diff --git a/net/nss-pam-ldapd/Makefile b/net/nss-pam-ldapd/Makefile index 28d6cdc1f8fd..149d5edfd438 100644 --- a/net/nss-pam-ldapd/Makefile +++ b/net/nss-pam-ldapd/Makefile @@ -1,128 +1,129 @@ PORTNAME= nss-pam-ldapd PORTVERSION= 0.9.12 +PORTREVISION= 1 CATEGORIES= net MASTER_SITES= http://arthurdejong.org/nss-pam-ldapd/ \ ZI MAINTAINER?= zi@FreeBSD.org COMMENT?= Advanced fork of nss_ldap WWW= https://arthurdejong.org/nss-pam-ldapd/ LICENSE= LGPL21 LGPL3 LICENSE_COMB= dual USES= cpe CPE_VENDOR= arthurdejong GNU_CONFIGURE= yes USE_OPENLDAP= yes USE_RC_SUBR= nslcd PAM_LDAP_SHMAJOR= 1 NSS_LDAP_SHMAJOR= 1 SUB_FILES+= pkg-message NSLCD_PIDFILE?= /var/run/nslcd.pid NSLCD_VARDIR?= /var/run/nslcd NSLCD_SOCKET?= ${NSLCD_VARDIR}/nslcd.ctl OPTIONS_DEFINE= KERBEROS OPTIONS_DEFAULT= KERBEROS .if defined(SLAVE_PORT) OPTIONS_DEFINE+= SASL OPTIONS_MULTI= MG1 OPTIONS_MULTI_MG1= PAM NSS PAM_DESC= Build pam_ldap NSS_DESC= Build nss support SASL_DESC= Build sasl support OPTIONS_DEFAULT+= PAM NSS CONFLICTS+= nss-pam-ldapd-[0-9]* .else OPTIONS_MULTI= MG1 OPTIONS_MULTI_MG1= PAM NSS PAM_DESC= Build pam_ldap NSS_DESC= Build nss support OPTIONS_DEFAULT+= PAM NSS CONFLICTS+= nss-pam-ldapd-sasl .endif USERS= nslcd GROUPS= nslcd .include CPPFLAGS+= -I${LOCALBASE}/include LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ARGS+= --with-nslcd-pidfile=${NSLCD_PIDFILE} \ --with-nslcd-socket=${NSLCD_SOCKET} \ --with-ldap-lib=openldap \ --with-nss-ldap-soname=nss_ldap.so.${NSS_LDAP_SHMAJOR} CONFIG_FILE= "nslcd.conf" CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/${CONFIG_FILE} PLIST_SUB+= CONFIG="${CONFIG_FILE}" \ PAM_LDAP_SHMAJOR="${PAM_LDAP_SHMAJOR}" \ NSS_LDAP_SHMAJOR="${NSS_LDAP_SHMAJOR}" SUB_LIST+= CONFIG_FILE="${PREFIX}/etc/${CONFIG_FILE}" \ NSLCD_PIDFILE="${NSLCD_PIDFILE}" \ NSLCD_VARDIR="${NSLCD_VARDIR}" \ USERS="${USERS}" GROUPS="${GROUPS}" .if empty(PORT_OPTIONS:MKERBEROS) CONFIGURE_ARGS+= --disable-kerberos .endif .if ${PORT_OPTIONS:MSASL} CONFIGURE_ARGS+= --enable-sasl .else CONFIGURE_ARGS+= --disable-sasl .endif .if ${PORT_OPTIONS:MPAM} CONFIGURE_ARGS+= --enable-pam \ --with-pam-seclib-dir=${PREFIX}/lib \ --with-pam-ldap-soname=pam_ldap.so.${PAM_LDAP_SHMAJOR} CONFLICTS+= pam_ldap-1.* PLIST_SUB+= PAM="" .else CONFIGURE_ARGS+= --disable-pam PLIST_SUB+= PAM="@comment " .endif .if ${PORT_OPTIONS:MNSS} CONFIGURE_ARGS+= --enable-nss CONFLICTS+= nss_ldap-1.* PLIST_SUB+= NSS="" SUB_LIST+= NSS_MESSAGE="WARNING: Be sure to set uid and gid configuration parameters to make nslcd run under unprivileged user." .else CONFIGURE_ARGS+= --disable-nss PLIST_SUB+= NSS="@comment " SUB_LIST+= NSS_MESSAGE="" .endif # Won't hook this in to OPTIONS until PADL ports are at least DEPRECATED. # It doesn't do the software any good to run as replacement for the PADL ports # without running the daemon. .if defined(WITHOUT_NSLCD) CONFIGURE_ARGS+= --disable-nslcd PLIST_SUB+= NSLCD="@comment " .else CONFIGURE_ARGS+= --enable-nslcd PLIST_SUB+= NSLCD="" .endif post-extract: @${REINPLACE_CMD} -e 's/\(INSTALL_\)\(.*\)) -D /\1\2) /' ${WRKSRC}/Makefile.in ${WRKSRC}/nss/Makefile.in post-configure: ${REINPLACE_CMD} -e 's/^\(CFLAGS.*\) \-O2 \(.*\)$$/\1 -O0 \2/' ${WRKSRC}/nss/Makefile post-install: .if ${PORT_OPTIONS:MNSS} @${LN} -fs nss_ldap.so.${NSS_LDAP_SHMAJOR} ${STAGEDIR}${PREFIX}/lib/nss_ldap.so .endif .if ${PORT_OPTIONS:MPAM} @${LN} -fs pam_ldap.so.${PAM_LDAP_SHMAJOR} ${STAGEDIR}${PREFIX}/lib/pam_ldap.so .endif .include diff --git a/net/nss-pam-ldapd/files/patch-config.h.in b/net/nss-pam-ldapd/files/patch-config.h.in new file mode 100644 index 000000000000..e9ab0c2bf48b --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-config.h.in @@ -0,0 +1,12 @@ +--- config.h.in.orig 2022-10-10 21:16:40 UTC ++++ config.h.in +@@ -30,6 +30,9 @@ + /* Define to 1 if you have the `clearenv' function. */ + #undef HAVE_CLEARENV + ++/* Define to 1 if you have the `closefrom' function. */ ++#undef HAVE_CLOSEFROM ++ + /* Define to 1 if you have the header file. */ + #undef HAVE_CTYPE_H + diff --git a/net/nss-pam-ldapd/files/patch-configure b/net/nss-pam-ldapd/files/patch-configure new file mode 100644 index 000000000000..d97e0366b1af --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-configure @@ -0,0 +1,16 @@ +--- configure.orig 2021-11-20 13:07:41 UTC ++++ configure +@@ -9684,6 +9684,13 @@ then : + + fi + ++ ac_fn_c_check_func "$LINENO" "closefrom" "ac_cv_func_closefrom" ++if test "x$ac_cv_func_closefrom" = xyes ++then : ++ printf "%s\n" "#define HAVE_CLOSEFROM 1" >>confdefs.h ++ ++fi ++ + + # replace some functions if they are not on the system + ac_fn_c_check_func "$LINENO" "getopt_long" "ac_cv_func_getopt_long" diff --git a/net/nss-pam-ldapd/files/patch-nslcd_daemonize.c b/net/nss-pam-ldapd/files/patch-nslcd_daemonize.c new file mode 100644 index 000000000000..8a8901baaa80 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nslcd_daemonize.c @@ -0,0 +1,33 @@ +--- nslcd/daemonize.c.orig 2022-10-11 18:31:44 UTC ++++ nslcd/daemonize.c +@@ -1,7 +1,7 @@ + /* + daemoninze.c - functions for properly daemonising an application + +- Copyright (C) 2014-2015 Arthur de Jong ++ Copyright (C) 2014-2022 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public +@@ -43,15 +43,19 @@ void daemonize_closefds(void) + + void daemonize_closefds(void) + { +- int i; + /* close all file descriptors (except stdin/out/err) */ ++#ifdef HAVE_CLOSEFROM ++ closefrom(3); ++#else ++ int i; + i = sysconf(_SC_OPEN_MAX) - 1; + /* if the system does not have OPEN_MAX just close the first 32 and + hope we closed enough */ + if (i < 0) + i = 32; +- for (; i > 3; i--) ++ for (; i > 2; i--) + close(i); ++#endif + } + + void daemonize_redirect_stdio(void) diff --git a/net/nss-pam-ldapd/files/patch-nslcd_invalidator.c b/net/nss-pam-ldapd/files/patch-nslcd_invalidator.c new file mode 100644 index 000000000000..c4bfe8ffe3e7 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nslcd_invalidator.c @@ -0,0 +1,29 @@ +--- nslcd/invalidator.c.orig 2021-11-15 19:40:49 UTC ++++ nslcd/invalidator.c +@@ -1,7 +1,7 @@ + /* + invalidator.c - functions for invalidating external caches + +- Copyright (C) 2013-2014 Arthur de Jong ++ Copyright (C) 2013-2022 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public +@@ -97,6 +97,9 @@ static void exec_invalidate(const char *db) + { + case 0: /* we are the child */ + /* close all file descriptors */ ++#ifdef HAVE_CLOSEFROM ++ closefrom(0); ++#else + i = sysconf(_SC_OPEN_MAX) - 1; + /* if the system does not have OPEN_MAX just close the first 32 and + hope we have closed enough */ +@@ -104,6 +107,7 @@ static void exec_invalidate(const char *db) + i = 32; + for (; i >= 0; i--) + close(i); ++#endif + /* execute command */ + #ifdef HAVE_EXECVPE + execvpe(argv[0], argv, newenviron);