Bug 208913 - [NEW PORT] databases/ateam_mysql_ldap_auth: A-Team MySQL LDAP authentication plugin
Summary: [NEW PORT] databases/ateam_mysql_ldap_auth: A-Team MySQL LDAP authentication ...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Roman Bogorodskiy
URL:
Keywords: feature, patch
Depends on:
Blocks:
 
Reported: 2016-04-19 09:37 UTC by Ganbold Tsagaankhuu
Modified: 2016-05-25 15:16 UTC (History)
1 user (show)

See Also:


Attachments
ateam_mysql_ldap_auth port support patch (4.53 KB, text/plain)
2016-04-19 09:37 UTC, Ganbold Tsagaankhuu
no flags Details
ateam_mysql_ldap_auth port support patch (4.53 KB, patch)
2016-04-21 03:35 UTC, Ganbold Tsagaankhuu
no flags Details | Diff
ateam_mysql_ldap_auth port support patch (4.68 KB, patch)
2016-04-30 11:54 UTC, Ganbold Tsagaankhuu
no flags Details | Diff
ateam_mysql_ldap_auth port support patch (4.72 KB, patch)
2016-04-30 12:55 UTC, Ganbold Tsagaankhuu
no flags Details | Diff
modified submission, as shar (4.12 KB, text/plain)
2016-05-07 07:09 UTC, Kurt Jaeger
no flags Details
modified shar file (no warning in portlint -AC) (4.40 KB, text/plain)
2016-05-08 04:43 UTC, Ganbold Tsagaankhuu
no flags Details
modified shar file (no warning in portlint -AC) (4.40 KB, text/plain)
2016-05-08 04:46 UTC, Ganbold Tsagaankhuu
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Ganbold Tsagaankhuu freebsd_committer 2016-04-19 09:37:04 UTC
Created attachment 169464 [details]
ateam_mysql_ldap_auth port support patch

A-Team MySQL LDAP Authenticator (ateam_mysql_ldap_auth port) is an authentication
plugin for MySQL 5.5.7 and up, and has been extensively tested with 5.6
under FreeBSD.
Comment 1 Ganbold Tsagaankhuu freebsd_committer 2016-04-21 03:35:32 UTC
Created attachment 169506 [details]
ateam_mysql_ldap_auth port support patch
Comment 2 Ganbold Tsagaankhuu freebsd_committer 2016-04-30 11:54:48 UTC
Created attachment 169826 [details]
ateam_mysql_ldap_auth port support patch
Comment 3 Ganbold Tsagaankhuu freebsd_committer 2016-04-30 12:55:12 UTC
Created attachment 169831 [details]
ateam_mysql_ldap_auth port support patch
Comment 4 Kurt Jaeger freebsd_committer 2016-05-07 07:09:49 UTC
Created attachment 170080 [details]
modified submission, as shar

See https://lists.freebsd.org/pipermail/freebsd-ports/2016-May/103132.html
Comment 5 Ganbold Tsagaankhuu freebsd_committer 2016-05-08 04:43:36 UTC
Created attachment 170110 [details]
modified shar file (no warning in portlint -AC)
Comment 6 Ganbold Tsagaankhuu freebsd_committer 2016-05-08 04:44:44 UTC
Comment on attachment 170110 [details]
modified shar file (no warning in portlint -AC)

># This is a shell archive.  Save it in a file, remove anything before
># this line, and then unpack it by entering "sh file".  Note, it may
># create directories; files and directories will be owned by you and
># have default permissions.
>#
># This archive contains:
>#
>#       ateam_mysql_ldap_auth
>#       ateam_mysql_ldap_auth/Makefile
>#       ateam_mysql_ldap_auth/distinfo
>#       ateam_mysql_ldap_auth/pkg-descr
>#       ateam_mysql_ldap_auth/files
>#       ateam_mysql_ldap_auth/files/pkg-message.in
>#
>echo c - ateam_mysql_ldap_auth
>mkdir -p ateam_mysql_ldap_auth > /dev/null 2>&1
>echo x - ateam_mysql_ldap_auth/Makefile
>sed 's/^X//' >ateam_mysql_ldap_auth/Makefile << 'a525722630a514ba5e0843cf9c609aab'
>X# Created by: Ganbold Tsagaankhuu <ganbold@FreeBSD.org>
>X# $FreeBSD$
>X
>XPORTNAME=      ateam_mysql_ldap_auth
>XPORTVERSION=   1.0
>XCATEGORIES=    databases
>X
>XMAINTAINER=    ganbold@FreeBSD.org
>XCOMMENT=       A-Team MySQL LDAP authentication plugin
>X
>XLICENSE=       GPLv2
>XLICENSE_FILE=  ${WRKSRC}/COPYING
>X
>XLIB_DEPENDS=   libconfig.so:devel/libconfig
>XRUN_DEPENDS=   mysql${MYSQL_VER}-server>5.6:databases/mysql56-server
>X
>XUSE_OPENLDAP=  yes
>XUSES=          gmake mysql:server
>X
>XUSE_GITHUB=    yes
>XGH_ACCOUNT=    ateamsystems
>XGH_TAGNAME=    f6a1a5d
>X
>XPLIST_FILES=   lib/mysql/plugin/auth_ldap.so \
>X               "@sample etc/ateam_mysql_ldap_auth.conf.sample" \
>X               ${DOCSDIR}/README \
>X               ${DOCSDIR}/INSTALL
>X
>XSUB_FILES=     pkg-message
>X
>Xdo-install:
>X       ${MKDIR} ${STAGEDIR}${PREFIX}/lib/mysql/plugin
>X       ${MKDIR} ${STAGEDIR}${DOCSDIR}
>X       ${INSTALL_PROGRAM} ${WRKSRC}/src/auth_ldap.so ${STAGEDIR}${PREFIX}/lib/mysql/plugin/
>X       ${INSTALL_DATA} ${WRKSRC}/ateam_mysql_ldap_auth.conf ${STAGEDIR}${PREFIX}/etc/ateam_mysql_ldap_auth.conf.sample
>X       ${INSTALL_MAN} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}/
>X       ${INSTALL_MAN} ${WRKSRC}/INSTALL ${STAGEDIR}${DOCSDIR}/
>X
>X.include <bsd.port.mk>
>a525722630a514ba5e0843cf9c609aab
>echo x - ateam_mysql_ldap_auth/distinfo
>sed 's/^X//' >ateam_mysql_ldap_auth/distinfo << '29c423c80ab7a71f8d32823788a8cc6f'
>XSHA256 (ateamsystems-ateam_mysql_ldap_auth-1.0-f6a1a5d_GH0.tar.gz) = 3a20533fb4fed93daad0e8944ab6e8ae530ecbebefd95240b1e60f3c5ca5ec9c
>XSIZE (ateamsystems-ateam_mysql_ldap_auth-1.0-f6a1a5d_GH0.tar.gz) = 17971
>29c423c80ab7a71f8d32823788a8cc6f
>echo x - ateam_mysql_ldap_auth/pkg-descr
>sed 's/^X//' >ateam_mysql_ldap_auth/pkg-descr << '0a17dba108346822f531c87fbfc9214f'
>XA-Team MySQL LDAP Authenticator
>XWWW: https://github.com/ateamsystems/ateam_mysql_ldap_auth
>X---------------------------------------------------------------------------- -
>XA-Team MySQL LDAP Authenticator (ateam_mysql_ldap_auth) is an authentication
>Xplugin for MySQL 5.5.7 and up, and has been tested with 5.6 under FreeBSD.
>XThis module allows you to create MySQL users that are then authenticated
>Xagainst an LDAP server. This reduces administrative overhead and eliminates
>Xyour users having to remember a seperate username and password for MySQL.
>XJust like MySQL Enterprise's PAM module, for client side authentication
>Xthis plugin uses the clear_text password module as the LDAP server must
>Xperform the password hasing and comparison.  For command line clients this
>Xis done by setting the following environment variable:
>X
>X  export LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN=1
>X
>XIn MySQL Workbench this is acheived by going to go to the "Advanced" tab and
>Xchecking "Enable Cleartext Authentication Plugin" when editing a connction.
>X
>X!!! IMPORTANT:
>X!!! ------------------------------------------------------------------------
>X!!! ENSURE THE COMMUNICATIONS PATH BETWEEN THE CLIENT AND SERVER IS SECURE!
>X!!! ------------------------------------------------------------------------
>X!!! By default MySQL does not use SSL so additional steps and network design
>X!!! are needed to ensure you're not exposing your credetials.
>0a17dba108346822f531c87fbfc9214f
>echo c - ateam_mysql_ldap_auth/files
>mkdir -p ateam_mysql_ldap_auth/files > /dev/null 2>&1
>echo x - ateam_mysql_ldap_auth/files/pkg-message.in
>sed 's/^X//' >ateam_mysql_ldap_auth/files/pkg-message.in << 'a499e8813ac0e3b18cb1b3d85ae98c81'
>X---------------------------------------------------------------------
>XPlease see %%DOCSDIR%%/INSTALL
>Xfor install notes.
>X---------------------------------------------------------------------
>a499e8813ac0e3b18cb1b3d85ae98c81
>exit
Comment 7 Ganbold Tsagaankhuu freebsd_committer 2016-05-08 04:46:43 UTC
Created attachment 170111 [details]
modified shar file (no warning in portlint -AC)
Comment 8 Roman Bogorodskiy freebsd_committer 2016-05-24 18:17:38 UTC
I did a couple of poudriere runs and things look good except one minor detail:

As it needs mysql client for build (mysql_config, headers etc), I've changed

USES=mysql:server

to

USER=mysql.

This way it builds fine for me.

Otherwise it errors like this:

=======================<phase: build          >============================
===>  Building for ateam_mysql_ldap_auth-1.0
gmake[1]: Entering directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d'
cd src && gmake
gmake[2]: Entering directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src'
gmake auth_ldap.so CFLAGS+='-DAUTH_LDAP_TEST_API'
gmake[3]: Entering directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src'
cc   -DAUTH_LDAP_TEST_API `mysql_config --cflags` -fPIC -DMYSQL_DYNAMIC_PLUGIN -c auth_ldap.c -o auth_ldap.o
/bin/sh: mysql_config: not found
auth_ldap.c:23:10: fatal error: 'mysql/mysql.h' file not found
#include <mysql/mysql.h>
         ^
1 error generated.
Makefile:19: recipe for target 'auth_ldap.o' failed
gmake[3]: *** [auth_ldap.o] Error 1
gmake[3]: Leaving directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src'
Makefile:28: recipe for target 'api-test' failed
gmake[2]: *** [api-test] Error 2
gmake[2]: Leaving directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d/src'
Makefile:2: recipe for target 'all' failed
gmake[1]: *** [all] Error 2
gmake[1]: Leaving directory '/wrkdirs/usr/ports/databases/ateam_mysql_ldap_auth/work/ateam_mysql_ldap_auth-f6a1a5d'
===> Compilation failed unexpectedly.
Try to set MAKE_JOBS_UNSAFE=yes and rebuild before reporting the failure to
the maintainer.
*** Error code 1

Stop.
make: stopped in /usr/ports/databases/ateam_mysql_ldap_auth
build of databases/ateam_mysql_ldap_auth ended at Tue May 24 17:58:05 MSK 2016
build time: 00:00:05
!!! build failure encountered !!!
[01:01:14] ====>> Error: Build failed in phase: build
[01:01:14] ====>> Cleaning up
[01:01:14] ====>> Umounting file systems


Please let me know if you're OK with this change.
Comment 9 Ganbold Tsagaankhuu freebsd_committer 2016-05-24 23:07:57 UTC
As long as it works I'm fine with that.

thanks,
Comment 10 commit-hook freebsd_committer 2016-05-25 14:19:06 UTC
A commit references this bug:

Author: novel
Date: Wed May 25 14:18:57 UTC 2016
New revision: 415833
URL: https://svnweb.freebsd.org/changeset/ports/415833

Log:
  Add ateam_mysql_ldap_auth 1.0, a-Team MySQL LDAP authentication plugin.

  PR:		208913
  Submitted by:	ganbold

Changes:
  head/databases/Makefile
  head/databases/ateam_mysql_ldap_auth/
  head/databases/ateam_mysql_ldap_auth/Makefile
  head/databases/ateam_mysql_ldap_auth/distinfo
  head/databases/ateam_mysql_ldap_auth/files/
  head/databases/ateam_mysql_ldap_auth/files/pkg-message.in
  head/databases/ateam_mysql_ldap_auth/pkg-descr
Comment 11 Roman Bogorodskiy freebsd_committer 2016-05-25 15:16:44 UTC
Committed, thanks!

Also, I've changed pkg-descr a little:

 - moved WWW to the bottom (that's a common practice)
 - stripped the title (that's also a common thing to not have a title in pkg-descr)

I was inclined to move information about the connection security to pkg-message, because it's more likely that users will see it there, but decided not to touch it and leave it for you to decide.