diff options
| author | ache <ache@FreeBSD.org> | 2001-10-15 15:44:22 +0000 |
|---|---|---|
| committer | ache <ache@FreeBSD.org> | 2001-10-15 15:44:22 +0000 |
| commit | be080b83d835357ca35691acb5702eba0b612f07 (patch) | |
| tree | 64a3b70548064672af99c0dfeba1f6e48251e57e /security | |
| parent | 380368eb53b31a09dd563f0316b13621d5ad8395 (diff) | |
| download | FreeBSD-ports-be080b83d835357ca35691acb5702eba0b612f07.zip FreeBSD-ports-be080b83d835357ca35691acb5702eba0b612f07.tar.gz | |
Put it into security sandbox - don't allow 'drweb' user to own any files
excepting pid/socket/temp
Diffstat (limited to 'security')
| -rw-r--r-- | security/drweb/Makefile | 6 | ||||
| -rw-r--r-- | security/drweb/files/ini-patch | 8 | ||||
| -rw-r--r-- | security/drweb/pkg-plist | 1 | ||||
| -rw-r--r-- | security/drweb/scripts/post-install | 11 |
4 files changed, 13 insertions, 13 deletions
diff --git a/security/drweb/Makefile b/security/drweb/Makefile index bc0c9f0..bd70e24 100644 --- a/security/drweb/Makefile +++ b/security/drweb/Makefile @@ -7,7 +7,7 @@ PORTNAME= drweb PORTVERSION= 4.26 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security MASTER_SITES= http://www.drweb.ru/ftp/web_pub/ DISTNAME= ${PORTNAME}d-${PORTVERSION}-freebsd4 @@ -20,10 +20,12 @@ NO_BUILD= YES # Needed for update.pl RUN_DEPENDS= ${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH}/String/CRC32.pm:${PORTSDIR}/devel/p5-String-CRC32 +SCRIPTS_ENV+= BINOWN=${BINOWN} + DRWEB_PREFIX= ${PREFIX}/${PORTNAME} do-install: - -@${MKDIR} -v ${DRWEB_PREFIX} + -@install -dv -o ${BINOWN} -g ${BINGRP} ${DRWEB_PREFIX} @cd ${DRWEB_PREFIX}; ${RM} -f drw*.txt drw*.vdb drweb drwebd ${TAR} -xzf ${WRKSRC}/${DISTNAME}.tar.gz -C ${DRWEB_PREFIX} \ --exclude *.ini --exclude *.key diff --git a/security/drweb/files/ini-patch b/security/drweb/files/ini-patch index 70a07a5..ff0f45f 100644 --- a/security/drweb/files/ini-patch +++ b/security/drweb/files/ini-patch @@ -1,5 +1,5 @@ ---- drweb32.ini-tmpl.orig Sat Oct 6 07:36:56 2001 -+++ drweb32.ini-tmpl Sat Oct 6 07:39:10 2001 +--- drweb32.ini-tmpl.orig Mon Oct 15 19:26:56 2001 ++++ drweb32.ini-tmpl Mon Oct 15 19:30:53 2001 @@ -5,7 +5,7 @@ [BSD] @@ -22,13 +22,13 @@ FilesTypes = INI,MBR,IMG,CSC,CPL,MBP,SHS,SHB,PIF LogTime = Yes LogFileName = "syslog" -+PidFile = "__INSTALL_DIR__/drwebd.pid" ++PidFile = "__INSTALL_DIR__/run/drwebd.pid" ;BusyFile = "/var/run/drwebd.bsy" -SocketMode = TCP -;SocketMode = Unix +;SocketMode = TCP +SocketMode = Unix -+SocketFile = "__INSTALL_DIR__/drwebd.sock" ++SocketFile = "__INSTALL_DIR__/run/drwebd.sock" DaemonPort = 3000 SocketTimeout = 40 SocketReuseAddr = Yes diff --git a/security/drweb/pkg-plist b/security/drweb/pkg-plist index c9c5ef5..8e6d547 100644 --- a/security/drweb/pkg-plist +++ b/security/drweb/pkg-plist @@ -110,5 +110,6 @@ drweb/update/update.pl @dirrm drweb/clients @dirrm drweb/doc @dirrm drweb/infected.!!! +@dirrm drweb/run @dirrm drweb/update @dirrm drweb diff --git a/security/drweb/scripts/post-install b/security/drweb/scripts/post-install index d34cf73..f017fe8b 100644 --- a/security/drweb/scripts/post-install +++ b/security/drweb/scripts/post-install @@ -22,14 +22,11 @@ if ! grep -q "^!drweb" /etc/syslog.conf; then echo "*.* /var/log/drwebd.log" echo "" fi -if crontab -u drweb -l 2>&1 | grep -q "no crontab"; then - echo "You may also use this crontab entry for \"drweb\" user:" - echo "SHELL=/bin/sh" - echo "MAILTO=root" - echo "0 12 * * * ${PREFIX}/drweb/update/update.pl ${PREFIX}/drweb" +if ! grep -q drweb /etc/crontab; then + echo "You may also add this crontab entry to /etc/crontab" + echo "0 12 * * * ${BINOWN} ${PREFIX}/drweb/update/update.pl ${PREFIX}/drweb" echo "" fi [ "$ex" = "1" ] && exit 1 -usrdir=${PREFIX}/drweb -chown -R drweb:drweb $usrdir +install -dv -m 0775 -o ${BINOWN} -g drweb ${PREFIX}/drweb/run exit 0 |
