Bug 108502 - [maintainer] textproc/sphinxsearch -- run as unprivileged user
[maintainer] textproc/sphinxsearch -- run as unprivileged user
Status: Closed FIXED
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s)
Any Any
: Normal Affects Only Me
Assigned To: pav
Depends on:
  Show dependency treegraph
Reported: 2007-01-29 00:10 UTC by m.seaman
Modified: 2007-01-30 23:20 UTC (History)
0 users

See Also:

sphinxsearch.diff (8.34 KB, patch)
2007-01-29 00:10 UTC, m.seaman
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description m.seaman 2007-01-29 00:10:19 UTC
In the interests of generally improving security, switch to running
searchd as an unprivileged user 'sphinx'

Note to Users:

The default locations of a number of files and directories have changed:

    /var/run/searchd.pid  -->     /var/run/sphinxsearch/searchd.pid
    /var/log/searchd.log  -->     /var/log/sphinxsearch/searchd.log
    /var/log/sphinx-query.log --> /var/log/sphinxsearch/sphinx-query.log

See ${PREFIX}/etc/rc.d/sphinxsearch for details of a number of new
rc.conf settings you can use to control these locations and also the
user and group the daemon is run as.

You will need to merge these changes into ${PREFIX}/etc/sphinx.conf

Note to committer:

    Added new files:
Comment 1 pav freebsd_committer 2007-01-30 20:40:10 UTC
State Changed
From-To: open->feedback

Looks great, but, would you mind selecting a fixed UID and GID, modifying the 
pkg-install script to always use them, and prepare a patch to record them in 
/usr/ports/UIDs,GIDs files? 

Comment 2 pav freebsd_committer 2007-01-30 20:40:10 UTC
Responsible Changed
From-To: freebsd-ports-bugs->pav

Comment 3 pav freebsd_committer 2007-01-30 23:13:10 UTC
State Changed
From-To: feedback->closed

Committed, thanks!
Comment 4 dfilter freebsd_committer 2007-01-30 23:13:42 UTC
pav         2007-01-30 23:13:36 UTC

  FreeBSD ports repository

  Modified files:
    textproc/sphinxsearch Makefile 
    textproc/sphinxsearch/files sphinxsearch.sh.in 
  Added files:
    textproc/sphinxsearch/files pkg-deinstall.in pkg-install.in 
  - Run as unpriviledged user sphinx
  PR:             ports/108502
  Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
  Revision  Changes    Path
  1.3       +33 -9     ports/textproc/sphinxsearch/Makefile
  1.1       +32 -0     ports/textproc/sphinxsearch/files/pkg-deinstall.in (new)
  1.1       +123 -0    ports/textproc/sphinxsearch/files/pkg-install.in (new)
  1.2       +28 -4     ports/textproc/sphinxsearch/files/sphinxsearch.sh.in
cvs-all@freebsd.org mailing list
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"