Bug 155876 - [PATCH] security/shibboleth2-sp: do not clobber/remove
Summary: [PATCH] security/shibboleth2-sp: do not clobber/remove
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Steve Wills
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-03-23 01:10 UTC by Craig Leres
Modified: 2011-04-15 21:50 UTC (History)
0 users

See Also:


Attachments
file.diff (757 bytes, patch)
2011-03-23 01:10 UTC, Craig Leres
no flags Details | Diff
file.diff (4.29 KB, patch)
2011-03-23 01:10 UTC, Craig Leres
no flags Details | Diff
patch-Makefile (504 bytes, text/plain)
2011-03-24 00:00 UTC, Craig Leres
no flags Details
patch-files-shibboleth-sp.in (757 bytes, text/plain)
2011-03-24 00:00 UTC, Craig Leres
no flags Details
patch-pkg-plist (6.97 KB, text/plain)
2011-03-24 00:00 UTC, Craig Leres
no flags Details
patch-Makefile.sig (72 bytes, application/octet-stream)
2011-03-24 00:00 UTC, Craig Leres
no flags Details
patch-files-shibboleth-sp.in.sig (72 bytes, application/octet-stream)
2011-03-24 00:00 UTC, Craig Leres
no flags Details
patch-pkg-plist.sig (72 bytes, application/octet-stream)
2011-03-24 00:00 UTC, Craig Leres
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Craig Leres freebsd_committer freebsd_triage 2011-03-23 01:10:00 UTC
	On package installation, the shibboleth2-sp port clobbers
	configurable files. On un-installation, it removes them.

	Also, there are a number of problems with the rc.d script.
	It does not obey the shibboleth_sp_flags, shibboleth_sp_program
	or shibboleth_sp_pidfile rc.conf options. And the backgrounding
	(&) of shibd is not needed.

Fix: The attached patch always installs the .dist versions of
	config files and only installs the non-dist versions when
	they do not already exist. When the package is deleted, the
	non-dist versions are not removed if they have been changed.

	This allows the package to be uninstalled and reinstalled
	without trashing the config.

	The is also a patch for the rc.d script to honor rc.conf
	shibboleth_sp_* settings.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk2JR5EACgkQWxlAhAje3Ju14QCfR5JNNPjA9p5i9r7qiGZrSaPg
CwsAnijXP2/83SmFSSsgymsbFbStre7r
=YfDh
-----END PGP SIGNATURE-----

--------------040500090704010309070004
Content-Type: text/plain;
 name="patch-Makefile"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="patch-Makefile"

--------------040500090704010309070004
Content-Type: text/plain;
 name="patch-files-shibboleth-sp.in"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="patch-files-shibboleth-sp.in"

--------------040500090704010309070004
Content-Type: text/plain;
 name="patch-pkg-plist"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="patch-pkg-plist"



--------------040500090704010309070004
Content-Type: application/octet-stream;
 name="patch-Makefile.sig"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="patch-Makefile.sig"

iEYEABECAAYFAk2JR5EACgkQWxlAhAje3JsLWwCeIsbeLNVVS8H/rwTdiRehenz25e0An3v5
GcvyqPlm3PaMZ4ruQJ7eY/x6
--------------040500090704010309070004
Content-Type: application/octet-stream;
 name="patch-files-shibboleth-sp.in.sig"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="patch-files-shibboleth-sp.in.sig"

iEYEABECAAYFAk2JR5EACgkQWxlAhAje3JvFlwCfWSGkIv5fBWMei9GDYIt3edfQZZ8An0Ok
2+OH58jpvfub+J1LnmP3xiDX
--------------040500090704010309070004
Content-Type: application/octet-stream;
 name="patch-pkg-plist.sig"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="patch-pkg-plist.sig"

iEYEABECAAYFAk2JR5EACgkQWxlAhAje3JvN7gCfT8QBXyIQtAYoHcusj6eNWTd4so4AoJM1
7KZ7Q0emov/42jI8g0yUEUm9
--------------040500090704010309070004----2zxnnHSia3IzvhpUEQwivuluBZlxo7CLAFp1iM9GViljwX5x
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

--- Makefile.orig	2010-12-04 00:49:02.000000000 -0800
+++ Makefile	2011-03-22 17:49:47.000000000 -0700
@@ -2,12 +2,12 @@
 # Date created:		17 Sept2008
 # Whom:			Janos Mohacsi <janos.mohacsi@bsd.hu>
 #
-# $FreeBSD: ports/security/shibboleth2-sp/Makefile,v 1.8 2010/12/04 07:33:31 ade Exp $
+# $FreeBSD$
 #
 
 PORTNAME=	shibboleth-sp
 PORTVERSION=	2.3.1
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security www
 MASTER_SITES=	http://shibboleth.internet2.edu/downloads/shibboleth/cppsp/${PORTVERSION}/
 
@@ -53,4 +53,31 @@
 	${RM} ${WRKSRC}/aclocal.m4
 	@cd ${WRKSRC} && ${AUTORECONF} -fvi
 
+SHIB_DISTFILES= \
+	etc/shibboleth/accessError.html \
+	etc/shibboleth/attribute-map.xml \
+	etc/shibboleth/attribute-policy.xml \
+	etc/shibboleth/bindingTemplate.html \
+	etc/shibboleth/console.logger \
+	etc/shibboleth/discoveryTemplate.html \
+	etc/shibboleth/example-metadata.xml \
+	etc/shibboleth/globalLogout.html \
+	etc/shibboleth/localLogout.html \
+	etc/shibboleth/metadataError.html \
+	etc/shibboleth/native.logger \
+	etc/shibboleth/partialLogout.html \
+	etc/shibboleth/postTemplate.html \
+	etc/shibboleth/sessionError.html \
+	etc/shibboleth/shibboleth2.xml \
+	etc/shibboleth/shibd.logger \
+	etc/shibboleth/sslError.html \
+	etc/shibboleth/syslog.logger
+
+post-install:
+	@for fn in ${SHIB_DISTFILES}; do \
+		if [ ! -f ${PREFIX}/$${fn} ]; then \
+			${CP} -p ${PREFIX}/$${fn}.dist ${PREFIX}/$${fn} ; \
+		fi \
+	done
+
 .include <bsd.port.post.mk>
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2011-03-23 01:10:15 UTC
Maintainer of security/shibboleth2-sp,

Please note that PR ports/155876 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/155876

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2011-03-23 01:10:17 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 3 Craig Leres freebsd_committer freebsd_triage 2011-03-24 00:00:37 UTC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The patches I originally submitted were based my (mis)reading the
examples in section 7.3 of the Porter's Handbook. Using the
post-install section of the port Makefile means the non-dist configs
do not get installed when the port is installed from a package.

A new patch set that handles installation of the non-dist version
of the config files from pkg-plist is attached.

		Craig
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk2KiaUACgkQWxlAhAje3Js0HQCeIJ04AhmrPsSXk6R7AfvO7Yd6
NuYAn2PNIgf39Xz+5hejyawKIwWZyHjv
=gj+7
-----END PGP SIGNATURE-----
Comment 4 Steve Wills freebsd_committer freebsd_triage 2011-04-13 02:50:06 UTC
Responsible Changed
From-To: freebsd-ports-bugs->swills

I'll take it.
Comment 5 dfilter service freebsd_committer freebsd_triage 2011-04-15 21:47:30 UTC
swills      2011-04-15 20:47:15 UTC

  FreeBSD ports repository

  Modified files:
    security/shibboleth2-sp Makefile pkg-plist 
    security/shibboleth2-sp/files shibboleth-sp.in 
  Log:
  - Don't overwrite/remove config files on package installation/uninstall
  - Obey shibboleth_sp_flags, shibboleth_sp_program and shibboleth_sp_pidfile
  
  PR:             ports/155876
  Submitted by:   Craig Leres <leres at ee.lbl.gov>
  Approved by:    maintainer timeout
  
  Revision  Changes    Path
  1.9       +1 -1      ports/security/shibboleth2-sp/Makefile
  1.4       +4 -5      ports/security/shibboleth2-sp/files/shibboleth-sp.in
  1.4       +36 -18    ports/security/shibboleth2-sp/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 6 Steve Wills freebsd_committer freebsd_triage 2011-04-15 21:47:33 UTC
State Changed
From-To: feedback->closed

Committed, with minor changes. Thanks!