Create new port for xcllnt's OpenIKED-1.0
Details
- Reviewers
mat - Group Reviewers
Contributor Reviewers (ports) - Commits
- rP425847: Add OpenIKED, version 1.0
Diff Detail
- Repository
- rP FreeBSD ports repository
- Lint
Lint Skipped - Unit
Tests Skipped
Event Timeline
We can't use the required_files variable given that start_precmd creates files mentioned there. Manually check for having the required files in start_precmd.
Could you check if this has a web site, and if yes, add a WWW: line to pkg-descr ?
Could you generate the pkg-plist file with make makeplist ? The lines are out of order.
You seem to be missing USES=libtool, it doesn't pass the configure stage without it.
You seem to be missing USES=ssl.
security/openiked/Makefile | ||
---|---|---|
7 | This is not needed. |
Incorporate review comments from mat@ (thanks!):
- Add WWW line to pkg-descr.
- Use make makeplist to generate pkg-plist. Manually edited to declare sample configuration with @sample
- Added libtool and ssl to USES
- Remove MASTER_SITES
If this is supposed to be a commit adding the port, it is missing the edit to security/Makefile hooking up the port to the build.
Could you also install devel/rclint, run it on the rc script and try to fix the errors it gives you ?
security/openiked/Makefile | ||
---|---|---|
31–32 | You are using GNU_CONFIGURE here, so maybe those lines could be removed and INSTALL_TARGET=install-strip could be added above. | |
security/openiked/pkg-plist | ||
12 | In the rc script, I read this one should have a mode of 0700. In that case, this should read: @dir(,,0700) etc/iked/private but it will only be readable as root, so, maybe something more like @dir(%%USER%%,%%GROUP%%,0700) etc/iked/private and add in the Makefile: PLIST_SUB= USER=${USERS} GROUP=${GROUPS} |
Great review! I very much appreciate your attention to detail!
I'll upload a new diff with the changes you suggested. Both portlint and rclint were used prior to the first submission to make sure the port and RC scripts were clean. I've ran them again for the upcoming submission.
security/openiked/Makefile | ||
---|---|---|
31–32 | Thanks for that! | |
security/openiked/pkg-plist | ||
12 | Good catch! Yes, the directory should be 0700. However it should remain owned by root. The daemon will read the private key (with EUID root) before lowering permissions (EUID _iked). |
Incorporate review comments from Mathieu.
Changed all @dir entries to have explicit permissions for readability and just being explicit. But in particular fix the etc/iked/private entry to have mods 700. Note that the directories have to be owned by root/wheel.
security/openiked/pkg-plist | ||
---|---|---|
8–15 | You do not need to put 755, it is the default. |
Is there anything that needs to be done, except committing this?
If finding a committer is a challenge, then I can do i myself.