Hello, @0mp warn me about the necessity of using @sample at pkg-plist: > +%%ETCDIR%%/hsm.d/eracom-sdk.xml.sample > +%%ETCDIR%%/token.d/tpm.xml.sample > +etc/pki.conf.sample (...) Could you take a look? Cheers
Fixed at https://cgit.freebsd.org/ports/commit/?id=3d25658a6b2b67527b454245673540 Cheers
Hello, Thanks to all, and apologies, I had forgetten to re-add @sample tags after updating pkg.plist... and I wasn't that quick in answering :-(. May I ask your attention to my other port proposal for openca-ocspd (OCSP responder) which was the reason for integrating libpki (as it needs it) https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264475. No patches against upstream, it should be straightforward (I think), the only real addition is the script to run ocspd as a service. Thanks again Bruno
Hello, On afterthought, I'm not sure that in this case the @sample macro does the right thing... It installs both the sample files and the "normal" ones, which is probably not appropriate as the sample files are really only examples, which can be used to create the needed "normal" files, but only if needed and possibly (probably) under another name. What would be the canonical way to do ? Remove the @sample macro and name the files XXX.example instead of sample ? Bruno
Hi, I was reading carefully Porter's Handbook and I'm thinking that we just need @sample macro in "@sample etc/pki.conf.sample". The rest of sample files that are installed in ${PREFIX}/etc/${PORTNAME} are controled by %%ETCDIR%% macro.
Well, I’m not even sure of this, because : - @sample should be used for compulsory files only because if the file is absent, the sample would be installed, and if users setup doesn’t need it they would have to destroy them - the parameters inside libpki.conf.sample appear to be pretty specific, it seems dubious that they could do any good outside the original context - libpki being a library, it doesn’t need to be configured out of the box (AFAIK) and in my case I only used it to link against it building the ocsp daemon, which doesn’t rely on these config files but on specific ones kept in another place (the etc/ocspd/pki dir) Maybe all these files should belong to share instead of being copied in etc ?
Hi Bruno, In that case you can put sample files in 'share' instead of 'etc' and you add an option to give user the ability to choose or not sample files to be installed.
Created attachment 235280 [details] Patch against current ports tree Hello, Here is a patch modifying the recently committed port to : - not install any configuration files AT ALL - put all provided samples in /usr/local/share/libpki/etc - add a message to the user to refer to these samples - mark the port as BROKEN on arm64 (according to pullout message received) - add options to allow configure to enable DNS, LDAP, MySQL and PostgreSQL if asked for. The way I found to move sample config files to share seems a bit complex, please tell me if you have a better (simpler) solution. Bruno
Hi Bruno, Looks good and it passes poudriere testport. Could you use a UCL (install) message instead? Cheers
Created attachment 235306 [details] Patch against current ports tree (revision 1) Hello, I converted the plain text message to UCL. I added a message for 'remove'. Thanks. Bruno
Created attachment 235312 [details] Corrected patch against current ports tree (revision 1) Sorry, fixed patch (my first UCL, there were some typos) Bruno
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ea1086f14d694235d0dd6df321edc270097793a3 commit ea1086f14d694235d0dd6df321edc270097793a3 Author: Bruno Damour <bruno@ruomad.net> AuthorDate: 2022-07-18 08:18:39 +0000 Commit: Nuno Teixeira <eduardo@FreeBSD.org> CommitDate: 2022-07-18 08:22:14 +0000 security/libpki: new location for sample files - not install any configuration files AT ALL - put all provided samples in ${PREFIX}/share/libpki/etc - add a message to the user to refer to these samples - mark the port as BROKEN on arm64 (according to pullout message received) - add options to allow configure to enable DNS, LDAP, MySQL and PostgreSQL if asked for - bump PORTREVISION PR: 265189 security/libpki/Makefile | 40 +++++++++++++++++++++++++++------- security/libpki/pkg-message (new) | 17 +++++++++++++++ security/libpki/pkg-plist | 46 +++++++++++++++++++++------------------ 3 files changed, 74 insertions(+), 29 deletions(-)
Committed, thanks!