Changeset View
Changeset View
Standalone View
Standalone View
head/Mk/bsd.port.mk
Show First 20 Lines • Show All 1,239 Lines • ▼ Show 20 Lines | |||||
GID_FILES?= ${PORTSDIR}/GIDs | GID_FILES?= ${PORTSDIR}/GIDs | ||||
UID_OFFSET?= 0 | UID_OFFSET?= 0 | ||||
GID_OFFSET?= 0 | GID_OFFSET?= 0 | ||||
# predefined accounts from src/etc/master.passwd | # predefined accounts from src/etc/master.passwd | ||||
# alpha numeric sort order | # alpha numeric sort order | ||||
USERS_BLACKLIST= _dhcp _pflogd auditdistd bin bind daemon games hast kmem mailnull man news nobody operator pop proxy root smmsp sshd toor tty uucp www | USERS_BLACKLIST= _dhcp _pflogd auditdistd bin bind daemon games hast kmem mailnull man news nobody operator pop proxy root smmsp sshd toor tty uucp www | ||||
# predefined accounts from src/etc/group | |||||
# alpha numeric sort order | |||||
GROUPS_BLACKLIST= _dhcp _pflogd audit authpf bin bind daemon dialer ftp games guest hast kmem mail mailnull man network news nobody nogroup operator proxy smmsp sshd staff sys tty unbound uucp wheel www | |||||
LDCONFIG_DIR= libdata/ldconfig | LDCONFIG_DIR= libdata/ldconfig | ||||
LDCONFIG32_DIR= libdata/ldconfig32 | LDCONFIG32_DIR= libdata/ldconfig32 | ||||
.endif | .endif | ||||
# At least KDE needs TMPDIR for the package building, | # At least KDE needs TMPDIR for the package building, | ||||
# so we're setting it to the known default value. | # so we're setting it to the known default value. | ||||
.if defined(PACKAGE_BUILDING) | .if defined(PACKAGE_BUILDING) | ||||
▲ Show 20 Lines • Show All 2,404 Lines • ▼ Show 20 Lines | |||||
. endif | . endif | ||||
. endif | . endif | ||||
. endif | . endif | ||||
. endif | . endif | ||||
.endif | .endif | ||||
.if !target(create-users-groups) | .if !target(create-users-groups) | ||||
.if defined(GROUPS) || defined(USERS) | .if defined(GROUPS) || defined(USERS) | ||||
_UG_OUTPUT= ${WRKDIR}/users-groups.sh | _UG_INSTALL= ${WRKDIR}/users-groups-install.sh | ||||
PKGPREINSTALL+= ${_UG_OUTPUT} | _UG_DEINSTALL= ${WRKDIR}/users-groups-deinstall.sh | ||||
PKGPREINSTALL+= ${_UG_INSTALL} | |||||
PKGPOSTDEINSTALL+= ${_UG_DEINSTALL} | |||||
create-users-groups: | create-users-groups: | ||||
@${RM} -f ${_UG_OUTPUT} || ${TRUE} | @${SETENV} \ | ||||
.if ${OPSYS} != FreeBSD || ${OSVERSION} < 1002000 | dp_ECHO_MSG="${ECHO_MSG}" \ | ||||
@${ECHO_CMD} "PW=${PW}" >> ${_UG_OUTPUT} | dp_GID_FILES="${GID_FILES}" \ | ||||
.else | dp_GID_OFFSET="${GID_OFFSET}" \ | ||||
@${ECHO_CMD} -e "if [ -n \"\$${PKG_ROOTDIR}\" -a \"\$${PKG_ROOTDIR}\" != \"/\" ]; then PW=\"${PW} -R \$${PKG_ROOTDIR}\"; else PW=${PW}; fi" >> ${_UG_OUTPUT} | dp_GROUPS_BLACKLIST="${GROUPS_BLACKLIST}" \ | ||||
.endif | dp_INSTALL="${INSTALL}" \ | ||||
.if defined(GROUPS) | dp_OPSYS="${OPSYS}" \ | ||||
.for _file in ${GID_FILES} | dp_OSVERSION="${OSVERSION}" \ | ||||
.if !exists(${_file}) | dp_PREFIX="${PREFIX}" \ | ||||
@${ECHO_CMD} "** ${_file} doesn't exist. Exiting."; exit 1 | dp_PW="${PW}" \ | ||||
.endif | dp_SCRIPTSDIR="${SCRIPTSDIR}" \ | ||||
.endfor | dp_UG_DEINSTALL="${_UG_DEINSTALL}" \ | ||||
@${ECHO_MSG} "===> Creating users and/or groups." | dp_UG_INSTALL="${_UG_INSTALL}" \ | ||||
@${ECHO_CMD} "echo \"===> Creating users and/or groups.\"" >> ${_UG_OUTPUT} | dp_UID_FILES="${UID_FILES}" \ | ||||
.for _group in ${GROUPS} | dp_UID_OFFSET="${UID_OFFSET}" \ | ||||
# _bgpd:*:130: | dp_USERS_BLACKLIST="${USERS_BLACKLIST}" \ | ||||
@if ! ${GREP} -h ^${_group}: ${GID_FILES} >/dev/null 2>&1; then \ | ${SH} ${SCRIPTSDIR}/do-users-groups.sh "${USERS}" "${GROUPS}" | ||||
${ECHO_CMD} "** Cannot find any information about group \`${_group}' in ${GID_FILES}."; \ | |||||
exit 1; \ | |||||
fi | |||||
@IFS=":"; ${GREP} -h ^${_group}: ${GID_FILES} | head -n 1 | while read group foo gid members; do \ | |||||
gid=$$(($$gid+${GID_OFFSET})); \ | |||||
${ECHO_CMD} -e "if ! \$${PW} groupshow $$group >/dev/null 2>&1; then \n \ | |||||
echo \"Creating group '$$group' with gid '$$gid'.\" \n \ | |||||
\$${PW} groupadd $$group -g $$gid; else echo \"Using existing group '$$group'.\"\nfi" >> ${_UG_OUTPUT}; \ | |||||
done | |||||
.endfor | |||||
.endif | |||||
.if defined(USERS) | |||||
.for _file in ${UID_FILES} | |||||
.if !exists(${_file}) | |||||
@${ECHO_CMD} "** ${_file} doesn't exist. Exiting."; exit 1 | |||||
.endif | |||||
.endfor | |||||
.for _user in ${USERS} | |||||
# _bgpd:*:130:130:BGP Daemon:/var/empty:/sbin/nologin | |||||
@if ! ${GREP} -h ^${_user}: ${UID_FILES} >/dev/null 2>&1; then \ | |||||
${ECHO_CMD} "** Cannot find any information about user \`${_user}' in ${UID_FILES}."; \ | |||||
exit 1; \ | |||||
fi | |||||
@IFS=":"; ${GREP} -h ^${_user}: ${UID_FILES} | head -n 1 | while read login passwd uid gid class change expire gecos homedir shell; do \ | |||||
uid=$$(($$uid+${UID_OFFSET})); \ | |||||
gid=$$(($$gid+${GID_OFFSET})); \ | |||||
class="$${class:+-L }$$class"; \ | |||||
homedir=$$(echo $$homedir | sed "s|^/usr/local|${PREFIX}|"); \ | |||||
${ECHO_CMD} -e "if ! \$${PW} usershow $$login >/dev/null 2>&1; then \n \ | |||||
echo \"Creating user '$$login' with uid '$$uid'.\" \n \ | |||||
\$${PW} useradd $$login -u $$uid -g $$gid $$class -c \"$$gecos\" -d $$homedir -s $$shell \n \ | |||||
else \necho \"Using existing user '$$login'.\" \nfi" >> ${_UG_OUTPUT}; \ | |||||
case $$homedir in /|/nonexistent|/var/empty) ;; *) ${ECHO_CMD} "${INSTALL} -d -g $$gid -o $$uid $$homedir" >> ${_UG_OUTPUT};; esac; \ | |||||
done | |||||
.endfor | |||||
.if defined(GROUPS) | |||||
.for _group in ${GROUPS} | |||||
# mail:*:6:postfix,clamav | |||||
@IFS=":"; ${GREP} -h ^${_group}: ${GID_FILES} | head -n 1 | while read group foo gid members; do \ | |||||
gid=$$(($$gid+${GID_OFFSET})); \ | |||||
IFS=","; for _login in $$members; do \ | |||||
for _user in ${USERS}; do \ | |||||
if [ "x$${_user}" = "x$${_login}" ]; then \ | |||||
${ECHO_CMD} -e "if ! \$${PW} groupshow ${_group} | ${GREP} -qw $${_login}; then \n \ | |||||
echo \"Adding user '$${_login}' to group '${_group}'.\" \n \ | |||||
\$${PW} groupmod ${_group} -m $${_login} \nfi" >> ${_UG_OUTPUT}; \ | |||||
fi; \ | |||||
done; \ | |||||
done; \ | |||||
done | |||||
.endfor | |||||
.endif | |||||
.if defined(USERS) | |||||
.for _user in ${USERS} | |||||
.if ${OPSYS} != FreeBSD || ${OSVERSION} < 1002000 | |||||
@if [ ! ${USERS_BLACKLIST:M${_user}} ]; then \ | |||||
${ECHO_CMD} "@unexec PW=${PW}; \ | |||||
if \$${PW} usershow ${_user} >/dev/null 2>&1; then \ | |||||
echo \"==> You should manually remove the \\\"${_user}\\\" user. \"; fi" >> ${TMPPLIST}; \ | |||||
fi | |||||
.else | |||||
@if [ ! ${USERS_BLACKLIST:M${_user}} ]; then \ | |||||
${ECHO_CMD} "@unexec if [ -n \"\$${PKG_ROOTDIR}\" -a \"\$${PKG_ROOTDIR}\" != \"/\" ]; then PW=\"${PW} -R \$${PKG_ROOTDIR}\"; else PW=${PW}; fi; \ | |||||
if \$${PW} usershow ${_user} >/dev/null 2>&1; then \ | |||||
echo \"==> You should manually remove the \\\"${_user}\\\" user. \"; fi" >> ${TMPPLIST}; \ | |||||
fi | |||||
.endif | |||||
.endfor | |||||
.endif | |||||
.endif | |||||
.endif | .endif | ||||
.endif | .endif | ||||
.if !defined(DISABLE_SECURITY_CHECK) | .if !defined(DISABLE_SECURITY_CHECK) | ||||
.if !target(security-check) | .if !target(security-check) | ||||
security-check: ${TMPPLIST} | security-check: ${TMPPLIST} | ||||
# Scan PLIST for: | # Scan PLIST for: | ||||
# 1. setugid files | # 1. setugid files | ||||
▲ Show 20 Lines • Show All 2,090 Lines • Show Last 20 Lines |