FreeBSD Bugzilla – Attachment 144298 Details for
Bug 181507
[stage][PATCH] security/pks: fix autostart
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
STAGIFY and tweak startup files for pks
pks.diff (text/plain), 9.89 KB, created by
G. Todd
on 2014-06-30 19:56:02 UTC
(
hide
)
Description:
STAGIFY and tweak startup files for pks
Filename:
MIME Type:
Creator:
G. Todd
Created:
2014-06-30 19:56:02 UTC
Size:
9.89 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 359907) >+++ Makefile (working copy) >@@ -11,37 +11,43 @@ > MAINTAINER= gtodd@bellanet.org > COMMENT= PGP Public Key Server > >-USE_BDB= 41 # 42 would be ok >-WRKSRC= ${WRKDIR}/${PORTNAME} >+LICENSE= BSD >+LICENSE_FILE= ${WRKSRC}/LICENSE > >-NO_STAGE= yes >-.include <bsd.port.pre.mk> >+WRKSRC= ${WRKDIR}/${PORTNAME} > >+USE_BDB= 41 >+USE_GCC= any >+ >+OPTIONS_DEFINE= DOCS >+PORTDOCS= pks_help.* README EMAIL > GNU_CONFIGURE= yes > USE_AUTOTOOLS= autoconf > CONFIGURE_ARGS= --datadir=${PREFIX}/share/pks --localstatedir=/var/pks \ >- --sysconfdir=${EXAMPLESDIR} \ >+ --docdir=${PREFIX}/share/doc/pks --sysconfdir=${EXAMPLESDIR} \ > --libdir=${LOCALBASE}/lib --with-libwrap > MAKE_ENV+= SUBDIRS= > LDFLAGS+= -L${LOCALBASE}/lib > CONFIGURE_ENV= DBLIB="-L${BDB_LIB_DIR} -l${BDB_LIB_NAME}" DBINC=-I${BDB_INCLUDE_DIR} DBHDR=db.h > >+ >+SUB_FILES= pkg-message >+PKGMESSAGE= ${WRKDIR}/pkg-message >+ > USE_RC_SUBR= pksd >-MAN5= pksd.conf.5 >-MAN8= pks-intro.8 pksclient.8 pksd.8 pksdctl.8 pks-mail.sh.8 \ >- pks-queue-run.sh.8 pgpsplit.8 > >-SUB_FILES= pkg-message pkg-deinstall >+.include <bsd.port.options.mk> > >+post-extract: >+ @${CP} -a ${FILESDIR}/EMAIL ${WRKSRC} >+ > post-install: >- ${INSTALL_DATA} ${WRKSRC}/pksd.conf ${PREFIX}/etc/pksd.conf.sample >-.if !defined(NOPORTDOCS) >- ${MKDIR} ${DOCSDIR} >- ${INSTALL_DATA} ${WRKSRC}/pks_help.en ${WRKSRC}/pks_help.es ${WRKSRC}/pks_help.fr \ >- ${WRKSRC}/pks_help.cz ${WRKSRC}/pks_help.de ${WRKSRC}/pks_help.ja \ >- ${WRKSRC}/mail_intro ${DOCSDIR} >- PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL >+ ${INSTALL_DATA} ${WRKSRC}/pksd.conf ${STAGEDIR}${PREFIX}/etc/pksd.conf.sample >+ #${CHOWN} pksd:pksd /var/pks >+ >+.if ${PORT_OPTIONS:MDOCS} >+ ${MKDIR} ${STAGEDIR}${DOCSDIR}/ >+ cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}/ > .endif >- @${CAT} ${PKGMESSAGE} > >-.include <bsd.port.post.mk> >+.include <bsd.port.mk> >Index: files/EMAIL >=================================================================== >--- files/EMAIL (revision 0) >+++ files/EMAIL (working copy) >@@ -0,0 +1,60 @@ >+From the English README and pksd_help.en files: >+ >+If you have configured the mail server component of the key >+server, there is one more step you need to take so that the server >+can actually handle mail. In your aliases file (usually one of >+/etc/aliases or /etc/mail/aliases), create the following lines: >+ >+ pgp-public-keys: "|PREFIX/bin/pks-mail.sh PREFIX/etc/pksd.conf" >+ pgp: pgp-public-keys >+ >+Or, if you are using qmail, create these files for use with the >+dot-qmail(5) framework : >+ >+cd /var/qmail/alias/ >+echo "&pgp-public-keys@localhost" > .qmail-pgp >+echo "|preline /usr/local/bin/pks-mail.sh /usr/local/etc/pksd.conf" > .qmail-pgp-public-keys >+ >+You might also need to add aliases for the mail addresses you >+configured in pksd.conf. >+ >+You will also need to make sure the permissions on PREFIX/var/incoming >+allow both the mailer and whatever user the pksd program runs as >+to insert and delete files. >+ >+OpenPGP public email key servers allow users to exchange public >+keys running using the Internet and properly configured e-mail >+servers. This service exists only to help transfer keys between >+PGP users. It does NOT attempt to guarantee that a key is a valid >+key; use the signatures on a key for that kind of security. >+ >+Each keyserver processes requests in the form of mail messages. >+The commands for the server are entered on the Subject: line. >+---------------------------------------------- ======== ----- >+Note that they should NOT be included in the body of the message. >+--------------------- === --------------------------------------- >+ >+ To: pgp-public-keys@keys.pgp.net >+ From: johndoe@some.site.edu >+ Subject: help >+ >+Sending your key to ONE server is enough. After it processes your >+key, it will forward your add request to other servers automagically. >+ >+For example, to add your key to the keyserver, or to update your key >+if it is already there, send a message similar to the following to any >+server: >+ >+ To: pgp-public-keys@keys.pgp.net >+ From: johndoe@some.site.edu >+ Subject: add >+ >+ -----BEGIN PGP PUBLIC KEY BLOCK----- >+ Version: 2.6 >+ >+ <blah blah blah> >+ -----END PGP PUBLIC KEY BLOCK----- >+ >+COMPROMISED KEYS: Create a Key Revocation Certificate (read the PGP >+docs on how to do that) and mail your key to the server once again, >+with the ADD command. > >Property changes on: files/EMAIL >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Index: files/patch-mkpksdconf.in >=================================================================== >--- files/patch-mkpksdconf.in (revision 0) >+++ files/patch-mkpksdconf.in (working copy) >@@ -0,0 +1,20 @@ >+--- ./mkpksdconf.in.orig 2014-01-22 15:36:39.574285045 -0500 >++++ ./mkpksdconf.in 2014-01-22 15:37:49.289280305 -0500 >+@@ -44,7 +44,7 @@ >+ >+ cat << EOF >+ pks_bin_dir @bindir@ >+-pid_dir @localstatedir@/db >++pid_dir /var/run >+ ### Set chroot_dir to make pksd chroot itself. Must be an absolute path. >+ # chroot_dir @prefix@ >+ ### uid and gid for pksd to run as. Leave unset, or set to 0 to disable >+@@ -70,7 +70,7 @@ >+ ### of each message. >+ maintainer_email PGP Key Server Administrator <nobody> >+ mail_intro_file @datadir@/mail_intro >+-help_dir @datadir@ >++help_dir @docdir@ >+ mail_dir @localstatedir@/incoming >+ ### If you change this, make sure to put a corresponding help file in >+ ### the help_dir named above > >Property changes on: files/patch-mkpksdconf.in >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Index: files/pkg-message.in >=================================================================== >--- files/pkg-message.in (revision 359907) >+++ files/pkg-message.in (working copy) >@@ -1,11 +1,28 @@ >+Add the following lines to /etc/rc.conf.local or /etc/rc.conf to enable this service: > >+ pksd_enable (bool): Set to NO by default. >+ Set it to YES to enable pksd. > >- ################################## >+ pksd_config (path): Set to %%PREFIX%%/etc/pksd.conf >+ by default. > >- To enable adding keys via the >- web interface please edit the >- configuration file at: >+ pksd_mailq_enable (bool): Set to NO by default. Process incoming >+ mail queue of commands and key requests >+ (you will need to configure your mail >+ infrastructure to enable this. See: >+ %%PREFIX%%/share/doc/pks/README and >+ %%PREFIX%%/share/doc/pks/EMAIL for details. >+ >+ pksd_queue_delay (int): Periodically process incoming mail. >+ Set to 60 seconds by default. > >- %%PREFIX%%/etc/pksd.conf >+ ################################## > >- ################################## >+ To enable adding keys via the >+ web interface please edit the >+ configuration file at: >+ >+ %%PREFIX%%/etc/pksd.conf >+ >+ ################################## >+ >Index: files/pksd.in >=================================================================== >--- files/pksd.in (revision 359907) >+++ files/pksd.in (working copy) >@@ -1,22 +1,52 @@ > #!/bin/sh > # >-# $FreeBSD$ >+# $FreeBSD $ > # > # > # PROVIDE: pksd > # REQUIRE: DAEMON >+# KEYWORD: SHUTDOWN >+# >+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf >+# to enable this service: >+# >+# pksd_enable (bool): Set to NO by default. >+# Set it to YES to enable pksd. >+# >+# pksd_config (path): Set to %%PREFIX%%/etc/pksd.conf >+# by default. >+# >+# pksd_mailq_enable (bool): Set to NO by default. Process incoming >+# mail queue of commands and key requests >+# (you will need to configure your mail >+# infrastructure to enable this. See: >+# %%PREFIX%%/share/doc/pks/README and >+# %%PREFIX%%/share/doc/pks/EMAIL for details. >+# >+# pksd_queue_delay (int): Periodically process incoming mail. >+# Set to 60 seconds by default. > > . /etc/rc.subr > > name="pksd" > rcvar=pksd_enable >-command="%%PREFIX%%/sbin/pksd" >-command_args="%%PREFIX%%/etc/${name}.conf &" >-required_files="%%PREFIX%%/etc/${name}.conf" >-start_precmd="pksd_precmd" >-start_postcmd="pksd_runqueue" >-stop_command="pksd_clean_stop" > >+load_rc_config $name >+ >+: ${pksd_enable:="NO"} >+: ${pksd_mailq_enable:="NO"} >+: ${pksd_config="%%PREFIX%%/etc/pksd.conf"} >+: ${pksd_queue_delay="60"} >+ >+command="%%PREFIX%%/sbin/${name}" >+command_args="%%PREFIX%%/etc/${name}.conf" >+required_files="${pksd_config}" >+start_precmd="${name}_precmd" >+start_cmd="${name}_start" >+#start_postcmd="${name}_runqueue" >+stop_command="${name}_clean_stop" >+pidfile="/var/run/${name}.pid" >+ > pksd_precmd() > { > if [ ! -f %%PREFIX%%/etc/${name}.conf ] >@@ -31,14 +61,20 @@ > fi > } > >+pksd_start() >+{ >+ echo "Starting pksd" >+ /usr/sbin/daemon -f -p ${pidfile} ${command} ${command_args} >+} >+ > pksd_runqueue() > { >- if [ -x %%PREFIX%%/bin/${name} -a -x %%PREFIX%%/bin/pks-queue-run.sh ] >+ if [ -x %%PREFIX%%/bin/${name}ctl -a -x %%PREFIX%%/bin/pks-queue-run.sh ] && checkyesno pksd_mailq_enable > then >- echo "Doing queue run for ${name}." >- sleep 5 >- %%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf >- fi >+ echo "Doing queue run for ${name} every ${pksd_queue_delay} seconds." >+ sleep 2 >+ %%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf ${pksd_queue_delay} >+ fi > } > > pksd_clean_stop()
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 181507
:
136337
| 144298 |
145200
|
145642
|
145664
|
145665