From nobody Sun Nov 06 10:48:49 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N4rh14YzJz4grwv; Sun, 6 Nov 2022 10:48:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N4rh14NB0z3xxP; Sun, 6 Nov 2022 10:48:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667731729; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aNUdppnmW2udHA3oLCjUHCg5yN/x8c98GVrW72l3y6Q=; b=h4q7w0qyc0eyjBGZfZ3FMMobL3vxDenOUa0XUw9/hIdAmFW/892gUYXYo4XUQPKMbFRjoM cPBSeJwT9VLfBLvE/5rlr39psni/AZLKYeEtuW0M/EuZDKu4uEPTVI0nGoXJ1GS0WnFZ7L voPUinVRsAFHFimGdgJIyZXdhNaTdf0oN3fTil0RegJPnTHOoARf/N0fIr4J0KWydZSWZM m9YfCbZw1A1q3gR/lB5qkvnbS1MJTdqnoTh1HJSqnMpRZuRwS6Yy8gjfE/tXlKUhj49NUT +wJSbUHLojuhlROr/24v/kqsqR6S5VOiJJVGMZeexGum2GY7HaPPT1S5C3A0Sg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4N4rh13V2GzJCl; Sun, 6 Nov 2022 10:48:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2A6AmnT7072388; Sun, 6 Nov 2022 10:48:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2A6AmnXg072387; Sun, 6 Nov 2022 10:48:49 GMT (envelope-from git) Date: Sun, 6 Nov 2022 10:48:49 GMT Message-Id: <202211061048.2A6AmnXg072387@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Daniel Engberg Subject: git: 19cac1122ceb - main - security/teleport: Update to 4.4.12 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: diizzy X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 19cac1122ceb74cb35863a01f17cc2ef0556d227 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667731729; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aNUdppnmW2udHA3oLCjUHCg5yN/x8c98GVrW72l3y6Q=; b=Sig+Z0hd0JsZEpR7Up7vhoDzp3bRXtHUSJggR2/b0abB8M7N1dPvxgSgX7MrhTB9wGByma 3bO7WLCULb5I7qZRSBSJqMxrnC8400N/I7pw65uYJv9nDEyhh2ofYxA/IqbKnPWSST5rXE AU0wn8XxhrLVNBeuzQquq3XGlg/NQG6LNJVTsPGm2zyOAnZw315rbs5wwUPYRtLgL9ymOr PLo5CoGS7gmSX1to7Z4i6muejd/qbrxRKV+6ahtnEJrMxwJkBLT2hRhwNzHKqSGLEPwLKZ UWw0fNDI6f3VACZ2dyNFhv1HkHNB4Wdbq1NcOEH2MQfAtnpudM+b9JE/tsE3rg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667731729; a=rsa-sha256; cv=none; b=NLvQGcaSK0pgyfioHCkEnbdqcRz61et5woSDIDxbveMoFpapCVIm0ebPM1GjduwOQ757mG g0bcyqefbIsdwNwZ6bXD6Hpblb3N1ODWNCUYkxLA1y8TQPTQSsRzgZkN8biyB4v4dl9jr9 YMqi0WQJRMs3kE/ZxeFf4kaeof0dYEaOJwubbBC5pQQLN7iNFPIMpETe26Huo4gaUCKL+9 bY3B5trd5YfrgJ+0RaDs/LDVAuyzstgWW8L+wDeuMEu5/V1w2kAB/7SskDtItLJt+t3vSl kolP79qUqK/bLHA+ISInB5wcDMWdGr3zyzDM8yKBz1eReK3ICr3JReI9nwCLdQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by diizzy: URL: https://cgit.FreeBSD.org/ports/commit/?id=19cac1122ceb74cb35863a01f17cc2ef0556d227 commit 19cac1122ceb74cb35863a01f17cc2ef0556d227 Author: Michael Reim AuthorDate: 2022-11-06 10:37:31 +0000 Commit: Daniel Engberg CommitDate: 2022-11-06 10:46:53 +0000 security/teleport: Update to 4.4.12 Pass maintainership to submitter due to multiple timeouts from current. Changelog: https://github.com/gravitational/teleport/releases/tag/v4.4.12 PR: 267052 Approved by: portmgr (maintainer timeout, 3+ weeks) --- security/teleport/Makefile | 13 +++-- security/teleport/distinfo | 10 ++-- .../files/patch-build.assets_pkg_etc_teleport.yaml | 51 ---------------- .../files/patch-docs_pages_config-reference.mdx | 68 ++++++++++++++++++++++ .../teleport/files/patch-lib_config_fileconf.go | 11 ---- .../teleport/files/patch-lib_defaults_defaults.go | 4 +- .../teleport/files/patch-lib_events_auditlog.go | 4 +- security/teleport/files/patch-lib_events_doc.go | 2 +- .../teleport/files/patch-lib_services_server.go | 4 +- .../patch-tool_teleport_common_teleport__test.go | 2 +- ...dor_github.com_kr_pty_ztypes__freebsd__arm64.go | 2 +- security/teleport/files/patch-version.mk | 2 +- security/teleport/files/pkg-message.in | 23 +++++--- security/teleport/pkg-descr | 23 ++++---- 14 files changed, 115 insertions(+), 104 deletions(-) diff --git a/security/teleport/Makefile b/security/teleport/Makefile index 6e3442557a4b..68134871f0fd 100644 --- a/security/teleport/Makefile +++ b/security/teleport/Makefile @@ -1,12 +1,11 @@ PORTNAME= teleport DISTVERSIONPREFIX= v -DISTVERSION= 4.3.9 -PORTREVISION= 6 +DISTVERSION= 4.4.12 CATEGORIES= security -MAINTAINER= swills@FreeBSD.org -COMMENT= Gravitational Teleport SSH -WWW= https://gravitational.com/teleport/ +MAINTAINER= kraileth@elderlinux.org +COMMENT= Centralized access gateway using the SSH protocol +WWW= https://goteleport.com/teleport LICENSE= APACHE20 @@ -15,11 +14,13 @@ NOT_FOR_ARCHS_REASON= Uses 64bit types BUILD_DEPENDS= zip:archivers/zip +# If you need the auth service to work, you need to compile this port with +# Go 1.17 or older. In case tsh is what you're after, Go 1.19 is fine. USES= compiler gmake go USE_GITHUB= yes GH_ACCOUNT= gravitational -GH_TUPLE= gravitational:webassets:eac734b:webassets/webassets +GH_TUPLE= gravitational:webassets:2ee76aa:webassets/webassets GH_COMMIT_SHORT= fabee242d GH_TAG_COMMIT= ${DISTVERSIONPREFIX}${DISTVERSION}-0-g${GH_COMMIT_SHORT} diff --git a/security/teleport/distinfo b/security/teleport/distinfo index 27c4250be5b5..362cf0489a3b 100644 --- a/security/teleport/distinfo +++ b/security/teleport/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1609025109 -SHA256 (gravitational-teleport-v4.3.9_GH0.tar.gz) = 6b095366cfe788ca72ef7dc2bb052ff258b0e48de82b05b34f935f928b1aa776 -SIZE (gravitational-teleport-v4.3.9_GH0.tar.gz) = 54786284 -SHA256 (gravitational-webassets-eac734b_GH0.tar.gz) = 3f78270f137d690adafd3ec918e51cebc0c2f18c6b3879a57eaa19a267bfc64c -SIZE (gravitational-webassets-eac734b_GH0.tar.gz) = 4683803 +TIMESTAMP = 1665730213 +SHA256 (gravitational-teleport-v4.4.12_GH0.tar.gz) = 097537273bd0579b3b833870cab74ce1da5432357a14c5501db7a2c525fbcb15 +SIZE (gravitational-teleport-v4.4.12_GH0.tar.gz) = 37824023 +SHA256 (gravitational-webassets-2ee76aa_GH0.tar.gz) = 16c5fbdc43723c392d46163073053c850cae7d355fb97b5ba8fd298246be85c4 +SIZE (gravitational-webassets-2ee76aa_GH0.tar.gz) = 4684443 diff --git a/security/teleport/files/patch-build.assets_pkg_etc_teleport.yaml b/security/teleport/files/patch-build.assets_pkg_etc_teleport.yaml deleted file mode 100644 index 7a370e692e2e..000000000000 --- a/security/teleport/files/patch-build.assets_pkg_etc_teleport.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- build.assets/pkg/etc/teleport.yaml.orig 2020-07-08 18:08:40 UTC -+++ build.assets/pkg/etc/teleport.yaml -@@ -9,7 +9,7 @@ teleport: - - # Data directory where Teleport daemon keeps its data. - # See "Filesystem Layout" section above for more details. -- # data_dir: /var/lib/teleport -+ # data_dir: /var/db/teleport - - # Invitation token used to join a cluster. it is not used on - # subsequent starts -@@ -54,8 +54,8 @@ teleport: - type: dir - - # Array of locations where the audit log events will be stored. by -- # default they are stored in `/var/lib/teleport/log` -- # audit_events_uri: ['file:///var/lib/teleport/log', 'dynamodb://events_table_name', 'stdout://'] -+ # default they are stored in `/var/db/teleport/log` -+ # audit_events_uri: ['file:///var/db/teleport/log', 'dynamodb://events_table_name', 'stdout://'] - - # Use this setting to configure teleport to store the recorded sessions in - # an AWS S3 bucket. see "Using Amazon S3" chapter for more information. -@@ -111,7 +111,7 @@ auth_service: - # By default an automatically generated name is used (not recommended) - # - # IMPORTANT: if you change cluster_name, it will invalidate all generated -- # certificates and keys (may need to wipe out /var/lib/teleport directory) -+ # certificates and keys (may need to wipe out /var/db/teleport directory) - # cluster_name: "main" - - authentication: -@@ -185,7 +185,7 @@ auth_service: - # - # If not set, by default Teleport will look for the `license.pem` file in - # the configured `data_dir`. -- # license_file: /var/lib/teleport/license.pem -+ # license_file: /var/db/teleport/license.pem - - # DEPRECATED in Teleport 3.2 (moved to proxy_service section) - # kubeconfig_file: /path/to/kubeconfig -@@ -258,8 +258,8 @@ proxy_service: - - # TLS certificate for the HTTPS connection. Configuring these properly is - # critical for Teleport security. -- # https_key_file: /var/lib/teleport/webproxy_key.pem -- # https_cert_file: /var/lib/teleport/webproxy_cert.pem -+ # https_key_file: /var/db/teleport/webproxy_key.pem -+ # https_cert_file: /var/db/teleport/webproxy_cert.pem - - # This section configures the Kubernetes proxy service - # kubernetes: diff --git a/security/teleport/files/patch-docs_pages_config-reference.mdx b/security/teleport/files/patch-docs_pages_config-reference.mdx new file mode 100644 index 000000000000..b5a8eabc6bb0 --- /dev/null +++ b/security/teleport/files/patch-docs_pages_config-reference.mdx @@ -0,0 +1,68 @@ +--- docs/pages/config-reference.mdx.orig 2022-02-23 04:58:43 UTC ++++ docs/pages/config-reference.mdx +@@ -21,7 +21,7 @@ teleport: + + # Data directory where Teleport daemon keeps its data. + # See "Filesystem Layout" section above for more details. +- data_dir: /var/lib/teleport ++ data_dir: /var/db/teleport + + # Invitation token used to join a cluster. it is not used on + # subsequent starts +@@ -52,11 +52,11 @@ teleport: + max_connections: 1000 + max_users: 250 + +- # Logging configuration. Possible output values to disk via '/var/lib/teleport/teleport.log', ++ # Logging configuration. Possible output values to disk via '/var/db/teleport/teleport.log', + # 'stdout', 'stderr' and 'syslog'. Possible severity values are INFO, WARN + # and ERROR (default). Possible format values include: timestamp, component, caller, and level. + log: +- output: /var/lib/teleport/teleport.log ++ output: /var/db/teleport/teleport.log + severity: ERROR + format: [level, timestamp, component, caller] + # Configuration for the storage back-end used for the cluster state and the +@@ -68,11 +68,11 @@ teleport: + type: dir + + # List of locations where the audit log events will be stored. By default, +- # they are stored in `/var/lib/teleport/log` ++ # they are stored in `/var/db/teleport/log` + # When specifying multiple destinations like this, make sure that any highly-available + # storage methods (like DynamoDB or Firestore) are specified first, as this is what the + # Teleport web UI uses as its source of events to display. +- audit_events_uri: ['dynamodb://events_table_name', 'firestore://events_table_name', 'file:///var/lib/teleport/log', 'stdout://'] ++ audit_events_uri: ['dynamodb://events_table_name', 'firestore://events_table_name', 'file:///var/db/teleport/log', 'stdout://'] + + # Use this setting to configure teleport to store the recorded sessions in + # an AWS S3 bucket or use GCP Storage with 'gs://'. See "Using Amazon S3" +@@ -131,7 +131,7 @@ auth_service: + # By default an automatically generated name is used (not recommended) + # + # IMPORTANT: if you change cluster_name, it will invalidate all generated +- # certificates and keys (may need to wipe out /var/lib/teleport directory) ++ # certificates and keys (may need to wipe out /var/db/teleport directory) + cluster_name: "main" + + authentication: +@@ -223,7 +223,7 @@ auth_service: + # + # If not set, by default Teleport will look for the `license.pem` file in + # the configured `data_dir` . +- license_file: /var/lib/teleport/license.pem ++ license_file: /var/db/teleport/license.pem + + # This section configures the 'node service': + ssh_service: +@@ -320,8 +320,8 @@ proxy_service: + + # TLS certificate for the HTTPS connection. Configuring these properly is + # critical for Teleport security. +- https_key_file: /var/lib/teleport/webproxy_key.pem +- https_cert_file: /var/lib/teleport/webproxy_cert.pem ++ https_key_file: /var/db/teleport/webproxy_key.pem ++ https_cert_file: /var/db/teleport/webproxy_cert.pem + + # This section configures the Kubernetes proxy service + kubernetes: diff --git a/security/teleport/files/patch-lib_config_fileconf.go b/security/teleport/files/patch-lib_config_fileconf.go deleted file mode 100644 index 5f8e7c1374a6..000000000000 --- a/security/teleport/files/patch-lib_config_fileconf.go +++ /dev/null @@ -1,11 +0,0 @@ ---- lib/config/fileconf.go.orig 2020-07-08 18:08:40 UTC -+++ lib/config/fileconf.go -@@ -281,7 +281,7 @@ func MakeSampleFileConfig() (fc *FileConfig, err error - s.Commands = []CommandLabel{ - { - Name: "hostname", -- Command: []string{"/usr/bin/hostname"}, -+ Command: []string{"/bin/hostname"}, - Period: time.Minute, - }, - { diff --git a/security/teleport/files/patch-lib_defaults_defaults.go b/security/teleport/files/patch-lib_defaults_defaults.go index 7fbb9101de4f..a0ec9693613e 100644 --- a/security/teleport/files/patch-lib_defaults_defaults.go +++ b/security/teleport/files/patch-lib_defaults_defaults.go @@ -1,6 +1,6 @@ ---- lib/defaults/defaults.go.orig 2020-07-08 18:08:40 UTC +--- lib/defaults/defaults.go.orig 2022-02-23 04:58:43 UTC +++ lib/defaults/defaults.go -@@ -436,7 +436,7 @@ var ( +@@ -466,7 +466,7 @@ var ( // DataDir is where all mutable data is stored (user keys, recorded sessions, // registered SSH servers, etc): diff --git a/security/teleport/files/patch-lib_events_auditlog.go b/security/teleport/files/patch-lib_events_auditlog.go index 5d4bf68432a4..ab0c4e04e7bf 100644 --- a/security/teleport/files/patch-lib_events_auditlog.go +++ b/security/teleport/files/patch-lib_events_auditlog.go @@ -1,4 +1,4 @@ ---- lib/events/auditlog.go.orig 2020-07-08 18:08:40 UTC +--- lib/events/auditlog.go.orig 2022-02-23 04:58:43 UTC +++ lib/events/auditlog.go @@ -45,7 +45,7 @@ import ( const ( @@ -8,4 +8,4 @@ + // in /var/db/teleport/logs/sessions SessionLogsDir = "sessions" - // PlaybacksDir is a directory for playbacks + // StreamingLogsDir is a subdirectory of sessions /var/lib/teleport/logs/streaming diff --git a/security/teleport/files/patch-lib_events_doc.go b/security/teleport/files/patch-lib_events_doc.go index bc308eaeec0e..570c0aba3879 100644 --- a/security/teleport/files/patch-lib_events_doc.go +++ b/security/teleport/files/patch-lib_events_doc.go @@ -1,4 +1,4 @@ ---- lib/events/doc.go.orig 2020-07-08 18:08:40 UTC +--- lib/events/doc.go.orig 2022-02-23 04:58:43 UTC +++ lib/events/doc.go @@ -85,7 +85,7 @@ Main Audit Log Format diff --git a/security/teleport/files/patch-lib_services_server.go b/security/teleport/files/patch-lib_services_server.go index f763c90a51db..a93f72ee384f 100644 --- a/security/teleport/files/patch-lib_services_server.go +++ b/security/teleport/files/patch-lib_services_server.go @@ -1,6 +1,6 @@ ---- lib/services/server.go.orig 2020-07-08 18:08:40 UTC +--- lib/services/server.go.orig 2022-02-23 04:58:43 UTC +++ lib/services/server.go -@@ -546,7 +546,7 @@ type CommandLabelV1 struct { +@@ -578,7 +578,7 @@ type CommandLabelV1 struct { // Period is a time between command runs Period time.Duration `json:"period"` // Command is a command to run diff --git a/security/teleport/files/patch-tool_teleport_common_teleport__test.go b/security/teleport/files/patch-tool_teleport_common_teleport__test.go index d2f64d5757d3..cccc072a243f 100644 --- a/security/teleport/files/patch-tool_teleport_common_teleport__test.go +++ b/security/teleport/files/patch-tool_teleport_common_teleport__test.go @@ -1,4 +1,4 @@ ---- tool/teleport/common/teleport_test.go.orig 2020-07-08 18:08:40 UTC +--- tool/teleport/common/teleport_test.go.orig 2022-02-23 04:58:43 UTC +++ tool/teleport/common/teleport_test.go @@ -62,7 +62,7 @@ func (s *MainTestSuite) SetUpSuite(c *check.C) { diff --git a/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go b/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go index 1362356deb92..3178f17f721b 100644 --- a/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go +++ b/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go @@ -1,4 +1,4 @@ ---- vendor/github.com/kr/pty/ztypes_freebsd_arm64.go.orig 2020-07-24 04:36:27 UTC +--- vendor/github.com/kr/pty/ztypes_freebsd_arm64.go.orig 2022-10-14 07:07:07 UTC +++ vendor/github.com/kr/pty/ztypes_freebsd_arm64.go @@ -0,0 +1,13 @@ +// Created by cgo -godefs - DO NOT EDIT diff --git a/security/teleport/files/patch-version.mk b/security/teleport/files/patch-version.mk index ee12c2c4fbe7..1457af7a19fc 100644 --- a/security/teleport/files/patch-version.mk +++ b/security/teleport/files/patch-version.mk @@ -1,4 +1,4 @@ ---- version.mk.orig 2020-07-08 18:08:40 UTC +--- version.mk.orig 2022-02-23 04:58:43 UTC +++ version.mk @@ -1,4 +1,4 @@ -GITREF=`git describe --dirty --long --tags` diff --git a/security/teleport/files/pkg-message.in b/security/teleport/files/pkg-message.in index 2a874bdc7840..f15cd53d3bfc 100644 --- a/security/teleport/files/pkg-message.in +++ b/security/teleport/files/pkg-message.in @@ -1,13 +1,20 @@ [ { type: install message: <