svn commit: r378496 - in head/net-mgmt/xymon-client: . files

Mark Felder feld at FreeBSD.org
Thu Feb 5 22:23:02 UTC 2015 

Author: feld
Date: Thu Feb  5 22:23:00 2015
New Revision: 378496
URL: https://svnweb.freebsd.org/changeset/ports/378496
QAT: https://qat.redports.org/buildarchive/r378496/

Log:
  Xymon-client was not completely dropping privileges at startup.
  
  While xymon-client knows internally what UID it should run as, a
  design flaw in the rc script was still launching its master process as
  root. As a result the following two processes were always running as
  root instead of the xymon user:
  
  /usr/local/www/xymon/client/bin/xymonlaunch ...
  sh -c vmstat 300 2 ...
  
  The rest of the processes the xymon-client runs such as df, netstat,
  top, custom scripts, etc were correctly executing as non-root.

Modified:
  head/net-mgmt/xymon-client/Makefile
  head/net-mgmt/xymon-client/files/xymon-client.in

Modified: head/net-mgmt/xymon-client/Makefile
==============================================================================
--- head/net-mgmt/xymon-client/Makefile	Thu Feb  5 22:19:58 2015	(r378495)
+++ head/net-mgmt/xymon-client/Makefile	Thu Feb  5 22:23:00 2015	(r378496)
@@ -2,7 +2,7 @@
 
 PORTNAME=	xymon
 PORTVERSION=	4.3.18
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	net-mgmt www
 MASTER_SITES=	SF/xymon/Xymon/${PORTVERSION}
 PKGNAMESUFFIX=	-client${PKGNAMESUFFIX2}
@@ -16,6 +16,8 @@ LICENSE=	GPLv2
 USERS=	xymon
 GROUPS=	xymon
 
+SUB_LIST+=	USERS="${USERS}"
+
 # Options
 XYMONUSER?=	xymon
 XYMONHOSTIP?=	127.0.0.1

Modified: head/net-mgmt/xymon-client/files/xymon-client.in
==============================================================================
--- head/net-mgmt/xymon-client/files/xymon-client.in	Thu Feb  5 22:19:58 2015	(r378495)
+++ head/net-mgmt/xymon-client/files/xymon-client.in	Thu Feb  5 22:23:00 2015	(r378496)
@@ -14,12 +14,11 @@ rcvar=xymon_client_enable
 
 load_rc_config "$name"
 : ${xymon_client_enable:=NO}
+: ${xymon_client_user:=%%USERS%%}
 
-command="%%PREFIX%%/www/xymon/client/runclient.sh"
-start_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} start"
-stop_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} stop"
-status_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} status"
-reload_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} restart"
-pidfile="%%PREFIX%%/www/xymon/client/logs/clientlaunch.`hostname`.pid"
+command=/usr/local/www/xymon/client/runclient.sh
+command_args="${xymon_client_flags} ${1}"
+procname=/usr/local/www/xymon/client/bin/xymonlaunch
+pidfile="/usr/local/www/xymon/client/logs/clientlaunch.`hostname`.pid"
 
 run_rc_command "$1"

More information about the svn-ports-head mailing list