Bug 181495 - [patch] security/gnupg add option for setuid install
[patch] security/gnupg add option for setuid install
Status: Closed FIXED
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s)
Latest
Any Any
: Normal Affects Only Me
Assigned To: Jun Kuriyama
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-24 01:40 UTC by mjl
Modified: 2013-10-05 10:40 UTC (History)
0 users

See Also:


Attachments
patch-gnupg (966 bytes, text/plain)
2013-08-24 01:40 UTC, mjl
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description mjl 2013-08-24 01:40:00 UTC
The Makefile for gnupg allows the binary to be installed setuid root if
built with
make WITH_SUID_GPG=yes install
However, the option must be set every time gnupg is built.

Fix: The attached patch adds a dialog option to the port, so that the port can
remember what my preference is.
How-To-Repeat: Build gnupg while forgetting the option.
Comment 1 Edwin Groothuis freebsd_committer 2013-08-24 01:40:09 UTC
Responsible Changed
From-To: freebsd-ports-bugs->kuriyama

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 dfilter freebsd_committer 2013-10-05 10:34:20 UTC
Author: kuriyama
Date: Sat Oct  5 09:34:12 2013
New Revision: 329429
URL: http://svnweb.freebsd.org/changeset/ports/329429

Log:
  - Upgrade 2.0.22 (security, VuXML entry will follow).
  - Pet portlint about pkg-plist.
  - Use $STAGEDIR.
  - Turn setuid knob to OptionsNG [1]
  
  PR:		ports/181495 [1]
  Submitted by:	Matthew Luckie <mjl@luckie.org.nz> [1]

Modified:
  head/security/gnupg/Makefile
  head/security/gnupg/distinfo
  head/security/gnupg/pkg-plist

Modified: head/security/gnupg/Makefile
==============================================================================
--- head/security/gnupg/Makefile	Sat Oct  5 08:41:19 2013	(r329428)
+++ head/security/gnupg/Makefile	Sat Oct  5 09:34:12 2013	(r329429)
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	gnupg
-PORTVERSION=	2.0.21
+PORTVERSION=	2.0.22
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GNUPG}
 MASTER_SITE_SUBDIR=	gnupg
@@ -29,7 +29,7 @@ USES=		iconv
 USE_LDCONFIG=	YES
 CONFIGURE_ARGS+=	--enable-symcryptrun
 
-OPTIONS_DEFINE=		PINENTRY LDAP SCDAEMON CURL GPGSM KDNS STD_SOCKET NLS
+OPTIONS_DEFINE=		PINENTRY LDAP SCDAEMON CURL GPGSM KDNS STD_SOCKET NLS DOCS SUID_GPG
 PINENTRY_DESC=		Use pinentry
 LDAP_DESC=		LDAP keyserver interface
 SCDAEMON_DESC=		Enable Smartcard daemon (with libusb)
@@ -37,20 +37,14 @@ CURL_DESC=		Use the real curl library (w
 GPGSM_DESC=		Enable GPGSM (requires LDAP)
 KDNS_DESC=		Use DNS CERT helper
 STD_SOCKET_DESC=	Use standard socket for agent
+SUID_GPG_DESC=		Install GPG with suid
 OPTIONS_DEFAULT=	CURL
 NO_OPTIONS_SORT=	YES
 
-NO_STAGE=	yes
 .include <bsd.port.options.mk>
 
 .if ! ${PORT_OPTIONS:MDOCS}
 CONFIGURE_ARGS+=	--disable-doc
-.else
-MAN1=		gpg2.1 gpgsm.1 gpgv2.1 gpg-agent.1 scdaemon.1 watchgnupg.1 \
-		gpgconf.1 gpg-preset-passphrase.1 gpg-connect-agent.1 \
-		gpgparsemail.1 symcryptrun.1 gpgsm-gencert.sh.1
-MAN8=		addgnupghome.8 applygnupgdefaults.8
-INFO=		gnupg
 .endif
 
 .if ${PORT_OPTIONS:MPINENTRY}
@@ -122,8 +116,8 @@ post-patch:
 
 post-install:
 	PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
-.if defined(WITH_SUID_GPG)
-	${CHMOD} u+s ${PREFIX}/bin/gpg2
+.if ${PORT_OPTIONS:MSUID_GPG}
+	${CHMOD} u+s ${STAGEDIR}${PREFIX}/bin/gpg2
 .endif
 	@${CAT} ${PKGMESSAGE}
 

Modified: head/security/gnupg/distinfo
==============================================================================
--- head/security/gnupg/distinfo	Sat Oct  5 08:41:19 2013	(r329428)
+++ head/security/gnupg/distinfo	Sat Oct  5 09:34:12 2013	(r329429)
@@ -1,4 +1,4 @@
-SHA256 (gnupg-2.0.21.tar.bz2) = 00df8902c7cef4d2440d36ca2a45985853eb36c34a4163bc995c3578030eeef5
-SIZE (gnupg-2.0.21.tar.bz2) = 4300604
-SHA256 (gnupg-2.0.21.tar.bz2.sig) = 826c9ea2187864ae9638decf2a736d8221f003dcf3ff70f45b8ad8635c6c4589
-SIZE (gnupg-2.0.21.tar.bz2.sig) = 287
+SHA256 (gnupg-2.0.22.tar.bz2) = 437d0ab259854359fc48aa8795af80cff4975e559c111c92c03d0bc91408e251
+SIZE (gnupg-2.0.22.tar.bz2) = 4277117
+SHA256 (gnupg-2.0.22.tar.bz2.sig) = 6ebe9faabf96ed89e91f0c4e12ea12e1269d88a5c20db4282a9d35add1f3255a
+SIZE (gnupg-2.0.22.tar.bz2.sig) = 287

Modified: head/security/gnupg/pkg-plist
==============================================================================
--- head/security/gnupg/pkg-plist	Sat Oct  5 08:41:19 2013	(r329428)
+++ head/security/gnupg/pkg-plist	Sat Oct  5 09:34:12 2013	(r329429)
@@ -34,37 +34,37 @@ sbin/applygnupgdefaults
 %%PORTDOCS%%%%DOCSDIR%%/examples/pwpattern.list
 %%PORTDOCS%%%%DOCSDIR%%/examples/scd-event
 %%PORTDOCS%%%%DOCSDIR%%/examples/trustlist.txt
-%%PORTDOCS%%%%DATADIR%%/com-certs.pem
+%%PORTDATA%%%%DATADIR%%/com-certs.pem
 %%DATADIR%%/gpg-conf.skel
-%%PORTDOCS%%%%DATADIR%%/help.be.txt
-%%PORTDOCS%%%%DATADIR%%/help.ca.txt
-%%PORTDOCS%%%%DATADIR%%/help.cs.txt
-%%PORTDOCS%%%%DATADIR%%/help.da.txt
-%%PORTDOCS%%%%DATADIR%%/help.de.txt
-%%PORTDOCS%%%%DATADIR%%/help.el.txt
-%%PORTDOCS%%%%DATADIR%%/help.eo.txt
-%%PORTDOCS%%%%DATADIR%%/help.es.txt
-%%PORTDOCS%%%%DATADIR%%/help.et.txt
-%%PORTDOCS%%%%DATADIR%%/help.fi.txt
-%%PORTDOCS%%%%DATADIR%%/help.fr.txt
-%%PORTDOCS%%%%DATADIR%%/help.gl.txt
-%%PORTDOCS%%%%DATADIR%%/help.hu.txt
-%%PORTDOCS%%%%DATADIR%%/help.id.txt
-%%PORTDOCS%%%%DATADIR%%/help.it.txt
-%%PORTDOCS%%%%DATADIR%%/help.ja.txt
-%%PORTDOCS%%%%DATADIR%%/help.nb.txt
-%%PORTDOCS%%%%DATADIR%%/help.pl.txt
-%%PORTDOCS%%%%DATADIR%%/help.pt.txt
-%%PORTDOCS%%%%DATADIR%%/help.pt_BR.txt
-%%PORTDOCS%%%%DATADIR%%/help.ro.txt
-%%PORTDOCS%%%%DATADIR%%/help.ru.txt
-%%PORTDOCS%%%%DATADIR%%/help.sk.txt
-%%PORTDOCS%%%%DATADIR%%/help.sv.txt
-%%PORTDOCS%%%%DATADIR%%/help.tr.txt
-%%PORTDOCS%%%%DATADIR%%/help.txt
-%%PORTDOCS%%%%DATADIR%%/help.zh_CN.txt
-%%PORTDOCS%%%%DATADIR%%/help.zh_TW.txt
-%%PORTDOCS%%%%DATADIR%%/qualified.txt
+%%PORTDATA%%%%DATADIR%%/help.be.txt
+%%PORTDATA%%%%DATADIR%%/help.ca.txt
+%%PORTDATA%%%%DATADIR%%/help.cs.txt
+%%PORTDATA%%%%DATADIR%%/help.da.txt
+%%PORTDATA%%%%DATADIR%%/help.de.txt
+%%PORTDATA%%%%DATADIR%%/help.el.txt
+%%PORTDATA%%%%DATADIR%%/help.eo.txt
+%%PORTDATA%%%%DATADIR%%/help.es.txt
+%%PORTDATA%%%%DATADIR%%/help.et.txt
+%%PORTDATA%%%%DATADIR%%/help.fi.txt
+%%PORTDATA%%%%DATADIR%%/help.fr.txt
+%%PORTDATA%%%%DATADIR%%/help.gl.txt
+%%PORTDATA%%%%DATADIR%%/help.hu.txt
+%%PORTDATA%%%%DATADIR%%/help.id.txt
+%%PORTDATA%%%%DATADIR%%/help.it.txt
+%%PORTDATA%%%%DATADIR%%/help.ja.txt
+%%PORTDATA%%%%DATADIR%%/help.nb.txt
+%%PORTDATA%%%%DATADIR%%/help.pl.txt
+%%PORTDATA%%%%DATADIR%%/help.pt.txt
+%%PORTDATA%%%%DATADIR%%/help.pt_BR.txt
+%%PORTDATA%%%%DATADIR%%/help.ro.txt
+%%PORTDATA%%%%DATADIR%%/help.ru.txt
+%%PORTDATA%%%%DATADIR%%/help.sk.txt
+%%PORTDATA%%%%DATADIR%%/help.sv.txt
+%%PORTDATA%%%%DATADIR%%/help.tr.txt
+%%PORTDATA%%%%DATADIR%%/help.txt
+%%PORTDATA%%%%DATADIR%%/help.zh_CN.txt
+%%PORTDATA%%%%DATADIR%%/help.zh_TW.txt
+%%PORTDATA%%%%DATADIR%%/qualified.txt
 %%NLS%%share/locale/be/LC_MESSAGES/gnupg2.mo
 %%NLS%%share/locale/ca/LC_MESSAGES/gnupg2.mo
 %%NLS%%share/locale/cs/LC_MESSAGES/gnupg2.mo
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
Comment 3 Jun Kuriyama freebsd_committer 2013-10-05 10:35:59 UTC
State Changed
From-To: open->closed

Committed, thanks!