The net/proxychains port during installation overwrites configuration in ${PREFIX}/etc/proxychains.conf. The following change modifies configuration file name to proxychains.conf.sample.
Maintainer of net/proxychains, Please note that PR ports/171638 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/171638 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
On Fri, Sep 14, 2012 at 09:20:18AM +0000, Edwin Groothuis wrote: > Maintainer of net/proxychains, > > Please note that PR ports/171638 has just been submitted. > > If it contains a patch for an upgrade, an enhancement or a bug fix > you agree on, reply to this email stating that you approve the patch > and a committer will take care of it. > > The full text of the PR can be found at: > http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/171638 Hi, I'm sorry, I no longer have time to maintain this port. But anyway, after reviewing the patch, it seems ok to me. :-) Thanks for your effort, - patrick
Responsible Changed From-To: freebsd-ports-bugs->ak I'll take it.
Hi Patrick, what do you think about the next patch? p.s. As I understood, I can reset MAINTAINER to ports@? Unless of course Andrey wants to take it. -- Alex
On Sat, Sep 15, 2012 at 03:56:44PM +0300, Alex Kozlov wrote: > Hi > > Patrick, what do you think about the next patch? Hi, To be honest, it's been a while ago I didn't use FreeBSD nor ports framework (lack of time, etc.). Patch seemed ok to me. > p.s. As I understood, I can reset MAINTAINER to ports@? > Unless of course Andrey wants to take it. You're free to go ! Thanks, - patrick > Index: ports/net/proxychains/Makefile > @@ -1,27 +1,29 @@ > -# New ports collection makefile for: proxychains > -# Date created: 14 jui 2003 > -# Whom: Patrick MARIE <mycroft@virgaria.org> > # $FreeBSD: ports/net/proxychains/Makefile,v 1.7 2009/08/22 00:31:39 amdmi3 Exp $ > > PORTNAME= proxychains > PORTVERSION= 3.1 > +PORTREVISION= 1 > CATEGORIES= net > MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/version%20${PORTVERSION} > > -MAINTAINER= mycroft@virgaria.org > +MAINTAINER= ports@FreeBSD.org > COMMENT= Redirect connection through proxy servers > > GNU_CONFIGURE= yes > USE_GMAKE= yes > USE_LDCONFIG= yes > > -.include <bsd.port.pre.mk> > - > -.if ${OSVERSION} < 700017 > -EXTRA_PATCHES= ${PATCHDIR}/gethostbyaddr-proto-int > -.endif > +post-patch: > + @${REINPLACE_CMD} -e 's!$$(srcdir)/proxychains.conf!$$(srcdir)/proxychains.conf.sample!' \ > + ${WRKSRC}/proxychains/Makefile.in > + @${MV} ${WRKSRC}/proxychains/proxychains.conf \ > + ${WRKSRC}/proxychains/proxychains.conf.sample > > post-configure: > @${ECHO_CMD} '#define PREFIX "${PREFIX}"' >> ${WRKSRC}/config.h > > -.include <bsd.port.post.mk> > +post-install: > + @[ -f ${PREFIX}/etc/proxychains.conf ] || ${CP} ${PREFIX}/etc/proxychains.conf.sample \ > + ${PREFIX}/etc/proxychains.conf > + > +.include <bsd.port.mk> > Index: ports/net/proxychains/pkg-plist > @@ -1,6 +1,8 @@ > bin/proxychains > bin/proxyresolv > -etc/proxychains.conf > +@unexec if cmp -s %D/etc/proxychains.conf %D/etc/proxychains.conf.sample; then rm -f %D/etc/proxychains.conf; fi > +etc/proxychains.conf.sample > +@exec [ -f %D/etc/proxychains.conf ] || cp %D/etc/proxychains.conf.sample %D/etc/proxychains.conf > lib/libproxychains.so.3 > lib/libproxychains.so > lib/libproxychains.la -- Patrick MARIE <pm@mkz.me> Tel: +33.632.356.212 Web: http://monkeyz.eu/
On Sat, Sep 15, 2012 at 03:56:44PM +0300, Alex Kozlov wrote: > Hi > > Patrick, what do you think about the next patch? > > p.s. As I understood, I can reset MAINTAINER to ports@? > Unless of course Andrey wants to take it. ports@ in MAINTAINER will be enough. > +post-patch: > + @${REINPLACE_CMD} -e 's!$$(srcdir)/proxychains.conf!$$(srcdir)/proxychains.conf.sample!' \ > + ${WRKSRC}/proxychains/Makefile.in > + @${MV} ${WRKSRC}/proxychains/proxychains.conf \ > + ${WRKSRC}/proxychains/proxychains.conf.sample I did not use REINPLACE_CMD, since there is already patch for Makefile.in in the port. And it is enough to change only one place with proxychains.conf in it. > +post-install: > + @[ -f ${PREFIX}/etc/proxychains.conf ] || ${CP} ${PREFIX}/etc/proxychains.conf.sample \ > + ${PREFIX}/etc/proxychains.conf I do not know all rules of Ports Collection, but installing configuration file that will be used by network software by default seems is incorrect from the security point view. Just let a user to copy sample configuration and understand what is necessary to configure in the configuration file.
On Mon, Sep 17, 2012 at 02:25:07PM +0300, Andrey Simonenko wrote: > On Sat, Sep 15, 2012 at 03:56:44PM +0300, Alex Kozlov wrote: > > Patrick, what do you think about the next patch? > > > > p.s. As I understood, I can reset MAINTAINER to ports@? > > Unless of course Andrey wants to take it. > ports@ in MAINTAINER will be enough. > > > +post-patch: > > + @${REINPLACE_CMD} -e 's!$$(srcdir)/proxychains.conf!$$(srcdir)/proxychains.conf.sample!' \ > > + ${WRKSRC}/proxychains/Makefile.in > > + @${MV} ${WRKSRC}/proxychains/proxychains.conf \ > > + ${WRKSRC}/proxychains/proxychains.conf.sample > > I did not use REINPLACE_CMD, since there is already patch for Makefile.in > in the port. Good point, I addressed this in the new patch. > And it is enough to change only one place with proxychains.conf > in it. Can you elaborate? > > +post-install: > > + @[ -f ${PREFIX}/etc/proxychains.conf ] || ${CP} ${PREFIX}/etc/proxychains.conf.sample \ > > + ${PREFIX}/etc/proxychains.conf > I do not know all rules of Ports Collection, but installing configuration > file that will be used by network software by default seems is incorrect > from the security point view. Just let a user to copy sample configuration > and understand what is necessary to configure in the configuration file. I don't think this is an issue, because user need to edit rc.conf to start proxychains, also by default it only listens to 127.0.0.1 -- Alex
On Fri, Sep 28, 2012 at 12:48:50AM +0300, Alex Kozlov wrote: > On Mon, Sep 17, 2012 at 02:25:07PM +0300, Andrey Simonenko wrote: > > On Sat, Sep 15, 2012 at 03:56:44PM +0300, Alex Kozlov wrote: > > > Patrick, what do you think about the next patch? > > > > > > p.s. As I understood, I can reset MAINTAINER to ports@? > > > Unless of course Andrey wants to take it. > > ports@ in MAINTAINER will be enough. > > > > > +post-patch: > > > + @${REINPLACE_CMD} -e 's!$$(srcdir)/proxychains.conf!$$(srcdir)/proxychains.conf.sample!' \ > > > + ${WRKSRC}/proxychains/Makefile.in > > > + @${MV} ${WRKSRC}/proxychains/proxychains.conf \ > > > + ${WRKSRC}/proxychains/proxychains.conf.sample > > > > I did not use REINPLACE_CMD, since there is already patch for Makefile.in > > in the port. > Good point, I addressed this in the new patch. > > > And it is enough to change only one place with proxychains.conf > > in it. > Can you elaborate? Sometimes it is necessary to change several lines in some port's file (eg. Makefile.in) and if this file is actively modified by the developer, then it is necessary to modify the diff file for each port's update. I chose the diff file for that Makefile.in, since this diff file already exists and it is necessary for port's building and installation to change only one line in Makefile.in related to the proxychains.conf file. I just did not want to mix the diff file with the REINPLACE_CMD command, but your variant with just the REINPLACE_CMD command also will work. > > > +post-install: > > > + @[ -f ${PREFIX}/etc/proxychains.conf ] || ${CP} ${PREFIX}/etc/proxychains.conf.sample \ > > > + ${PREFIX}/etc/proxychains.conf > > I do not know all rules of Ports Collection, but installing configuration > > file that will be used by network software by default seems is incorrect > > from the security point view. Just let a user to copy sample configuration > > and understand what is necessary to configure in the configuration file. > I don't think this is an issue, because user need to edit rc.conf to start > proxychains, also by default it only listens to 127.0.0.1 There is another scenario. The proxychains.conf file is the same as proxychains.conf.sample, just because a user wants this. If a new version of the port will have another sample configuration, then during port updating current configuration will be replaced to another one. There is updated version of proxychains, made by another developers, and it has sample configuration file with another content.
Hi Apologies for the delay. It seems that I ether don't receive or overlook your followup. >> I don't think this is an issue, because user need to edit rc.conf to start >> proxychains, also by default it only listens to 127.0.0.1 > There is another scenario. The proxychains.conf file is the same as > proxychains.conf.sample, just because a user wants this. If a new version > of the port will have another sample configuration, then during port updating > current configuration will be replaced to another one. It's possible, but also possible that the new default configuration file would be acceptable for the user or that new version wouldn't work or work wrong with old configuration file (in case if it installation/removal wouldn't be implemented). Any of those situations are possible, but they all lie outside of ports framework scope. It's responsibility of user to maintain and check configuration files. Though, in the case of major incompatible changes warning is typically added to ports/UPDATING or even port's Makefile itself. > There is updated version of proxychains, made by another developers, > and it has sample configuration file with another content. -- Alex
On Tue, Oct 16, 2012 at 12:15:26AM +0300, Alex Kozlov wrote: > Hi > > Apologies for the delay. It seems that I ether don't receive or overlook your > followup. > > >> I don't think this is an issue, because user need to edit rc.conf to start > >> proxychains, also by default it only listens to 127.0.0.1 > > There is another scenario. The proxychains.conf file is the same as > > proxychains.conf.sample, just because a user wants this. If a new version > > of the port will have another sample configuration, then during port updating > > current configuration will be replaced to another one. > It's possible, but also possible that the new default configuration file > would be acceptable for the user or that new version wouldn't work or work > wrong with old configuration file (in case if it installation/removal wouldn't > be implemented). Any of those situations are possible, but they all lie > outside of ports framework scope. It's responsibility of user to maintain and > check configuration files. Though, in the case of major incompatible changes > warning is typically added to ports/UPDATING or even port's Makefile itself. Other ports follow the same logic. I think proxychains port should be updated.
State Changed From-To: feedback->closed Committed. Thanks!