Created attachment 169464 [details] ateam_mysql_ldap_auth port support patch A-Team MySQL LDAP Authenticator (ateam_mysql_ldap_auth port) is an authentication plugin for MySQL 5.5.7 and up, and has been extensively tested with 5.6 under FreeBSD.
Created attachment 169506 [details] ateam_mysql_ldap_auth port support patch
Created attachment 169826 [details] ateam_mysql_ldap_auth port support patch
Created attachment 169831 [details] ateam_mysql_ldap_auth port support patch
Created attachment 170080 [details] modified submission, as shar See https://lists.freebsd.org/pipermail/freebsd-ports/2016-May/103132.html
Created attachment 170110 [details] modified shar file (no warning in portlint -AC)
Comment on attachment 170110 [details] modified shar file (no warning in portlint -AC) ># This is a shell archive. Save it in a file, remove anything before ># this line, and then unpack it by entering "sh file". Note, it may ># create directories; files and directories will be owned by you and ># have default permissions. ># ># This archive contains: ># ># ateam_mysql_ldap_auth ># ateam_mysql_ldap_auth/Makefile ># ateam_mysql_ldap_auth/distinfo ># ateam_mysql_ldap_auth/pkg-descr ># ateam_mysql_ldap_auth/files ># ateam_mysql_ldap_auth/files/pkg-message.in ># >echo c - ateam_mysql_ldap_auth >mkdir -p ateam_mysql_ldap_auth > /dev/null 2>&1 >echo x - ateam_mysql_ldap_auth/Makefile >sed 's/^X//' >ateam_mysql_ldap_auth/Makefile << 'a525722630a514ba5e0843cf9c609aab' >X# Created by: Ganbold Tsagaankhuu <ganbold@FreeBSD.org> >X# $FreeBSD$ >X >XPORTNAME= ateam_mysql_ldap_auth >XPORTVERSION= 1.0 >XCATEGORIES= databases >X >XMAINTAINER= ganbold@FreeBSD.org >XCOMMENT= A-Team MySQL LDAP authentication plugin >X >XLICENSE= GPLv2 >XLICENSE_FILE= ${WRKSRC}/COPYING >X >XLIB_DEPENDS= libconfig.so:devel/libconfig >XRUN_DEPENDS= mysql${MYSQL_VER}-server>5.6:databases/mysql56-server >X >XUSE_OPENLDAP= yes >XUSES= gmake mysql:server >X >XUSE_GITHUB= yes >XGH_ACCOUNT= ateamsystems >XGH_TAGNAME= f6a1a5d >X >XPLIST_FILES= lib/mysql/plugin/auth_ldap.so \ >X "@sample etc/ateam_mysql_ldap_auth.conf.sample" \ >X ${DOCSDIR}/README \ >X ${DOCSDIR}/INSTALL >X >XSUB_FILES= pkg-message >X >Xdo-install: >X ${MKDIR} ${STAGEDIR}${PREFIX}/lib/mysql/plugin >X ${MKDIR} ${STAGEDIR}${DOCSDIR} >X ${INSTALL_PROGRAM} ${WRKSRC}/src/auth_ldap.so ${STAGEDIR}${PREFIX}/lib/mysql/plugin/ >X ${INSTALL_DATA} ${WRKSRC}/ateam_mysql_ldap_auth.conf ${STAGEDIR}${PREFIX}/etc/ateam_mysql_ldap_auth.conf.sample >X ${INSTALL_MAN} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}/ >X ${INSTALL_MAN} ${WRKSRC}/INSTALL ${STAGEDIR}${DOCSDIR}/ >X >X.include <bsd.port.mk> >a525722630a514ba5e0843cf9c609aab >echo x - ateam_mysql_ldap_auth/distinfo >sed 's/^X//' >ateam_mysql_ldap_auth/distinfo << '29c423c80ab7a71f8d32823788a8cc6f' >XSHA256 (ateamsystems-ateam_mysql_ldap_auth-1.0-f6a1a5d_GH0.tar.gz) = 3a20533fb4fed93daad0e8944ab6e8ae530ecbebefd95240b1e60f3c5ca5ec9c >XSIZE (ateamsystems-ateam_mysql_ldap_auth-1.0-f6a1a5d_GH0.tar.gz) = 17971 >29c423c80ab7a71f8d32823788a8cc6f >echo x - ateam_mysql_ldap_auth/pkg-descr >sed 's/^X//' >ateam_mysql_ldap_auth/pkg-descr << '0a17dba108346822f531c87fbfc9214f' >XA-Team MySQL LDAP Authenticator >XWWW: https://github.com/ateamsystems/ateam_mysql_ldap_auth >X---------------------------------------------------------------------------- - >XA-Team MySQL LDAP Authenticator (ateam_mysql_ldap_auth) is an authentication >Xplugin for MySQL 5.5.7 and up, and has been tested with 5.6 under FreeBSD. >XThis module allows you to create MySQL users that are then authenticated >Xagainst an LDAP server. This reduces administrative overhead and eliminates >Xyour users having to remember a seperate username and password for MySQL. >XJust like MySQL Enterprise's PAM module, for client side authentication >Xthis plugin uses the clear_text password module as the LDAP server must >Xperform the password hasing and comparison. For command line clients this >Xis done by setting the following environment variable: >X >X export LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN=1 >X >XIn MySQL Workbench this is acheived by going to go to the "Advanced" tab and >Xchecking "Enable Cleartext Authentication Plugin" when editing a connction. >X >X!!! IMPORTANT: >X!!! ------------------------------------------------------------------------ >X!!! ENSURE THE COMMUNICATIONS PATH BETWEEN THE CLIENT AND SERVER IS SECURE! >X!!! ------------------------------------------------------------------------ >X!!! By default MySQL does not use SSL so additional steps and network design >X!!! are needed to ensure you're not exposing your credetials. >0a17dba108346822f531c87fbfc9214f >echo c - ateam_mysql_ldap_auth/files >mkdir -p ateam_mysql_ldap_auth/files > /dev/null 2>&1 >echo x - ateam_mysql_ldap_auth/files/pkg-message.in >sed 's/^X//' >ateam_mysql_ldap_auth/files/pkg-message.in << 'a499e8813ac0e3b18cb1b3d85ae98c81' >X--------------------------------------------------------------------- >XPlease see %%DOCSDIR%%/INSTALL >Xfor install notes. >X--------------------------------------------------------------------- >a499e8813ac0e3b18cb1b3d85ae98c81 >exit
Created attachment 170111 [details] modified shar file (no warning in portlint -AC)
I did a couple of poudriere runs and things look good except one minor detail: As it needs mysql client for build (mysql_config, headers etc), I've changed USES=mysql:server to USER=mysql. This way it builds fine for me. Otherwise it errors like this: =======================<phase: build >============================ ===> Building for ateam_mysql_ldap_auth-1.0 gmake[1]: Entering directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d' cd src && gmake gmake[2]: Entering directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src' gmake auth_ldap.so CFLAGS+='-DAUTH_LDAP_TEST_API' gmake[3]: Entering directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src' cc -DAUTH_LDAP_TEST_API `mysql_config --cflags` -fPIC -DMYSQL_DYNAMIC_PLUGIN -c auth_ldap.c -o auth_ldap.o /bin/sh: mysql_config: not found auth_ldap.c:23:10: fatal error: 'mysql/mysql.h' file not found #include <mysql/mysql.h> ^ 1 error generated. Makefile:19: recipe for target 'auth_ldap.o' failed gmake[3]: *** [auth_ldap.o] Error 1 gmake[3]: Leaving directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src' Makefile:28: recipe for target 'api-test' failed gmake[2]: *** [api-test] Error 2 gmake[2]: Leaving directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src' Makefile:2: recipe for target 'all' failed gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d' ===> Compilation failed unexpectedly. Try to set MAKE_JOBS_UNSAFE=yes and rebuild before reporting the failure to the maintainer. *** Error code 1 Stop. make: stopped in /usr/ports/databases/ateam_mysql_ldap_auth build of databases/ateam_mysql_ldap_auth ended at Tue May 24 17:58:05 MSK 2016 build time: 00:00:05 !!! build failure encountered !!! [01:01:14] ====>> Error: Build failed in phase: build [01:01:14] ====>> Cleaning up [01:01:14] ====>> Umounting file systems Please let me know if you're OK with this change.
As long as it works I'm fine with that. thanks,
A commit references this bug: Author: novel Date: Wed May 25 14:18:57 UTC 2016 New revision: 415833 URL: https://svnweb.freebsd.org/changeset/ports/415833 Log: Add ateam_mysql_ldap_auth 1.0, a-Team MySQL LDAP authentication plugin. PR: 208913 Submitted by: ganbold Changes: head/databases/Makefile head/databases/ateam_mysql_ldap_auth/ head/databases/ateam_mysql_ldap_auth/Makefile head/databases/ateam_mysql_ldap_auth/distinfo head/databases/ateam_mysql_ldap_auth/files/ head/databases/ateam_mysql_ldap_auth/files/pkg-message.in head/databases/ateam_mysql_ldap_auth/pkg-descr
Committed, thanks! Also, I've changed pkg-descr a little: - moved WWW to the bottom (that's a common practice) - stripped the title (that's also a common thing to not have a title in pkg-descr) I was inclined to move information about the connection security to pkg-message, because it's more likely that users will see it there, but decided not to touch it and leave it for you to decide.