Skip site navigation (1)Skip section navigation (2) 
Date:      23 Dec 2009 21:04:08 -0000
From:      Thomas-Martin Seck <tmseck@web.de>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/141930: [Maintainer] www/squid: implement OPTIONS for Kerberos and YP authentication
Message-ID:  <20091223210408.3504.qmail@wcfields.tmseck.homedns.org>
Resent-Message-ID: <200912232110.nBNLA1Yc070848@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         141930
>Category:       ports
>Synopsis:       [Maintainer] www/squid: implement OPTIONS for Kerberos and YP authentication
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Dec 23 21:10:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Thomas-Martin Seck
>Release:        FreeBSD 7.2-RELEASE i386
>Organization:
a private site in Germany
>Environment:
FreeBSD ports collection as of December 23, 2009.

	
>Description:
- implement OPTIONS vor SQUID_KERBEROS_AUTH and SQUID_NIS_AUTH
- add a CONFLICT with www/lusca-head
- make the Squid configuration directory world readable in new installations
  to ease use of cachemgr.cgi
- implement squid_conf in the rc script and document user settable variables
	
>How-To-Repeat:
	
>Fix:
Apply this patch:

Index: Makefile
===================================================================
--- Makefile	(.../www/squid)	(Revision 1717)
+++ Makefile	(.../local/squid)	(Revision 1717)
@@ -76,7 +76,7 @@
 
 PORTNAME=	squid
 PORTVERSION=	2.7.${SQUID_STABLE_VER}
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	www
 MASTER_SITES=	ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
 		ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
@@ -115,7 +115,7 @@
 
 SQUID_STABLE_VER=	7
 
-CONFLICTS=	squid-2.[^7]* squid-3.* cacheboy-[0-9]*
+CONFLICTS=	squid-2.[^7]* squid-3.* cacheboy-[0-9]* lusca-head-[0-9]*
 GNU_CONFIGURE=	yes
 USE_BZIP2=	yes
 USE_PERL5=	yes
@@ -131,7 +131,9 @@
 SUB_FILES+=	pkg-deinstall pkg-install pkg-message
 SUB_LIST+=	SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
 
-OPTIONS=	SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
+OPTIONS=	SQUID_KERB_AUTH "Install Kerberos authentication helpers" on \
+		SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
+		SQUID_NIS_AUTH "Install NIS/YP authentication helpers" on \
 		SQUID_SASL_AUTH "Install SASL authentication helpers" off \
 		SQUID_DELAY_POOLS "Enable delay pools" off \
 		SQUID_SNMP "Enable SNMP support" off \
@@ -233,7 +235,8 @@
 basic_auth+=	SASL
 libexec+=	sasl_auth
 .endif
-.if !defined(NO_NIS) && !defined(WITHOUT_NIS)
+# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
+.if defined(WITH_SQUID_NIS_AUTH) && !defined(NO_NIS) && !defined(WITHOUT_NIS)
 basic_auth+=	YP
 libexec+=	yp_auth
 .endif
@@ -242,7 +245,8 @@
 			--enable-digest-auth-helpers="${digest_auth}" \
 			--enable-external-acl-helpers="${external_acl}" \
 			--enable-ntlm-auth-helpers="SMB"
-.if !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
+# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
+.if defined(WITH_SQUID_KERB_AUTH) && !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
 # XXX This currently only works with heimdal from the base system,
 #     see files/patch-helpers_negotiate_auth-squid_kerb_auth_*
 CONFIGURE_ARGS+=	--enable-negotiate-auth-helpers="squid_kerb_auth"
Index: files/pkg-install.in
===================================================================
--- files/pkg-install.in	(.../www/squid)	(Revision 1717)
+++ files/pkg-install.in	(.../local/squid)	(Revision 1717)
@@ -60,7 +60,7 @@
 	if [ ! -d ${squid_confdir} ]; then
 		echo "Creating ${squid_confdir}..."
 		install -d -o root -g ${squid_group} \
-		    -m 0750 ${squid_confdir}
+		    -m 0755 ${squid_confdir}
 	fi
 	;;
 POST-INSTALL)
Index: files/squid.in
===================================================================
--- files/squid.in	(.../www/squid)	(Revision 1717)
+++ files/squid.in	(.../local/squid)	(Revision 1717)
@@ -8,14 +8,37 @@
 #
 # Note:
 # Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
-# /etc/rc.conf.d/squid to make this script actually do something. There
-# you can also set squid_chdir, squid_pidfile, squid_user, and squid_flags.
+# /etc/rc.conf.d/squid to activate Squid.
 #
-# On FreeBSD 7.1 and beyond you can use squid_fib to set a different routing
-# table for squid. See setfib(1) for details.
+# Additional variables you can define in one of these files:
 #
-# Please see squid(8), rc.conf(5) and rc(8) for further details.
+# squid_chdir:	the directory into which the rc system moves into before
+# 		starting Squid. Default: %%PREFIX%%/squid
 #
+# squid_conf:	The configuration file that Squid should use.
+#		Default: %%PREFIX%%/etc/squid/squid.conf
+#
+# squid_fib:	The alternative routing table id that Squid should use.
+#		Default: none
+#		See setfib(1) for further details. Note that the setfib(2)
+#		system call is not available in FreeBSD versions prior to 7.1.
+#
+# squid_user:	The user id that should be used to run the Squid master
+#		process. Default: %%SQUID_UID%%.
+#		Note that you probably need to define "squid_user=root" if
+#		you want to run Squid in reverse proxy setups or if you want
+#		Squid to listen on a "privileged" port < 1024.
+#
+# squid_pidfile:
+#		The name (including the full path) of the Squid
+#		master process' PID file.
+#		Default: %%PREFIX%%/squid/squid.pid.
+#		You only need to change this if you changed the
+#		corresponding entry in your Squid configuration.
+#
+# squid_flags:	Additional commandline arguments for Squid you might want to
+#		use. See squid(8) for further details.
+#
 
 squid_checkrunning() {
 	${command} ${squid_flags} -k check 2>/dev/null
@@ -51,24 +74,20 @@
 load_rc_config ${name}
 
 squid_chdir=${squid_chdir:-"%%PREFIX%%/squid/logs"}
+squid_conf=${squid_conf:-"%%PREFIX%%/etc/squid/squid.conf"}
 squid_enable=${squid_enable:-"NO"}
 squid_fib=${squid_fib:-"NONE"}
 squid_flags=${squid_flags-"-D"}
 squid_pidfile=${squid_pidfile:-"%%PREFIX%%/squid/logs/squid.pid"}
 squid_user=${squid_user:-%%SQUID_UID%%}
-default_config=%%PREFIX%%/etc/squid/squid.conf
 
 pidfile=${squid_pidfile}
 required_dirs=${squid_chdir}
 
-# squid(8) will not start if ${default_config} is not present so try
+# squid(8) will not start if ${squid_conf} is not present so try
 # to catch that beforehand via ${required_files} rather than make
 # squid(8) crash.
-# If you remove the default configuration file make sure to add
-# '-f /path/to/your/squid.conf' to squid_flags
 
-if [ -z "${squid_flags}" ]; then
-	required_files=${default_config}
-fi
+required_files=${squid_conf}
 
 run_rc_command "$1"
	


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091223210408.3504.qmail>