Re: Call for testers: www/shellinabox (Shell in a Box)
Olivier Cochard-Labbé wrote: I've just finished my port of Shell in a Box: It's a secure web server that provide ajax terminal emulator. More information on the official website: http://code.google.com/p/shellinabox/ After looking at the port for a while, I have some suggestions. The port creates ${PREFIX}/etc/shellinabox directory, chowns it to nobody and chmods it to 777. The reason for this is that shellinabox creates certificates during the runtime and stores them into that directory, but it only does that after dropping to nobody user. As the author of shellinabox notes [1], this is a bad idea, because any user can read and modify your keys this way. I also have a vague feeling that storing variable files in ${PREFIX}/etc/shellinabox is a bad idea as well (to compare, Debian port uses /var/lib/shellinabox). So what I propose is this: 1. Create shellinabox user and group (via USERS and GROUPS). 2. Update rc script to start shellinaboxd with that user and group. 3. Make the certificate directory 700, owned by shellinabox:shellinabox. 4. Move the certificate directory to /var/shellinabox or similar (what's our conventional location for this kind of files?). I'm not sure on the 4 though. Any thoughts? [1] http://code.google.com/p/shellinabox/issues/detail?id=22#c2 ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Possibly unbuildable ports reminder
Dear porters, This is just a reminder to please periodically check the list of unbuildable ports at http://pointyhat.freebsd.org/errorlogs/ . A list by MAINTAINER is http://people.freebsd.org/~fenner/errorlogs/ so you can easily check the status of ports that you maintain. In addition, the list of ports with no MAINTAINER with build problems is http://people.freebsd.org/~fenner/errorlogs/po...@freebsd.org.html Since no one is responsible for these ports, the problem won't get fixed unless someone on this list takes the initiative. Thanks for your help! Bill annoying port email Fenner ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Early CONFLICTS detection is POLA viloation?
On 27/06/2010 20:04, Lev Serebryakov wrote: Hello, Freebsd-ports. I understand, that this change (ports/137855, bsd.port.mk:1.632) was made 6 months ago, but I've noticed it only now (twice in one day!). Am I only person, who thinks, that this change is HUGE POLA violation? Definitely not, I actually got abuse reported by portmgr for my very upset e-mails. I'm kinda mystified who was offended in which way, I have reread my e-mails and though they were born of my annoyance I find nothing there that would have offended me had I been at the receiving end. -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Current unassigned ports problem reports
(Note: an HTML version of this report is available at http://www.freebsd.org/cgi/query-pr-summary.cgi?category=ports .) The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description o ports/148198[MAINTAINER UPDATE] sysutils/rdup: update to 1.1.7 f ports/148195[patch] fix \ prefixed mapping for textproc/scim-kmfl- o ports/148188Update port: print/latex-csquotes update to 5.0a o ports/148187update mail/vm to 8.1.0 o ports/148182[patch] Font-size in www/webkit-gtk2 error template. o ports/148181games/ftjava: wrong site address f ports/148170net/sslh: patch that add rc startup script f ports/148168[PATCH] update deskutils/alexandria to 0.6.6 o ports/148158[PATCH] net/p5-IO-Socket-INET6: update to 2.65 o ports/148156[MAINTAINER] devel/doxygen: update to 1.7.1 f ports/148145print/cups-samba: Add ability to use difference samba o ports/148142Update port: astro/glunarclock version update 0.34.1 f ports/148141Update port: net/ssltunnel-client f ports/148140Update and unbreak port: net/ssltunnel-server o ports/148135[MAINTAINER] databases/pgsphere: fix deinstallation wh o ports/148131Update port: java/castor to version 1.3.1 o ports/148122Update Port: deve/libdombey = 1.2 o ports/148115[PATCH] devel/nant: update to 0.90, take maintainershi o ports/148114Update port: java/jgraph Update and claim maintainersh o ports/148113Maintainer update: textproc/atom change MASTER_SITES o ports/148099patch available for emacs movemail vulnerability. o ports/148098new port: math/x12arima s ports/148090[PATCH] security/ike: update to 2.1.5 o ports/148085Port update: comms/uhso-kmod - Update to v20100416 f ports/148082Update port: audio/musicpd from 0.15.8 to 0.15.10 o ports/148075[PATCH] oss/files path issue with soundon script o ports/148065net-mgmt/rate: rate program put interface in promiscuo f ports/148057[patch] upgrade of security/ossec-hids-server and secu o ports/148044www/squid31: Updating squid 3.1.3 to 3.1.4 fails on Fr f ports/148036[PATCH] ports-mgmt/p5-FreeBSD-Ports-INDEXhash: require f ports/148028[PATCH] net/haproxy: update to 1.4.8 o ports/148027New port: graphics/ramenhdr, node based video composit o ports/148025When you open the zip file, mc looking unzip down the o ports/148021irc/minbif port update (1.0.2-1.0.3) o ports/148020[Patch] audio/cmus update to 2.3.3 o ports/148014[update] libticonv/libtifiles2/libticables2/libticalcs o ports/148012[maintainer update] net/ucarp: cosmetic fixes. o ports/148010bug in net/freeswitch-core o ports/148007[UPDATE] arabic/kacst_fonts f ports/147997[UPDATE] Update mail/dovecot-sieve to 0.1.17 f ports/147996[UPDATE] Update mail/dovecot to 1.2.12 o ports/147994[PATCH] www/scloader: update to 0.32 f ports/147993[patch] mail/dkim-milter -- plist problems o ports/147987ftp/hsftp update f ports/147982[patch] multimedia/xmms-weasel fix depends o ports/147981[patch] multimedia/xmms-status-plugin fix depends f ports/147977[patch] irc/ratbox-services mark MAKE_JOBS_UNSAFE f ports/147973[patch] audio/xmmsctrl fix depends f ports/147970net/quagga: Ipv6 addresses cannot be assigned to inter o ports/147958[MAINTAINER] sysutils/luckybackup: Update to 0.4.0 o ports/147944[NEW PORT] net/gogoc: GogoCLIENT, which is needed to c o ports/147943New port: net/radsecproxy Radsecproxy is a generic RAD o ports/147942www/moinmoin sends wrong http header when in editor mo o ports/147936New port: sysutils/dtpstree Display a tree of processe o ports/147930[ports] maintainer update: devel/google-perftools f ports/147922[PATCH] audio/aumix: update to 2.9.1 f ports/147921add reload command to rc script of audio/icecast2 f ports/147916[PATCH] net/empty: update to 0.6.18b o ports/147911[PATCH] net-im/ejabberd: update to 2.1.4 f ports/147907[patch] www/tclhttpd don't hardcode -j2 o ports/147898[patch] sysutils/uhidd: open /usr/local/etc/uhidd.conf o ports/147895[MAINTAINER] sysutils/fusefs-mhddfs: update to 0.1.35 o ports/147889New port: devel/maven-ant-tasks Allows Maven's handlin o ports/147882Maintainer
Re: Call for testers: www/shellinabox (Shell in a Box)
From: Vitaly Magerya vmage...@gmail.com [SNIP] 4. Move the certificate directory to /var/shellinabox or similar (what's our conventional location for this kind of files?). I'm not sure on the 4 though. Any thoughts? Id say possibly /var/db/shellinabox /var/db/ seems to be used by a fair number of services for record keeping of various things. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Call for testers: www/shellinabox (Shell in a Box)
2010/6/28 Vitaly Magerya vmage...@gmail.com: So what I propose is this: 1. Create shellinabox user and group (via USERS and GROUPS). 2. Update rc script to start shellinaboxd with that user and group. 3. Make the certificate directory 700, owned by shellinabox:shellinabox. Thanks for your tips, I've updated the port, here how to proceed now: cd /usr/port/www fetch http://gugus69.free.fr/tools/shellinabox.tgz tar zxvf shellinabox.tgz cd shellinabox patch ../../UIDs UIDs.diff patch ../../GIDs GIDs.diff make install clean /usr/local/etc/rc.d/shellinaboxd onestart For information: MD5 (shellinabox.tgz) = c553fd6b05d0b136cbef95f8cb808072 I've used the UID/GID 139 that seem available. 4. Move the certificate directory to /var/shellinabox or similar (what's our conventional location for this kind of files?). I'm not sure on the 4 though. Any thoughts? I let the certificate in /usr/local/etc/shellinabox (on my nanoBSD, /var is a volatile RAM disk). Regards, Olivier ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: flag to tell ports that you are only building for yourself
On Sun, 27 Jun 2010 23:09:47 -0400 Eitan Adler li...@eitanadler.com wrote: I'd like to add a flag to tell ports that you are building only for yourself that and optimizations that typically are not enabled could be turned on. You can do this yourself. If you add in make.conf something like .if defined(BUILD_FOR_SELF) CPUTYPE?= athlon64 .endif # cd /ports/www/squid # make -V CFLAGS -O2 -pipe -fno-strict-aliasing # setenv BUILD_FOR_SELF yes # make -V CFLAGS -O2 -pipe -march=athlon-mp -fno-strict-aliasing ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
net/Sockets
Hello. Any news on updating this port? Latest version is 2.3.9.2. We have: net/Sockets = 2.1.4 net/Sockets-devel = 1.9.9 (!!!) Is anyone working on this? If not I might give a try at updating this port. bye Thanks av. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: net/Sockets
On Mon, Jun 28, 2010 at 09:19:05PM +0200, Andrea Venturoli wrote: Any news on updating this port? They're unmaintained, so it's probably up to you to do it :-) mcl ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: This construction doesn't work
Em 2010.06.29. 0:24, Paul Schmehl escreveu: I'm working on a port update for one of the ports that I maintain, and I've run into a problem that I can't seem to solve. I use this construction to ensure that the port doesn't overwrite the conf file, if one exists: .for f in barnyard2.conf ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample [ -f ${PREFIX}/etc/${f} ] || \ ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f} .endfor But it gets overwritten anyway. What am I doing wrong? I thought this worked before, but I can't be sure. Testing proves that it does not work now. I tried to changing to an if [ ! -f construction, but that didn't do a thing. I think it should work, I used to write the same in audio/shoutcast. Are you testing by installing from port or from package? It should work for ports but for packages, you need some more magic in pkg-plist. You can also refer to audio/shoutcast how it is done there. Maybe is it what you missed? Regards, Gabor ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Fwd: [sudo-workers] sudo 1.7.3rc1 available
See below for the changes to sudo 1.7.3 which is set to be released soon. If you want to test out the 1.7.3rc1 update please fetch the patch from http://people.freebsd.org/~wxs/sudo.diff, apply it and rebuild. Please reply back to me privately with reports of success or failures. I'll probably get the update in the tree sometime early or mid-July. -- WXS - Forwarded message from Todd C. Miller todd.mil...@courtesan.com - Date: Mon, 28 Jun 2010 09:56:10 -0400 From: Todd C. Miller todd.mil...@courtesan.com To: sudo-work...@sudo.ws Cc: sudo-us...@sudo.ws Subject: [sudo-workers] sudo 1.7.3rc1 available The first release candidate of sudo 1.7.3 is now available. Sudo 1.7.3 is scheduled for release on June 30th. Download links: http://www.sudo.ws/sudo/dist/beta/sudo-1.7.3rc1.tar.gz ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.7.3rc1.tar.gz Major changes between sudo 1.7.2p7 and 1.7.3rc1: * Support for logging I/O for the command being run. For more information, see the documentation for the log_input and log_output Defaults options in the sudoers manual. Also see the sudoreplay manual for how to replay I/O log sessions. * The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled. * On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only). * On AIX systems, the registry setting in /etc/security/user is now taken into account when looking up users and groups. Sudo now applies the correct the user and group ids when running a command as a user whose account details come from a different source (e.g. LDAP or DCE vs. local files). * Support for multiple 'sudoers_base' and 'uri' entries in ldap.conf. When multiple entries are listed, sudo will try each one in the order in which they are specified. * Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal. * Sudo will now use the Linux audit system with configure with the --with-linux-audit flag. * Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this. * When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of unknown. As a consequence, if a user has no terminal device, sudo will now always prompt for a password. * The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values. * Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed. sudo-workers mailing list sudo-work...@sudo.ws For list information, options, or to unsubscribe, visit: http://www.sudo.ws/mailman/listinfo/sudo-workers - End forwarded message - ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org