Re: security/pinentry patch for WINOUT_X11 systems
At Tue, 23 Dec 2014 00:36:24 +0300 (MSK), Dmitry Morozovsky ma...@rinet.ru wrote: pinentry currently brokes if WITHOUT_X11 (or, by new world orderm OPTIONS_UNSET+=X11) is set. You can use security/pinentry-curses if you don't want Qt/GTK+ gui. Ah I see. Maybe then security/gnupg should detect headless config and switch between generic and curses ports, perhaps? Hmm, I'm no problem with this patch, but should this be handled by security/pinentry meta-port side? Index: security/gnupg/Makefile === --- security/gnupg/Makefile (revision 375271) +++ security/gnupg/Makefile (working copy) @@ -22,7 +22,11 @@ libksba.so:${PORTSDIR}/security/libksba \ libnpth.so:${PORTSDIR}/devel/npth BUILD_DEPENDS= libgpg-error=1.11:${PORTSDIR}/security/libgpg-error +.if defined(WITHOUT_X11) || ${OPTIONS_UNSET:MX11} +RUN_DEPENDS= pinentry0:${PORTSDIR}/security/pinentry-curses +.else RUN_DEPENDS= pinentry0:${PORTSDIR}/security/pinentry +.endif GNU_CONFIGURE= YES USES= gmake iconv tar:bzip2 -- Jun Kuriyama kuriy...@freebsd.org // FreeBSD Project kuriy...@s2factory.co.jp // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: libgcrypt security
At least security/gnupg1, I've updated to 1.4.14 just after announce released. 2013/8/10 Andrew andre...@hush.ai Hi all. GPG and libgcrypt were updated for security problems, http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html but I still don't see this update in ports. The vuXML entry: http://www.vuxml.org/freebsd/80771b89-f57b-11e2-bf21-b499baab0cbe.html Can we get it updated please? -- Jun Kuriyama kuriy...@freebsd.org // FreeBSD Project kuriy...@s2factory.co.jp // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/gnupg
2013/2/2 Jason Helfman j...@freebsd.org: [ ] STD_SOCKET Use standard socket for agent ... Agreed with all of stated above, and please use the documentation as well to see if it is noted there. Enabling the flag in the port adds --enable-standard-socket to the CONFIGURE arguments for the ports build process. http://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html --use-standard-socket--no-use-standard-socket By enabling this option gpg-agent will listen on the socket named S.gpg-agent, located in the home directory, and not create a random socket below a temporary directory. Tools connecting to gpg-agent should first try to connect to the socket given in environment variable GPG_AGENT_INFO and then fall back to this socket. This option may not be used if the home directory is mounted on a remote file system which does not support special files like fifos or sockets. Note, that --use-standard-socket is the default on Windows systems. The default may be changed at build time. It is possible to test at runtime whether the agent has been configured for use with the standard socket by issuing the command gpg-agent --use-standard-socket-p which returns success if the standard socket option has been enabled. I'd like to change description for STD_SOCKET option to summerize above if someone suggests better wordings. -- Jun Kuriyama kuriy...@freebsd.org // FreeBSD Project kuriy...@s2factory.co.jp // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Errors when building emulators/virtio-kmod into 9-CURRENT
2012/4/29 Vladislav V. Prodan univers...@ukr.net: I try to run in the production FreeBSD 9-CURRENT on the KVM. Virtio drivers to make more productive? Who is going to buildworld and I still can not provide the error logs when building emulators/virtio-kmod I only tested building this port on 8.[23] and 9.0 releases. But I try building on 9-stable as of today, I finish build without problem. I cannot any comments without error logs, sorry. -- Jun Kuriyama kuriy...@freebsd.org // FreeBSD Project kuriy...@s2factory.co.jp // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: databases/pglessog, databases/pg_rman problems after the last bsd.database.mk update
I've just committed a fix that solves your INDEX problem for now [1], but I'll still get kuriyama@ to use the new server:extract when it comes in. I don't have INDEX generate testing environment for now, so can you commit a fix? -- Jun Kuriyama kuriy...@freebsd.org // FreeBSD Project kuriy...@s2factory.co.jp // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/gnupg installing pth-2.0.7 causing problems
2009/11/9 David Southwell da...@vizion2000.net: 2009/11/8 David Southwell da...@vizion2000.net: What puzzles me is why the gnupg maintainer is so reluctant to provide alternative options to using pth when there are both system libraries and libpthread-stubs-0.1 available as an alternative. Dependencuy upon libpthread-stubs-0.1 enables gnupg to function without causing unnecessary problems. My understand is the pth was written for those systems which do not have alternative libraries for handling threads. My understanding is, stock gnupg dist depends on pth (even if described as optional). It seems using libpthread-stubs needs to modify configure script. Do you have a patch for this? -- Jun Kuriyama kuriy...@freebsd.org // FreeBSD Project kuriy...@s2factory.co.jp // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/gnupg installing pth-2.0.7 causing problems
2009/11/8 David Southwell da...@vizion2000.net: I dropped this task -- got too tied up elsewhere. Then some ports were updated and security/gnupg was rebuilt and the problem re-emerged. Can someone please amend the gnupg port so it does not install pth when system threads are available!!! pth is NOT compatible with system threads. Can you compile security/gnupg without devel/pth installed? -- Jun Kuriyama kuriy...@freebsd.org // FreeBSD Project kuriy...@s2factory.co.jp // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Call for Testers: misc/amanda-{server,client} 2.6.0p2
I'm finally find time to upgrade amanda suite to the latest version (2.6.0p2). This version have various changes since 2.5.x version, so I'd like to call for testers on other environment. Here is tarball for new ports: http://people.freebsd.org/~kuriyama/amanda-2.6.0p2-20080904.tgz If you find something (bug reports, suggestions), please include Cc: to me because I read it frequently. -- Jun Kuriyama [EMAIL PROTECTED] // FreeBSD Project [EMAIL PROTECTED] // S2 Factory, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [phing] Updated FreeBSD Phing Port
Hi, 2008/5/31 Brian A. Seklecki [EMAIL PROTECTED]: Normally I would say that this PR may be approaching the point where we override the maintainer -- the problem is that I haven't received any feedback from anyone other than my development team. I committed for devel/php5-phing port, but I received this port is broken. The reason is depending PEAR in post-extract stage. And installing files on extract stage is not our style. I try to fix this, but I don't know this installation can work for actual phing users. Can someone check this patch works well? -- Jun Kuriyama [EMAIL PROTECTED] // FreeBSD Project [EMAIL PROTECTED] // S2 Factory, Inc. Index: Makefile === RCS file: /home/ncvs/ports/devel/php5-phing/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- Makefile 16 Aug 2008 08:10:34 - 1.4 +++ Makefile 18 Aug 2008 05:46:17 - @@ -7,7 +7,7 @@ PORTNAME= phing PORTVERSION= 2.3.0 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= devel MASTER_SITES= http://pear.phing.info/get/ @@ -37,6 +37,7 @@ BuildLogger.php TaskContainer.php BuildEvent.php Task.php \ TaskAdapter.php Phing.php RuntimeConfigurable.php BuildListener.php \ Project.php UnknownElement.php BuildException.php Target.php \ + phing.php \ util/regexp/RegexpEngine.php util/regexp/Regexp.php \ util/regexp/PregEngine.php \ util/SourceFileScanner.php util/ExtendedFileStream.php \ @@ -214,23 +215,24 @@ input/InputHandler.php input/InputRequest.php \ input/MultipleChoiceInputRequest.php \ input/DefaultInputHandler.php input/PropertyFileInputHandler.php \ - input/YesNoInputRequest.php + input/YesNoInputRequest.php \ DOCS= EXAMPLES= src/HelloWorldTest.php src/HelloWorld.php build.xml SQLS= -SCRIPTFILES= +SCRIPTFILES= phing TESTS= post-extract: ${MV} ${WRKSRC}/example ${WRKSRC}/examples + +post-patch: + ${MKDIR} ${WRKSRC}/pear-bin ${SED} -e s|/opt/phing|${PREFIX}/lib/php/phing| \ -e s|@PHP-BIN@|${PREFIX}/bin/php| \ -e s|@PEAR-DIR@|${PREFIX}/share/pear| \ - ${WRKSRC}/bin/pear-phing ${WRKSRC}/bin/pear-phing.new - @${INSTALL_SCRIPT} ${WRKSRC}/bin/pear-phing.new ${PREFIX}/bin/phing - ${INSTALL_DATA} ${WRKSRC}/bin/phing.php ${PREFIX}/share/pear/phing.php - @${CHMOD} 755 ${PREFIX}/bin/phing + ${WRKSRC}/bin/pear-phing ${WRKSRC}/pear-phing + ${CP} ${WRKSRC}/bin/phing.php ${WRKSRC}/phing.php .include bsd.port.pre.mk .include ${PORTSDIR}/devel/pear/bsd.pear.mk ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [phing] Updated FreeBSD Phing Port
At Fri, 30 May 2008 17:11:35 -0400, Brian A. Seklecki wrote: Normally I would say that this PR may be approaching the point where we override the maintainer No problem from me. -- Jun Kuriyama [EMAIL PROTECTED] // S2 Factory, Inc. [EMAIL PROTECTED] // IMG SRC, Inc. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tramp-mode port
At Sun, 11 Nov 2007 10:24:30 -0500, Lowell Gilbert wrote: Are you planning to update the port for tramp.el? Aside from the fact that emacs20 support may be broken, it is a fairly minor set of changes. I would be happy to help create a patchset, if you would like. However, I have (so far) not been able to get the info files building properly. With the code freeze, I see no hurry to submitting something anyway. Thank you for your information. I'll update after the freeze! -- Jun Kuriyama [EMAIL PROTECTED] // FreeBSD Project ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mongolian localization to dsssl-docbook-modular port
At Fri, 25 May 2007 12:48:36 +0800, Ganbold wrote: Since ports tree is unfrozen, could you integrate my patch to ports tree? Here is the patch. Please let me know if there is something wrong with this patch. Thanks, committed! -- Jun Kuriyama [EMAIL PROTECTED] // S2 Factory, Inc. [EMAIL PROTECTED] // IMG SRC, Inc. [EMAIL PROTECTED] // FreeBSD Project ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mongolian localization to dsssl-docbook-modular port
At Wed, 09 May 2007 10:52:43 +0800, Ganbold wrote: Is it possible to include this kind of a patch in /usr/ports/textproc/dsssl-docbook-modular port? I sent my email to kuriyama@ san (dsssl-docbook-modular maintainer), but no response from him. Sorry. Of cource I can integrate your patch into our ports tree. -- Jun Kuriyama [EMAIL PROTECTED] // S2 Factory, Inc. [EMAIL PROTECTED] // IMG SRC, Inc. [EMAIL PROTECTED] // FreeBSD Project ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD Port: amanda-client-2.5.1p3,1
At Wed, 14 Feb 2007 08:54:47 -0600, Craig Boston wrote: It looks like the code in sendsize.c that generates the dump arguments was completely rewritten between p2 and p3, and a mistake was made (PARAM_DUMP_ESTIMATE used twice instead of PARAM_HONOR_NODUMP). A patch is attached that should fix it. We can add the patch to ports if necessary, but as the problem exists in upstream sources it should really be fixed there. I cannot say if the same problem exists in sendbackup. My dumps didn't make it that far :( Glancing through sendbackup-dump.c it looks like everything should be fine there (though I'm actually a little surprised that the -L patch still applies cleanly). I haven't run a backup with the fixed sendsize yet, however, so I guess we'll see. Craig [2 sendsize.patch text/x-diff; us-ascii (7bit)] --- client-src/sendsize.c.origWed Feb 14 08:47:15 2007 +++ client-src/sendsize.c Wed Feb 14 08:45:10 2007 @@ -1190,7 +1190,7 @@ # endif dumpkeys = vstralloc(level_str, PARAM_DUMP_ESTIMATE, - PARAM_DUMP_ESTIMATE, + PARAM_HONOR_NODUMP, s, f, NULL); # ifdef HAVE_DUMP_ESTIMATE Thank you for your investigation. I've committed your patch into our repository. -- Jun Kuriyama [EMAIL PROTECTED] // IMG SRC, Inc. [EMAIL PROTECTED] // FreeBSD Project ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: HEADS UP : security/gnupg will be upgraded to 2.0.1
At Mon, 11 Dec 2006 23:43:48 -0800, Doug Barton wrote: If this is your plan, it leads me to the next question, which is how are you going to handle the fact that GnuPG 2.x does not install a binary named gpg? Will you install a symlink if gnupg1 is not installed? And if so, will it CONFLICT with that port? If we are going to suggest to users that 2.x is the default, I think we need to provide support for those legacy(?) apps that think gnupg is spelled gpg. Yes, that's my difficult decision in this upgrade. I understand you care about existing users not to violate POLA, but I basically choose this way for new users. :-( If gpg binary consumer is ports-installed one and have explicit dependency on its Makefile, portupgrade -R gnupg will install security/gnupg *AND* security/gnupg1. But if is is not from ports, just only users from command line or have implicit dependency (like mail/mailcrypt which I'm using), only gpg2 binary is exist after portupgrade. I have no clue about last problem for now (only pkg-message or UPDATING). This maybe critical for casual portupgrade users. we should be insanely grateful for more than 8 years of his impeccable gnupg maintainership. Having spent a non-zero amount of time working on a gnupg2 port for my own use, not to mention the updates of the related ports to get 2.x to build, I agree with you that we should be appreciative of Jun's efforts, and I hope that he understands that nothing I've said is intended in any way to be critical of him or his work. I appreciate Doug's work of course. This thread is just which option we choose from possible ways. And mainly caused my lack of explanation. -- Jun Kuriyama [EMAIL PROTECTED] // IMG SRC, Inc. [EMAIL PROTECTED] // FreeBSD Project ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: HEADS UP : security/gnupg will be upgraded to 2.0.1
At Tue, 12 Dec 2006 12:28:21 -0800, Doug Barton wrote: I have no clue about last problem for now (only pkg-message or UPDATING). This maybe critical for casual portupgrade users. Err... I wonder... How about repo-copying (or rather, repo-moving) the current security/gnupg to security/gnupg1, and creating a new security/gnupg meta-port with runtime dependencies on *both* gnupg1 and gnupg2? In my mind this is overkill, since the gpg2 binary provides exactly the same functionality as the gpg binary. I don't see any reason to install them both. What might make sense is for the gnupg 2.x port to install a gpg symlink to gpg2. I've done that on my own system for convenience sake. That will get hairy if the user tries to install gnupg 1.x though. Both gnupg ports will need logic to handle what to do with the symlink if the other port is installed. Seems fine. Like this? -- Jun Kuriyama [EMAIL PROTECTED] // IMG SRC, Inc. [EMAIL PROTECTED] // FreeBSD Project gnupg.diff Description: Binary data ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: HEADS UP : security/gnupg will be upgraded to 2.0.1
At Mon, 11 Dec 2006 10:15:59 -0800, Doug Barton wrote: Thanks for letting us know what you're plans are. I think you know what I'm going to say next. ;) As I suggested when I wrote to you in private e-mail some time ago, I think it would be more in line with the plans that the developers have for GnuPG 2.x to keep the existing gnupg port dedicated to the 1.x branch, and repo copy gnupg-devel to gnupg2. Quoting from the README for 2.x: GnuPG 2.0 is the stable version of GnuPG integrating support for OpenPGP and S/MIME. It does not conflict with an installed 1.4 OpenPGP-only version. Note that there is no binary gpg but a gpg2 so that this package won't conflict with a GnuPG 1.4 installation. gpg2 behaves just like gpg. GNUPG 1.4 AND GNUPG 2.0 === GnuPG 2.0 is a newer version of GnuPG with additional support for S/MIME. It has a different design philosophy that splits functionality up into several modules. Both versions may be installed simultaneously without any conflict (gpg is called gpg2 in GnuPG 2). In fact, the gpg version from GnuPG 1.4 is able to make use of the gpg-agent as included in GnuPG 2 and allows for seamless passphrase caching. The advantage of GnuPG 1.4 is its smaller size and no dependency on other modules at run and build time. /quote Further, in discussion on the gnupg-users list the developers have clearly stated that they will continue working on at least the 1.4.x branch of GnuPG for the foreseeable future. Therefore I think it would be more in line with the development goals for the GnuPG project, and less confusing for new users coming to FreeBSD from other platforms, to adopt the naming scheme that I proposed, although not necessarily the exact patches I sent you to implement it. If you choose not to go that direction, I would be interested in hearing your reasoning. At first, thank you for your helping to upgrade our gnupg world to 2.0.x. And sorry I cannot explain as you can feel reasonable. I just think security/gnupg should be used as what you should choose for GnuPG. If new ports user wants to install GnuPG, I hope there is security/gnupg as recommended stable version. I understand GnuPG developers think 1.4.x will be kept, but I think dependents will migrate to use modularized 2.0.x line. Though development is continue, Number of API consumer of 1.4.x line will be getting smaller. So, for 1 or 2 years later, I think existance of good stable security/gnupg and historical security/gnupg1 will be less confusing (IMHO). GnuPG development will continue. So there will be GnuPG 3.x line. Above approach can be adopted. Anyway, this way maybe old-porters thinking. I liked to use category/portname directory name (without version number). Using version number in ports directory is very exceptional event for keeping old ports (like emacs, emacs19, emacs20). I thought this is the way to indicate what you should choose for port users. But, there are port directories with version number than past. I can change my mind if it is suitable recently. -- Jun Kuriyama [EMAIL PROTECTED] // IMG SRC, Inc. [EMAIL PROTECTED] // FreeBSD Project ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: $snmpd_flush_cache for Net-SNMP ports/net-mgmt/net-snmp/files/snmpd.sh.in
At Fri, 03 Nov 2006 23:18:11 -0500, Brian A. Seklecki wrote: FYI to SNMP hackers. Objections to this patch? No problem from me. I'm preparing for 5.3.1 upgrade in my local. This will bump shlib version, so I'll do it after 6.2R with your patch. -- Jun Kuriyama [EMAIL PROTECTED] // IMG SRC, Inc. [EMAIL PROTECTED] // FreeBSD Project ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to [EMAIL PROTECTED]