git: d0e87be06b8e - main - security/cyrus-sasl2{,-saslauthd}: lmdb did not work for postfix
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 16 May 2022 09:42:21 UTC
The branch main has been updated by ume:
URL: https://cgit.FreeBSD.org/ports/commit/?id=d0e87be06b8e74633e19c4759ff6747050e0c7d7
commit d0e87be06b8e74633e19c4759ff6747050e0c7d7
Author: Hajimu UMEMOTO <ume@FreeBSD.org>
AuthorDate: 2022-05-16 09:39:39 +0000
Commit: Hajimu UMEMOTO <ume@FreeBSD.org>
CommitDate: 2022-05-16 09:42:09 +0000
security/cyrus-sasl2{,-saslauthd}: lmdb did not work for postfix
- sasldb2-lock requires write permission for mail group
- introduce SASLDB_IN_VAR option which places sasldb into /var/db
Reported by: Herbert J. Skuhra <herbert@gojira.at>
---
security/cyrus-sasl2-saslauthd/Makefile | 4 +++-
security/cyrus-sasl2/Makefile | 5 ++++-
security/cyrus-sasl2/Makefile.common | 10 ++++++++--
security/cyrus-sasl2/files/pkg-deinstall.in | 6 +++++-
security/cyrus-sasl2/files/pkg-install.in | 10 ++++++++--
5 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/security/cyrus-sasl2-saslauthd/Makefile b/security/cyrus-sasl2-saslauthd/Makefile
index af1478e08005..0d7fd75ba4cc 100644
--- a/security/cyrus-sasl2-saslauthd/Makefile
+++ b/security/cyrus-sasl2-saslauthd/Makefile
@@ -11,7 +11,7 @@ USE_RC_SUBR= saslauthd
CYRUS_CONFIGURE_ARGS= --with-saslauthd=${SASLAUTHD_RUNPATH}
CONFIGURE_ENV+= andrew_cv_runpath_switch=none
-OPTIONS_DEFINE= DOCS HTTPFORM OPENLDAP
+OPTIONS_DEFINE= DOCS HTTPFORM OPENLDAP SASLDB_IN_VAR
OPTIONS_RADIO= GSSAPI SASLDB
OPTIONS_RADIO_SASLDB= BDB1 BDB GDBM LMDB
OPTIONS_DEFAULT= BDB1
@@ -41,6 +41,8 @@ LMDB_CONFIGURE_ON= --enable-auth-sasldb \
--with-dblib=lmdb
LMDB_CFLAGS= -I${LOCALBASE}/include
LMDB_LDFLAGS= -L${LOCALBASE}/lib
+# LMDB_IMPLIES= SASLDB_IN_VAR
+SASLDB_IN_VAR_DESC= sasldb in /var/db/sasl2
.if exists(/usr/lib/libkrb5.a)
OPTIONS_RADIO_GSSAPI+= GSSAPI_BASE
diff --git a/security/cyrus-sasl2/Makefile b/security/cyrus-sasl2/Makefile
index 10e1b1a82794..e83dc2936733 100644
--- a/security/cyrus-sasl2/Makefile
+++ b/security/cyrus-sasl2/Makefile
@@ -7,7 +7,8 @@ CYRUS_CONFIGURE_ARGS= --with-saslauthd=${SASLAUTHD_RUNPATH}
NO_OPTIONS_SORT= yes
OPTIONS_DEFINE= ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
- OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR
+ OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR \
+ SASLDB_IN_VAR
OPTIONS_RADIO= SASLDB
OPTIONS_RADIO_SASLDB= BDB1 BDB GDBM LMDB
OPTIONS_GROUP= PLUGIN
@@ -41,6 +42,8 @@ LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb
LMDB_CONFIGURE_ON= --with-dblib=lmdb
LMDB_CFLAGS= -I${LOCALBASE}/include
LMDB_LDFLAGS= -L${LOCALBASE}/lib
+# LMDB_IMPLIES= SASLDB_IN_VAR
+SASLDB_IN_VAR_DESC= sasldb in /var/db/sasl2
ANONYMOUS_DESC= ANONYMOUS authentication
ANONYMOUS_CONFIGURE_ENABLE= anon
CRAM_DESC= CRAM-MD5 authentication
diff --git a/security/cyrus-sasl2/Makefile.common b/security/cyrus-sasl2/Makefile.common
index 2a054fc41bc0..4295be597e48 100644
--- a/security/cyrus-sasl2/Makefile.common
+++ b/security/cyrus-sasl2/Makefile.common
@@ -16,7 +16,7 @@ GNU_CONFIGURE= yes
CONFIGURE_ARGS+=--sysconfdir=${PREFIX}/etc \
--with-configdir=${PREFIX}/lib/sasl2:${PREFIX}/etc/sasl2 \
--with-plugindir=${PREFIX}/lib/sasl2 \
- --with-dbpath=${PREFIX}/etc/sasldb2 \
+ --with-dbpath=${SASLDB_DIR}/sasldb2 \
--with-lib-subdir=lib \
--with-pkgconfigdir=${PREFIX}/libdata/pkgconfig \
--includedir=${PREFIX}/include \
@@ -83,6 +83,12 @@ CONFIGURE_ARGS+=--with-openssl=${OPENSSLBASE}
CPPFLAGS+= -fPIC
.endif
+.if ${PORT_OPTIONS:MSASLDB_IN_VAR}
+SASLDB_DIR= /var/db/sasl2
+.else
+SASLDB_DIR= ${PREFIX}/etc
+.endif
+
.if ${CYRUS_BUILD_TARGET} == "cyrus-sasl"
.if ${PORT_OPTIONS:MBDB1}
@@ -97,7 +103,7 @@ SASLDB= "@comment "
SUB_FILES= pkg-deinstall pkg-install pkg-message
SUB_LIST= CYRUS_USER=${CYRUS_USER} CYRUS_GROUP=${CYRUS_GROUP} \
- SASLDB_NAME=${SASLDB_NAME}
+ SASLDB_DIR=${SASLDB_DIR} SASLDB_NAME=${SASLDB_NAME}
PLIST_SUB+= PREFIX=${PREFIX} \
SASLDB=${SASLDB}
diff --git a/security/cyrus-sasl2/files/pkg-deinstall.in b/security/cyrus-sasl2/files/pkg-deinstall.in
index 887153339b43..0f426a9c8a73 100644
--- a/security/cyrus-sasl2/files/pkg-deinstall.in
+++ b/security/cyrus-sasl2/files/pkg-deinstall.in
@@ -6,8 +6,9 @@
PKG_BATCH=${BATCH:=NO}
PKG_PREFIX=${PKG_PREFIX:=/usr/local}
+SASLDB_DIR=%%SASLDB_DIR%%
SASLDB_NAME=%%SASLDB_NAME%%
-SASLDB_NAME=${SASLDB_NAME:+${PKG_PREFIX}/etc/%%SASLDB_NAME%%}
+SASLDB_NAME=${SASLDB_NAME:+%%SASLDB_DIR%%/%%SASLDB_NAME%%}
CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%}
@@ -20,6 +21,9 @@ delete_sasldb() {
if [ -f ${SASLDB_NAME}-lock ] ; then
rm ${SASLDB_NAME}-lock
fi
+ if [ ${SASLDB_DIR} = '/var/db/sasl2' ]; then
+ rmdir ${SASLDB_DIR}
+ fi
else
echo "WARNING: Users SASL passwords are in ${SASLDB_NAME}, keeping this file"
fi
diff --git a/security/cyrus-sasl2/files/pkg-install.in b/security/cyrus-sasl2/files/pkg-install.in
index da27b55bbc0c..1c0c147e39c3 100644
--- a/security/cyrus-sasl2/files/pkg-install.in
+++ b/security/cyrus-sasl2/files/pkg-install.in
@@ -7,8 +7,9 @@
PKG_BATCH=${BATCH:=NO}
PKG_PREFIX=${PKG_PREFIX:=/usr/local}
+SASLDB_DIR=%%SASLDB_DIR%%
SASLDB_NAME=%%SASLDB_NAME%%
-SASLDB_NAME=${SASLDB_NAME:+${PKG_PREFIX}/etc/%%SASLDB_NAME%%}
+SASLDB_NAME=${SASLDB_NAME:+%%SASLDB_DIR%%/%%SASLDB_NAME%%}
CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%}
@@ -69,6 +70,11 @@ create_user() {
create_sasldb() {
if [ ! -f ${SASLDB_NAME} ]; then
+ if [ ${SASLDB_DIR} = '/var/db/sasl2' -a ! -d ${SASLDB_DIR} ]; then
+ mkdir ${SASLDB_DIR}
+ chown ${CYRUS_USER}:mail ${SASLDB_DIR}
+ chmod 750 ${SASLDB_DIR}
+ fi
echo "test" | ${PKG_PREFIX}/sbin/saslpasswd2 -p -c ${CYRUS_USER}
if [ `${PKG_PREFIX}/sbin/sasldblistusers2 | wc -l` -eq 0 ] ; then
echo "WARNING: Failed to create ${SASLDB_NAME}"
@@ -78,7 +84,7 @@ create_sasldb() {
chmod 640 ${SASLDB_NAME}
if [ -f ${SASLDB_NAME}-lock ]; then
chown ${CYRUS_USER}:mail ${SASLDB_NAME}-lock
- chmod 640 ${SASLDB_NAME}-lock
+ chmod 660 ${SASLDB_NAME}-lock
fi
fi
fi