FreeBSD Bugzilla – Attachment 75080 Details for
Bug 108502
[maintainer] textproc/sphinxsearch -- run as unprivileged user
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
sphinxsearch.diff
sphinxsearch.diff (text/plain), 8.34 KB, created by
Matthew Seaman
on 2007-01-29 00:10:19 UTC
(
hide
)
Description:
sphinxsearch.diff
Filename:
MIME Type:
Creator:
Matthew Seaman
Created:
2007-01-29 00:10:19 UTC
Size:
8.34 KB
patch
obsolete
>diff -Nur /usr/ports/textproc/sphinxsearch/Makefile sphinxsearch/Makefile >--- /usr/ports/textproc/sphinxsearch/Makefile Sat Dec 16 17:37:51 2006 >+++ sphinxsearch/Makefile Sun Jan 28 22:44:44 2007 >@@ -5,10 +5,11 @@ > # $FreeBSD: ports/textproc/sphinxsearch/Makefile,v 1.2 2006/12/16 12:06:14 miwi Exp $ > # > # Note: the Sphinx Storage Engine MySQL plugin is not supported by >-# this port at the moment. Maybe later. >+# this port. You need a patched version of mysql server for that. > > PORTNAME= sphinxsearch > PORTVERSION= 0.9.7.r2 >+PORTREVISION= 1 > CATEGORIES= textproc databases > MASTER_SITES= http://www.sphinxsearch.com/downloads/ > DISTNAME= sphinx-${PORTVERSION:C@\.r([0-9]+)$@-rc\1@} >@@ -20,6 +21,12 @@ > PGSQL "PostgreSQL support" off \ > OPTIMIZED_CFLAGS "Use compiler optimization (-O3)" off > >+SPHINX_USR?= sphinx >+SPHINX_GRP?= sphinx >+SPHINX_DIR?= /var/db/${PORTNAME} >+SPHINX_RUN?= /var/run/${PORTNAME} >+SPHINX_LOG?= /var/log/${PORTNAME} >+ > # Yes, the conflation of CPPFLAGS and CXXFLAGS is deliberate. No, > # don't ask. > >@@ -28,8 +35,15 @@ > CONFIGURE_ENV+= CC=${CC} CPPFLAGS="${CXXFLAGS}" > CFGFILE= ${PREFIX}/etc/sphinx.conf > USE_RC_SUBR= sphinxsearch.sh >-SUB_LIST+= PORTNAME=${PORTNAME} \ >- CFGFILE=${CFGFILE} >+SUB_LIST+= PORTNAME=${PORTNAME} \ >+ CFGFILE=${CFGFILE} \ >+ SPHINX_USR=${SPHINX_USR} \ >+ SPHINX_GRP=${SPHINX_GRP} \ >+ SPHINX_DIR=${SPHINX_DIR} \ >+ SPHINX_RUN=${SPHINX_RUN} \ >+ SPHINX_LOG=${SPHINX_LOG} >+SUB_FILES+= pkg-install pkg-deinstall >+ > .if !defined(NOPORTDOCS) > EXAMPLES= example.sql api/sphinxapi.php api/test.php api/test2.php > DOCS= doc/sphinx.css doc/sphinx.html doc/sphinx.txt doc/sphinx.xml >@@ -62,12 +76,15 @@ > > post-patch: > ${REINPLACE_CMD} \ >- -e 's!@CONFDIR@/log/searchd.pid!/var/run/searchd.pid!' \ >- -e 's!@CONFDIR@/log/query.log!/var/log/sphinx-query.log!' \ >- -e 's!@CONFDIR@/log/searchd.log!/var/log/searchd.log!' \ >- -e 's!@CONFDIR@!/var/db/sphinxsearch!' \ >+ -e "s!@CONFDIR@/log/searchd.pid!${SPHINX_RUN}/searchd.pid!" \ >+ -e "s!@CONFDIR@/log/query.log!${SPHINX_LOG}/sphinx-query.log!" \ >+ -e "s!@CONFDIR@/log/searchd.log!${SPHINX_LOG}/searchd.log!" \ >+ -e "s!@CONFDIR@!${SPHINX_DIR}!" \ > ${WRKSRC}/sphinx.conf.in > >+pre-install: >+ @${SETENV} ${SCRIPTS_ENV} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL >+ > do-install: install-bin install-docs install-examples > > install-bin: >@@ -92,7 +109,10 @@ > .endfor > .endif > >-post-install: >+post-install: post-install-cfg >+ @${SETENV} ${SCRIPTS_ENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL >+ >+post-install-cfg: > @if [ ! -f ${CFGFILE} ]; then \ > ${CP} -p ${CFGFILE}.sample ${CFGFILE} ; \ > fi >diff -Nur /usr/ports/textproc/sphinxsearch/files/pkg-deinstall.in sphinxsearch/files/pkg-deinstall.in >--- /usr/ports/textproc/sphinxsearch/files/pkg-deinstall.in Thu Jan 1 01:00:00 1970 >+++ sphinxsearch/files/pkg-deinstall.in Sun Jan 28 23:21:02 2007 >@@ -0,0 +1,32 @@ >+#!/bin/sh >+# >+# $FreeBSD$ >+# >+ >+sphinx_usr=%%SPHINX_USR%% >+sphinx_grp=%%SPHINX_GRP%% >+sphinx_dir=%%SPHINX_DIR%% >+sphinx_name=%%PORTNAME%% >+ >+case $2 in >+ POST-DEINSTALL) >+ >+ cat <<EOMSG >+ >+The $sphinx_name port has been deleted. If you are not >+upgrading and don't intend to use $sphinx_name any more >+then you may wish to delete the $sphinx_usr account, >+and the $sphinx_grp group together with the working >+directory $sphinx_dir; which can be done with the >+following commands: >+ >+ # pw userdel -n $sphinx_usr >+ # rm -rf $sphinx_dir >+EOMSG >+ echo >+ ;; >+esac >+ >+# >+# That's All Folks! >+# >diff -Nur /usr/ports/textproc/sphinxsearch/files/pkg-install.in sphinxsearch/files/pkg-install.in >--- /usr/ports/textproc/sphinxsearch/files/pkg-install.in Thu Jan 1 01:00:00 1970 >+++ sphinxsearch/files/pkg-install.in Sun Jan 28 23:22:23 2007 >@@ -0,0 +1,116 @@ >+#!/bin/sh >+# >+# $FreeBSD$ >+# >+ >+PATH=/usr/sbin:/usr/bin:/bin ; export PATH >+ >+sphinx_dir=%%SPHINX_DIR%% >+sphinx_usr=%%SPHINX_USR%% >+sphinx_grp=%%SPHINX_GRP%% >+sphinx_run=%%SPHINX_RUN%% >+sphinx_log=%%SPHINX_LOG%% >+sphinx_name=%%PORTNAME%% >+ >+sphinx_gcos="Sphinxsearch Owner" >+sphinx_home=/nonexistent >+sphinx_shell=/sbin/nologin >+ >+create_group() { >+ local user group gcos home shell >+ >+ user=$1 >+ group=$2 >+ gcos=$3 >+ home=$4 >+ shell=$5 >+ >+ if pw groupadd -n $group ; then >+ echo "===> Group $group created" >+ else >+ cat <<-EOERRORMSG >+ *** Failed to create the $group group. >+ >+ Please add the $user user and $group group >+ manually with the commands: >+ >+ pw groupadd -n $group >+ pw useradd -n $user -g $group -c "$gcos" \\ >+ -d $home -s $shell -h - >+ >+ and retry installing this package. >+ EOERRORMSG >+ exit 1 >+ fi >+} >+ >+ >+create_user() { >+ local user group gcos home shell >+ >+ user=$1 >+ group=$2 >+ gcos=$3 >+ home=$4 >+ shell=$5 >+ >+ if pw useradd -n $user -g $group -c "$gcos" -d $home -s $shell -h - ; then >+ echo "===> Created $user user" >+ else >+ cat <<-EOERRORMSG >+ *** Failed to create the $user user. >+ >+ Please add the $user user manually with the command: >+ >+ pw useradd -n $user -g $group -c "$gcos" \\ >+ -d $home -s $shell -h - >+ >+ and retry installing this package. >+ EOERRORMSG >+ exit 1 >+ fi >+} >+ >+ >+case $2 in >+ PRE-INSTALL) >+ >+ # Create the sphinx user and group if they do not already exist >+ >+ if pw user show -n $sphinx_usr >/dev/null 2>&1 ; then >+ echo "===> Using pre-existing user $sphinx_usr" >+ else >+ if ! pw group show -n $sphinx_grp >/dev/null 2>&1 ; then >+ create_group $sphinx_usr $sphinx_grp "$sphinx_gcos" \ >+ $sphinx_home $sphinx_shell >+ fi >+ create_user $sphinx_usr $sphinx_grp "$sphinx_gcos" \ >+ $sphinx_home $sphinx_shell >+ fi >+ ;; >+ POST-INSTALL) >+ >+ # Create and set ownership of the Sphinx working directory >+ if [ -d $sphinx_dir ]; then >+ echo "==> Using pre-existing directory $sphinx_dir" >+ else >+ echo "==> Creating the Sphinx working directory: $sphinx_dir" >+ mkdir -m 755 $sphinx_dir || exit 1 >+ fi >+ >+ # Create and set ownership of the Sphinx data directory >+ if [ -d $sphinx_dir/data ]; then >+ echo "==> Using pre-existing directory $sphinx_dir/data" >+ else >+ echo "==> Creating the Sphinx data directory: $sphinx_dir/data" >+ mkdir -m 755 $sphinx_dir/data || exit 1 >+ fi >+ >+ echo "===> Adjusting file ownership in $sphinx_dir" >+ chown -R $sphinx_usr:$sphinx_grp $sphinx_dir || exit 1 >+ ;; >+esac >+ >+# >+# That's All Folks! >+# >diff -Nur /usr/ports/textproc/sphinxsearch/files/sphinxsearch.sh.in sphinxsearch/files/sphinxsearch.sh.in >--- /usr/ports/textproc/sphinxsearch/files/sphinxsearch.sh.in Sat Nov 18 22:54:07 2006 >+++ sphinxsearch/files/sphinxsearch.sh.in Sun Jan 28 23:45:56 2007 >@@ -15,11 +15,16 @@ > # > # %%PORTNAME%%_conffile="%%CFGFILE%%" > # -- path to config file >-# %%PORTNAME%%_pidfile="/var/run/searchd.pid" >+# %%PORTNAME%%_pidfile="%%SPHINX_RUN%%/searchd.pid" > # -- location of pidfile: must match setting > # in ${%%PORTNAME%%_conffile} >+# %%PORTNAME%%_user="%%SPHINX_USR%%" >+# -- user to run searchd as >+# %%PORTNAME%%_group="%%SPHINX_GRP%%" >+# -- group to run searchd as >+# %%PORTNAME%%_logdir="%%SPHINX_LOG%%" >+# -- directory searchd writes logs to > # >- > . /etc/rc.subr > > name=%%PORTNAME%% >@@ -27,12 +32,31 @@ > > %%PORTNAME%%_enable=${%%PORTNAME%%_enable-"NO"} > %%PORTNAME%%_conffile=${%%PORTNAME%%_conffile-"%%CFGFILE%%"} >-%%PORTNAME%%_pidfile=${%%PORTNAME%%_pidfile-"/var/run/searchd.pid"} >+%%PORTNAME%%_pidfile=${%%PORTNAME%%_pidfile-"%%SPHINX_RUN%%/searchd.pid"} >+%%PORTNAME%%_user=${%%PORTNAME%%_user-"%%SPHINX_USR%%"} >+%%PORTNAME%%_group=${%%PORTNAME%%_group-"%%SPHINX_GRP%%"} >+%%PORTNAME%%_logdir=${%%PORTNAME%%_logdir-"%%SPHINX_LOG%%"} >+ >+start_precmd="create_dirs" > > command=%%PREFIX%%/sbin/searchd > pidfile=${%%PORTNAME%%_pidfile} > required_files=${%%PORTNAME%%_conffile} > %%PORTNAME%%_flags="--config ${%%PORTNAME%%_conffile}" >+ >+create_dirs () >+{ >+ piddir=$(dirname ${%%PORTNAME%%_pidfile}) >+ if [ ! -d ${piddir} ]; then >+ mkdir -m 755 -p ${piddir} >+ chown -R ${%%PORTNAME%%_user}:${%%PORTNAME%%_group} ${piddir} >+ fi >+ if [ ! -d ${%%PORTNAME%%_logdir} ]; then >+ mkdir -m 755 -p ${%%PORTNAME%%_logdir} >+ chown -R ${%%PORTNAME%%_user}:${%%PORTNAME%%_group} \ >+ ${%%PORTNAME%%_logdir} >+ fi >+} > > load_rc_config ${name} > run_rc_command "$1"
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=75080">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 108502
: 75080