Index: head/net/ntp/Makefile =================================================================== --- head/net/ntp/Makefile (revision 477702) +++ head/net/ntp/Makefile (revision 477703) @@ -1,87 +1,86 @@ # Created by: andreas # $FreeBSD$ PORTNAME= ntp -PORTVERSION= 4.2.8p11 -PORTREVISION= 2 +PORTVERSION= 4.2.8p12 CATEGORIES= net ipv6 MASTER_SITES= http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ \ http://archive.ntp.org/ntp4/ntp-4.2/ \ ftp://ftp.netlab.is.tsukuba.ac.jp/pub/network/ntp/ntp4/ DISTNAME= ${PORTNAME}-${PORTVERSION:S/P/p/:S/.r/-RC/} MAINTAINER= cy@FreeBSD.org COMMENT= The Network Time Protocol Distribution LIB_DEPENDS= libevent.so:devel/libevent CONFLICTS= ntp-devel-* openntpd-* USES= cpe pathfix shebangfix libedit libtool localbase:ldflags \ pkgconfig USES+= autoreconf # until trustedbsd-mac changes accepted upstream GNU_CONFIGURE= yes CONFIGURE_ARGS= --enable-leap-smear --enable-trustedbsd-mac TEST_TARGET= check SHEBANG_FILES= scripts/ntptrace/ntptrace.in \ scripts/ntp-wait/ntp-wait.in \ scripts/update-leap/update-leap.in perl_OLD_CMD= @PATH_PERL@ .include "Makefile.inc" OPTIONS_DEFINE+= DEBUG NLS THREADS OPTIONS_DEFAULT+= THREADS OPTIONS_SUB= yes DEBUG_CONFIGURE_ENABLE= debugging IPV6_CONFIGURE_ENABLE= ipv6 NLS_CONFIGURE_ENABLE= nls NLS_CONFIGURE_OFF= ac_cv_lib_intl_gettext=no NLS_USES= gettext-runtime NTP_SIGND_CONFIGURE_ENABLE= ntp-signd NTPSNMPD_LIB_DEPENDS= libnetsnmp.so:net-mgmt/net-snmp NTPSNMPD_CONFIGURE_OFF= --without-ntpsnmpd PERL_UTILS_USES= perl5 SSL_CONFIGURE_ON= --with-openssl-incdir=${OPENSSLINC} \ --with-openssl-libdir=${OPENSSLLIB} SSL_CONFIGURE_OFF= --without-crypto SSL_USES= ssl DEBUG_CONFIGURE_ON= --enable-debug THREADS_CONFIGURE_ENABLE= thread-support THREADS_CONFIGURE_WITH= threads MD5_LIB_DEPENDS= libmd5.so:www/libwww MD5_IMPLIES= SSL .for D in ${NTP_DRIVERS} ${D}_CONFIGURE_ENABLE= ${D} .endfor .include # XXX Temporary hack. Remember to remove this next commit. post-extract: @${TOUCH} ${WRKSRC}/scripts/build/checkHtmlFileDates @${CHMOD} +x ${WRKSRC}/scripts/build/checkHtmlFileDates post-install: @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} ${INSTALL_DATA} ${WRKSRC}/conf/* ${STAGEDIR}${EXAMPLESDIR} @${MKDIR} ${STAGEDIR}${DOCSDIR} @${FIND} ${WRKSRC}/html -type f | ${XARGS} ${CHMOD} ${SHAREMODE} @cd ${WRKSRC}/html && ${FIND} . -print | \ ${CPIO} -pdu -R ${SHAREOWN}:${SHAREGRP} --quiet ${STAGEDIR}${DOCSDIR} .include Index: head/net/ntp/distinfo =================================================================== --- head/net/ntp/distinfo (revision 477702) +++ head/net/ntp/distinfo (revision 477703) @@ -1,3 +1,3 @@ -TIMESTAMP = 1519799522 -SHA256 (ntp-4.2.8p11.tar.gz) = f14a39f753688252d683ff907035ffff106ba8d3db21309b742e09b5c3cd278e -SIZE (ntp-4.2.8p11.tar.gz) = 7076566 +TIMESTAMP = 1534827274 +SHA256 (ntp-4.2.8p12.tar.gz) = 709b222b5013d77d26bfff532b5ea470a8039497ef29d09363931c036cb30454 +SIZE (ntp-4.2.8p12.tar.gz) = 7079642 Index: head/net/ntp/files/patch-ntpd_ntpd.c =================================================================== --- head/net/ntp/files/patch-ntpd_ntpd.c (revision 477702) +++ head/net/ntp/files/patch-ntpd_ntpd.c (nonexistent) @@ -1,45 +0,0 @@ ---- ntpd/ntpd.c.orig 2018-02-27 15:15:48 UTC -+++ ntpd/ntpd.c -@@ -123,6 +123,9 @@ - #if defined(HAVE_PRIV_H) && defined(HAVE_SOLARIS_PRIVS) - # include - #endif /* HAVE_PRIV_H */ -+#if defined(HAVE_TRUSTEDBSD_MAC) -+# include -+#endif /* HAVE_TRUSTEDBSD_MAC */ - #endif /* HAVE_DROPROOT */ - - #if defined (LIBSECCOMP) && (KERN_SECCOMP) -@@ -634,7 +637,12 @@ ntpdmain( - /* MPE lacks the concept of root */ - # if defined(HAVE_GETUID) && !defined(MPE) - uid = getuid(); -- if (uid && !HAVE_OPT( SAVECONFIGQUIT )) { -+ if (uid && !HAVE_OPT( SAVECONFIGQUIT ) -+# if defined(HAVE_TRUSTEDBSD_MAC) -+ /* We can run as non-root if the mac_ntpd policy is enabled. */ -+ && mac_is_present("ntpd") != 1 -+# endif -+ ) { - msyslog_term = TRUE; - msyslog(LOG_ERR, - "must be run as root, not uid %ld", (long)uid); -@@ -1082,7 +1090,17 @@ getgroup: - exit (-1); - } - --# if !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS) -+# if defined(HAVE_TRUSTEDBSD_MAC) -+ /* -+ * To manipulate system time and (re-)bind to NTP_PORT as needed -+ * following interface changes, we must either run as uid 0 or -+ * the mac_ntpd policy module must be enabled. -+ */ -+ if (sw_uid != 0 && mac_is_present("ntpd") != 1) { -+ msyslog(LOG_ERR, "Need MAC 'ntpd' policy enabled to drop root privileges"); -+ exit (-1); -+ } -+# elif !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS) - /* - * for now assume that the privilege to bind to privileged ports - * is associated with running with uid 0 - should be refined on Property changes on: head/net/ntp/files/patch-ntpd_ntpd.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/net/ntp/files/patch-sntp_m4_ntp__libntp.m4 =================================================================== --- head/net/ntp/files/patch-sntp_m4_ntp__libntp.m4 (revision 477702) +++ head/net/ntp/files/patch-sntp_m4_ntp__libntp.m4 (nonexistent) @@ -1,32 +0,0 @@ ---- sntp/m4/ntp_libntp.m4.orig 2017-02-01 09:47:13 UTC -+++ sntp/m4/ntp_libntp.m4 -@@ -693,7 +693,28 @@ esac - - AC_MSG_RESULT([$ntp_have_solarisprivs]) - --case "$ntp_use_dev_clockctl$ntp_have_linuxcaps$ntp_have_solarisprivs" in -+AC_CHECK_HEADERS([sys/mac.h]) -+ -+AC_ARG_ENABLE( -+ [trustedbsd_mac], -+ [AS_HELP_STRING( -+ [--enable-trustedbsd-mac], -+ [- Use TrustedBSD MAC policy for non-root clock control] -+ )], -+ [ntp_use_trustedbsd_mac=$enableval] -+) -+ -+AC_MSG_CHECKING([if we should use TrustedBSD MAC privileges]) -+ -+case "$ntp_use_trustedbsd_mac$ac_cv_header_sys_mac_h" in -+ yesyes) -+ AC_DEFINE([HAVE_TRUSTEDBSD_MAC], [1], -+ [Are TrustedBSD MAC policy privileges available?]) -+esac -+ -+AC_MSG_RESULT([$ntp_use_trustedbsd_mac]) -+ -+case "$ntp_use_dev_clockctl$ntp_have_linuxcaps$ntp_have_solarisprivs$ntp_use_trustedbsd_mac" in - *yes*) - AC_DEFINE([HAVE_DROPROOT], [1], - [Can we drop root privileges?]) Property changes on: head/net/ntp/files/patch-sntp_m4_ntp__libntp.m4 ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property