Created attachment 163802 [details] patch for updating the port - Update to ver 1.2.0 Changes: https://github.com/openxpki/openxpki/commits/master - "portlint -AC" says: WARN: /usr/ports/security/p5-openxpki/pkg-plist: A @owner section was started but never reset. USe @owner without any arguments to reset the owner WARN: /usr/ports/security/p5-openxpki/pkg-plist: A @group section was started but never reset. Use @group without any arguments to reset the group WARN: Makefile: [129]: possible use of "${CHMOD}" found. Use @(owner,group,mode) syntax or @owner/@group operators in pkg-plist instead. WARN: Makefile: for new port, make $FreeBSD$ tag in comment section empty, to make SVN happy. 0 fatal errors and 4 warnings found. - Tested with poudriere (log attached) at 11.0-CURRENT-amd64, perl5-5.20, and openssl from ports.
Created attachment 163803 [details] log from poudriere at 11.0-amd64 and perl-5.20
Created attachment 163876 [details] patch for updating the port New patch differs in just one thing: very long list of BUILD_DEPENDS is sorted now.
Hi Sergei, just reading the patch and find a possible issue. The patch creates some new log files with touch, but this was existing log files will be overwritten with every update/reinstall ... Isn't it better to let /var/log/openxpki alone with (without empty logs) and perhaps set more restrict permissions for the user/daemon running the PKI? e.g. in case the software logs as user www @dir(www,www,750) /var/log/openxpki
Hi Olli, Yes, agreed. Thank you very much. Let me submit soon a new patch and a new testlog. Have to change pkg-message too to instruct a user to take care about logs himself.
Created attachment 163948 [details] patch for updating the port portlint -AC says: WARN: Makefile: [125]: possible use of "${CHMOD}" found. Use @(owner,group,mode) syntax or @owner/@group operators in pkg-plist instead. WARN: Makefile: for new port, make $FreeBSD$ tag in comment section empty, to make SVN happy. WARN: Makefile: extra item placed in the *_DEPENDS section, for example, "BUILD_DEPENDSS". 0 fatal errors and 3 warnings found. Follow advice of Olli, and this time create @dir(openxpki,openxpki,751) /var/log/openxpki Note that two daemons should write to this diretory: 1) openxpki and 2) web server. User is advised (cf. files/pkg-message.in) to create logs after fresh install as: install -m 660 -o openxpki -g openxpki /dev/null /var/log/openxpki/openxpki.log install -m 660 -o www -g www /dev/null /var/log/openxpki/webui.log etc.
Created attachment 163949 [details] log from poudriere at 11.0-amd64 and perl-5.20.3
Created attachment 163950 [details] patch for updating the port
Created attachment 163951 [details] log from poudriere at 11.0-amd64 and perl-5.20.3 For the last version of patch. portlint -AC says: WARN: Makefile: [125]: possible use of "${CHMOD}" found. Use @(owner,group,mode) syntax or @owner/@group operators in pkg-plist instead. WARN: Makefile: for new port, make $FreeBSD$ tag in comment section empty, to make SVN happy. 0 fatal errors and 2 warnings found. Follow advice of Olli, and this time create @dir(openxpki,openxpki,751) /var/log/openxpki Note that two daemons should write to this diretory: 1) openxpki and 2) web server. User is advised (cf. files/pkg-message.in) to create logs after fresh install as: install -m 660 -o openxpki -g openxpki /dev/null /var/log/openxpki/openxpki.log install -m 660 -o www -g www /dev/null /var/log/openxpki/webui.log etc.
Created attachment 164001 [details] patch for updating the port
Created attachment 164002 [details] log from poudriere at 11.0-amd64 and perl-5.20.3
A commit references this bug: Author: miwi Date: Tue Dec 15 14:36:16 UTC 2015 New revision: 403777 URL: https://svnweb.freebsd.org/changeset/ports/403777 Log: - Update to 1.2.0 - Switch to options helper PR: 204987 Submitted by: maintainer Approved by: mat (mentor) Differential Revision: D4575 Changes: head/security/p5-openxpki/Makefile head/security/p5-openxpki/distinfo head/security/p5-openxpki/files/pkg-message.in head/security/p5-openxpki/pkg-plist
Hi Martin, Thank you very much for taking care of this PR. This port installs universal server building block for constructing PKI infrastructure. User has to define by hand a role of this server inside PKI. Without provided examples this can not be done. During old update of this port to ver 0.23.0.1, I have noted that: - Configuration examples are essential (if not main) part of this software, that is why I opted to install them unconditionally. cf here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194772 This time you have permitted user to switch off installation of examples. But without examples this software has little sense. Do you think this could be misleading for the user? All the best, Sergei
Hi Sergei, No I don't think this will mislead, under normal circumstances user do know what there do. IF we really get problems we should consider of making a explicit note to pkg-message. - Martin