Bug 233909 - security/py-certbot: Incorrect config file path since update to 0.29.1
Summary: security/py-certbot: Incorrect config file path since update to 0.29.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Matthew Seaman
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-12-10 15:38 UTC by Matthew Seaman
Modified: 2018-12-14 09:19 UTC (History)
4 users (show)

See Also:
koobs: maintainer-feedback+

Attachments
Fix setting FreeBSD specific paths (2.91 KB, patch)
2018-12-10 22:40 UTC, Matthew Seaman 		no flags Details | Diff
Fix setting FreeBSD specific paths (2.94 KB, patch)
2018-12-11 10:29 UTC, Matthew Seaman 		no flags Details | Diff
Fix setting FreeBSD specific paths (2.95 KB, patch)
2018-12-11 15:21 UTC, Matthew Seaman 		koobs: maintainer-approval+
Details | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Matthew Seaman freebsd_committer freebsd_triage 2018-12-10 15:38:18 UTC 
On 10/12/2018 14:54, Kubilay Kocak wrote:
> On 11/12/2018 1:43 am, Matthew Seaman wrote:
>> On 10/12/2018 14:10, Paul Macdonald via freebsd-ports wrote:
>>>
>>> On 10/12/2018 13:15, Paul Macdonald via freebsd-questions wrote:
>>>>
>>>> Is anyone else seeing py-certbot having lost all installed certs, and the initial registation data?
>>>>
>>>> There was an update on the 7th
>>>>
>>>> Upgrade of py27-certbot-0.28.0_1,1 to py27-certbot-0.29.1_1,1
>>>>
>>>> and on 3 boxes tested so far, which all had certs, i now see no certs listed and a request to redo the initial registation on attempts to install a new cert.
>>>>
>>>> i don't see any issues upstream here: https://github.com/letsencrypt/boulder/issues/ so not sure if this is FBSD thing or not.
>>>>
>>>> Paul.
>>>
>>>
>>> passing --config-dir /usr/local/etc/letsencrypt shows expected output, i suspect something has happend with that flag on the upgrade ( i see /etc/letsencrypt directories on affected servers)
>>>
>>>
>>>>
>>>>
>>
>> This upstream commit:
>>
>> https://github.com/certbot/certbot/commit/a23d76beb0e2c9539670766045314a5d50f582a2#diff-64ccdc74e8a07f9b039a6254093f1d0d
>>
>> breaks the post-patch target in the security/certbot port Makefile:
>>
>> post-patch:
>>          @${REINPLACE_CMD} \
>>                  -e 's|/etc/|${LOCALBASE}/etc/|' \
>>                  -e 's|/var/lib|/var/db|' \
>>                  ${WRKSRC}/${PORTNAME}/constants.py
>>
>> Looks like the REINPLACE_CMD should be applied to ${WRKSRC}/${PORTNAME}/compat.py now.
>>
>> Or compat.py should be patched to grok FREEBSD_DEFAULT_FOLDERS
>>
>>      Cheers,
>>
>>      Matthew
>>
>
> Nice find Matthew.
>
> Prefer the latter (and sent upstream). Can one of you create a bugzilla issue for this and cc me please.
>
> If you'd like to give a representative/attempted patch a go, please do.
>
> ./koobs
Comment 1 Vick Khera 2018-12-10 21:01:25 UTC 
My hack-around was to symlink /etc/letsencrypt to point to /usr/local/etc/letsencrypt.

Once this is fixed, anyone who configured it during this time will have to move their configs to /usr/local/etc.
Comment 2 Matthew Seaman freebsd_committer freebsd_triage 2018-12-10 22:40:57 UTC 
Created attachment 200016 [details]
Fix setting FreeBSD specific paths

Needs testing.  I'll be running this patch for my usual LetsEncrypt periodic jobs overnight.
Comment 3 Matthew Seaman freebsd_committer freebsd_triage 2018-12-10 22:43:04 UTC 
Patches updated by `make makepatch`

Needs testing.

I'll be running this for my overnight periodic jobs tonight.
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-11 03:28:23 UTC 
@Matthew Thanks for the patch

Longer term we might want to ship a default cli.ini
Comment 5 Matthew Seaman freebsd_committer freebsd_triage 2018-12-11 07:27:09 UTC 
Hmmm... I should add DragonFLY support too.  What does sys.platform look like on DFLY?
Comment 6 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-11 09:34:37 UTC 
While I'm -0 on supporting other OS's within FreeBSD ports, it appears [1][2] the value starts with dragonfly.

See Also: https://docs.python.org/2/library/sys.html#sys.platform 

In particular:

For most Unix systems, this is the lowercased OS name as returned by uname -s with the first part of the version as returned by uname -r appended, e.g. 'sunos5', at the time when Python was built

[1] https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1707
[2] google: sys.platform.startswith("dragonfly"):
Comment 7 Matthew Seaman freebsd_committer freebsd_triage 2018-12-11 10:29:24 UTC 
Created attachment 200033 [details]
Fix setting FreeBSD specific paths

Add DFLY support too
Comment 8 Yasuhiro Kimura freebsd_committer freebsd_triage 2018-12-11 14:33:58 UTC 
(In reply to Matthew Seaman from comment #7)

Hello Matthew,

Index: files/patch-certbot_compat.py
===================================================================
--- files/patch-certbot_compat.py	(nonexistent)
+++ files/patch-certbot_compat.py	(working copy)
@@ -0,0 +1,32 @@
+--- certbot/compat.py.orig	2018-12-05 23:47:58 UTC
++++ certbot/compat.py
+@@ -183,6 +183,11 @@ LINUX_DEFAULT_FOLDERS = {
+     'work': '/var/lib/letsencrypt',
+     'logs': '/var/log/letsencrypt',
+ }
++FREEBSD_DEFAULT_FOLDERS = {
++    'config': '%%LOCALBASE%%/letsencrypt',
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^

This should be '%%LOCALBASE%%/etc/letsencrypt'.
Comment 9 Matthew Seaman freebsd_committer freebsd_triage 2018-12-11 15:20:05 UTC 
(In reply to Yasuhiro KIMURA from comment #8)

Good catch.  Thanks.
Comment 10 Matthew Seaman freebsd_committer freebsd_triage 2018-12-11 15:21:14 UTC 
Created attachment 200041 [details]
Fix setting FreeBSD specific paths
Comment 11 Matthew Seaman freebsd_committer freebsd_triage 2018-12-14 07:32:29 UTC 
This is working fine for me, and I've had reports of success from other users.  Can I get approval from python@ to commit?
Comment 12 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-14 07:42:47 UTC 
Comment on attachment 200041 [details]
Fix setting FreeBSD specific paths

Approved by: koobs (python)

@Matthew could you please add a comment to the patch header pointing to this bug, like:

# Incorrect config file path since update to 0.29.1
# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233909
# TODO: Upstream
Comment 13 commit-hook freebsd_committer freebsd_triage 2018-12-14 09:18:37 UTC 
A commit references this bug:

Author: matthew
Date: Fri Dec 14 09:18:34 UTC 2018
New revision: 487414
URL: https://svnweb.freebsd.org/changeset/ports/487414

Log:
  Fix setting FreeBSD specific paths since upstream change

  https://github.com/certbot/certbot/commit/a23d76beb0e2c9539670766045314a5d50f582a2#diff-64ccdc74e8a07f9b039a6254093f1d0d

  as part of the update to 0.29.1

  PR:		233909
  Reported by:	Paul Macdonald
  Approved by:	koobs (python)

Changes:
  head/security/py-certbot/Makefile
  head/security/py-certbot/files/patch-certbot_compat.py
  head/security/py-certbot/files/patch-setup.py
Comment 14 Matthew Seaman freebsd_committer freebsd_triage 2018-12-14 09:19:19 UTC 
Committed