FreeBSD Bugzilla – Attachment 228804 Details for
Bug 259247
security/cfssl: add USE_RC_SUBR, USERS, and GROUPS
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
the patch enables users to run cfssl as a daemon
cfssl.patch (text/plain), 4.08 KB, created by
Tomoyuki Sakurai
on 2021-10-18 09:38:37 UTC
(
hide
)
Description:
the patch enables users to run cfssl as a daemon
Filename:
MIME Type:
Creator:
Tomoyuki Sakurai
Created:
2021-10-18 09:38:37 UTC
Size:
4.08 KB
patch
obsolete
>diff --git a/GIDs b/GIDs >index 3bb5c1e..4cb4098 100644 >--- a/GIDs >+++ b/GIDs >@@ -815,7 +815,7 @@ opensearch:*:855: > bitmark:*:872: > bitmark-recorder:*:873: > librespeed:*:874: >-# free: 875 >+cfssl:*:875: > _lms:*:876: > gemserv:*:877: > gerbera:*:878: >diff --git a/UIDs b/UIDs >index f490764..4adfd14 100644 >--- a/UIDs >+++ b/UIDs >@@ -820,7 +820,7 @@ archiva:*:871:871::0:0:Apache Archiva Daemon:/nonexistent:/usr/sbin/nologin > bitmark:*:872:872::0:0:Bitmark Property System:/var/lib/bitmarkd:/usr/sbin/nologin > bitmark-recorder:*:873:873::0:0:Bitmark Property Recorder:/var/lib/recorderd:/usr/sbin/nologin > librespeed:*:874:874::0:0:LibreSpeed user:/nonexistent:/usr/sbin/nologin >-# free: 875 >+cfssl:*:875:875::0:0:cfssl user:/nonexistent:/usr/sbin/nologin > _lms:*:876:876::0:0:Lightweight Music Server user:/nonexistent:/usr/sbin/nologin > gemserv:*:877:877::0:0:gemserv user:/nonexistent:/usr/sbin/nologin > gerbera:*:878:878::0:0:Gerbera DLNA Media Server:/nonexistent:/usr/sbin/nologin >diff --git a/security/cfssl/Makefile b/security/cfssl/Makefile >index b01b210..5d50e10 100644 >--- a/security/cfssl/Makefile >+++ b/security/cfssl/Makefile >@@ -1,6 +1,7 @@ > PORTNAME= cfssl > DISTVERSIONPREFIX= v > DISTVERSION= 1.6.1 >+PORTREVISION= 1 > CATEGORIES= security > > MAINTAINER= yuri@FreeBSD.org >@@ -19,12 +20,20 @@ EXES= cfssl cfssl-bundle cfssl-certinfo cfssl-newkey cfssl-scan cfssljson mkbun > > PLIST_FILES= ${EXES:S/^/bin\//} > >+CFSSL_EXTRA_TARGETS= bin/goose >+PLIST_FILES+= ${CFSSL_EXTRA_TARGETS} >+USE_RC_SUBR= ${PORTNAME} >+USERS= cfssl >+GROUPS= cfssl >+# installs a file to the same path >+CONFLICTS= goose >+ > pre-configure: > ${REINPLACE_CMD} -e 's|%%DISTVERSION%%|${DISTVERSION}|g' ${WRKSRC}/cli/version/version.go > > # the project uses Makefile for build and installation > do-build: >- @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all >+ @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all ${CFSSL_EXTRA_TARGETS} > > do-install: > # Makefile is used but the install target uses go install. >@@ -33,4 +42,13 @@ do-install: > ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${F} > .endfor > >+ ${INSTALL} -d ${STAGEDIR}${DATADIR} >+.for D in certdb/sqlite certdb/pg certdb/mysql >+ cd ${WRKSRC} && ${COPYTREE_SHARE} ${D} ${STAGEDIR}${DATADIR} >+.endfor >+ >+.for F in ${CFSSL_EXTRA_TARGETS} >+ ${INSTALL_PROGRAM} ${WRKSRC}/${F} ${STAGEDIR}/${PREFIX}/${F} >+.endfor >+ > .include <bsd.port.mk> >diff --git a/security/cfssl/files/cfssl.in b/security/cfssl/files/cfssl.in >new file mode 100644 >index 0000000..1779ae0 >--- /dev/null >+++ b/security/cfssl/files/cfssl.in >@@ -0,0 +1,38 @@ >+#!/bin/sh >+ >+# PROVIDE: cfssl >+# REQUIRE: LOGIN >+# KEYWORD: shutdown >+ >+# Add the following lines to /etc/rc.conf to enable `cfssl': >+# >+# cfssl_enable="YES" >+# >+# An example cfssl_flags: >+# cfssl_flags="-db-config /usr/local/etc/ssl/db.json -ca /usr/local/etc/ssl/ca.pem -ca-key /usr/local/etc/ssl/ca-key.pem -config /usr/local/etc/ssl/ca-config.json" >+# >+ >+. /etc/rc.subr >+ >+name="cfssl" >+rcvar=cfssl_enable >+ >+load_rc_config "$name" >+: ${cfssl_enable="NO"} >+: ${cfssl_flags:=""} >+ >+command="/usr/sbin/daemon" >+cfssl_command="%%PREFIX%%/bin/cfssl" >+cfssl_user="cfssl" >+pidfile="/var/run/$name.pid" >+flags=" " >+command_args="-S -p ${pidfile} ${cfssl_command} serve ${cfssl_flags}" >+procname="%%PREFIX%%/bin/cfssl" >+start_precmd="cfssl_precmd" >+ >+cfssl_precmd() >+{ >+ install -o ${cfssl_user} /dev/null ${pidfile} >+} >+ >+run_rc_command "$1" >diff --git a/security/cfssl/pkg-plist b/security/cfssl/pkg-plist >new file mode 100644 >index 0000000..5612f39 >--- /dev/null >+++ b/security/cfssl/pkg-plist >@@ -0,0 +1,9 @@ >+%%DATADIR%%/certdb/mysql/dbconf.yml >+%%DATADIR%%/certdb/mysql/migrations/001_CreateCertificates.sql >+%%DATADIR%%/certdb/mysql/migrations/002_AddMetadataToCertificates.sql >+%%DATADIR%%/certdb/pg/dbconf.yml >+%%DATADIR%%/certdb/pg/migrations/001_CreateCertificates.sql >+%%DATADIR%%/certdb/pg/migrations/002_AddMetadataToCertificates.sql >+%%DATADIR%%/certdb/sqlite/dbconf.yml >+%%DATADIR%%/certdb/sqlite/migrations/001_CreateCertificates.sql >+%%DATADIR%%/certdb/sqlite/migrations/002_AddMetadataToCertificates.sql
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=228804">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 259247
: 228804 |
228805