Hi, I have tried to create the security/sudo package but it was not possible. These are the ports I wanted to create packages: - security/sudo - security/sssd - security/cyrus-sasl2-gssapi - net/openldap26-client These are the options I have set in 'make config': export PORTS=/usr/ports setenv PORTS /usr/ports make -C ${PORTS}/security/cyrus-sasl2-gssapi config (*) GSSAPI_MIT make -C ${PORTS}/net/openldap26-client config [x] GSSAPI make -C ${PORTS}/security/sudo config [ ] PAM (deselect) [x] SSSD (*) GSSAPI_MIT make -C ${PORTS}/security/sssd config [x] SMB I have tried to make that package both in dedicated Poudriere setup and also in a clena Jail. Both failed the same way. This is the error message when I try to 'make package' for security/sssd port: (...) --- sample_approval.lo --- --- sample_approval.map --- --- sample_approval.lo --- /bin/sh ../../libtool --tag=disable-static --mode=compile cc -c -I../../include -I../.. -DZLIB_CONST -I/usr/include -D_FORTIFY_SOURCE=2 -I/usr/local/include -O2 -pipe -I/usr/local/include -fstack-protector-strong -fno-strict-aliasing -fvisibility=hidden -fstack-protector-strong -fstack-clash-protection -fcf-protection ./sample_approval.c libtool: compile: cc -c -I../../include -I../.. -DZLIB_CONST -I/usr/include -D_FORTIFY_SOURCE=2 -I/usr/local/include -O2 -pipe -I/usr/local/include -fstack-protector-strong -fno-strict-aliasing -fvisibility=hidden -fstack-protector-strong -fstack-clash-protection -fcf-protection ./sample_approval.c -fPIC -DPIC -o .libs/sample_approval.o --- sample_approval.la --- /bin/sh ../../libtool --tag=disable-static --mode=link cc -L/usr/local/lib -lgcc -L/usr/local/lib -lintl -Wl,-rpath,/usr/local/lib:/usr/lib -fstack-protector-strong -Wl,--enable-new-dtags -Wl,--allow-multiple-definition -Wc,-fstack-protector-strong -Wc,-fstack-clash-protection -Wc,-fcf-protection -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -Wl,--version-script,sample_approval.map -o sample_approval.la sample_approval.lo ../../lib/util/libsudo_util.la -module -avoid-version -rpath /usr/local/libexec/sudo -shrext .so libtool: link: cc -shared -fPIC -DPIC .libs/sample_approval.o -Wl,-rpath -Wl,/usr/ports/security/sudo/work/sudo-1.9.14/lib/util/.libs -Wl,-rpath -Wl,/usr/local/libexec/sudo -L/usr/local/lib ../../lib/util/.libs/libsudo_util.so -lgcc -lintl -lcrypto -Wl,-rpath -Wl,/usr/local/lib:/usr/lib -fstack-protector-strong -Wl,--enable-new-dtags -Wl,--allow-multiple-definition -fstack-protector-strong -fstack-clash-protection -fcf-protection -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,-z -Wl,noexecstack -Wl,--version-script -Wl,sample_approval.map -Wl,-soname -Wl,sample_approval.so -o .libs/sample_approval.so libtool: link: ( cd ".libs" && rm -f "sample_approval.la" && ln -s "../sample_approval.la" "sample_approval.la" ) ===> Staging for sudo-1.9.14 ===> sudo-1.9.14 depends on executable: sssd - not found ===> Installing for sssd-1.16.5_9 ===> Checking if sssd is already installed ===> Registering installation for sssd-1.16.5_9 as automatic pkg-static: Unable to access file /usr/ports/security/sssd/work-default/stage/usr/local/lib/krb5/plugins/authdata/sssd_pac_plugin.so:No such file or directory pkg-static: Unable to access file /usr/ports/security/sssd/work-default/stage/usr/local/libexec/sssd/sssd_pac:No such file or directory *** Error code 1 Stop. make[1]: stopped in /usr/ports/security/sssd *** Error code 1 Stop. make: stopped in /usr/ports/security/sudo ===> Building package for openldap26-client-2.6.4 ===> Building package for cyrus-sasl-gssapi-2.1.28 Regards, vermaden
This workaround allows to create the package - but its not a solution. root@build:/usr/ports/security/sssd # mkdir -p /usr/ports/security/sssd/work-default/stage/usr/local/lib/krb5/plugins/authdata/ root@build:/usr/ports/security/sssd # :> /usr/ports/security/sssd/work-default/stage/usr/local/lib/krb5/plugins/authdata/sssd_pac_plugin.so root@build:/usr/ports/security/sssd # mkdir -p /usr/ports/security/sssd/work-default/stage/usr/local/libexec/sssd/ root@build:/usr/ports/security/sssd # :> /usr/ports/security/sssd/work-default/stage/usr/local/libexec/sssd/sssd_pac root@build:/usr/ports/security/sssd # make install ===> Installing for sssd-1.16.5_9 ===> Checking if sssd is already installed ===> Registering installation for sssd-1.16.5_9 [build] Installing sssd-1.16.5_9... ================================================================================ Copy /usr/local/etc/sssd/sssd.conf.sample to /usr/local/etc/sssd/sssd.conf and edit /usr/local/etc/sssd/sssd.conf (see man sssd.conf for details) To load sssd at startup, add sssd_enable="YES" to /etc/rc.conf To enable pam integration, add a line similar to the following to /etc/pam.d/system: login auth sufficient /usr/local/lib/pam_sss.so To enable NSS integration, update /etc/nsswitch.conf as follows: group: sss files passwd: sss files For additional details, please see the man pages for pam.conf and nsswitch.conf An sssd HOWTO is also available: https://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2 ================================================================================ ===> SECURITY REPORT: This port has installed the following files which may act as network servers and may therefore pose a remote security risk to the system. /usr/local/libexec/sssd/sssd_ifp /usr/local/libexec/sssd/sssd_ssh /usr/local/libexec/sssd/sssd_nss /usr/local/libexec/sssd/sssd_sudo /usr/local/libexec/sssd/sssd_pam If there are vulnerabilities in these programs there may be a security risk to the system. FreeBSD makes no guarantee about the security of ports included in the Ports Collection. Please type 'make deinstall' to deinstall the port if this is a concern. For more information, and contact details about the security status of this software, see the following webpage: https://pagure.io/SSSD/sssd root@build:/usr/ports/security/sssd # make package ===> Building package for sssd-1.16.5_9 root@build:/usr/ports/security/sssd # Regards, vermaden
*** This bug has been marked as a duplicate of bug 271939 ***