Bug 244648

Summary:

security/samhain: update to 4.4.1

Product:

Ports & Packages

Reporter:

Nikola Kolev <koue>

Component:

Individual Port(s)

Assignee:

Li-Wen Hsu <lwhsu>

Status:

Closed FIXED

Severity:

Affects Only Me

CC:

danfe, freebsd, lwhsu

Priority:

---

Keywords:

buildisok

Version:

Latest

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
samhain 4.4.1 patch	none
updated patch to fix build failure for server mode	none

Description Nikola Kolev 2020-03-06 23:25:46 UTC

Created attachment 212211 [details]
samhain 4.4.1 patch

Update security/samhain to 4.4.1

Poudriere logs look OK.

Comment 1 Automation User 2020-03-06 23:41:14 UTC

Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/124097221

Comment 2 Alexey Dokuchaev freebsd_committer

2020-07-01 16:43:20 UTC

Apparently, this update breaks security/samhain-server:

> ===>  Staging for samhain-server-4.4.1
> ===>   Generating temporary packing list
> ===> Creating groups.
> ===> Creating users
> make[2]: don't know how to make scripts/samhainadmin.pl. Stop
Could you take a closer look?

Comment 3 Greg Veldman 2020-07-21 14:14:36 UTC

This appears to be an upstream bug.  Between 4.3 and 4.4, Samhain added support for OpenBSD signify to sign the database.  Because of that, the samhainadmin.pl script was split out into two variants, one for GnuPG and one for signify.  The configure script contains logic to figure out which one is actually in use and copy it to the actual samhainadmin.pl script, which the build process expects to be present with the network server option:

+if test "x${mysignify}" != x
+then
+       cp -a scripts/samhainadmin-sig.pl scripts/samhainadmin.pl
+fi
+if test "x${mygpg}" != x
+then
+       cp -a scripts/samhainadmin-gpg.pl scripts/samhainadmin.pl
+fi
+
+

The problem is the default port build options don't use GnuPG.  Based on that configure logic, in this case neither variant gets copied to samhainadmin.pl, which breaks the install-program make target.

I've created an updated patch which adds a fix to the configure script to deal with this case.  I'm not sure if using server mode without either GnuPG or signify is an unsupported configuration, but I'll also submit this upstream to see if this can be fixed there.

Comment 4 Greg Veldman 2020-07-21 14:15:27 UTC

Created attachment 216629 [details]
updated patch to fix build failure for server mode

Comment 5 commit-hook freebsd_committer

2020-07-21 16:35:50 UTC

A commit references this bug:

Author: lwhsu
Date: Tue Jul 21 16:35:25 UTC 2020
New revision: 542753
URL: https://svnweb.freebsd.org/changeset/ports/542753

Log:
  Update to 4.4.1

  PR:		244648
  Submitted by:	Greg Veldman <freebsd@gregv.net> (maintainer)
  Reported by:	Nikola Kolev <koue@chaosophia.net>

Changes:
  head/security/samhain/Makefile
  head/security/samhain/distinfo

Comment 6 Greg Veldman 2020-07-21 16:59:10 UTC

(In reply to commit-hook from comment #5)
Li-Wen, it appears this commit missed the files/patch-configure addition that fixes the build failure Alexey mentioned.

Comment 7 commit-hook freebsd_committer

2020-07-21 17:07:58 UTC

A commit references this bug:

Author: lwhsu
Date: Tue Jul 21 17:07:41 UTC 2020
New revision: 542758
URL: https://svnweb.freebsd.org/changeset/ports/542758

Log:
  Add the missing patch from last commit

  PR:		244648
  Reported by:	Greg Veldman <freebsd@gregv.net> (maintainer)

Changes:
  head/security/samhain/files/patch-configure