mail/popa3d needs an empty directory for secure processing. As from approx 4.6-stable, FreeBSD provides secured /var/empty, which can be used for these purposes. How-To-Repeat: cd /usr/ports/mail/popa3d make install Notice of /usr/local/empty
Responsible Changed From-To: freebsd-ports->dinoex over to maintainer
Hi! Is it really good solution to use /var for port software? Why we can't use /usr/local/var for that ? -- Kirill Never tell them what you wouldn't do.
On Mon, 6 Jan 2003, Kirill Ponomarew wrote: KP> Is it really good solution to use /var for port software? Why we can't KP> use /usr/local/var for that ? Hmm, I just suposed that since we already have guarranteed empty and protected by schg flag directory in the base system every port which is needed for such directory would (if not should) choose it for its needs... Surely, I can be wrong... So here is the PR ;-) Sincerely, D.Marck [DM5020, DM268-RIPE, DM3-RIPN] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------
Hi Dmitry! On Tue, Jan 07, 2003 at 01:45:05AM +0300, Dmitry Morozovsky wrote: > Hmm, I just suposed that since we already have guarranteed empty and protected > by schg flag directory in the base system every port which is needed for such > directory would (if not should) choose it for its needs... Does popa3d leave this directory also empty like sshd for UsePrivilegeSeparation ? -- Kirill Everbody wants a pain shot at the same time.
On Tue, 7 Jan 2003, Kirill Ponomarew wrote: KP> > Hmm, I just suposed that since we already have guarranteed empty and protected KP> > by schg flag directory in the base system every port which is needed for such KP> > directory would (if not should) choose it for its needs... KP> KP> Does popa3d leave this directory also empty like sshd for KP> UsePrivilegeSeparation ? As far as I'd have experience with popa3d, yes. However, S0lar is the authoritative source ;-) So, I'd CC: this maik to him. Sincerely, D.Marck [DM5020, DM268-RIPE, DM3-RIPN] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------
On Tue, Jan 07, 2003 at 02:43:43AM +0300, Dmitry Morozovsky wrote: > On Tue, 7 Jan 2003, Kirill Ponomarew wrote: > > KP> > Hmm, I just suposed that since we already have guarranteed empty and protected > KP> > by schg flag directory in the base system every port which is needed for such > KP> > directory would (if not should) choose it for its needs... > KP> > KP> Does popa3d leave this directory also empty like sshd for > KP> UsePrivilegeSeparation ? > > As far as I'd have experience with popa3d, yes. However, S0lar is the > authoritative source ;-) So, I'd CC: this maik to him. Of course popa3d can safely co-exist with OpenSSH using a common /var/empty directory. In fact, /var/empty was first added into OpenBSD for popa3d, not for sshd (privsep wasn't there at the time). P.S. If my old e-mail address (solar@false.com) is still listed in some place (the FreeBSD package?), it should be replaced with one I have more control of, solar@openwall.com. -- /sd
State Changed From-To: open->closed I commited a diffrent patch, to keep the port working for older Releases. Thanks.