cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
497a538e96
freebsd-ports/net/nss-pam-ldapd/Makefile
Alan Somers fe4dc1fd71 net/nss-pam-ldapd: use closefrom in nslcd 
nslcd tries to close all file descriptors on startup.  It does that by
calling close() in a loop, running down from _SC_OPEN_MAX to 0.  Since
_SC_OPEN_MAX autoscales with available RAM, this can take more than a
minute on large servers.  The solution is to use closefrom.  Upstream
has already made that change in the master branch, but due to its slow
release cadence we're applying it here as well.

PR:		266970
Approved by:	zi (maintainer)
Sponsored by:	Axcient
2022-10-11 12:48:50 -06:00

130 lines
3.3 KiB
Makefile
Raw Blame History

PORTNAME= nss-pam-ldapd
PORTVERSION= 0.9.12
PORTREVISION= 1
CATEGORIES= net
MASTER_SITES= http://arthurdejong.org/nss-pam-ldapd/ \
ZI
MAINTAINER?= zi@FreeBSD.org
COMMENT?= Advanced fork of nss_ldap
WWW= https://arthurdejong.org/nss-pam-ldapd/
LICENSE= LGPL21 LGPL3
LICENSE_COMB= dual
USES= cpe
CPE_VENDOR= arthurdejong
GNU_CONFIGURE= yes
USE_OPENLDAP= yes
USE_RC_SUBR= nslcd
PAM_LDAP_SHMAJOR= 1
NSS_LDAP_SHMAJOR= 1
SUB_FILES+= pkg-message
NSLCD_PIDFILE?= /var/run/nslcd.pid
NSLCD_VARDIR?= /var/run/nslcd
NSLCD_SOCKET?= ${NSLCD_VARDIR}/nslcd.ctl
OPTIONS_DEFINE= KERBEROS
OPTIONS_DEFAULT= KERBEROS
.if defined(SLAVE_PORT)
OPTIONS_DEFINE+= SASL
OPTIONS_MULTI= MG1
OPTIONS_MULTI_MG1= PAM NSS
PAM_DESC= Build pam_ldap
NSS_DESC= Build nss support
SASL_DESC= Build sasl support
OPTIONS_DEFAULT+= PAM NSS
CONFLICTS+= nss-pam-ldapd-[0-9]*
.else
OPTIONS_MULTI= MG1
OPTIONS_MULTI_MG1= PAM NSS
PAM_DESC= Build pam_ldap
NSS_DESC= Build nss support
OPTIONS_DEFAULT+= PAM NSS
CONFLICTS+= nss-pam-ldapd-sasl
.endif
USERS= nslcd
GROUPS= nslcd
.include <bsd.port.options.mk>
CPPFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
CONFIGURE_ARGS+= --with-nslcd-pidfile=${NSLCD_PIDFILE} \
--with-nslcd-socket=${NSLCD_SOCKET} \
--with-ldap-lib=openldap \
--with-nss-ldap-soname=nss_ldap.so.${NSS_LDAP_SHMAJOR}
CONFIG_FILE= "nslcd.conf"
CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/${CONFIG_FILE}
PLIST_SUB+= CONFIG="${CONFIG_FILE}" \
PAM_LDAP_SHMAJOR="${PAM_LDAP_SHMAJOR}" \
NSS_LDAP_SHMAJOR="${NSS_LDAP_SHMAJOR}"
SUB_LIST+= CONFIG_FILE="${PREFIX}/etc/${CONFIG_FILE}" \
NSLCD_PIDFILE="${NSLCD_PIDFILE}" \
NSLCD_VARDIR="${NSLCD_VARDIR}" \
USERS="${USERS}" GROUPS="${GROUPS}"
.if empty(PORT_OPTIONS:MKERBEROS)
CONFIGURE_ARGS+= --disable-kerberos
.endif
.if ${PORT_OPTIONS:MSASL}
CONFIGURE_ARGS+= --enable-sasl
.else
CONFIGURE_ARGS+= --disable-sasl
.endif
.if ${PORT_OPTIONS:MPAM}
CONFIGURE_ARGS+= --enable-pam \
--with-pam-seclib-dir=${PREFIX}/lib \
--with-pam-ldap-soname=pam_ldap.so.${PAM_LDAP_SHMAJOR}
CONFLICTS+= pam_ldap-1.*
PLIST_SUB+= PAM=""
.else
CONFIGURE_ARGS+= --disable-pam
PLIST_SUB+= PAM="@comment "
.endif
.if ${PORT_OPTIONS:MNSS}
CONFIGURE_ARGS+= --enable-nss
CONFLICTS+= nss_ldap-1.*
PLIST_SUB+= NSS=""
SUB_LIST+= NSS_MESSAGE="WARNING: Be sure to set uid and gid configuration parameters to make nslcd run under unprivileged user."
.else
CONFIGURE_ARGS+= --disable-nss
PLIST_SUB+= NSS="@comment "
SUB_LIST+= NSS_MESSAGE=""
.endif
# Won't hook this in to OPTIONS until PADL ports are at least DEPRECATED.
# It doesn't do the software any good to run as replacement for the PADL ports
# without running the daemon.
.if defined(WITHOUT_NSLCD)
CONFIGURE_ARGS+= --disable-nslcd
PLIST_SUB+= NSLCD="@comment "
.else
CONFIGURE_ARGS+= --enable-nslcd
PLIST_SUB+= NSLCD=""
.endif
post-extract:
@${REINPLACE_CMD} -e 's/\(INSTALL_\)\(.*\)) -D /\1\2) /' ${WRKSRC}/Makefile.in ${WRKSRC}/nss/Makefile.in
post-configure:
${REINPLACE_CMD} -e 's/^\(CFLAGS.*\) \-O2 \(.*\)$$/\1 -O0 \2/' ${WRKSRC}/nss/Makefile
post-install:
.if ${PORT_OPTIONS:MNSS}
@${LN} -fs nss_ldap.so.${NSS_LDAP_SHMAJOR} ${STAGEDIR}${PREFIX}/lib/nss_ldap.so
.endif
.if ${PORT_OPTIONS:MPAM}
@${LN} -fs pam_ldap.so.${PAM_LDAP_SHMAJOR} ${STAGEDIR}${PREFIX}/lib/pam_ldap.so
.endif
.include <bsd.port.mk>
Reference in New Issue View Git Blame Copy Permalink