the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
INSTALL/DEINSTALL script creation within pkgsrc.
If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts. If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:
INSTALL_SRC= ${PKGDIR}/INSTALL
DEINSTALL_SRC= # emtpy
As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts. By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).
In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework. The only public variables relating to the templates are:
INSTALL_SRC INSTALL_TEMPLATE
DEINSTALL_SRC DEINSTALL_TEMPLATE
HEADER_TEMPLATE
The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.
USE_TOOLS and any of "autoconf", "autoconf213", "automake" or
"automake14". Also, we don't need to call the auto* tools via
${ACLOCAL}, ${AUTOCONF}, etc., since the tools framework takes care
to symlink the correct tool to the correct name, so we can just use
aclocal, autoconf, etc.
- From the changelog:
> Changes to the Cyrus IMAP Server since 2.1.17
> Fix single byte overflow in imapd annotate extension.
>
> Changes to the Cyrus IMAP Server since 2.1.16
> Fix several security issues in imapd and in mysasl_canon_user.
>
> Changes to the Cyrus IMAP Server since 2.1.15
> Clean up a timeout bug in fud proxy code.
> Fix a number of bugs with the murder and altnamespace handling.
> Detect fork() failures when launching sendmail in lmtpd
> Enable telemetry logging in lmtpd/lmtpproxyd
> Allow APOP to be disabled via an imap option
> Fix reconstruct to handle missing cyrus.header files
> Add the quotawarnkb option
> Update MUPDATE to look for IANA assigned port numbers.
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
* Add a db1.builtin.mk file that detects whether DB-1.85 functionality
exists in the base system, and remove the distinction between
"native" and the other Berkeley DB packages -- we now refer to
db[1234]. This paves the way for any future databases/db1 package.
* USE_DB185 shouldn't need to be set by any packages -- its correct
value is now automatically determined by bdb.buildlink3.mk depending
on whether we explicitly request db1 or not. By default, if you
include bdb.buildlink3.mk, you want DB-1.85 functionality and
USE_DB185 defaults to "yes", but if you explicitly remove db1 from
the list of acceptable DBs, then USE_DB185 defaults to "no".
* Set BDB_LIBS to the library options needed to link against the DB
library when bdb.buildlink3.mk is included.
* We only add the DB library to the linker command automatically if
we want DB-1.85 functionality; otherwise assume that the package
configure process can figure out how to probe for the correct
headers and libraries.
Edit package Makefiles to nuke redundant settings of USE_DB185.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
into the bsd.options.mk framework. Instead of appending to
${PKG_OPTIONS_VAR}, it appends to PKG_DEFAULT_OPTIONS. This causes
the default options to be the union of PKG_DEFAULT_OPTIONS and any
old USE_* and FOO_USE_* settings.
This fixes PR pkg/26590.
processes instead of saving values in shell variables and then iterating
over them. Using pipes is more scalable and is just as easy to read, so
it's a net win.
Removing directories happens at POST-DEINSTALL time, but the imapd.conf
file may be removed during the DEINSTALL stop, so we need to add the code
to remove the IMAP directories explicitly in the DEINSTALL step, as well.
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
* Correct a potential DOS attack in the fud daemon.
* Arbitron now works again
* Telemetry logging for mupdate
* Duplicate Suppression logging for redirect sieve actions
* A number of bugs in reconstruct have been fixed. also added the -p
and -x options
* Better stubbing out of user_deleteacl
* No longer log any shutdown() failures
* Improved IPv6 support (for systems with two getnameinfo
implementations)
* Misc Documentation Improvements
USE_PKGINSTALL is "YES". bsd.pkg.install.mk will no longer automatically
pick up a INSTALL/DEINSTALL script in the package directory and assume that
you want it for the corresponding *_EXTRA_TMPL variable.
Changes to the Cyrus IMAP Server since 2.1.13
* Be more forgiving in the parsing of MIME boundry headers,
specificly those generated by eudora where the outer boundries are
substrings of the inner boundries. This feature can be disabled by
enabling the rfc2046_strict option.
* Allow cyradm to handle aggregate mailbox sets for ACL and DELETE
operations.
* Add a lmtp_downcase_rcpt option to force the lowercasing of
recipient addresses (Henrique de Moraes Holschuh <hmh@debian.org>).
* Include more MIME headers in sieve rejection notices
* Add an mbexamine command for debugging purposes
* LMTP will now fatal error if we cannot initialize the duplicate
delivery database.
* Continued audit by Security Appraisers and Bynari
* Correctly terminate the processes by calling service_abort even on
successful exit (helps to fix a db3 lockers problem)
* Fix some murder+altnamespace/unixhiersep issues
* Fix imclient's handling of literals.
* Add support for the windows-1256 character set
* Don't log 'could not shut down filedescriptor' messages when the
socket is already not connected
* Now include a script to convert sieve script names to the
altnamespace format
* Added a --with-extraident configure option to make it easier to set
the extra version information that is compiled into the binary.
* Minor build fixes.
* Minor other bug fixes.
OK'ed by chris@
* New IPv6 patch
* Add maxfds= option in cyrus.conf
* "The shutdown() Patch"
* Now report both built-with and running-with OpenSSL versions
* Misc other small bugfixes
* Security Appraisers and Bynari review of the majority of the modules in imap/
Approved by chris.
* New IPv6 patch
* Add maxfds= option in cyrus.conf
* "The shutdown() Patch"
* Now report both built-with and running-with OpenSSL versions
* Misc other small bugfixes
* Security Appraisers and Bynari review of the majority of the modules in imap/
Approved by chris.
