ${SYSCONFDIR}/ld.so.conf - # Solaris needs --# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, /etc/nsswitch.conf -+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1, ${SYSCONFDIR}/nsswitch.conf - - [netbasics] - comment = common files for all jails that need any internet connectivity --paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services -+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2, ${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts, ${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services - # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure - - [logbasics] - comment = timezone information and log sockets --paths = /etc/localtime -+paths = ${SYSCONFDIR}/localtime - need_logsocket = 1 - # Solaris does not need logsocket - # but needs +Index: ini/jk_init.ini +--- ini/jk_init.ini.orig ini/jk_init.ini @@ -21,7 +21,7 @@ need_logsocket = 1 [jk_lsh] @@ -68,7 +46,7 @@ fix some default paths in the jail creat [netutils] comment = several internet utilities like wget, ftp, rsync, scp, ssh -@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils +@@ -110,17 +110,16 @@ includesections = extendedshell, netutils, apacheutils [openvpn] comment = jail for the openvpn daemon @@ -76,8 +54,10 @@ fix some default paths in the jail creat +paths = ${LOCALBASE}/sbin/openvpn users = root,nobody groups = root,nogroup - includesections = netbasics -@@ -120,7 +120,7 @@ need_logsocket = 1 +-includesections = netbasics + devices = /dev/urandom, /dev/random, /dev/net/tun +