Bug 250868 - security/apg fails with -k
Summary: security/apg fails with -k
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Only Me
Assignee: Matthew Seaman
Depends on:
Reported: 2020-11-04 17:35 UTC by geoff
Modified: 2020-12-30 03:34 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (matthew)


Note You need to log in before you can comment on or make changes to this bug.
Description geoff 2020-11-04 17:35:45 UTC
I have built apg version 2.3.0b from ports with cracklib support enabled. This is on FreeBSD 12.2-RELEASE.

If I use apg with the -k option, it throws this error.

/usr/local/libdata/cracklib/cracklib-words: error reading header

apg works ok without the -k option.
Comment 1 Matthew Seaman freebsd_committer 2020-11-04 19:37:40 UTC
(In reply to geoff from comment #0)

Thank you for your report.  I shall investigate.  However, apg is pretty much abandonware right now -- there hasn't been any development for years. I just keep it around because I've got into the habit of using it.
Comment 2 Daniel Engberg freebsd_committer 2020-11-06 00:14:02 UTC
Perhaps it's a better idea to deprecate if that's the case.

We have makwpasswd, rndpassw and libpwquality in ports which all seems to be good replacements?
Comment 3 commit-hook freebsd_committer 2020-12-28 10:43:57 UTC
A commit references this bug:

Author: matthew
Date: Mon Dec 28 10:43:34 UTC 2020
New revision: 559459
URL: https://svnweb.freebsd.org/changeset/ports/559459

  Finally bow to the inevitable and deprecate apg -- it has seen no
  development for years, and the distfiles are no-longer available
  except for a private copy in my account on freefall.  Expiry date set
  to 3 months from now.

  Also, since it has bit-rotted so much that its cracklib integration
  doesn't work correctly, delete the CRACKLIB option.

  PR:		250868
  Submitted by:	Geoff Moraes

Comment 4 Matthew Seaman freebsd_committer 2020-12-28 10:50:38 UTC
Thank you for your submission.  I've decided to deprecate the security/apg port -- it is long past its sell-by date -- but I've given it a 3 month expiration window.

I've also removed the 'CRACKLIB' option entirely.
Comment 5 dewayne 2020-12-30 03:34:24 UTC
(In reply to daniel.engberg.lists from comment #2)
The standout feature for apg is the ability to exclude characters, like I1li oO0 which is very helpful when communicating passwords.  

Thanks for looking after this port Matthew and the heads-up as we use it quite extensively.  I'll create an svn revert, to keep our things working for the foreseeable. :)