diff --git a/security/cyrus-sasl2-saslauthd/Makefile b/security/cyrus-sasl2-saslauthd/Makefile index af1478e08005..0d7fd75ba4cc 100644 --- a/security/cyrus-sasl2-saslauthd/Makefile +++ b/security/cyrus-sasl2-saslauthd/Makefile @@ -1,62 +1,64 @@ PKGNAMESUFFIX= -saslauthd COMMENT= SASL authentication server for cyrus-sasl2 LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2 INSTALL_WRKSRC= ${WRKSRC}/saslauthd USE_RC_SUBR= saslauthd CYRUS_CONFIGURE_ARGS= --with-saslauthd=${SASLAUTHD_RUNPATH} CONFIGURE_ENV+= andrew_cv_runpath_switch=none -OPTIONS_DEFINE= DOCS HTTPFORM OPENLDAP +OPTIONS_DEFINE= DOCS HTTPFORM OPENLDAP SASLDB_IN_VAR OPTIONS_RADIO= GSSAPI SASLDB OPTIONS_RADIO_SASLDB= BDB1 BDB GDBM LMDB OPTIONS_DEFAULT= BDB1 HTTPFORM_DESC= Enable HTTP form authentication HTTPFORM_CONFIGURE_ENABLE=httpform OPENLDAP_DESC= Use OpenLDAP OPENLDAP_USE= OPENLDAP=yes OPENLDAP_CONFIGURE_ON= --with-ldap=${LOCALBASE} SASLDB_DESC= Experimental SASLdb authentication module BDB_USES= bdb BDB_CONFIGURE_ON= --enable-auth-sasldb \ --with-dblib=berkeley \ --with-bdb-libdir=${BDB_LIB_DIR} \ --with-bdb-incdir=${BDB_INCLUDE_DIR} \ --with-bdb=${BDB_LIB_NAME} BDB1_CONFIGURE_ON= --enable-auth-sasldb \ --with-dblib=ndbm GDBM_LIB_DEPENDS= libgdbm.so:databases/gdbm GDBM_CONFIGURE_ON= --enable-auth-sasldb \ --with-dblib=gdbm \ --with-gdbm=${LOCALBASE} LMDB_DESC= OpenLDAP Lightning Memory-Mapped Database support LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb LMDB_CONFIGURE_ON= --enable-auth-sasldb \ --with-dblib=lmdb LMDB_CFLAGS= -I${LOCALBASE}/include LMDB_LDFLAGS= -L${LOCALBASE}/lib +# LMDB_IMPLIES= SASLDB_IN_VAR +SASLDB_IN_VAR_DESC= sasldb in /var/db/sasl2 .if exists(/usr/lib/libkrb5.a) OPTIONS_RADIO_GSSAPI+= GSSAPI_BASE OPTIONS_DEFAULT+= GSSAPI_BASE .endif OPTIONS_RADIO_GSSAPI+= GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_BASE_USES= gssapi:base GSSAPI_BASE_CONFIGURE_ON= --enable-gssapi="${GSSAPIBASEDIR}" \ --with-gss_impl=heimdal GSSAPI_HEIMDAL_USES= gssapi:heimdal,flags GSSAPI_HEIMDAL_CONFIGURE_ON= --enable-gssapi="${GSSAPIBASEDIR}" \ --with-gss_impl=heimdal GSSAPI_MIT_USES= gssapi:mit GSSAPI_MIT_CONFIGURE_ON= --enable-gssapi="${GSSAPIBASEDIR}" \ --with-gss_impl=mit DOCS= COPYING ChangeLog LDAP_SASLAUTHD .include "${.CURDIR}/../../security/cyrus-sasl2/Makefile.common" diff --git a/security/cyrus-sasl2/Makefile b/security/cyrus-sasl2/Makefile index 10e1b1a82794..e83dc2936733 100644 --- a/security/cyrus-sasl2/Makefile +++ b/security/cyrus-sasl2/Makefile @@ -1,63 +1,66 @@ COMMENT= RFC 2222 SASL (Simple Authentication and Security Layer) USES= cpe libtool:keepla pathfix perl5 USE_PERL5= patch CYRUS_CONFIGURE_ARGS= --with-saslauthd=${SASLAUTHD_RUNPATH} NO_OPTIONS_SORT= yes OPTIONS_DEFINE= ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \ - OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR + OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR \ + SASLDB_IN_VAR OPTIONS_RADIO= SASLDB OPTIONS_RADIO_SASLDB= BDB1 BDB GDBM LMDB OPTIONS_GROUP= PLUGIN OPTIONS_GROUP_PLUGIN= ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM OPTIONS_DEFAULT= ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRAM \ OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM OPTIONS_SUB= yes ALWAYSTRUE_DESC= Alwaystrue password verifier (discouraged) ALWAYSTRUE_CONFIGURE_ENABLE=alwaystrue AUTHDAEMOND_DESC= Use of authdaemon AUTHDAEMOND_CONFIGURE_ON=--with-authdaemond=/var/run/authdaemond/socket AUTHDAEMOND_CONFIGURE_OFF=--with-authdaemond=no KEEP_DB_OPEN_DESC= Keep handle to Berkeley DB open KEEP_DB_OPEN_CONFIGURE_ENABLE=keep-db-open OBSOLETE_CRAM_ATTR_DESC=cmusaslsecretCRAM-MD5 auxprop property OBSOLETE_CRAM_ATTR_CONFIGURE_OFF=--enable-obsolete_cram_attr=no OBSOLETE_DIGEST_ATTR_DESC=cmusaslsecretDIGEST-MD5 auxprop property OBSOLETE_DIGEST_ATTR_CONFIGURE_OFF=--enable-obsolete_digest_attr=no SASLDB_DESC= SASLdb auxprop plugin BDB_USES= bdb BDB_CONFIGURE_ON= --with-dblib=berkeley \ --with-bdb-libdir=${BDB_LIB_DIR} \ --with-bdb-incdir=${BDB_INCLUDE_DIR} \ --with-bdb=${BDB_LIB_NAME} BDB1_CONFIGURE_ON= --with-dblib=ndbm GDBM_LIB_DEPENDS= libgdbm.so:databases/gdbm GDBM_CONFIGURE_ON= --with-dblib=gdbm \ --with-gdbm=${LOCALBASE} LMDB_DESC= OpenLDAP Lightning Memory-Mapped Database support LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb LMDB_CONFIGURE_ON= --with-dblib=lmdb LMDB_CFLAGS= -I${LOCALBASE}/include LMDB_LDFLAGS= -L${LOCALBASE}/lib +# LMDB_IMPLIES= SASLDB_IN_VAR +SASLDB_IN_VAR_DESC= sasldb in /var/db/sasl2 ANONYMOUS_DESC= ANONYMOUS authentication ANONYMOUS_CONFIGURE_ENABLE= anon CRAM_DESC= CRAM-MD5 authentication CRAM_CONFIGURE_ENABLE= cram DIGEST_DESC= DIGEST-MD5 authentication DIGEST_CONFIGURE_ENABLE=digest LOGIN_DESC= LOGIN authentication LOGIN_CONFIGURE_ENABLE= login NTLM_DESC= NTLM authentication NTLM_CONFIGURE_ENABLE= ntlm OTP_DESC= OTP authentication OTP_CONFIGURE_ENABLE= otp PLAIN_DESC= PLAIN authentication PLAIN_CONFIGURE_ENABLE= plain SCRAM_DESC= SCRAM authentication SCRAM_CONFIGURE_ENABLE= scram DOCS= AUTHORS COPYING ChangeLog INSTALL.TXT README .include "${.CURDIR}/../../security/cyrus-sasl2/Makefile.common" diff --git a/security/cyrus-sasl2/Makefile.common b/security/cyrus-sasl2/Makefile.common index 2a054fc41bc0..4295be597e48 100644 --- a/security/cyrus-sasl2/Makefile.common +++ b/security/cyrus-sasl2/Makefile.common @@ -1,184 +1,190 @@ PORTNAME= cyrus-sasl PORTVERSION= 2.1.28 CATEGORIES= security MASTER_SITES= https://github.com/cyrusimap/cyrus-sasl/releases/download/${PORTNAME}-${PORTVERSION}/ MAINTAINER= ume@FreeBSD.org LICENSE= BSD4CLAUSE LICENSE_FILE= ${WRKSRC}/COPYING USES+= gmake USE_LDCONFIG= yes USES+= ssl GNU_CONFIGURE= yes CONFIGURE_ARGS+=--sysconfdir=${PREFIX}/etc \ --with-configdir=${PREFIX}/lib/sasl2:${PREFIX}/etc/sasl2 \ --with-plugindir=${PREFIX}/lib/sasl2 \ - --with-dbpath=${PREFIX}/etc/sasldb2 \ + --with-dbpath=${SASLDB_DIR}/sasldb2 \ --with-lib-subdir=lib \ --with-pkgconfigdir=${PREFIX}/libdata/pkgconfig \ --includedir=${PREFIX}/include \ --enable-static \ --with-rc4=openssl \ --with-sphinx-build=no CONFIGURE_ARGS+=--disable-anon \ --disable-cram \ --disable-digest \ --disable-gssapi \ --disable-krb4 \ --disable-login \ --disable-ntlm \ --disable-otp \ --disable-plain \ --disable-scram \ --disable-srp \ --with-dblib=none CONFIGURE_ARGS+=${CYRUS_CONFIGURE_ARGS} CONFIGURE_ENV= CC_FOR_BUILD="${CC}" MAKE_ENV+= INSTALL_STRIP_FLAG=${STRIP} DOCSDIR= ${PREFIX}/share/doc/cyrus-sasl2 CPE_VENDOR= cmu SASLAUTHD_RUNPATH?= /var/run/saslauthd CYRUS_USER?= cyrus CYRUS_GROUP?= cyrus CYRUS_SASL2_DIR=${MASTERDIR}/../../security/cyrus-sasl2 DISTINFO_FILE= ${CYRUS_SASL2_DIR}/distinfo PATCHDIR= ${CYRUS_SASL2_DIR}/files .if defined(PKGNAMESUFFIX) CYRUS_BUILD_TARGET?= ${PKGNAMESUFFIX:S/^-//} .else CYRUS_BUILD_TARGET?= ${PORTNAME} .endif .if ${CYRUS_BUILD_TARGET} != "cyrus-sasl" && ${CYRUS_BUILD_TARGET} != "saslauthd" INSTALL_WRKSRC= ${WRKSRC}/plugins LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2 USES+= libtool:build PLIST_FILES+= lib/sasl2/lib${CYRUS_BUILD_TARGET}.a \ lib/sasl2/lib${CYRUS_BUILD_TARGET}.so \ lib/sasl2/lib${CYRUS_BUILD_TARGET}.so.3 \ lib/sasl2/lib${CYRUS_BUILD_TARGET}.so.3.0.0 .endif .include .if ${OPENSSLBASE} == /usr CONFIGURE_ARGS+=--with-openssl=yes .else CONFIGURE_ARGS+=--with-openssl=${OPENSSLBASE} .endif .if ${ARCH} == "amd64" CPPFLAGS+= -fPIC .endif +.if ${PORT_OPTIONS:MSASLDB_IN_VAR} +SASLDB_DIR= /var/db/sasl2 +.else +SASLDB_DIR= ${PREFIX}/etc +.endif + .if ${CYRUS_BUILD_TARGET} == "cyrus-sasl" .if ${PORT_OPTIONS:MBDB1} SASLDB_NAME= sasldb2.db .elif ${PORT_OPTIONS:MBDB} SASLDB_NAME= sasldb2 .elif ${PORT_OPTIONS:MGDBM} || ${PORT_OPTIONS:MLMDB} SASLDB_NAME= sasldb2 .else SASLDB= "@comment " .endif SUB_FILES= pkg-deinstall pkg-install pkg-message SUB_LIST= CYRUS_USER=${CYRUS_USER} CYRUS_GROUP=${CYRUS_GROUP} \ - SASLDB_NAME=${SASLDB_NAME} + SASLDB_DIR=${SASLDB_DIR} SASLDB_NAME=${SASLDB_NAME} PLIST_SUB+= PREFIX=${PREFIX} \ SASLDB=${SASLDB} PORTDOCS= * post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} cd ${WRKSRC}/doc && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR} \ "! ( -path */html/_sources* -o -name .buildinfo \ -o -name Makefile -o -name Makefile.in \ -o -name Makefile.in.bak -o -name Makefile.am \ -o -name NTMakefile -o -name .cvsignore )" .for f in ${DOCS} @${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${DOCSDIR} .endfor @${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${STAGEDIR}${DOCSDIR} .elif ${CYRUS_BUILD_TARGET} == "saslauthd" .if ${PORT_OPTIONS:MOPENLDAP} .if defined(WITH_OPENLDAP_VER) WANT_OPENLDAP_VER= ${WITH_OPENLDAP_VER} .endif .endif .if ${SASLAUTHD_RUNPATH} != /var/run/saslauthd RUNPATH= "@comment " .endif PLIST_SUB+= PREFIX=${PREFIX} \ RUNPATH=${RUNPATH} PORTDOCS= * SUB_LIST+= SASLAUTHD_RUNPATH=${SASLAUTHD_RUNPATH} do-build: cd ${WRKSRC}/include && gmake cd ${WRKSRC}/common && gmake #.if ${PORT_OPTIONS:MBDB1} || ${PORT_OPTIONS:MBDB} || ${PORT_OPTIONS:MGDBM} cd ${WRKSRC}/sasldb && gmake #.endif cd ${WRKSRC}/saslauthd && gmake cd ${WRKSRC}/saslauthd && gmake saslcache cd ${WRKSRC}/saslauthd && gmake testsaslauthd post-install: @${INSTALL_PROGRAM} ${WRKSRC}/saslauthd/saslcache \ ${STAGEDIR}${PREFIX}/sbin/saslcache @${INSTALL_PROGRAM} ${WRKSRC}/saslauthd/testsaslauthd \ ${STAGEDIR}${PREFIX}/sbin/testsaslauthd .if ${SASLAUTHD_RUNPATH} != /var/run/saslauthd @${ECHO_MSG} "" @${ECHO_MSG} "SASLAUTHD_RUNPATH was specified." @${ECHO_MSG} "Make sure you create ${SASLAUTHD_RUNPATH}." @${ECHO_MSG} "" .else @${MKDIR} ${STAGEDIR}/var/run/saslauthd .endif post-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR}/saslauthd .for file in ${DOCS} @${INSTALL_DATA} ${WRKSRC}/saslauthd/${file} \ ${STAGEDIR}${DOCSDIR}/saslauthd .endfor .else # plugin LIBTOOL= ${LOCALBASE}/bin/libtool post-patch: @${REINPLACE_CMD} \ -e "/^LIBTOOL=/s|\$$(top_builddir)/libtool|${LIBTOOL}|g" \ ${WRKSRC}/configure do-build: cd ${WRKSRC}/include && gmake cd ${WRKSRC}/common && gmake cd ${WRKSRC}/lib && gmake libobj.la cd ${WRKSRC}/plugins && gmake .endif .include diff --git a/security/cyrus-sasl2/files/pkg-deinstall.in b/security/cyrus-sasl2/files/pkg-deinstall.in index 887153339b43..0f426a9c8a73 100644 --- a/security/cyrus-sasl2/files/pkg-deinstall.in +++ b/security/cyrus-sasl2/files/pkg-deinstall.in @@ -1,48 +1,52 @@ #!/bin/sh # Created by: hetzels@westbend.net #set -vx PKG_BATCH=${BATCH:=NO} PKG_PREFIX=${PKG_PREFIX:=/usr/local} +SASLDB_DIR=%%SASLDB_DIR%% SASLDB_NAME=%%SASLDB_NAME%% -SASLDB_NAME=${SASLDB_NAME:+${PKG_PREFIX}/etc/%%SASLDB_NAME%%} +SASLDB_NAME=${SASLDB_NAME:+%%SASLDB_DIR%%/%%SASLDB_NAME%%} CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%} CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%} # delete sasldb database delete_sasldb() { if [ -f ${SASLDB_NAME} ] ; then result=$(${PKG_PREFIX}/sbin/sasldblistusers2) if [ $? -eq 0 -a -z "${result}" ]; then rm ${SASLDB_NAME} if [ -f ${SASLDB_NAME}-lock ] ; then rm ${SASLDB_NAME}-lock fi + if [ ${SASLDB_DIR} = '/var/db/sasl2' ]; then + rmdir ${SASLDB_DIR} + fi else echo "WARNING: Users SASL passwords are in ${SASLDB_NAME}, keeping this file" fi fi } delete_user() { if pw usershow ${CYRUS_USER} 2>/dev/null 1>&2; then echo "To delete Cyrus user permanently, use 'pw userdel ${CYRUS_USER}'" fi if pw groupshow ${CYRUS_GROUP} 2>/dev/null 1>&2; then echo "To delete Cyrus group permanently, use 'pw groupdel ${CYRUS_GROUP}'" fi } case $2 in DEINSTALL) if [ -n "${SASLDB_NAME}" ]; then delete_sasldb fi ;; POST-DEINSTALL) delete_user ;; esac diff --git a/security/cyrus-sasl2/files/pkg-install.in b/security/cyrus-sasl2/files/pkg-install.in index da27b55bbc0c..1c0c147e39c3 100644 --- a/security/cyrus-sasl2/files/pkg-install.in +++ b/security/cyrus-sasl2/files/pkg-install.in @@ -1,102 +1,108 @@ #!/bin/sh # Created by: stb@FreeBSD.org for the cyrus imap server # Added to the cyrus-sasl port by hetzels@westbend.net #set -vx PKG_BATCH=${BATCH:=NO} PKG_PREFIX=${PKG_PREFIX:=/usr/local} +SASLDB_DIR=%%SASLDB_DIR%% SASLDB_NAME=%%SASLDB_NAME%% -SASLDB_NAME=${SASLDB_NAME:+${PKG_PREFIX}/etc/%%SASLDB_NAME%%} +SASLDB_NAME=${SASLDB_NAME:+%%SASLDB_DIR%%/%%SASLDB_NAME%%} CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%} CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%} # # create 'cyrus' user and group before installing # create_user() { USER=${CYRUS_USER} GROUP=${CYRUS_GROUP} PW=/usr/sbin/pw if [ -x /usr/sbin/nologin ]; then shell=/usr/sbin/nologin elif [ -x /sbin/nologin ]; then shell=/sbin/nologin else shell=/nonexistent fi uhome="/nonexistent" if ! ${PW} show group ${GROUP} -q >/dev/null; then gid=60 while ${PW} show group -g ${gid} -q >/dev/null; do gid=`expr ${gid} + 1` done if ! ${PW} add group ${GROUP} -g ${gid}; then e=$? echo "*** Failed to add group \`${GROUP}'. Please add it manually." exit ${e} fi echo "*** Added group \`${GROUP}' (id ${gid})" else gid=`${PW} show group ${GROUP} 2>/dev/null | cut -d: -f3` fi if ! ${PW} show user ${USER} -q >/dev/null; then uid=60 while ${PW} show user -u ${uid} -q >/dev/null; do uid=`expr ${uid} + 1` done if ! ${PW} add user ${USER} -u ${uid} -g ${gid} -d "${uhome}" \ -c "the cyrus mail server" -s "${shell}" -w no \ ; then e=$? echo "*** Failed to add user \`${USER}'. Please add it manually." exit ${e} fi echo "*** Added user \`${USER}' (id ${uid})" else if ! ${PW} mod user ${USER} -g ${gid}; then e=$? echo "*** Failed to update user \`${USER}'." exit ${e} fi echo "*** Updated user \`${USER}'." fi } create_sasldb() { if [ ! -f ${SASLDB_NAME} ]; then + if [ ${SASLDB_DIR} = '/var/db/sasl2' -a ! -d ${SASLDB_DIR} ]; then + mkdir ${SASLDB_DIR} + chown ${CYRUS_USER}:mail ${SASLDB_DIR} + chmod 750 ${SASLDB_DIR} + fi echo "test" | ${PKG_PREFIX}/sbin/saslpasswd2 -p -c ${CYRUS_USER} if [ `${PKG_PREFIX}/sbin/sasldblistusers2 | wc -l` -eq 0 ] ; then echo "WARNING: Failed to create ${SASLDB_NAME}" else ${PKG_PREFIX}/sbin/saslpasswd2 -d ${CYRUS_USER} chown ${CYRUS_USER}:mail ${SASLDB_NAME} chmod 640 ${SASLDB_NAME} if [ -f ${SASLDB_NAME}-lock ]; then chown ${CYRUS_USER}:mail ${SASLDB_NAME}-lock - chmod 640 ${SASLDB_NAME}-lock + chmod 660 ${SASLDB_NAME}-lock fi fi fi } case $2 in PRE-INSTALL) create_user ;; POST-INSTALL) if [ "${PKG_BATCH}" = "NO" ]; then if [ -n "${SASLDB_NAME}" ]; then create_sasldb fi elif [ -n "${SASLDB_NAME}" -a ! -f ${SASLDB_NAME} ]; then echo "*** We do not create ${SASLDB_NAME} automatically in" echo "*** BATCH mode. Please create it by yourself. It should be" echo "*** owner: ${CYRUS_USER}, group: mail, mode: 0640." fi ;; esac