diff --git a/security/courierpasswd/Makefile b/security/courierpasswd/Makefile index e08877c0726e..ed936965f843 100644 --- a/security/courierpasswd/Makefile +++ b/security/courierpasswd/Makefile @@ -1,49 +1,48 @@ # Created by: Andrew St. Jean # $FreeBSD$ PORTNAME= courierpasswd -PORTVERSION= 1.1.2 +PORTVERSION= 1.1.3 CATEGORIES= security mail MASTER_SITES= http://www.arda.homeunix.net/software-downloads/ MAINTAINER= ports@FreeBSD.org COMMENT= User authentication and password changing utility -BUILD_DEPENDS= courierauthconfig:${PORTSDIR}/security/courier-authlib-base -RUN_DEPENDS= courierauthconfig:${PORTSDIR}/security/courier-authlib-base +LIB_DEPENDS= libcourierauth.so:${PORTSDIR}/security/courier-authlib-base GNU_CONFIGURE= yes USES= gmake CPPFLAGS+= -I${LOCALBASE}/include LDFLAGS+= -L${LOCALBASE}/lib MINUID?= 100 CONFIGURE_ARGS+= --with-minuid=${MINUID} PLIST_FILES= sbin/courierpasswd man/man8/courierpasswd.8.gz PORTDOCS= AUTHORS ChangeLog COPYING INSTALL NEWS README OPTIONS_DEFINE= DOCS pre-fetch: @${ECHO} "" @${ECHO} "#############################################################" @${ECHO} "" @${ECHO} " You should set the following build option." @${ECHO} "" @${ECHO} " MINUID=uid" @${ECHO} " Accounts with uids below this value cannot have" @${ECHO} " their passwords changed. Default value is 100." @${ECHO} "" @${ECHO} "#############################################################" @${ECHO} "" post-patch: @${REINPLACE_CMD} '/chown root/d' ${WRKSRC}/Makefile.in post-install: @${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR} .include diff --git a/security/courierpasswd/distinfo b/security/courierpasswd/distinfo index 28052252a247..c39aaa2b06fd 100644 --- a/security/courierpasswd/distinfo +++ b/security/courierpasswd/distinfo @@ -1,2 +1,2 @@ -SHA256 (courierpasswd-1.1.2.tar.gz) = 5b78f98be3321a99d33db1f69e59c7b561860448518dba04ade4323942d5c736 -SIZE (courierpasswd-1.1.2.tar.gz) = 287200 +SHA256 (courierpasswd-1.1.3.tar.gz) = b063d92b4416b79b830c65a99bc9aa90b80cd46fc42a7af310af749687501592 +SIZE (courierpasswd-1.1.3.tar.gz) = 341024 diff --git a/security/courierpasswd/pkg-descr b/security/courierpasswd/pkg-descr index e965bf9a776f..13978c13e23d 100644 --- a/security/courierpasswd/pkg-descr +++ b/security/courierpasswd/pkg-descr @@ -1,6 +1,6 @@ courierpasswd is an authentication and password changing utility that uses the courier-authlib authentication library to find user credentials. Its interface follows that of Daniel J. Bernstein's checkpassword program. -WWW: http://www.arda.homeunix.net/store/ +WWW: http://www.arda.homeunix.net/downloads/ diff --git a/security/courierpasswd/pkg-message b/security/courierpasswd/pkg-message index ad105e6d6b53..7b04b6b1a0be 100644 --- a/security/courierpasswd/pkg-message +++ b/security/courierpasswd/pkg-message @@ -1,51 +1,51 @@ ######################################################################### NOTES FOR RUNNING COURIERPASSWD In order to use courierpasswd, it must be able to access the authdaemon domain socket, named 'socket'. When courierpasswd runs as root, this presents no problem. However, if you need to run courierpasswd as a non-root user, you have three options, all of which require some manual work. -Option 1: Add the user courierpasswd will run as to the group that -owns the authdaemon socket directory in /etc/group. More than one user +Option 1: Add the user courierpasswd will run as the group that owns +the authdaemon socket directory in /etc/group. More than one user can be added to the group vector in this way. This arrangement works well if courierpasswd will be run by only a small number of users. If the authdaemon socket directory is owned by courier:courier and you run courierpasswd as user vmail, your /etc/group file will have a line something like this: courier:x:465:vmail Option 2: Some programs, such as tcpserver, allow you to separately set the uid and gid of programs they call but don't honour the group vector found in /etc/group. If you invoke courierpasswd from such a program, set the gid to the group ownership of the authdaemon socket directory. For tcpserver, you could do something like this: #!/bin/sh QMAILUID=`/usr/bin/id -u qmaild` COURIERGID=`/usr/bin/id -g courier` exec /usr/local/bin/tcpserver -u "$QMAILUID" -g "$COURIERGID" \ 0 smtp /var/qmail/bin/qmail-smtpd /usr/local/sbin/courierpasswd -- \ /usr/bin/true 2>&1 Option 3: Change the permissions on courierpasswd to set gid to the group ownership of the socket directory. Again, if the socket directory is owned by courier:courier, change the ownership and permissions of courierpasswd like so: chgrp courier courierpasswd chmod g+s courierpasswd Be aware that courierpasswd does not provide any max-failed-retry functionality so it is possible for local users to perform dictionary attacks against account passwords if courierpasswd is set up this way. The location of the authdaemon domain socket is listed in the authdaemonrc configuration file as the parameter authdaemonvar. #########################################################################