First port, any comments are helpful
tested on amd64, should work everywhere there is python3
ok?
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/jailkit/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile 12 Jul 2019 20:49:03 -0000 1.15
+++ Makefile 8 Apr 2020 22:46:16 -0000
@@ -2,7 +2,7 @@
COMMENT= utilities for jailing a user or process
-DISTNAME= jailkit-2.19
+DISTNAME= jailkit-2.21
CATEGORIES= security sysutils
HOMEPAGE= http://olivier.sessink.nl/jailkit/
@@ -13,6 +13,9 @@ MASTER_SITES= http://olivier.sessink.nl
PERMIT_PACKAGE= Yes
MODULES= lang/python
+
+MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3}
+
WANTLIB += c pthread
NO_TEST= Yes
@@ -34,9 +37,9 @@ pre-configure:
${SUBST_CMD} ${WRKSRC}/man/$${i}; done
post-install:
- # recreate the .pyc file, otherwise it would change
- # after installation
+ # remove the .pyc file, as we are in python 3
rm ${PREFIX}/share/jailkit/jk_lib.pyc
+ # now compile the new file so that it is added
${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py \
${PREFIX}/share/jailkit
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/jailkit/distinfo,v
retrieving revision 1.8
diff -u -p -r1.8 distinfo
--- distinfo 20 Dec 2015 15:43:46 -0000 1.8
+++ distinfo 8 Apr 2020 22:46:16 -0000
@@ -1,2 +1,2 @@
-SHA256 (jailkit-2.19.tar.gz) = /ZYS3Vf0o5q/zeZHxCBhbFyjf1mCuMB6j7XLNSSU/Ig=
-SIZE (jailkit-2.19.tar.gz) = 142280
+SHA256 (jailkit-2.21.tar.gz) = egIOB635OGDFOPDZgZauoz1GG6vbqLs+3fcIHleinBQ=
+SIZE (jailkit-2.21.tar.gz) = 141341
Index: patches/patch-ini_jk_init_ini
===================================================================
RCS file: /cvs/ports/security/jailkit/patches/patch-ini_jk_init_ini,v
retrieving revision 1.3
diff -u -p -r1.3 patch-ini_jk_init_ini
--- patches/patch-ini_jk_init_ini 26 Mar 2014 17:38:27 -0000 1.3
+++ patches/patch-ini_jk_init_ini 8 Apr 2020 22:46:16 -0000
@@ -1,32 +1,10 @@
-$OpenBSD: patch-ini_jk_init_ini,v 1.3 2014/03/26 17:38:27 gonzalo Exp $
+$OpenBSD: patch-ini_jk_init_ini,v 1.4 2020/04/08 18:43:53 aisha Exp $
-fix some default paths in the jail creation configuration file
+A lot of additions to fixing installation directories and fixing line
numbers
---- ini/jk_init.ini.orig Mon Dec 23 06:02:42 2013
-+++ ini/jk_init.ini Wed Dec 25 16:04:26 2013
-@@ -2,18 +2,18 @@
- # this section probably needs adjustment on 64bit systems
- # or non-Linux systems
- comment = common files for all jails that need user/group information
--paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2,
/lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1,
/lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1,
/lib/x86_64-linux-gnu/libnss*.so.2, /etc/nsswitch.conf, /etc/ld.so.conf
-+paths = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2,
/lib64/libnss*.so.2, /lib/i386-linux-gnu/libnsl.so.1,
/lib/i386-linux-gnu/libnss*.so.2, /lib/x86_64-linux-gnu/libnsl.so.1,
/lib/x86_64-linux-gnu/libnss*.so.2, ${SYSCONFDIR}/nsswitch.conf,
${SYSCONFDIR}/ld.so.conf
- # Solaris needs
--# paths = /etc/default/nss, /lib/libnsl.so.1, /usr/lib/nss_*.so.1,
/etc/nsswitch.conf
-+# paths = ${SYSCONFDIR}/default/nss, /lib/libnsl.so.1,
/usr/lib/nss_*.so.1, ${SYSCONFDIR}/nsswitch.conf
-
- [netbasics]
- comment = common files for all jails that need any internet connectivity
--paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2,
/etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols, /etc/services
-+paths = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2,
${SYSCONFDIR}/resolv.conf, ${SYSCONFDIR}/host.conf, ${SYSCONFDIR}/hosts,
${SYSCONFDIR}/protocols, ${SYSCONFDIR}/services
- # on Solaris devices /dev/udp and /dev/tcp might be needed too, not sure
-
- [logbasics]
- comment = timezone information and log sockets
--paths = /etc/localtime
-+paths = ${SYSCONFDIR}/localtime
- need_logsocket = 1
- # Solaris does not need logsocket
- # but needs
+Index: ini/jk_init.ini
+--- ini/jk_init.ini.orig
++++ ini/jk_init.ini
@@ -21,7 +21,7 @@ need_logsocket = 1
[jk_lsh]
@@ -68,7 +46,7 @@ fix some default paths in the jail creat
[netutils]
comment = several internet utilities like wget, ftp, rsync, scp, ssh
-@@ -110,7 +110,7 @@ includesections = extendedshell, netutils, apacheutils
+@@ -110,17 +110,16 @@ includesections = extendedshell, netutils,
apacheutils
[openvpn]
comment = jail for the openvpn daemon
@@ -76,8 +54,10 @@ fix some default paths in the jail creat
+paths = ${LOCALBASE}/sbin/openvpn
users = root,nobody
groups = root,nogroup
- includesections = netbasics
-@@ -120,7 +120,7 @@ need_logsocket = 1
+-includesections = netbasics
+ devices = /dev/urandom, /dev/random, /dev/net/tun
+ includesections = netbasics, uidbasics
+ need_logsocket = 1
[apache]
comment = the apache webserver, very basic setup, probably too limited
for you
@@ -86,7 +66,7 @@ fix some default paths in the jail creat
users = root, www-data
groups = root, www-data
includesections = netbasics, uidbasics
-@@ -131,16 +131,16 @@ paths = perl, /usr/lib/perl, /usr/lib/perl5,
/usr/shar
+@@ -131,16 +130,16 @@ paths = perl, /usr/lib/perl, /usr/lib/perl5,
/usr/shar
[xauth]
comment = getting X authentication to work
@@ -106,7 +86,7 @@ fix some default paths in the jail creat
includesections = xclients
[ping]
-@@ -149,5 +149,5 @@ paths_w_setuid = /bin/ping
+@@ -149,5 +148,5 @@ paths_w_setuid = /bin/ping
#[xterm]
#comment = xterm
Index: patches/patch-man_Makefile_in
===================================================================
RCS file: /cvs/ports/security/jailkit/patches/patch-man_Makefile_in,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 patch-man_Makefile_in
--- patches/patch-man_Makefile_in 20 Sep 2010 07:15:30 -0000 1.1.1.1
+++ patches/patch-man_Makefile_in 8 Apr 2020 22:46:16 -0000
@@ -1,7 +1,11 @@
-$OpenBSD: patch-man_Makefile_in,v 1.1.1.1 2010/09/20 07:15:30 sebastia
Exp $
---- man/Makefile.in.orig Mon Oct 20 00:03:54 2008
-+++ man/Makefile.in Mon Oct 20 00:05:31 2008
-@@ -21,7 +21,7 @@ SRCS = \
+$OpenBSD: patch-man_Makefile_in,v 1.1.1.1 2020/04/08 16:41:32 aisha Exp $
+
+Fixed line numbering for previous patch
+
+Index: man/Makefile.in
+--- man/Makefile.in.orig
++++ man/Makefile.in
+@@ -20,7 +20,7 @@ SRCS = \
@HAVEPROCMAIL_TRUE@SRCS += jk_procmailwrapper.8
Index: patches/patch-man_jailkit_8
===================================================================
RCS file: /cvs/ports/security/jailkit/patches/patch-man_jailkit_8,v
retrieving revision 1.2
diff -u -p -r1.2 patch-man_jailkit_8
--- patches/patch-man_jailkit_8 26 Mar 2014 17:38:27 -0000 1.2
+++ patches/patch-man_jailkit_8 8 Apr 2020 22:46:16 -0000
@@ -1,6 +1,10 @@
-$OpenBSD: patch-man_jailkit_8,v 1.2 2014/03/26 17:38:27 gonzalo Exp $
---- man/jailkit.8.orig Sat Dec 21 18:05:22 2013
-+++ man/jailkit.8 Wed Dec 25 16:01:05 2013
+$OpenBSD: patch-man_jailkit_8,v 1.2 2020/04/08 16:38:22 aisha Exp $
+
+FIxed line numbering for previous patch
+
+Index: man/jailkit.8
+--- man/jailkit.8.orig
++++ man/jailkit.8
@@ -36,7 +36,7 @@ This section gives summary sketches of the various pro
.BR jk_init
@@ -53,7 +57,7 @@ $OpenBSD: patch-man_jailkit_8,v 1.2 2014
.
.BR jk_list
-@@ -127,9 +127,9 @@ tail /var/log/daemon.log /var/log/auth.log
+@@ -129,9 +129,9 @@ journalctl --since=-1h
.SH FILES
The jailkit configuration files are located in
Index: patches/patch-py_jk_lib_py
===================================================================
RCS file: /cvs/ports/security/jailkit/patches/patch-py_jk_lib_py,v
retrieving revision 1.3
diff -u -p -r1.3 patch-py_jk_lib_py
--- patches/patch-py_jk_lib_py 24 Apr 2013 12:47:39 -0000 1.3
+++ patches/patch-py_jk_lib_py 8 Apr 2020 22:46:16 -0000
@@ -1,18 +1,46 @@
-$OpenBSD: patch-py_jk_lib_py,v 1.3 2013/04/24 12:47:39 gonzalo Exp $
+$OpenBSD: patch-py_jk_lib_py,v 1.4 2020/04/08 16:36:23 aisha Exp $
-Fix running jk_init trying to create a jail the first time
+More checks for directory creation, handling edge cases
---- py/jk_lib.py.orig Thu Aug 2 14:55:28 2012
-+++ py/jk_lib.py Tue Apr 23 06:35:23 2013
-@@ -461,7 +461,10 @@ def create_parent_path(chroot,path,be_verbose=0, copy_
+Index: py/jk_lib.py
+--- py/jk_lib.py.orig
++++ py/jk_lib.py
+@@ -404,7 +404,11 @@ def OLD_create_parent_path(chroot, path, be_verbose=0,
+ chrootname = resolve_realpath(chroot+directory[:indx],chroot)
+ if (be_verbose):
+ print('Creating directory '+chrootname)
+- os.mkdir(chrootname, dir_mode)
++ try:
++ os.mkdir(chrootname, dir_mode)
++ except OSError as e:
++ _, stderror = e.args
++ sys.stderr.write('ERROR: failed to make directory
"'+chrootname+'": ' + stderror + '\n')
+ if (copy_permissions):
+ try:
+ copy_time_and_permissions(directory[:indx], chrootname,
be_verbose, allow_suid, copy_ownership)
+@@ -482,7 +486,11 @@ def create_parent_path(chroot,path,be_verbose=0, copy_
if (stat.S_ISDIR(sb.st_mode)):
if (be_verbose):
- print 'Create directory '+jailpath
-- os.mkdir(jailpath, 0755)
+ print('Create directory '+jailpath)
+- os.mkdir(jailpath, dir_mode)
+ try:
-+ os.mkdir(jailpath, 0755)
-+ except OSError, (errno,strerror):
-+ sys.stderr.write('NOTE: Jail directory already existed:\n')
++ os.mkdir(jailpath, dir_mode)
++ except OSError as e:
++ _, stderror = e.args
++ sys.stderr.write('ERROR: failed to make directory "'+jailpath+'":
' + stderror + '\n')
if (copy_permissions):
try:
copy_time_and_permissions(origpath, jailpath, be_verbose,
allow_suid, copy_ownership)
+@@ -515,7 +523,11 @@ def copy_dir_with_permissions_and_owner(srcdir,dstdir,
+ try:
+ if (be_verbose):
+ print('Creating directory'+dstdir)
+- os.mkdir(dstdir)
++ try:
++ os.mkdir(dstdir, dir_mode)
++ except OSError as e:
++ _, stderror = e.args
++ sys.stderr.write('ERROR: failed to make directory "'+dstdir+'": ' +
stderror + '\n')
+ copy_time_and_permissions(srcdir, dstdir, be_verbose, allow_suid=0,
copy_ownership=1)
+ except (IOError, OSError) as e:
+ _, strerror = e.args
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/security/jailkit/pkg/PLIST,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 PLIST
--- pkg/PLIST 20 Sep 2010 07:15:30 -0000 1.1.1.1
+++ pkg/PLIST 8 Apr 2020 22:46:16 -0000
@@ -3,7 +3,6 @@
@bin bin/jk_uchroot
@mode
@man man/man8/jailkit.8
-@man man/man8/jk_addjailuser.8
@man man/man8/jk_check.8
@man man/man8/jk_chrootlaunch.8
@man man/man8/jk_chrootsh.8
@@ -16,7 +15,6 @@
@man man/man8/jk_socketd.8
@man man/man8/jk_uchroot.8
@man man/man8/jk_update.8
-sbin/jk_addjailuser
sbin/jk_check
@bin sbin/jk_chrootlaunch
@mode 4755
@@ -50,4 +48,5 @@ share/examples/jailkit/jk_update.ini
@sample /etc/jailkit/jk_update.ini
share/jailkit/
share/jailkit/jk_lib.py
-share/jailkit/jk_lib.pyc
+share/jailkit/__pycache__/
+share/jailkit/__pycache__/jk_lib.cpython-37.pyc
No comments:
Post a Comment