Date: Mon, 11 Aug 2014 21:34:57 +0000 (UTC) From: John Marino <marino@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r364668 - in head/security/pks: . files Message-ID: <53e93701.2368.5fd07bfb@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: marino Date: Mon Aug 11 21:34:57 2014 New Revision: 364668 URL: http://svnweb.freebsd.org/changeset/ports/364668 QAT: https://qat.redports.org/buildarchive/r364668/ Log: Stage security/pks and pass maintainership to submitter PR: 181507 Submitted by: Tassilo Philipp Approved by: former maintainer (G. Todd) Added: head/security/pks/files/EMAIL (contents, props changed) head/security/pks/files/patch-mkpksdconf.in (contents, props changed) Modified: head/security/pks/Makefile head/security/pks/files/pkg-message.in head/security/pks/files/pksd.in head/security/pks/pkg-plist Modified: head/security/pks/Makefile ============================================================================== --- head/security/pks/Makefile Mon Aug 11 21:23:18 2014 (r364667) +++ head/security/pks/Makefile Mon Aug 11 21:34:57 2014 (r364668) @@ -8,40 +8,51 @@ MASTER_SITES= http://pks.sourceforge.ne MASTER_SITE_SUBDIR= .:sf mandree:local DISTFILES= pks-current.tgz:sf,local -MAINTAINER= gtodd@bellanet.org +MAINTAINER= tphilipp@potion-studios.com COMMENT= PGP Public Key Server -USE_BDB= 41 # 42 would be ok -WRKSRC= ${WRKDIR}/${PORTNAME} +LICENSE= BSD4CLAUSE +LICENSE_FILE= ${WRKSRC}/LICENSE -NO_STAGE= yes -.include <bsd.port.pre.mk> +WRKSRC= ${WRKDIR}/${PORTNAME} +USE_GCC= any +USE_BDB= yes +WANT_BDB_VER= 41 # pks dumps core with 42 and doesn't build with 43+ + +OPTIONS_DEFINE= DOCS +PORTDOCS= pks_help.* README EMAIL GNU_CONFIGURE= yes USE_AUTOTOOLS= autoconf CONFIGURE_ARGS= --datadir=${PREFIX}/share/pks --localstatedir=/var/pks \ - --sysconfdir=${EXAMPLESDIR} \ + --docdir=${PREFIX}/share/doc/pks --sysconfdir=${EXAMPLESDIR} \ --libdir=${LOCALBASE}/lib --with-libwrap MAKE_ENV+= SUBDIRS= LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ENV= DBLIB="-L${BDB_LIB_DIR} -l${BDB_LIB_NAME}" DBINC=-I${BDB_INCLUDE_DIR} DBHDR=db.h + +SUB_FILES= pkg-message +PKGMESSAGE= ${WRKDIR}/pkg-message + USE_RC_SUBR= pksd -MAN5= pksd.conf.5 -MAN8= pks-intro.8 pksclient.8 pksd.8 pksdctl.8 pks-mail.sh.8 \ - pks-queue-run.sh.8 pgpsplit.8 -SUB_FILES= pkg-message pkg-deinstall +.include <bsd.port.options.mk> + +post-extract: + @${CP} -a ${FILESDIR}/EMAIL ${WRKSRC} post-install: - ${INSTALL_DATA} ${WRKSRC}/pksd.conf ${PREFIX}/etc/pksd.conf.sample -.if !defined(NOPORTDOCS) - ${MKDIR} ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/pks_help.en ${WRKSRC}/pks_help.es ${WRKSRC}/pks_help.fr \ - ${WRKSRC}/pks_help.cz ${WRKSRC}/pks_help.de ${WRKSRC}/pks_help.ja \ - ${WRKSRC}/mail_intro ${DOCSDIR} - PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pgpsplit + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pksdctl + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pksclient + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/pksd + ${INSTALL_DATA} ${WRKSRC}/pksd.conf ${STAGEDIR}${PREFIX}/etc/pksd.conf.sample + #${CHOWN} pksd:pksd /var/pks + +.if ${PORT_OPTIONS:MDOCS} + ${MKDIR} ${STAGEDIR}${DOCSDIR}/ + cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}/ .endif - @${CAT} ${PKGMESSAGE} -.include <bsd.port.post.mk> +.include <bsd.port.mk> Added: head/security/pks/files/EMAIL ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/pks/files/EMAIL Mon Aug 11 21:34:57 2014 (r364668) @@ -0,0 +1,60 @@ +From the English README and pksd_help.en files: + +If you have configured the mail server component of the key +server, there is one more step you need to take so that the server +can actually handle mail. In your aliases file (usually one of +/etc/aliases or /etc/mail/aliases), create the following lines: + + pgp-public-keys: "|PREFIX/bin/pks-mail.sh PREFIX/etc/pksd.conf" + pgp: pgp-public-keys + +Or, if you are using qmail, create these files for use with the +dot-qmail(5) framework : + +cd /var/qmail/alias/ +echo "&pgp-public-keys@localhost" > .qmail-pgp +echo "|preline /usr/local/bin/pks-mail.sh /usr/local/etc/pksd.conf" > .qmail-pgp-public-keys + +You might also need to add aliases for the mail addresses you +configured in pksd.conf. + +You will also need to make sure the permissions on PREFIX/var/incoming +allow both the mailer and whatever user the pksd program runs as +to insert and delete files. + +OpenPGP public email key servers allow users to exchange public +keys running using the Internet and properly configured e-mail +servers. This service exists only to help transfer keys between +PGP users. It does NOT attempt to guarantee that a key is a valid +key; use the signatures on a key for that kind of security. + +Each keyserver processes requests in the form of mail messages. +The commands for the server are entered on the Subject: line. +---------------------------------------------- ======== ----- +Note that they should NOT be included in the body of the message. +--------------------- === --------------------------------------- + + To: pgp-public-keys@keys.pgp.net + From: johndoe@some.site.edu + Subject: help + +Sending your key to ONE server is enough. After it processes your +key, it will forward your add request to other servers automagically. + +For example, to add your key to the keyserver, or to update your key +if it is already there, send a message similar to the following to any +server: + + To: pgp-public-keys@keys.pgp.net + From: johndoe@some.site.edu + Subject: add + + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: 2.6 + + <blah blah blah> + -----END PGP PUBLIC KEY BLOCK----- + +COMPROMISED KEYS: Create a Key Revocation Certificate (read the PGP +docs on how to do that) and mail your key to the server once again, +with the ADD command. Added: head/security/pks/files/patch-mkpksdconf.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/pks/files/patch-mkpksdconf.in Mon Aug 11 21:34:57 2014 (r364668) @@ -0,0 +1,20 @@ +--- ./mkpksdconf.in.orig 2014-01-22 15:36:39.574285045 -0500 ++++ ./mkpksdconf.in 2014-01-22 15:37:49.289280305 -0500 +@@ -44,7 +44,7 @@ + + cat << EOF + pks_bin_dir @bindir@ +-pid_dir @localstatedir@/db ++pid_dir /var/run + ### Set chroot_dir to make pksd chroot itself. Must be an absolute path. + # chroot_dir @prefix@ + ### uid and gid for pksd to run as. Leave unset, or set to 0 to disable +@@ -70,7 +70,7 @@ + ### of each message. + maintainer_email PGP Key Server Administrator <nobody> + mail_intro_file @datadir@/mail_intro +-help_dir @datadir@ ++help_dir @docdir@ + mail_dir @localstatedir@/incoming + ### If you change this, make sure to put a corresponding help file in + ### the help_dir named above Modified: head/security/pks/files/pkg-message.in ============================================================================== --- head/security/pks/files/pkg-message.in Mon Aug 11 21:23:18 2014 (r364667) +++ head/security/pks/files/pkg-message.in Mon Aug 11 21:34:57 2014 (r364668) @@ -1,11 +1,38 @@ +Add the following lines to /etc/rc.conf.local or /etc/rc.conf to enable this service: + pksd_enable (bool): Set to NO by default. + Set it to YES to enable pksd. - ################################## + pksd_config (path): Set to %%PREFIX%%/etc/pksd.conf + by default. - To enable adding keys via the - web interface please edit the - configuration file at: + pksd_mailq_enable (bool): Set to NO by default. Process incoming + mail queue of commands and key requests + (you will need to configure your mail + infrastructure to enable this. See: + %%PREFIX%%/share/doc/pks/README and + %%PREFIX%%/share/doc/pks/EMAIL for details. + + pksd_queue_delay (int): Periodically process incoming mail. + Set to 60 seconds by default. - %%PREFIX%%/etc/pksd.conf + ############################################# + + To enable adding keys via the web interface + please create a configuration file at: + + %%PREFIX%%/etc/pksd.conf + + Check sample file at: + + %%PREFIX%%/etc/pksd.conf.sample + + + Also note that the database used by pks + sometimes needs to be created manually, to + do that refer to: + + man 8 pksclient + + ############################################# - ################################## Modified: head/security/pks/files/pksd.in ============================================================================== --- head/security/pks/files/pksd.in Mon Aug 11 21:23:18 2014 (r364667) +++ head/security/pks/files/pksd.in Mon Aug 11 21:34:57 2014 (r364668) @@ -5,17 +5,47 @@ # # PROVIDE: pksd # REQUIRE: DAEMON +# KEYWORD: SHUTDOWN +# +# Add the following lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# +# pksd_enable (bool): Set to NO by default. +# Set it to YES to enable pksd. +# +# pksd_config (path): Set to %%PREFIX%%/etc/pksd.conf +# by default. +# +# pksd_mailq_enable (bool): Set to NO by default. Process incoming +# mail queue of commands and key requests +# (you will need to configure your mail +# infrastructure to enable this. See: +# %%PREFIX%%/share/doc/pks/README and +# %%PREFIX%%/share/doc/pks/EMAIL for details. +# +# pksd_queue_delay (int): Periodically process incoming mail. +# Set to 60 seconds by default. . /etc/rc.subr name="pksd" rcvar=pksd_enable -command="%%PREFIX%%/sbin/pksd" -command_args="%%PREFIX%%/etc/${name}.conf &" -required_files="%%PREFIX%%/etc/${name}.conf" -start_precmd="pksd_precmd" -start_postcmd="pksd_runqueue" -stop_command="pksd_clean_stop" + +load_rc_config $name + +: ${pksd_enable:="NO"} +: ${pksd_mailq_enable:="NO"} +: ${pksd_config="%%PREFIX%%/etc/pksd.conf"} +: ${pksd_queue_delay="60"} + +command="%%PREFIX%%/sbin/${name}" +command_args="%%PREFIX%%/etc/${name}.conf" +required_files="${pksd_config}" +start_precmd="${name}_precmd" +start_cmd="${name}_start" +#start_postcmd="${name}_runqueue" +stop_command="${name}_clean_stop" +pidfile="/var/run/${name}.pid" pksd_precmd() { @@ -31,14 +61,20 @@ pksd_precmd() fi } +pksd_start() +{ + echo "Starting pksd" + /usr/sbin/daemon -f -p ${pidfile} ${command} ${command_args} +} + pksd_runqueue() { - if [ -x %%PREFIX%%/bin/${name} -a -x %%PREFIX%%/bin/pks-queue-run.sh ] + if [ -x %%PREFIX%%/bin/${name}ctl -a -x %%PREFIX%%/bin/pks-queue-run.sh ] && checkyesno pksd_mailq_enable then - echo "Doing queue run for ${name}." - sleep 5 - %%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf - fi + echo "Doing queue run for ${name} every ${pksd_queue_delay} seconds." + sleep 2 + %%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf ${pksd_queue_delay} + fi } pksd_clean_stop() Modified: head/security/pks/pkg-plist ============================================================================== --- head/security/pks/pkg-plist Mon Aug 11 21:23:18 2014 (r364667) +++ head/security/pks/pkg-plist Mon Aug 11 21:34:57 2014 (r364668) @@ -8,14 +8,18 @@ etc/pksd.conf.sample %%DATADIR%%/mail_intro %%DATADIR%%/pks-commands.html %%DATADIR%%/pks-commands.php -%%PORTDOCS%%%%DOCSDIR%%/mail_intro -%%PORTDOCS%%%%DOCSDIR%%/pks_help.en -%%PORTDOCS%%%%DOCSDIR%%/pks_help.es -%%PORTDOCS%%%%DOCSDIR%%/pks_help.fr -%%PORTDOCS%%%%DOCSDIR%%/pks_help.de -%%PORTDOCS%%%%DOCSDIR%%/pks_help.cz -%%PORTDOCS%%%%DOCSDIR%%/pks_help.ja -%%PORTDOCS%%@dirrm %%DOCSDIR%% %%EXAMPLESDIR%%/pksd.conf +man/man5/pksd.conf.5.gz +man/man8/pgpsplit.8.gz +man/man8/pks-intro.8.gz +man/man8/pks-mail.sh.8.gz +man/man8/pks-queue-run.sh.8.gz +man/man8/pksclient.8.gz +man/man8/pksd.8.gz +man/man8/pksdctl.8.gz +/var/pks/index.html +@unexec rmdir "/var/pks/db" >/dev/null 2>&1 || : +@unexec rmdir "/var/pks/incoming" >/dev/null 2>&1 || : +@unexec rmdir "/var/pks" >/dev/null 2>&1 || : @dirrm %%EXAMPLESDIR%% @dirrm share/pks
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53e93701.2368.5fd07bfb>