Doing 'make -C security/opencryptoki stage' as a regular user (who is not in the _pkcs11 group), results in the following error: . . test -f /usr/ports/security/opencryptoki/work/stage/usr/local/etc/opencryptoki/p11sak_defined_attrs.conf.sample || /usr/bin/install -c -g _pkcs11 -m 0640 ./usr/sbin/p11sak/p11sak_defined_attrs.conf /usr/ports/security/opencryptoki/work/stage/usr/local/etc/opencryptoki/p11sak_defined_attrs.conf.sample || true install: /usr/ports/security/opencryptoki/work/stage/usr/local/etc/opencryptoki/p11sak_defined_attrs.conf.sample: chown/chgrp: Operation not permitted . . The build does not fail at that point because the actual command in the opencryptoki-3.19.0/Makefile has "|| true". It's not clear why the '|| true' is there, but it is caught later when 'make install' runs: ===> Registering installation for opencryptoki-3.19.0 as automatic pkg-static: Unable to access file /usr/ports/security/opencryptoki/work/stage/usr/local/etc/opencryptoki/p11sak_defined_attrs.conf.sample:No such file or directory pkg-static: Fail to apply keyword 'sample' *** Error code 1 This happened with the update to 3.19.0 (ports e83df13905e945f1b776a84ff8abfeda29f04743) which added the -g _pkcs11 to the install line in the Makefile. That is not necessary since the sample entry for p11sak_defined_attrs.conf specifies the group ownership in pkg-plist (and will be set correctly when the package is installed).
Created attachment 240123 [details] [patch] fix 'make stage' permission failure Simple fix to remove the '-g ' option. Just let the @sample() parameters in pkg-plist set the group permissions. No need to bump PORTREVISION as this will not change a package that was built as root instead of a regular user.
*** Bug 270028 has been marked as a duplicate of this bug. ***
Comment on attachment 240123 [details] [patch] fix 'make stage' permission failure maintainer timeout
Thank you for your submission. Will commit shortly.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=6714a2486ac92293aeed04f5cdac6ac546da0497 commit 6714a2486ac92293aeed04f5cdac6ac546da0497 Author: John Hein <jcfyecrayz@liamekaens.com> AuthorDate: 2023-04-19 16:09:44 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-04-20 11:49:23 +0000 security/opencryptoki: fix build as non-root Simple fix to remove the '-g ' option. Just let the @sample() parameters in pkg-plist set the group permissions. Approved by: hrs (maintainer timeout) MFH: 2023Q2 PR: 269524 security/opencryptoki/files/patch-Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch 2023Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=6bf7787c8837b93096cc92cb049a8cf1b87898ce commit 6bf7787c8837b93096cc92cb049a8cf1b87898ce Author: John Hein <jcfyecrayz@liamekaens.com> AuthorDate: 2023-04-19 16:09:44 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-04-20 13:36:52 +0000 security/opencryptoki: fix build as non-root Simple fix to remove the '-g ' option. Just let the @sample() parameters in pkg-plist set the group permissions. Approved by: hrs (maintainer timeout) MFH: 2023Q2 PR: 269524 (cherry picked from commit 6714a2486ac92293aeed04f5cdac6ac546da0497) security/opencryptoki/files/patch-Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Thank you for your contribution.