In an attempt to avoid possible security implications with having files

owned by nobody:nogroup, install them owned by SQUIG_UID:SQUID_GID instead. Also mark this as NO_PACKAGE since you have to set these values in your environment before installing this port. Submitted by: maintainer Reviewed by: Rodney W. Grimes <rgrimes@gndrsh.aac.dev.com>
svn path=/head/; revision=19922
1999-06-30 19:27:31 +00:00 · 1999-06-30 19:27:31 +00:00 · 274db9e5c8 · 2021-03-31 03:12:20 +00:00
commit 274db9e5c8
parent 0bef118b9e
2 changed files with 26 additions and 6 deletions
--- a/www/squirm/Makefile
+++ b/www/squirm/Makefile
@ -3,7 +3,7 @@
 # Date created:     24 May 1999
 # Whom:             Maxim Sobolev <sobomax@altavista.net>
 #
-# $Id$
+# $Id: Makefile,v 1.1.1.1 1999/06/09 01:39:19 steve Exp $
 #

 DISTNAME=	squirm-1.0betaB
@ -16,9 +16,29 @@ MAINTAINER=	sobomax@altavista.net

 RUN_DEPENDS=	${PREFIX}/sbin/squid:${PORTSDIR}/www/squid22

+NO_PACKAGE=	must set SQUID_UID and SQUID_GID before building
+
+MAKE_ENV+=	SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
+
 post-patch:
 	@${PERL} -pi -e "s.%PREFIX%.${PREFIX}.g" ${WRKSRC}/paths.h

+pre-install:
+.if defined(SQUID_UID) && defined(SQUID_GID)
+.if (${SQUID_UID} == "nobody") || (${SQUID_GID} == "nogroup")
+	@echo
+	@echo	'WARNING! You are going to install squirm files with either nobody owner or'
+	@echo	'nogroup group, which may be insecure.'
+	@echo
+.endif
+.else
+	@echo
+	@echo 	'You should set SQUID_UID and SQUID_GID variables to your squid effective'
+	@echo	'user/group. For example: SQUID_UID=squid SQUID_GID=squid.'
+	@echo
+	@false
+.endif
+
 post-install:
 	@echo
 	@echo ' +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++'
--- a/www/squirm/files/patch-aa
+++ b/www/squirm/files/patch-aa
@ -1,5 +1,5 @@
--- Makefile.real.orig	Wed Mar 11 02:23:51 1998
-+++ Makefile.real	Thu Jun 17 18:13:00 1999
+--- Makefile.real.orig	Wed Mar 11 10:23:51 1998
+++ Makefile.real	Tue Jun 29 15:21:37 1999
@@ -1,31 +1,31 @@
 # Makefile for Squirm
 #
@ -36,9 +36,9 @@
 -			/usr/local/squirm/etc
 -			install -m 755 -o root -g root --strip squirm /usr/local/squirm/bin
 +	install -c -m 755 -o root -g wheel -d $(PREFIX)/squirm
-+	install -c -m 770 -o root -g wheel -d $(PREFIX)/etc/squirm
-+	install -c -m 750 -o nobody -g nogroup -d $(PREFIX)/squirm/logs
-+	install -c -m 660 -o root -g nogroup squirm.local.dist squirm.patterns.dist \
+	install -c -m 750 -o root -g $(SQUID_GID) -d $(PREFIX)/etc/squirm
+	install -c -m 750 -o $(SQUID_UID) -g $(SQUID_GID) -d $(PREFIX)/squirm/logs
+	install -c -m 640 -o root -g $(SQUID_GID) squirm.local.dist squirm.patterns.dist \
 +		$(PREFIX)/etc/squirm
 +	install -c -m 755 -o root -g wheel --strip squirm $(PREFIX)/bin