Date: Wed, 12 Dec 2012 02:08:34 +0000 (UTC) From: Maxim Sobolev <sobomax@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r308734 - in head/net/rtpproxy: . files Message-ID: <201212120208.qBC28YTk039216@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sobomax Date: Wed Dec 12 02:08:33 2012 New Revision: 308734 URL: http://svnweb.freebsd.org/changeset/ports/308734 Log: Add unprivileged user to run under, so it's more secure. Reminded by: Olle E. Johansson Added: head/net/rtpproxy/files/ head/net/rtpproxy/files/patch-freebsd_rtpproxy.in (contents, props changed) head/net/rtpproxy/pkg-install (contents, props changed) Modified: head/net/rtpproxy/Makefile Modified: head/net/rtpproxy/Makefile ============================================================================== --- head/net/rtpproxy/Makefile Wed Dec 12 02:02:55 2012 (r308733) +++ head/net/rtpproxy/Makefile Wed Dec 12 02:08:33 2012 (r308734) @@ -7,6 +7,7 @@ PORTNAME= rtpproxy PORTVERSION= 1.2.1 +PORTREVISION= 1 CATEGORIES= net MASTER_SITES= http://www.rtpproxy.org/chrome/site/ @@ -25,6 +26,9 @@ post-build: ${SED} 's|%%PREFIX%%|${PREFIX}|g ; s|%%RC_SUBR%%|/etc/rc.subr|g' \ ${WRKSRC}/freebsd/rtpproxy.in > ${WRKDIR}/rtpproxy +pre-install: + @PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL + post-install: ${INSTALL_SCRIPT} ${WRKDIR}/rtpproxy ${PREFIX}/etc/rc.d/rtpproxy Added: head/net/rtpproxy/files/patch-freebsd_rtpproxy.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/rtpproxy/files/patch-freebsd_rtpproxy.in Wed Dec 12 02:08:33 2012 (r308734) @@ -0,0 +1,17 @@ + +$FreeBSD$ + +--- freebsd/rtpproxy.in.orig ++++ freebsd/rtpproxy.in +@@ -25,7 +25,10 @@ + + rtpproxy_enable=${rtpproxy_enable:-"NO"} + rtpproxy_laddr=${rtpproxy_laddr:-"0.0.0.0"} ++rtpproxy_usr=${rtpproxy_usr:-"rtpproxy"} ++rtpproxy_grp=${rtpproxy_grp:-"rtpproxy"} + +-command_args="-l ${rtpproxy_laddr} -p /var/run/rtpproxy.pid" ++command_args="-l ${rtpproxy_laddr} -p /var/run/rtpproxy.pid \ ++ -u ${rtpproxy_usr}:${rtpproxy_grp}" + + run_rc_command "${1}" Added: head/net/rtpproxy/pkg-install ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/rtpproxy/pkg-install Wed Dec 12 02:08:33 2012 (r308734) @@ -0,0 +1,35 @@ +#!/bin/sh +# $FreeBSD$ +# + +if [ "$2" != "PRE-INSTALL" ]; then + exit 0 +fi + +RTPPROXY_USER=rtpproxy +RTPPROXY_GROUP=${RTPPROXY_USER} +RTPPROXY_UID=222 +RTPPROXY_GID=${RTPPROXY_UID} + +if ! pw groupshow "${RTPPROXY_GROUP}" 2>/dev/null 1>&2; then + if pw groupadd ${RTPPROXY_GROUP} -g ${RTPPROXY_GID}; then + echo "Added group \"${RTPPROXY_GROUP}\"." + else + echo "Adding group \"${RTPPROXY_GROUP}\" failed..." + exit 1 + fi +fi + +if ! pw usershow "${RTPPROXY_USER}" 2>/dev/null 1>&2; then + if pw useradd ${RTPPROXY_USER} -u ${RTPPROXY_UID} -g ${RTPPROXY_GROUP} -h - \ + -s "/sbin/nologin" -d "/nonexistent" \ + -c "RTP Proxy"; \ + then + echo "Added user \"${RTPPROXY_USER}\"." + else + echo "Adding user \"${RTPPROXY_USER}\" failed..." + exit 1 + fi +fi + +exit 0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201212120208.qBC28YTk039216>