Date: Mon, 30 Jun 2014 20:10:11 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 181507] [PATCH] security/pks: fix autostart Message-ID: <bug-181507-13-iSmPEhc7EM@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-181507-13@https.bugs.freebsd.org/bugzilla/> References: <bug-181507-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=181507 --- Comment #7 from G. Todd <gtodd@opendevelopment.net> --- Hi Sorry for the delay on this. Attached above is a somewhat rushed svn diff so this stays alive after the move to STAGE. 1. I have compiled using STAGE on 9.2 and 10.0 and everything seems to work fine. Thanks for the work on this feature of ports, and thanks for using bugzilla! 2. On two machines I am able to test on there seems to be corruption issues when using db42. I set USE_DB to 41. 3. There was a an error in the test condition of the start_postcmd which caused the postcmd to never run. If the postcmd (pks-queue-run.sh) does run, it gets stuck in a while loop and doesn't exit properly. This issue appears to be related to configuration so, rather than adding patches for the upstream source, I think it is best to disable the start_postcmd and document the required installation steps for enabling it. 4. Setting a ${pidfile} fixed a start/stop issue but I can't remember the specifics. In any case this doesn't feel like a complete solution to the reported bug since I am not sure why it changes the behavior the way it does. Beyond this patch these are the TODOs for this port: - the port needs to install its own UID/GID and run with those privileges. At one point I had this mostly done but not well tested. Feel free to take this on. - the configuration file and the rc.d script should by default disable interaction by mail and encourage the administrator (with installation messages) to correctly configure their pks installation to work with the local mail infrastructure BEFORE running rc.d scripts which rely on it. [MOSTLY DONE ?] - the port needs to be easy to set up to run chrooted using rc.conf and have a better default chroot location set in the sample configuration (but continue to default chroot to off of course). Please test! security/pks needs to use the facilities of the new improved ports system, rc.subr. rc.conf to build and install an easy to install binary pkg in a reliable way to stay useful. pks is a simple BSD licensed key management service that might fit nicely into a larger project, but to stay relevant for the longer term support for new key formats (JPEG images etc.) and/or alternative DB backends would be nice to have. pks was a very useful tool for internal key services I ran in the past. Since I do not run a key service of any kind currently, new maintainers/developers are welcome and encouraged. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-181507-13-iSmPEhc7EM>