svn commit: r544006 - in head/security/teleport: . files
Steve Wills
swills at FreeBSD.org
Mon Aug 3 00:49:09 UTC 2020
Author: swills
Date: Mon Aug 3 00:49:06 2020
New Revision: 544006
URL: https://svnweb.freebsd.org/changeset/ports/544006
Log:
security/teleport: update to 4.3.2
While here, take maintainership since I use this, and also clean up a
bit, remove REINPLACE_CMD
Added:
head/security/teleport/files/patch-build.assets_pkg_etc_teleport.yaml (contents, props changed)
head/security/teleport/files/patch-lib_config_fileconf.go (contents, props changed)
head/security/teleport/files/patch-lib_defaults_defaults.go (contents, props changed)
head/security/teleport/files/patch-lib_events_auditlog.go (contents, props changed)
head/security/teleport/files/patch-lib_events_doc.go (contents, props changed)
head/security/teleport/files/patch-lib_services_server.go (contents, props changed)
head/security/teleport/files/patch-tool_teleport_common_teleport__test.go (contents, props changed)
head/security/teleport/files/patch-version.mk (contents, props changed)
Modified:
head/security/teleport/Makefile (contents, props changed)
head/security/teleport/distinfo (contents, props changed)
head/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go (contents, props changed)
head/security/teleport/files/teleport.in
Modified: head/security/teleport/Makefile
==============================================================================
--- head/security/teleport/Makefile Sun Aug 2 22:44:24 2020 (r544005)
+++ head/security/teleport/Makefile Mon Aug 3 00:49:06 2020 (r544006)
@@ -2,10 +2,10 @@
PORTNAME= teleport
DISTVERSIONPREFIX= v
-DISTVERSION= 4.2.11
+DISTVERSION= 4.3.2
CATEGORIES= security
-MAINTAINER= ports at FreeBSD.org
+MAINTAINER= swills at FreeBSD.org
COMMENT= Gravitational Teleport SSH
LICENSE= APACHE20
@@ -17,8 +17,11 @@ BUILD_DEPENDS= zip:archivers/zip
USES= compiler gmake go
-USE_GITHUB= yes
-GH_ACCOUNT= gravitational
+USE_GITHUB= yes
+GH_ACCOUNT= gravitational
+GH_TUPLE= gravitational:webassets:e65ae13:webassets/webassets
+GH_COMMIT_SHORT= c6d702ad8
+GH_TAG_COMMIT= ${DISTVERSIONPREFIX}${DISTVERSION}-0-g${GH_COMMIT_SHORT}
USE_RC_SUBR= teleport
@@ -28,25 +31,20 @@ NOPRECIOUSMAKEVARS= YES
SUB_FILES= pkg-message
-PLIST_FILES= bin/teleport \
- bin/tctl \
+PLIST_FILES= bin/tctl \
+ bin/teleport \
bin/tsh \
"@sample etc/teleport.yaml.sample"
GO_TELEPORT_SRC_DIR= src/github.com/gravitational/teleport
-PRE_GOPATH_DIR= ${PORTNAME}-${DISTVERSION}${DISTVERSIONSUFFIX}
+PRE_GOPATH_DIR= ${PORTNAME}-${DISTVERSION}${DISTVERSIONSUFFIX}
-post-extract:
+post-patch:
@${MKDIR} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}
+ @${REINPLACE_CMD} -e 's|%%GH_TAG_COMMIT%%|${GH_TAG_COMMIT}|' \
+ ${WRKSRC}/version.mk
@${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/vendor/* ${WRKDIR}/src/
@${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/* ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/
-
-post-patch:
- @${REINPLACE_CMD} -e 's|^GITREF=.*|GITREF=${GH_TAG_COMMIT}|' \
- ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/version.mk
- @${FIND} ${WRKDIR} -type f -exec ${SED} -i '' \
- -e 's|\/var\/lib|/var/db|g' \
- -e 's|\/usr\/bin\/hostname|/bin/hostname|g' {} +
do-build:
@cd ${WRKDIR}/${GO_TELEPORT_SRC_DIR} && \
Modified: head/security/teleport/distinfo
==============================================================================
--- head/security/teleport/distinfo Sun Aug 2 22:44:24 2020 (r544005)
+++ head/security/teleport/distinfo Mon Aug 3 00:49:06 2020 (r544006)
@@ -1,3 +1,5 @@
-TIMESTAMP = 1593594956
-SHA256 (gravitational-teleport-v4.2.11_GH0.tar.gz) = e0c8f0123fd2c87fccd5464abc1079a82f0097999efeed32059a01f6fab19616
-SIZE (gravitational-teleport-v4.2.11_GH0.tar.gz) = 55839443
+TIMESTAMP = 1596370038
+SHA256 (gravitational-teleport-v4.3.2_GH0.tar.gz) = 25e1865e12672302bb854bdda9f7d9a7bfe5adc2c59e32bd904214fea4d0d1d6
+SIZE (gravitational-teleport-v4.3.2_GH0.tar.gz) = 54645625
+SHA256 (gravitational-webassets-e65ae13_GH0.tar.gz) = 0157db26b46741e0aa1483b47b1d6f643f01bdb6a626c51f77e2c36ba15834f6
+SIZE (gravitational-webassets-e65ae13_GH0.tar.gz) = 4684366
Added: head/security/teleport/files/patch-build.assets_pkg_etc_teleport.yaml
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-build.assets_pkg_etc_teleport.yaml Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,51 @@
+--- build.assets/pkg/etc/teleport.yaml.orig 2020-07-08 18:08:40 UTC
++++ build.assets/pkg/etc/teleport.yaml
+@@ -9,7 +9,7 @@ teleport:
+
+ # Data directory where Teleport daemon keeps its data.
+ # See "Filesystem Layout" section above for more details.
+- # data_dir: /var/lib/teleport
++ # data_dir: /var/db/teleport
+
+ # Invitation token used to join a cluster. it is not used on
+ # subsequent starts
+@@ -54,8 +54,8 @@ teleport:
+ type: dir
+
+ # Array of locations where the audit log events will be stored. by
+- # default they are stored in `/var/lib/teleport/log`
+- # audit_events_uri: ['file:///var/lib/teleport/log', 'dynamodb://events_table_name', 'stdout://']
++ # default they are stored in `/var/db/teleport/log`
++ # audit_events_uri: ['file:///var/db/teleport/log', 'dynamodb://events_table_name', 'stdout://']
+
+ # Use this setting to configure teleport to store the recorded sessions in
+ # an AWS S3 bucket. see "Using Amazon S3" chapter for more information.
+@@ -111,7 +111,7 @@ auth_service:
+ # By default an automatically generated name is used (not recommended)
+ #
+ # IMPORTANT: if you change cluster_name, it will invalidate all generated
+- # certificates and keys (may need to wipe out /var/lib/teleport directory)
++ # certificates and keys (may need to wipe out /var/db/teleport directory)
+ # cluster_name: "main"
+
+ authentication:
+@@ -185,7 +185,7 @@ auth_service:
+ #
+ # If not set, by default Teleport will look for the `license.pem` file in
+ # the configured `data_dir`.
+- # license_file: /var/lib/teleport/license.pem
++ # license_file: /var/db/teleport/license.pem
+
+ # DEPRECATED in Teleport 3.2 (moved to proxy_service section)
+ # kubeconfig_file: /path/to/kubeconfig
+@@ -258,8 +258,8 @@ proxy_service:
+
+ # TLS certificate for the HTTPS connection. Configuring these properly is
+ # critical for Teleport security.
+- # https_key_file: /var/lib/teleport/webproxy_key.pem
+- # https_cert_file: /var/lib/teleport/webproxy_cert.pem
++ # https_key_file: /var/db/teleport/webproxy_key.pem
++ # https_cert_file: /var/db/teleport/webproxy_cert.pem
+
+ # This section configures the Kubernetes proxy service
+ # kubernetes:
Added: head/security/teleport/files/patch-lib_config_fileconf.go
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-lib_config_fileconf.go Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,11 @@
+--- lib/config/fileconf.go.orig 2020-07-08 18:08:40 UTC
++++ lib/config/fileconf.go
+@@ -281,7 +281,7 @@ func MakeSampleFileConfig() (fc *FileConfig, err error
+ s.Commands = []CommandLabel{
+ {
+ Name: "hostname",
+- Command: []string{"/usr/bin/hostname"},
++ Command: []string{"/bin/hostname"},
+ Period: time.Minute,
+ },
+ {
Added: head/security/teleport/files/patch-lib_defaults_defaults.go
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-lib_defaults_defaults.go Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,11 @@
+--- lib/defaults/defaults.go.orig 2020-07-08 18:08:40 UTC
++++ lib/defaults/defaults.go
+@@ -436,7 +436,7 @@ var (
+
+ // DataDir is where all mutable data is stored (user keys, recorded sessions,
+ // registered SSH servers, etc):
+- DataDir = "/var/lib/teleport"
++ DataDir = "/var/db/teleport"
+
+ // StartRoles is default roles teleport assumes when started via 'start' command
+ StartRoles = []string{RoleProxy, RoleNode, RoleAuthService}
Added: head/security/teleport/files/patch-lib_events_auditlog.go
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-lib_events_auditlog.go Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,11 @@
+--- lib/events/auditlog.go.orig 2020-07-08 18:08:40 UTC
++++ lib/events/auditlog.go
+@@ -45,7 +45,7 @@ import (
+ const (
+ // SessionLogsDir is a subdirectory inside the eventlog data dir
+ // where all session-specific logs and streams are stored, like
+- // in /var/lib/teleport/logs/sessions
++ // in /var/db/teleport/logs/sessions
+ SessionLogsDir = "sessions"
+
+ // PlaybacksDir is a directory for playbacks
Added: head/security/teleport/files/patch-lib_events_doc.go
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-lib_events_doc.go Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,110 @@
+--- lib/events/doc.go.orig 2020-07-08 18:08:40 UTC
++++ lib/events/doc.go
+@@ -85,7 +85,7 @@ Main Audit Log Format
+
+ The main log files are saved as:
+
+- /var/lib/teleport/log/<auth-server-id>/<date>.log
++ /var/db/teleport/log/<auth-server-id>/<date>.log
+
+ The log file is rotated every 24 hours. The old files must be cleaned
+ up or archived by an external tool.
+@@ -111,7 +111,7 @@ Each session has its own session log stored as several
+
+ Index file contains a list of event files and chunks files associated with a session:
+
+- /var/lib/teleport/log/sessions/<auth-server-id>/<session-id>.index
++ /var/db/teleport/log/sessions/<auth-server-id>/<session-id>.index
+
+ The format of the index file contains of two or more lines with pointers to other files:
+
+@@ -120,8 +120,8 @@ The format of the index file contains of two or more l
+
+ Files:
+
+- /var/lib/teleport/log/<auth-server-id>/<session-id>-<first-event-in-file-index>.events
+- /var/lib/teleport/log/<auth-server-id>/<session-id>-<first-chunk-in-file-offset>.chunks
++ /var/db/teleport/log/<auth-server-id>/<session-id>-<first-event-in-file-index>.events
++ /var/db/teleport/log/<auth-server-id>/<session-id>-<first-chunk-in-file-offset>.chunks
+
+ Where:
+ - .events (same events as in the main log, but related to the session)
+@@ -135,7 +135,7 @@ Examples
+ In the simplest case, single auth server a1 log for a single session id s1
+ will consist of three files:
+
+-/var/lib/teleport/a1/s1.index
++/var/db/teleport/a1/s1.index
+
+ With contents:
+
+@@ -146,14 +146,14 @@ This means that all session events are located in s1-0
+ the first event with index 0 and all chunks are located in file s1-0.chunks file
+ with the byte offset from the start - 0.
+
+-File with session events /var/lib/teleport/a1/s1-0.events will contain:
++File with session events /var/db/teleport/a1/s1-0.events will contain:
+
+ {"ei":0,"event":"session.start", ...}
+ {"ei":1,"event":"resize",...}
+ {"ei":2,"ci":0, "event":"print","bytes":40,"offset":0}
+ {"ei":3,"event":"session.end", ...}
+
+-File with recorded session /var/lib/teleport/a1/s1-0.chunks will contain 40 bytes
++File with recorded session /var/db/teleport/a1/s1-0.chunks will contain 40 bytes
+ emitted by print event with chunk index 0
+
+ **Multiple Auth Servers**
+@@ -164,7 +164,7 @@ In high availability mode scenario, multiple auth serv
+ Any auth server can go down during session and clients will retry the delivery
+ to the other auth server.
+
+-Both auth servers have mounted /var/lib/teleport/log as a shared NFS folder.
++Both auth servers have mounted /var/db/teleport/log as a shared NFS folder.
+
+ To make sure that only one auth server writes to a file at a time,
+ each auth server writes to it's own file in a sub folder named
+@@ -176,37 +176,37 @@ and the second batch of event to the second server a2.
+
+ Server a1 will produce the following file:
+
+-/var/lib/teleport/a1/s1.index
++/var/db/teleport/a1/s1.index
+
+ With contents:
+
+ {"file_name":"s1-0.events","type":"events","index":0}
+ {"file_name":"s1-0.chunks","type":"chunks","offset":0}
+
+-Events file /var/lib/teleport/a1/s1-0.events will contain:
++Events file /var/db/teleport/a1/s1-0.events will contain:
+
+ {"ei":0,"event":"session.start", ...}
+ {"ei":1,"event":"resize",...}
+ {"ei":2,"ci":0, "event":"print","bytes":40,"offset":0}
+
+-Events file /var/lib/teleport/a1/s1-0.chunks will contain 40 bytes
++Events file /var/db/teleport/a1/s1-0.chunks will contain 40 bytes
+ emitted by print event with chunk index.
+
+ Server a2 will produce the following file:
+
+-/var/lib/teleport/a2/s1.index
++/var/db/teleport/a2/s1.index
+
+ With contents:
+
+ {"file_name":"s1-3.events","type":"events","index":3}
+ {"file_name":"s1-40.chunks","type":"chunks","offset":40}
+
+-Events file /var/lib/teleport/a2/s1-4.events will contain:
++Events file /var/db/teleport/a2/s1-4.events will contain:
+
+ {"ei":3,"ci":1, "event":"print","bytes":15,"ms":713,"offset":40}
+ {"ei":4,"event":"session.end", ...}
+
+-Events file /var/lib/teleport/a2/s1-40.chunks will contain 15 bytes emitted
++Events file /var/db/teleport/a2/s1-40.chunks will contain 15 bytes emitted
+ by print event with chunk index 1 and comes after delay of 713 milliseconds.
+
+ Offset 40 indicates that the first chunk stored in the file s1-40.chunks
Added: head/security/teleport/files/patch-lib_services_server.go
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-lib_services_server.go Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,11 @@
+--- lib/services/server.go.orig 2020-07-08 18:08:40 UTC
++++ lib/services/server.go
+@@ -546,7 +546,7 @@ type CommandLabelV1 struct {
+ // Period is a time between command runs
+ Period time.Duration `json:"period"`
+ // Command is a command to run
+- Command []string `json:"command"` //["/usr/bin/hostname", "--long"]
++ Command []string `json:"command"` //["/bin/hostname", "--long"]
+ // Result captures standard output
+ Result string `json:"result"`
+ }
Added: head/security/teleport/files/patch-tool_teleport_common_teleport__test.go
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-tool_teleport_common_teleport__test.go Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,20 @@
+--- tool/teleport/common/teleport_test.go.orig 2020-07-08 18:08:40 UTC
++++ tool/teleport/common/teleport_test.go
+@@ -62,7 +62,7 @@ func (s *MainTestSuite) SetUpSuite(c *check.C) {
+
+ // set imprtant defaults to test-mode (non-existing files&locations)
+ defaults.ConfigFilePath = "/tmp/teleport/etc/teleport.yaml"
+- defaults.DataDir = "/tmp/teleport/var/lib/teleport"
++ defaults.DataDir = "/tmp/teleport/var/db/teleport"
+ }
+
+ func (s *MainTestSuite) TestDefault(c *check.C) {
+@@ -72,7 +72,7 @@ func (s *MainTestSuite) TestDefault(c *check.C) {
+ })
+ c.Assert(cmd, check.Equals, "start")
+ c.Assert(conf.Hostname, check.Equals, s.hostname)
+- c.Assert(conf.DataDir, check.Equals, "/tmp/teleport/var/lib/teleport")
++ c.Assert(conf.DataDir, check.Equals, "/tmp/teleport/var/db/teleport")
+ c.Assert(conf.Auth.Enabled, check.Equals, true)
+ c.Assert(conf.SSH.Enabled, check.Equals, true)
+ c.Assert(conf.Proxy.Enabled, check.Equals, true)
Modified: head/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go
==============================================================================
--- head/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go Sun Aug 2 22:44:24 2020 (r544005)
+++ head/security/teleport/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go Mon Aug 3 00:49:06 2020 (r544006)
@@ -1,40 +1,5 @@
---- vendor/github.com/kr/pty/ztypes_freebsd_arm64.go.orig 2019-12-23 19:57:30 UTC
+--- vendor/github.com/kr/pty/ztypes_freebsd_arm64.go.orig 2020-07-24 04:36:27 UTC
+++ vendor/github.com/kr/pty/ztypes_freebsd_arm64.go
-@@ -0,0 +1,13 @@
-+// Created by cgo -godefs - DO NOT EDIT
-+// cgo -godefs types_freebsd.go
-+
-+package pty
-+
-+const (
-+ _C_SPECNAMELEN = 0x3f
-+)
-+
-+type fiodgnameArg struct {
-+ Len int32
-+ Buf *byte
-+}
-
-
---- ../src/github.com/gravitational/teleport/vendor/github.com/kr/pty/ztypes_freebsd_arm64.go.orig 2019-12-23 19:57:30 UTC
-+++ ../src/github.com/gravitational/teleport/vendor/github.com/kr/pty/ztypes_freebsd_arm64.go
-@@ -0,0 +1,13 @@
-+// Created by cgo -godefs - DO NOT EDIT
-+// cgo -godefs types_freebsd.go
-+
-+package pty
-+
-+const (
-+ _C_SPECNAMELEN = 0x3f
-+)
-+
-+type fiodgnameArg struct {
-+ Len int32
-+ Buf *byte
-+}
-
---- ../src/golang.org/x/sys/unix/ztypes_freebsd_arm64.go.orig 2019-12-23 19:57:30 UTC
-+++ ../src/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
@@ -0,0 +1,13 @@
+// Created by cgo -godefs - DO NOT EDIT
+// cgo -godefs types_freebsd.go
Added: head/security/teleport/files/patch-version.mk
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/teleport/files/patch-version.mk Mon Aug 3 00:49:06 2020 (r544006)
@@ -0,0 +1,8 @@
+--- version.mk.orig 2020-07-08 18:08:40 UTC
++++ version.mk
+@@ -1,4 +1,4 @@
+-GITREF=`git describe --dirty --long --tags`
++GITREF=%%GH_TAG_COMMIT%%
+
+ # $(VERSION_GO) will be written to version.go
+ VERSION_GO="/* DO NOT EDIT THIS FILE. IT IS GENERATED BY 'make setver'*/\n\n\
Modified: head/security/teleport/files/teleport.in
==============================================================================
--- head/security/teleport/files/teleport.in Sun Aug 2 22:44:24 2020 (r544005)
+++ head/security/teleport/files/teleport.in Mon Aug 3 00:49:06 2020 (r544006)
@@ -3,7 +3,7 @@
# $FreeBSD$
#
# PROVIDE: teleport
-# REQUIRE: LOGIN
+# REQUIRE: NETWORKING SERVERS DAEMON
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
More information about the svn-ports-all
mailing list