Date: Thu, 21 Feb 2008 03:05:23 GMT From: Jiro Kita <ktj@ktjdragon.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/120923: www/squidguard does not work unless its UID/GID are modified Message-ID: <200802210305.m1L35NL6090270@www.freebsd.org> Resent-Message-ID: <200802210310.m1L3A249093178@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 120923 >Category: ports >Synopsis: www/squidguard does not work unless its UID/GID are modified >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Feb 21 03:10:02 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Jiro Kita >Release: 6.2-RELEASE-p9 >Organization: >Environment: FreeBSD ****** 6.2-RELEASE-p9 FreeBSD 6.2-RELEASE-p9 #0: Sat Jan 13 22:27:24 JST 2007 *******:/usr/obj/usr/src/sys/GENERIC i386 >Description: www/squigguard installs blacklist files to /var/db/squidGuard and the UID:GID of the installed files is set to nobody:nogroup. The permission for the files is 0550 or 0660. On the other hand, www/squid specifies squid:squid as UID:GID. As a result, squidGuard cannot handle blacklist files so websites that should not be accessed cannot be filtered. >How-To-Repeat: (1) install www/squid and www/squidguard without specifying UID/GID. (2) set /usr/local/etc/squid/squid.conf and /usr/local/etc/squid/squidGuard based on post-install message of squidguard. (3) test whether squidGuard properly works or not. >Fix: For my system, the attached patch for www/squidguard/Makefile can solve above problem. In addition the post-install message of squidGuard requests to add "redirect_program" tag to squid.conf. However, in squid.conf, "url_rewrite_program" tag is indicated instead of "redirect_program" tag. So, it may prefarable to replace "redirect_program" in the post-install message with "url_rewrite_program". The attached patch further fixes the post-install messages. Patch attached with submission follows: --- Makefile.patched Wed Feb 20 15:57:39 2008 +++ Makefile Wed Feb 20 16:03:13 2008 @@ -29,8 +29,8 @@ CFGINPUT= ${.CURDIR}/files/sgcfg.in -SQUID_UID?= nobody -SQUID_GID?= nogroup +SQUID_UID?= squid +SQUID_GID?= squid DATADIR?= /var/db/${PORTNAME} LOGDIR?= /var/log @@ -39,10 +39,10 @@ PLIST_SUB= DATADIR=${DATADIR} pre-fetch: - @if [ ${SQUID_UID} = "nobody" -o ${SQUID_GID} = "nogroup" ] ; then \ + @if [ ${SQUID_UID} = "squid" -o ${SQUID_GID} = "squid" ] ; then \ ${ECHO_MSG} "===> SQUID_UID is set to \"${SQUID_UID}\" and SQUID_GID is set to \"${SQUID_GID}\"." ; \ ${ECHO_MSG} " To change this specify them with your make arguments, e.g." ; \ - ${ECHO_MSG} " make SQUID_UID=squid SQUID_GID=squid" ; \ + ${ECHO_MSG} " make SQUID_UID=nobody SQUID_GID=nogroup" ; \ fi post-patch: @@ -137,7 +137,7 @@ @${ECHO_MSG} " " @${ECHO_MSG} "===================================================================" @${ECHO_MSG} "= In order to activate ${PORTNAME} you have to edit squid.conf" - @${ECHO_MSG} "= To the contain \"redirect_program ${PREFIX}/bin/${PORTNAME}\"" + @${ECHO_MSG} "= To the contain \"url_rewrite_program ${PREFIX}/bin/${PORTNAME}\"" @${ECHO_MSG} "= and create a configuration file for ${PORTNAME}." @${ECHO_MSG} "=" @${ECHO_MSG} "= To activate the changes do a ${PREFIX}/sbin/squid -k reconfigure" >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802210305.m1L35NL6090270>