6aec40e423
ports/67724, submitted by Michal F. Hanula) - Change ": foo=${foo:=bar}" into "foo=${foo:-bar}" to make the shell scripts easier to read and understand - Correct credits for the recently published NTLM auth vulnerability and fix a nearby braino, too - Bump PORTREVISION PR: ports/67797 Submitted by: maintainer
172 lines
5.8 KiB
Bash
172 lines
5.8 KiB
Bash
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
PATH=/bin:/usr/bin:/usr/sbin
|
|
pkgname=$1
|
|
squid_base=${PKG_PREFIX:-/usr/local}/squid
|
|
squid_confdir=${PKG_PREFIX:-/usr/local}/etc/squid
|
|
if [ -x /usr/sbin/nologin ]; then
|
|
nologin=/usr/sbin/nologin
|
|
else
|
|
nologin=/sbin/nologin
|
|
fi
|
|
squid_user=${squid_user:-squid}
|
|
squid_group=${squid_group:-squid}
|
|
squid_gid=100
|
|
squid_uid=100
|
|
# Try to catch the case where the $squid_user might have been created with an
|
|
# id greater than or equal 3128. The valid exception is "nobody".
|
|
nobody_uid=65534
|
|
nobody_gid=65534
|
|
squid_oldgid=3128
|
|
squid_olduid=3128
|
|
unset wrong_id
|
|
case $2 in
|
|
PRE-INSTALL)
|
|
echo "===> Pre-installation configuration for ${pkgname}"
|
|
if ! pw groupshow ${squid_group} -q >/dev/null ; then
|
|
echo "There is no group '${squid_group}' on this system, so I will try to create it:"
|
|
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
|
|
echo "Failed to create group \"${squid_group}\"!" >&2
|
|
echo "Please create it manually." >&2
|
|
exit 1
|
|
else
|
|
echo "Group '${squid_group}' created successfully:"
|
|
fi
|
|
else
|
|
echo "I will use the existing group '${squid_group}':"
|
|
current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
|
|
if [ ${current_gid} -ge ${squid_oldgid} \
|
|
-a ${current_gid} -ne ${nobody_gid} ]; then
|
|
wrong_id=1
|
|
fi
|
|
fi
|
|
pw groupshow ${squid_group}
|
|
|
|
if ! pw usershow ${squid_user} -q >/dev/null ; then
|
|
echo "There is no account '${squid_user}' on this system, so I will try to create it:"
|
|
if ! pw useradd -q -n ${squid_user} \
|
|
-u ${squid_uid} -g ${squid_group} \
|
|
-c "squid caching-proxy pseudo user" \
|
|
-d "${squid_base}" -s "${nologin}" \
|
|
-h - ; then
|
|
echo "Failed to create user '${squid_user}'!" >&2
|
|
echo "Please create it manually." >&2
|
|
exit 1
|
|
else
|
|
echo "User '${squid_user}' created successfully:"
|
|
fi
|
|
else
|
|
echo "I will use the existing user '${squid_user}':"
|
|
current_uid=`id -u ${squid_user}`
|
|
if [ ${current_uid} -ge ${squid_olduid} \
|
|
-a ${current_uid} -ne ${nobody_uid} ];
|
|
then
|
|
wrong_id=1
|
|
fi
|
|
fi
|
|
pw usershow ${squid_user}
|
|
if [ "${wrong_id}" ]; then
|
|
echo ""
|
|
echo " * NOTICE *"
|
|
echo ""
|
|
echo "The squid pseudo-user's uid and/or gid have been found"
|
|
echo "to be greater than or equal 3128."
|
|
echo ""
|
|
echo "This is not a problem as such, but violates the FreeBSD"
|
|
echo "ports' principle that a ports must not claim a uid greater"
|
|
echo "than 999."
|
|
echo ""
|
|
echo "Since version 2.5.4_11, the squid user is thus created"
|
|
echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
|
|
echo "port used the first unused uid/gid greater than or"
|
|
echo "equal 3128."
|
|
echo ""
|
|
echo "If you want to change the existing squid user's id, run"
|
|
echo "'make changeuser' after the installation has completed."
|
|
echo "If you installed this port via a package, issue the"
|
|
echo "following commands as root:"
|
|
echo ""
|
|
echo "pw userdel -u ${current_uid}"
|
|
echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
|
|
echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
|
|
echo " -c \"squid caching-proxy pseudo user\" \\"
|
|
echo " -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
|
|
echo " -h -"
|
|
echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
|
echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
|
echo ""
|
|
echo "In case you have installed third party software for squid"
|
|
echo "like squidGuard, you should additionally run:"
|
|
echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
|
echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
|
echo ""
|
|
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
|
|
sleep 30
|
|
fi
|
|
fi
|
|
for dir in cache logs; do
|
|
if [ ! -d ${squid_base}/${dir} ]; then
|
|
echo "Creating ${squid_base}/${dir}..."
|
|
install -d -o ${squid_user} -g ${squid_group} \
|
|
-m 0750 ${squid_base}/${dir}
|
|
fi
|
|
done
|
|
if [ ! -d ${squid_confdir} ]; then
|
|
echo "Creating ${squid_confdir}..."
|
|
install -d -o root -g ${squid_group} \
|
|
-m 0750 ${squid_confdir}
|
|
fi
|
|
;;
|
|
POST-INSTALL)
|
|
for file in mime.conf squid.conf; do
|
|
if [ ! -f ${squid_confdir}/${file} \
|
|
-a -f ${squid_confdir}/${file}.default ]; then
|
|
echo "Creating ${file} from default..."
|
|
install -c -o root -g ${squid_group} -m 0640 \
|
|
${squid_confdir}/${file}.default ${squid_confdir}/${file}
|
|
fi
|
|
done
|
|
|
|
echo "===> Post-installation informations for ${pkgname}"
|
|
echo ""
|
|
echo " o You can find the configuration files for this package"
|
|
echo " in the directory ${squid_confdir}."
|
|
echo ""
|
|
echo " o A cache directory has been created in ${squid_base}/cache."
|
|
echo " Log files will be written to ${squid_base}/logs."
|
|
echo ""
|
|
echo " o The default configuration will deny everyone access to the"
|
|
echo " proxy service. Edit the \"http_access\" directives in"
|
|
echo " ${squid_confdir}/squid.conf to suit your needs."
|
|
echo ""
|
|
echo " o If you never ran squid on this system before, you need to"
|
|
echo " initialize the cache directory by running \"squid -z\""
|
|
echo " as 'root' or '${squid_user}' before starting squid."
|
|
echo ""
|
|
tput md
|
|
echo " *** UPDATE NOTICE ***"
|
|
echo ""
|
|
echo " Starting with version 2.5.4_6, all helper applications are"
|
|
echo " installed to ${PKG_PREFIX}/libexec/squid instead of"
|
|
echo " ${PKG_PREFIX}/libexec."
|
|
echo " Please check your squid.conf and update it if necessary."
|
|
tput me
|
|
echo ""
|
|
if [ -f /etc/rc.subr ]; then
|
|
echo " Please note that ${PKG_PREFIX}/etc/rc.d/squid.sh"
|
|
echo " will not start squid automatically on this system."
|
|
echo " You need to set squid_enable=yes in either"
|
|
echo " /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid"
|
|
echo " See ${PKG_PREFIX}/etc/rc.d/squid.sh for more"
|
|
echo " configuration options."
|
|
echo ""
|
|
fi
|
|
;;
|
|
*)
|
|
exit 64
|
|
;;
|
|
esac
|
|
exit 0
|