There is a minor typographic error in the pkg info text that could trip up newbies during configuration. The text says: service step_ca configure It should say: service step-ca configure To see the message, run the following command: root@ca:~ # pkg info -D step-certificates step-certificates-0.27.2_1: On install: ================================================================================ Step Certificates requires additional configuration: The simple way is via the service start script step_ca with: service step_ca configure When there is no configuration it will be created. User input is required!!! The hard way would be manually via the step command. Ensure to set the STEPPATH environment variable. This makes using the commands much simpler. Following are the defaults for step certificates and can be overridden by rc.conf variables:: * The service is run under user step customizable by step_ca_user * The service is run inder group step customizable by step_ca_group * The base directory used for storing CA information is step_ca_stepdir (%%PREFIX%%/etc/step) * The CA informations is held under step_ca_steppath (%%PREFIX%%/etc/step/ca) * The password required for automatic startup is in step_ca_password (%%PREFIX%%/etc/step/password.txt) * By default step certificates logs to syslog with a tag of step_ca ================================================================================ root@ca:~ #
I think I can fix this without having to wait for maintainer approval.
Check security/step-certificates/files/step-ca.in: name="step_ca" rcvar="step_ca_enable" Are you sure "service step_ca configure" is incorrect? IMHO, better to rename security/step-certificates/files/step-ca.in to security/step-certificates/files/step_ca.in and in Makefile "USE_RC_SUBR=step_ca". I changed my mind - waiting maintainer.
Personally I don't have a preference between '-' and '_'. However, I do prefer accurate instructions. Which is why I raised this issue as a typo for the instructions and not as a bug with the service itself. I am not a FreeBSD package maintainer, so I am not familiar with FreeBSD packaging standards. Doing a search on services on the host, it already has a mix of services with hyphens and underscores. If underscores in service names are a standard to be followed by package maintainers, there will be more services to fix, ftp-proxy and os-release being two of them. # service -l | grep -e '-' -e '_' ftp-proxy growfs_fstab hostid_save ipfw_netflow ipropd_master ipropd_slave local_unbound os-release power_profile rfcomm_pppd_server static_arp static_ndp sysctl_lastload var_run wpa_supplicant step-ca If underscores replacing hyphens is a FreeBSD packaging standard, perhaps this should be added to the linting process of packages.
(In reply to Vladimir Druzenko from comment #2) Hi, thanks for bringing the issue up. I agree, that there is an inconsistency. I remember that there were some issues with the - or _ when I built that. I would propose to have a look and if it can be fixed in a meaningful way. I think though, that I have to be careful with this not breaking things and especially keep it stable/reliable for people already it in order to not break their scripts/settings etc.
service(8) takes the name of the rc.d script as a parameter. So if the script is named step-ca, the command should be "service step-ca *". The script can check the "step_ca_enable" variable instead of "step-ca_enable". But how should the "service step-ca enable" command work? Can you test this command. I don't have this software installed.