Please update sysutils/ipa port to version 2.0. From ipa-2.0 HISTORY file: * First release of Pluggable Accounting System, which supports static and dynamic rules; limits, sublimits and thresholds; external accounting, database and statistics modules and many more. New in port: * Short and long descriptions were changed. * Using bzip2 and configure. * Using OPTIONS for configuring. * rcNG ipa.sh file is provided, also traditional ipa.sh.sample script is provided, which honors PREFIX (which file to install can be configured). * files/path-aa was removed, not needed any more, since configure script is used. * pkg-plist was removed, now PLIST_FILES is used. * Now it is allowed to make package of ipa. If committer has questions about some decisions in rcNG ipa.sh script, then please speak with me before committing changes.
Responsible Changed From-To: freebsd-ports-bugs->ehaupt Take.
Hi Simon Could you maybe rework sysutils/ipa to use pkg-plist? That much 'pkg-plist'-magic is a bit overkill for the Makefile. Thanks in advance, Emanuel -- GnuPG key id: 0x55E67774 Download: http://pgp.mit.edu:11371 Key fingerprint: 17B3 FD8F BA68 4AB4 10FD A9D1 AD52 6588 55E6 7774
State Changed From-To: open->feedback Awaiting maintainer feedback.
On Thu, Dec 08, 2005 at 03:43:25PM +0100, Emanuel Haupt wrote: > Synopsis: Update port: sysutils/ipa 1.3.6 -> 2.0 > > State-Changed-From-To: open->feedback > State-Changed-By: ehaupt > State-Changed-When: Thu Dec 8 15:43:25 CET 2005 > State-Changed-Why: > Awaiting maintainer feedback. > There are following static lines in pkg-plist: bin/ipa bin/ipactl bin/ipastat include/ipa_mod.h. IPA distribution has own classic .sh script for starting ipa, which is generated as ipa.sh.sample. sysutils/ipa port has rcNG script ipa.sh. I added option to choose installation of classic ipa.sh.sample script or rcNG ipa.sh script. Classic ipa.sh.sample can be used on systems, where rcNG system does not exist and one does not want to install sysutils/rc_subr. There is only one complex line in Makefile PLIST_FILES+='@unexec ...', which is added to pkg-plist only if ipa.sh.sample is installed, to allow during port deinstallation to remove rc.d/ipa.sh, which is usually a copy of rc.d/ipa.sh.sample. So I have questions: 1. Is it better to remove the ability to install ipa.sh.sample and force an user to use rcNG script (and sysutils/rc_subr port on < 5.x systems)? 2. Is it better to have the ability to install ipa.sh.sample and to not remove rc.d/ipa.sh script during deinstallation of port (remove PLIST_FILES+='@unexec...' line)? 3. Create much more complex @unexec in pkg-plist, which will check rc.d/ipa.sh.sample and will determine if it is necessary to remove rc.d/ipa.sh. 4. Leave everything as is.
State Changed From-To: feedback->open Feedback received.
Unless ipa.sh.sample has more functionality than just start/stop/reload (eg. like apache's 'apachectl') you might want to install it in ${PREFIX}/sbin. I wouldn't make the installation of the rcNG script optional, its common practice. Please move the 'plist-magic' to pkg-plist, it's way too complex for Makefile.
State Changed From-To: open->feedback Waiting for new shell archive
On Thu, Dec 22, 2005 at 07:26:14PM +0100, Emanuel Haupt wrote: > > Unless ipa.sh.sample has more functionality than just start/stop/reload > (eg. like apache's 'apachectl') you might want to install it in > ${PREFIX}/sbin. I wouldn't make the installation of the rcNG script > optional, its common practice. Please move the 'plist-magic' to > pkg-plist, it's way too complex for Makefile. > Well, I understood. Can I use PLIST_FILES, instead of pkg-plist? I need to install only 4 files and there will not be any plist-magic, since only rcNG script will be installed. According to Porter's Handbook this is better.
> > Unless ipa.sh.sample has more functionality than just > > start/stop/reload (eg. like apache's 'apachectl') you might want to > > install it in ${PREFIX}/sbin. I wouldn't make the installation of > > the rcNG script optional, its common practice. Please move the > > 'plist-magic' to pkg-plist, it's way too complex for Makefile. > > > > Well, I understood. > > Can I use PLIST_FILES, instead of pkg-plist? I need to install only > 4 files and there will not be any plist-magic, since only rcNG script > will be installed. According to Porter's Handbook this is better. If it's not exceeding 80 characters, yes, else don't hesitate putting it in pkg-plist, since it already exists. Thanks, Emanuel -- GnuPG key id: 0x55E67774 Download: http://pgp.mit.edu:11371 Key fingerprint: 17B3 FD8F BA68 4AB4 10FD A9D1 AD52 6588 55E6 7774
On Fri, Dec 23, 2005 at 02:28:30PM +0100, Emanuel Haupt wrote: > > If it's not exceeding 80 characters, yes, else don't hesitate putting it > in pkg-plist, since it already exists. diff -ruN ipa.orig/Makefile ipa/Makefile --- ipa.orig/Makefile Tue Nov 8 21:29:01 2005 +++ ipa/Makefile Fri Dec 23 16:22:32 2005 @@ -6,7 +6,7 @@ # PORTNAME= ipa -PORTVERSION= 1.3.6 +PORTVERSION= 2.0 CATEGORIES= sysutils MASTER_SITES= http://ipa-system.sourceforge.net/ \ http://www.mirrors.wiretapped.net/security/network-monitoring/ipa/ \ @@ -14,57 +14,77 @@ http://ipa.it-ss.be/ MAINTAINER= simon@comsys.ntu-kpi.kiev.ua -COMMENT= IP accounting software +COMMENT= Pluggable accounting system -NO_PACKAGE= "Needs to be built uniquely for each host" -ALL_TARGET= -.ifdef(NOPORTDOCS) -MAKE_ENV= NOPORTDOCS="${NOPORTDOCS}" -.endif +USE_BZIP2= yes +GNU_CONFIGURE= yes +USE_RC_SUBR= yes + +OPTIONS= AUTORULES "Enable dynamic rules support" on \ + RULES "Enable static rules support" on \ + LIMITS "Enable limits support" on \ + SUBLIMITS "Enable sublimits support" on \ + THRESHOLDS "Enable thresholds support" on \ + CTL_CREDS "Enable ipactl's messages credentials" on \ + MEMFUNC_DEBUG "Enable ipa_memfunc debugging" off \ + DEBUG_INFO "Produce debugging information" off \ + MAN_KOI8_R "Install Russian manual pages" off -.ifdef WITH_PF -PF_INCLUDE_DIR?= /usr/include/net -MAKE_ARGS+= PF_INCLUDE_DIR=${PF_INCLUDE_DIR} -.endif +.include <bsd.port.pre.mk> -MAN5= ipa.5 ipa.conf.5 -MAN8= ipa.8 ipastat.8 -MANLANG= "" ru_RU.KOI8-R +.ifdef WITHOUT_AUTORULES +CONFIGURE_ARGS+= --disable-autorules +.endif -.include <bsd.port.pre.mk> +.ifdef WITHOUT_RULES +CONFIGURE_ARGS+= --disable-rules +.endif -.if ${OSVERSION} >= 600000 -MAKE_ARGS+= -DWITHOUT_IPFIL -WITHOUT_IPFIL= yes +.ifdef WITHOUT_LIMITS +CONFIGURE_ARGS+= --disable-limits .endif -.if ${OSVERSION} >= 600000 -MAKE_ARGS+= -DIPFW2 -IPFW2= yes +.ifdef WITHOUT_SUBLIMITS +CONFIGURE_ARGS+= --disable-sublimits .endif -pre-everything:: - @${ECHO_MSG} "-------------------------------------------------------------------" -.if !defined(WITHOUT_IPFW) - @${ECHO_MSG} "o You can remove IPv4 Firewall support by defining WITHOUT_IPFW" +.ifdef WITHOUT_THRESHOLDS +CONFIGURE_ARGS+= --disable-thresholds .endif -.if !defined(WITHOUT_IP6FW) && ${OSVERSION} >= 420001 - @${ECHO_MSG} "o You can remove IPv6 Firewall support by defining WITHOUT_IP6FW" + +.ifdef WITHOUT_CTL_CREDS +CONFIGURE_ARGS+= --disable-ctl-creds .endif -.if !defined(WITHOUT_IPFIL) - @${ECHO_MSG} "o You can remove IP Filter support by defining WITHOUT_IPFIL" + +.ifdef WITH_MEMFUNC_DEBUG +CONFIGURE_ARGS+= --enable-memfunc-debug .endif -.if !defined(WITHOUT_IP6FW) && !defined(WITH_IP6FW) && ${OSVERSION} >= 400000 && ${OSVERSION} < 420001 - @${ECHO_MSG} "o You can add IPv6 Firewall support by defining WITH_IP6FW," - @${ECHO_MSG} " this support will be probably broken on your system (see the" - @${ECHO_MSG} " ${WRKSRC}/INSTALL file for more information)" + +.ifdef WITH_DEBUG_INFO +STRIP= # empty +CFLAGS+= -g .endif -.if !defined(IPFW2) && !defined(WITHOUT_IPFW) && ${OSVERSION} >= 460100 && ${OSVERSION} < 500038 - @${ECHO_MSG} "o You can add IPFW2 support by defining IPFW2" + +MAN3= ipa_mod.3 +MAN5= ipa.conf.5 ipastat.conf.5 +MAN8= ipa.8 ipactl.8 ipastat.8 +MANLANG= "" +.ifdef WITH_MAN_KOI8_R +MANLANG+= ru.KOI8-R .endif -.if ${OSVERSION} >= 500000 && !defined(WITH_PF) - @${ECHO_MSG} "o You can add OpenBSD Packet Filter support by defining WITH_PF" + +RC_SCRIPT_SUB= PREFIX=${PREFIX} RC_SUBR=${RC_SUBR} + +post-build: + @${SED} ${RC_SCRIPT_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ + ${FILESDIR}/ipa.sh > ${WRKSRC}/ipa.sh + +do-install: + cd ${WRKSRC}/src && make install + cd ${WRKSRC}/man && make install-am + ${INSTALL_SCRIPT} ${WRKSRC}/ipa.sh ${PREFIX}/etc/rc.d +.ifdef WITH_MAN_KOI8_R + cd ${WRKSRC}/man/ru.KOI8-R && make install .endif - @${ECHO_MSG} "-------------------------------------------------------------------" .include <bsd.port.post.mk> diff -ruN ipa.orig/distinfo ipa/distinfo --- ipa.orig/distinfo Wed Oct 19 15:44:10 2005 +++ ipa/distinfo Fri Dec 23 16:18:25 2005 @@ -1,2 +1,3 @@ -MD5 (ipa-1.3.6.tar.gz) = 292479df20497a12b48e8b458004d763 -SIZE (ipa-1.3.6.tar.gz) = 137156 +MD5 (ipa-2.0.tar.bz2) = 3031b5c837ad059c7401e5d18726c9d9 +SHA256 (ipa-2.0.tar.bz2) = 48b97af965b995f33fb9b331e4690ad02691ec458607c59bb7bfee689f2a0046 +SIZE (ipa-2.0.tar.bz2) = 281507 diff -ruN ipa.orig/files/ipa.sh ipa/files/ipa.sh --- ipa.orig/files/ipa.sh Thu Jan 1 03:00:00 1970 +++ ipa/files/ipa.sh Fri Dec 23 16:18:25 2005 @@ -0,0 +1,32 @@ +#!/bin/sh +# +# $FreeBSD:$ +# + +# If some IPA module requires some services, then they should +# be specified after the REQUIRE, by default REQUIRE is empty, +# since ipa itself does not require anything for running. + +# PROVIDE: ipa +# REQUIRE: +# BEFORE: LOGIN + +# Following line can enable ipa (see rc.subr(8) for information +# where to write it): +# +# ipa_enable (boolean) Set to "YES" to enable ipa +# (default is "NO") + +. %%RC_SUBR%% + +name=ipa +rcvar=`set_rcvar` + +command="%%PREFIX%%/bin/ipa" + +load_rc_config $name + +ipa_enable=${ipa_enable:-"NO"} + +extra_commands="reload" +run_rc_command "$1" diff -ruN ipa.orig/files/patch-aa ipa/files/patch-aa --- ipa.orig/files/patch-aa Wed Oct 19 15:44:10 2005 +++ ipa/files/patch-aa Thu Jan 1 03:00:00 1970 @@ -1,37 +0,0 @@ ---- Makefile.orig Fri Jun 27 11:20:49 2003 -+++ Makefile Fri Jun 27 11:23:09 2003 -@@ -38,7 +38,7 @@ - # -Ox - optimize; - # -g - produce debugging information. - # --CFLAGS= -Wall -O1 -g -+#CFLAGS= -Wall -O1 -g - - # - # PREFIX - prefix for all below listed paths -@@ -81,10 +81,10 @@ - # - # INSTALL_* variables - # --INSTALL_MAN= ${INSTALL} -c -g wheel -o root -m 0444 --INSTALL_DATA= ${INSTALL} -c -g wheel -o root -m 0444 --INSTALL_PROGRAM= ${INSTALL} -c -g wheel -o root -m 0555 --INSTALL_SCRIPT= ${INSTALL} -c -g wheel -o root -m 0500 -+INSTALL_MAN= ${BSD_INSTALL_MAN} -+INSTALL_DATA= ${BSD_INSTALL_DATA} -+INSTALL_PROGRAM= ${BSD_INSTALL_PROGRAM} -+INSTALL_SCRIPT= ${BSD_INSTALL_SCRIPT} - INSTALL_MAN_DIR= ${INSTALL} -d -m 0555 -g wheel -o root - INSTALL_DATA_DIR= ${INSTALL} -d -m 0555 -g wheel -o root - -@@ -225,8 +225,10 @@ - .endif - ${INSTALL_MAN} man/ru_RU.KOI8-R/ipa.5 man/ru_RU.KOI8-R/ipa.conf.5 ${DST_MAN_DIR}/ru_RU.KOI8-R/man5 - ${INSTALL_MAN} man/ru_RU.KOI8-R/ipa.8 man/ru_RU.KOI8-R/ipastat.8 ${DST_MAN_DIR}/ru_RU.KOI8-R/man8 -+.if !defined(NOPORTDOCS) - ${INSTALL_DATA_DIR} ${DST_EXAMPLE_DIR} - ${INSTALL_DATA} examples/* ${DST_EXAMPLE_DIR} -+.endif - .if exists(${DST_RC_DIR}) - ${INSTALL_SCRIPT} etc/ipa.sh.sample ${DST_RC_DIR} - .else diff -ruN ipa.orig/pkg-descr ipa/pkg-descr --- ipa.orig/pkg-descr Wed Oct 19 15:44:10 2005 +++ ipa/pkg-descr Fri Dec 23 16:18:25 2005 @@ -1,12 +1,14 @@ -ipa(8) allows to make IP accounting (network accounting) based on -FreeBSD IPv4/v6 Firewall (including IPFW2), OpenBSD Packet Filter and -IP Filter accounting rules on FreeBSD, NetBSD and OpenBSD. +IPA -- Pluggable Accounting System -It supports limits for accounting rules and limits events as "limit is -reached", "reached limit is expired", etc. It understands time intervals -like "end of day", "end of week", "end of month", etc. +Main features: -ipastat(8) is a viewer for IP accounting database made by ipa(8). +- flexible general purpose accounting system; +- supports static and dynamic rules; +- supports limits, sublimits and thresholds; +- works with external accounting modules; +- works with external database modules; +- works with external statistics modules; +- accounting per specified period of a week. WWW: http://ipa-system.sourceforge.net/ diff -ruN ipa.orig/pkg-plist ipa/pkg-plist --- ipa.orig/pkg-plist Wed Oct 19 15:44:10 2005 +++ ipa/pkg-plist Fri Dec 23 16:25:40 2005 @@ -1,13 +1,5 @@ bin/ipa +bin/ipactl bin/ipastat -etc/ipa.conf.default -@unexec if [ -f %D/etc/rc.d/ipa.sh ]; then cmp -s %D/etc/rc.d/ipa.sh.sample %D/etc/rc.d/ipa.sh && rm -f %D/etc/rc.d/ipa.sh || echo "If you are permanently removing this port, you should do a ``rm ${PKG_PREFIX}/etc/rc.d/ipa.sh`` to remove startup files left." | fmt ; fi -etc/rc.d/ipa.sh.sample -%%PORTDOCS%%share/examples/ipa/README -%%PORTDOCS%%share/examples/ipa/example-1 -%%PORTDOCS%%share/examples/ipa/example-2 -%%PORTDOCS%%@dirrm share/examples/ipa -@unexec if [ ! -L %D/man/ru_RU.KOI8-R ]; then rmdir %D/man/ru_RU.KOI8-R/man8 %D/man/ru_RU.KOI8-R/man5 %D/man/ru_RU.KOI8-R 2>/dev/null || true ; fi -@unexec if [ ! -L %D/man/ru_SU.KOI8-R ]; then rmdir %D/man/ru_SU.KOI8-R/man8 %D/man/ru_SU.KOI8-R/man5 %D/man/ru_SU.KOI8-R 2>/dev/null || true ; fi -@unexec if [ -L %D/man/ru_RU.KOI8-R -a ! -d %D/man/ru_SU.KOI8-R ]; then rm %D/man/ru_RU.KOI8-R 2>/dev/null || true ; fi -@unexec if [ -L %D/man/ru_SU.KOI8-R -a ! -d %D/man/ru_RU.KOI8-R ]; then rm %D/man/ru_SU.KOI8-R 2>/dev/null || true ; fi +etc/rc.d/ipa.sh +include/ipa_mod.h
State Changed From-To: open->closed Committed, thanks!