From 3074287458d4bfdf05ea850beb3b737fb65e8153 Mon Sep 17 00:00:00 2001
From: Raphael Kubo da Costa <rakuco@FreeBSD.org>
Date: Sun, 3 Nov 2019 16:59:39 +0000
Subject: [PATCH] Update to 20191018.00.

Follow-up to bug 238561, which did not fully fix the port.

Major changes in the package:
- Upstream moved to another github repo
- Upstream versioning numbering changed to dates

The patches that area included were already sent upstream.

The only missing feature is the usage of oslogin in the group database that is
not working (it causes "sudo su" with an oslogin user to stall). But this
wans't present in the last version, so it is left disabled for now until we
have a better solution.

PR:		238561
PR:		238560
Submitted by:	Helen Koike <helen.koike@collabora.com>
Tested by:	Helen Koike <helen.koike@collabora.com>
MFH:		2019Q4
---
 .../google-compute-engine-oslogin/Makefile    |  39 +++----
 .../google-compute-engine-oslogin/distinfo    |   6 +-
 .../files/patch-bin_google__oslogin__control  | 103 ------------------
 .../files/patch-google__oslogin__control      |  21 ++++
 .../files/patch-src_Makefile                  |  29 +++++
 .../files/patch-src_nss_nss__cache__oslogin.c |  11 ++
 .../files/patch-src_nss_nss__oslogin.cc       |  11 ++
 .../google-compute-engine-oslogin/pkg-descr   |   2 +-
 .../google-compute-engine-oslogin/pkg-plist   |  12 +-
 9 files changed, 101 insertions(+), 133 deletions(-)
 delete mode 100644 sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control
 create mode 100644 sysutils/google-compute-engine-oslogin/files/patch-google__oslogin__control
 create mode 100644 sysutils/google-compute-engine-oslogin/files/patch-src_Makefile
 create mode 100644 sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__cache__oslogin.c
 create mode 100644 sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__oslogin.cc

diff --git a/sysutils/google-compute-engine-oslogin/Makefile b/sysutils/google-compute-engine-oslogin/Makefile
index b34e6b0d5d88..375e94eaf45c 100644
--- a/sysutils/google-compute-engine-oslogin/Makefile
+++ b/sysutils/google-compute-engine-oslogin/Makefile
@@ -1,15 +1,14 @@
 # $FreeBSD$
 
 PORTNAME=	google-compute-engine-oslogin
-DISTVERSION=	1.5.3
-PORTREVISION=	2
+DISTVERSION=	20191018.00
 CATEGORIES=	sysutils
 
 MAINTAINER=	ports@FreeBSD.org
 COMMENT=	OS Login Guest Environment for Google Compute Engine
 
 LICENSE=	APACHE20
-LICENSE_FILE=	${WRKSRC}/../../LICENSE
+LICENSE_FILE=	${WRKSRC}/packaging/debian/copyright
 
 LIB_DEPENDS=	libcurl.so:ftp/curl \
 		libjson-c.so:devel/json-c
@@ -20,31 +19,25 @@ USES=		compiler:c++11-lang gmake localbase:ldflags
 USE_LDCONFIG=	yes
 USE_GITHUB=	yes
 GH_ACCOUNT=	GoogleCloudPlatform
-GH_PROJECT=	compute-image-packages
-GH_TAGNAME=	20190522
+GH_PROJECT=	guest-oslogin
+GH_TAGNAME=	5a710bb
 
-MAKE_ARGS=	JSON_INCLUDE_PATH=${LOCALBASE}/include/json-c \
-		BIN_INSTALL_PATH=/bin \
-		PAM_INSTALL_PATH=/lib \
-		AUTHKEYS_INSTALL_PATH=/bin \
-		NSS_LIBRARY_SONAME=nss_oslogin.so.1
+PLIST_SUB+=	DISTVERSION=${DISTVERSION}
 
-WRKSRC_SUBDIR=	packages/google-compute-engine-oslogin
-
-PLIST_SUB=	DISTVERSION=${DISTVERSION}
-
-post-patch:
-	@${REINPLACE_CMD} -e 's!%%PREFIX%%!${PREFIX}!' \
-		${WRKSRC}/bin/google_oslogin_control \
-		${WRKSRC}/libnss_cache_oslogin/nss_cache_oslogin.c \
-		${WRKSRC}/nss_cache/nss_cache.cc
+MAKE_ARGS=	CPPFLAGS="-Iinclude -I${LOCALBASE}/include/json-c -I${LOCALBASE}/include" \
+		LDLIBS="-lcurl -ljson-c -L${LOCALBASE}/lib" \
+		DESTDIR=${STAGEDIR}${PREFIX} \
+		PREFIX=${PREFIX} \
+		LIBDIR=${PREFIX}/lib \
+		PAMDIR=${PREFIX}/lib \
+		MANDIR=${PREFIX}/man
 
 post-install:
-	${LN} -sf libnss_${PORTNAME}-${DISTVERSION}.so ${STAGEDIR}${PREFIX}/lib/nss_oslogin.so.1
-	${LN} -sf libnss_cache_${PORTNAME}-${DISTVERSION}.so ${STAGEDIR}${PREFIX}/lib/nss_cache_oslogin.so.1
+	${LN} -sf libnss_oslogin-${DISTVERSION}.so ${STAGEDIR}${PREFIX}/lib/nss_oslogin.so.1
+	${LN} -sf libnss_cache_oslogin-${DISTVERSION}.so ${STAGEDIR}${PREFIX}/lib/nss_cache_oslogin.so.1
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/google_authorized_keys \
-		${STAGEDIR}${PREFIX}/lib/libnss_google-compute-engine-oslogin-${DISTVERSION}.so \
-		${STAGEDIR}${PREFIX}/lib/libnss_cache_google-compute-engine-oslogin-${DISTVERSION}.so \
+		${STAGEDIR}${PREFIX}/lib/libnss_oslogin-${DISTVERSION}.so \
+		${STAGEDIR}${PREFIX}/lib/libnss_cache_oslogin-${DISTVERSION}.so \
 		${STAGEDIR}${PREFIX}/lib/pam_oslogin_admin.so \
 		${STAGEDIR}${PREFIX}/lib/pam_oslogin_login.so
 
diff --git a/sysutils/google-compute-engine-oslogin/distinfo b/sysutils/google-compute-engine-oslogin/distinfo
index b5dd21e1b5e1..456e35a3dec3 100644
--- a/sysutils/google-compute-engine-oslogin/distinfo
+++ b/sysutils/google-compute-engine-oslogin/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1559044433
-SHA256 (GoogleCloudPlatform-compute-image-packages-1.5.3-20190522_GH0.tar.gz) = 8cfb338c3c768ea7e76e479728a1438b2f10b0df13bddd70c9fbcbfc1273efd6
-SIZE (GoogleCloudPlatform-compute-image-packages-1.5.3-20190522_GH0.tar.gz) = 132314
+TIMESTAMP = 1571819820
+SHA256 (GoogleCloudPlatform-guest-oslogin-20191018.00-5a710bb_GH0.tar.gz) = e2416461d61b1f4a81cf13a883ea2922271d09882c951eec61c1d3ca398c927e
+SIZE (GoogleCloudPlatform-guest-oslogin-20191018.00-5a710bb_GH0.tar.gz) = 36556
diff --git a/sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control b/sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control
deleted file mode 100644
index ec6e9c192ed8..000000000000
--- a/sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control
+++ /dev/null
@@ -1,103 +0,0 @@
---- bin/google_oslogin_control.orig	2019-06-14 12:36:44 UTC
-+++ bin/google_oslogin_control
-@@ -154,6 +154,7 @@ modify_pam_config() (
-     pam_account_oslogin="account    optional pam_oslogin_admin.so"
-     pam_account_admin="account    requisite pam_oslogin_login.so"
-     pam_session_homedir="session    optional pam_mkhomedir.so"
-+    pam_account_su="account    optional pam_oslogin_login.so"
-   fi
- 
-   local added_config=""
-@@ -201,6 +202,11 @@ modify_pam_config() (
-     # Get location of system-remote-login.
-     insert=$($sed -rn "/^auth\s+include\s+system-remote-login/=" "$pam_sshd_config")
-     # TODO: find su_insert point for arch linux.
-+  elif is_freebsd; then
-+    # Get location of the first auth occurrence.
-+    insert=$($sed -rn '/^auth/=' "$pam_sshd_config" | head -1)
-+    # Get location of the first account occurrence.
-+    su_insert=$($sed -rn '/^account/=' "$pam_su_config" | head -1)
-   fi
- 
-   added_config="$added_comment"
-@@ -223,7 +229,7 @@ modify_pam_config() (
-   # Insert su blocker at top of `su:account` stack.
-   if [ -n "$su_insert" ] && ! grep -qE "$pam_account_su" "$pam_su_config"; then
-     added_su_config="${added_comment}\n${pam_account_su}"
--    sed -i"" "${su_insert}i ${added_su_config}" "$pam_su_config"
-+    $sed -i"" "${su_insert}i ${added_su_config}" "$pam_su_config"
-   fi
- 
-   # Append account modules at end of `sshd:account` stack.
-@@ -314,16 +320,24 @@ restart_sshd() {
-     return 0
-   fi
-   echo "Restarting SSHD"
--  for svc in "ssh" "sshd"; do
--    restart_service "$svc"
--  done
-+  if is_freebsd; then
-+    restart_service "sshd"
-+  else
-+    for svc in "ssh" "sshd"; do
-+      restart_service "$svc"
-+    done
-+  fi
- }
- 
- restart_svcs() {
-   echo "Restarting optional services."
--  for svc in "nscd" "unscd" "systemd-logind" "cron" "crond"; do
--    restart_service "$svc"
--  done
-+  if is_freebsd; then
-+    restart_service "cron"
-+  else
-+    for svc in "nscd" "unscd" "systemd-logind" "cron" "crond"; do
-+      restart_service "$svc"
-+    done
-+  fi
- }
- 
- setup_google_dirs() {
-@@ -347,18 +361,34 @@ remove_google_dirs() {
- }
- 
- activate() {
--  for func in modify_sshd_conf modify_nsswitch_conf \
--              modify_pam_config setup_google_dirs restart_svcs restart_sshd \
--              modify_group_conf; do
-+  if is_freebsd; then
-+    # In FreeBSD there is no pam_group config file similar to
-+    # /etc/security/group.conf.
-+    funcs="modify_sshd_conf modify_nsswitch_conf modify_pam_config \
-+	    setup_google_dirs restart_svcs restart_sshd"
-+  else
-+    funcs="modify_sshd_conf modify_nsswitch_conf modify_pam_config \
-+	    setup_google_dirs restart_svcs restart_sshd modify_group_conf"	
-+  fi
-+
-+  for func in "$funcs"; do
-     $func
-     [ $? -eq 0 ] || return 1
-   done
- }
- 
- deactivate() {
--  for func in remove_google_dirs restore_nsswitch_conf \
--              restore_sshd_conf restore_pam_config restart_svcs restart_sshd \
--              restore_group_conf; do
-+  if is_freebsd; then
-+    # In FreeBSD there is no pam_group config file similar to
-+    # /etc/security/group.conf.
-+    funcs="remove_google_dirs restore_nsswitch_conf restore_sshd_conf \
-+	    restore_pam_config restart_svcs restart_sshd"
-+  else
-+    funcs="remove_google_dirs restore_nsswitch_conf restore_sshd_conf \
-+	    restore_pam_config restart_svcs restart_sshd restore_group_conf"
-+  fi
-+
-+  for func in "$funcs"; do
-     $func
-   done
- }
diff --git a/sysutils/google-compute-engine-oslogin/files/patch-google__oslogin__control b/sysutils/google-compute-engine-oslogin/files/patch-google__oslogin__control
new file mode 100644
index 000000000000..d77bcdd8b45f
--- /dev/null
+++ b/sysutils/google-compute-engine-oslogin/files/patch-google__oslogin__control
@@ -0,0 +1,21 @@
+--- google_oslogin_control.orig	2019-10-18 20:10:43 UTC
++++ google_oslogin_control
+@@ -39,7 +39,8 @@ modify_nsswitch_conf() {
+ 
+   if ! grep -q '^passwd:.*oslogin' "$nss_config"; then
+     $sed -i"" '/^passwd:/ s/$/ cache_oslogin oslogin/' "$nss_config"
+-    $sed -i"" '/^group:/ s/$/ cache_oslogin oslogin/' "$nss_config"
++    # OsLogin for group database is still not supported for FreeBSD
++    # $sed -i"" '/^group:/ s/$/ cache_oslogin oslogin/' "$nss_config"
+   fi
+ 
+   if is_freebsd && grep -q '^passwd:.*compat' "$nss_config"; then
+@@ -51,7 +52,7 @@ restore_nsswitch_conf() {
+   local nss_config="${1:-${nss_config}}"
+ 
+   $sed -i"" '/^passwd:/ s/ cache_oslogin oslogin//' "$nss_config"
+-  $sed -i"" '/^group:/ s/ cache_oslogin oslogin//' "$nss_config"
++  # $sed -i"" '/^group:/ s/ cache_oslogin oslogin//' "$nss_config"
+   if is_freebsd; then
+     $sed -i"" '/^passwd:/ s/files/compat/' "$nss_config"
+   fi
diff --git a/sysutils/google-compute-engine-oslogin/files/patch-src_Makefile b/sysutils/google-compute-engine-oslogin/files/patch-src_Makefile
new file mode 100644
index 000000000000..c3cd0f7b6a86
--- /dev/null
+++ b/sysutils/google-compute-engine-oslogin/files/patch-src_Makefile
@@ -0,0 +1,29 @@
+--- src/Makefile.orig	2019-10-23 08:18:46 UTC
++++ src/Makefile
+@@ -70,17 +70,21 @@ install: all
+ 	install -d $(DESTDIR)$(PAMDIR)
+ 	install -d $(DESTDIR)$(BINDIR)
+ 	install -d $(DESTDIR)$(MANDIR)/man8
+-	install -m 0644 -t $(DESTDIR)$(LIBDIR) $(NSS_OSLOGIN) $(NSS_CACHE_OSLOGIN)
++	install -m 0644 $(NSS_CACHE_OSLOGIN) $(DESTDIR)$(LIBDIR)
++	install -m 0644 $(NSS_OSLOGIN) $(DESTDIR)$(LIBDIR)
+ 	ln -sf $(NSS_OSLOGIN)         $(DESTDIR)$(LIBDIR)/$(NSS_OSLOGIN_SONAME)
+ 	ln -sf $(NSS_CACHE_OSLOGIN)   $(DESTDIR)$(LIBDIR)/$(NSS_CACHE_OSLOGIN_SONAME)
+-	install -m 0644 -t $(DESTDIR)$(PAMDIR) $(PAM_ADMIN) $(PAM_LOGIN)
+-	install -m 0755 -t $(DESTDIR)$(BINDIR) $(BINARIES) $(TOPDIR)/google_oslogin_control
+-	install -m 0644 -t $(DESTDIR)$(MANDIR)/man8 $(TOPDIR)/man/nss-oslogin.8 $(TOPDIR)/man/nss-cache-oslogin.8
++	install -m 0644 $(PAM_LOGIN) $(DESTDIR)$(PAMDIR)
++	install -m 0644 $(PAM_ADMIN) $(DESTDIR)$(PAMDIR)
++	install -m 0755 $(TOPDIR)/google_oslogin_control $(DESTDIR)$(BINDIR)
++	install -m 0755 $(BINARIES) $(DESTDIR)$(BINDIR)
++	install -m 0644 $(TOPDIR)/man/nss-cache-oslogin.8 $(DESTDIR)$(MANDIR)/man8
++	install -m 0644 $(TOPDIR)/man/nss-oslogin.8 $(DESTDIR)$(MANDIR)/man8
+ 	gzip -9 $(DESTDIR)$(MANDIR)/man8/nss-oslogin.8
+ 	gzip -9 $(DESTDIR)$(MANDIR)/man8/nss-cache-oslogin.8
+ 	ln -sf nss-oslogin.8.gz       $(DESTDIR)$(MANDIR)/man8/$(NSS_OSLOGIN_SONAME).8.gz
+ 	ln -sf nss-cache-oslogin.8.gz $(DESTDIR)$(MANDIR)/man8/$(NSS_CACHE_OSLOGIN_SONAME).8.gz
+ ifdef INSTALL_SELINUX
+ 	install -d $(DESTDIR)/usr/share/selinux/packages
+-	install -m 0644 -t $(DESTDIR)/usr/share/selinux/packages $(TOPDIR)/selinux/oslogin.pp
++	install -m 0644 $(TOPDIR)/selinux/oslogin.pp $(DESTDIR)/usr/share/selinux/packages
+ endif
diff --git a/sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__cache__oslogin.c b/sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__cache__oslogin.c
new file mode 100644
index 000000000000..8beef3ddf3fc
--- /dev/null
+++ b/sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__cache__oslogin.c
@@ -0,0 +1,11 @@
+--- src/nss/nss_cache_oslogin.c.orig	2019-10-23 07:01:45 UTC
++++ src/nss/nss_cache_oslogin.c
+@@ -439,7 +439,7 @@ DECLARE_NSS_METHOD_TABLE(methods,
+     { NSDB_PASSWD, "getgrent_r", __nss_compat_getgrent_r,
+       (void*)_nss_cache_oslogin_getgrent_r },
+     { NSDB_PASSWD, "endgrent",   __nss_compat_endgrent,
+-      (void*)_nss_cache_oslogin_endgrent },
++      (void*)_nss_cache_endgrent },
+     { NSDB_PASSWD, "setgrent",   __nss_compat_setgrent,
+       (void*)_nss_cache_oslogin_setgrent },
+ )
diff --git a/sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__oslogin.cc b/sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__oslogin.cc
new file mode 100644
index 000000000000..2d6811cbdabc
--- /dev/null
+++ b/sysutils/google-compute-engine-oslogin/files/patch-src_nss_nss__oslogin.cc
@@ -0,0 +1,11 @@
+--- src/nss/nss_oslogin.cc.orig	2019-10-23 06:43:42 UTC
++++ src/nss/nss_oslogin.cc
+@@ -225,7 +225,7 @@ enum nss_status _nss_oslogin_initgroups_dyn(const char
+   if (p_file == NULL)
+     return NSS_STATUS_NOTFOUND;
+   struct passwd *userp;
+-  while ((userp = fgetpwent(p_file)) != NULL)
++  while ((userp = getpwent()) != NULL)
+     if (strcmp(userp->pw_name, user) == 0)
+       return NSS_STATUS_NOTFOUND;
+   fclose(p_file);
diff --git a/sysutils/google-compute-engine-oslogin/pkg-descr b/sysutils/google-compute-engine-oslogin/pkg-descr
index 5623764f4ed0..1fcae07112e3 100644
--- a/sysutils/google-compute-engine-oslogin/pkg-descr
+++ b/sysutils/google-compute-engine-oslogin/pkg-descr
@@ -16,4 +16,4 @@ installing these components:
 
 - bin contains a shell script for (de)activating the package components.
 
-WWW: https://github.com/GoogleCloudPlatform/compute-image-packages/tree/master/packages/google-compute-engine-oslogin
+WWW: https://github.com/GoogleCloudPlatform/guest-oslogin
diff --git a/sysutils/google-compute-engine-oslogin/pkg-plist b/sysutils/google-compute-engine-oslogin/pkg-plist
index d4fe240eac5d..9d8704cf0d76 100644
--- a/sysutils/google-compute-engine-oslogin/pkg-plist
+++ b/sysutils/google-compute-engine-oslogin/pkg-plist
@@ -1,9 +1,15 @@
 bin/google_authorized_keys
 bin/google_oslogin_control
 bin/google_oslogin_nss_cache
-lib/libnss_cache_google-compute-engine-oslogin-%%DISTVERSION%%.so
-lib/libnss_google-compute-engine-oslogin-%%DISTVERSION%%.so
-lib/nss_oslogin.so.1
+lib/libnss_cache_oslogin-%%DISTVERSION%%.so
+lib/libnss_cache_oslogin.so.2
+lib/libnss_oslogin-%%DISTVERSION%%.so
+lib/libnss_oslogin.so.2
 lib/nss_cache_oslogin.so.1
+lib/nss_oslogin.so.1
 lib/pam_oslogin_admin.so
 lib/pam_oslogin_login.so
+man/man8/libnss_cache_oslogin.so.2.8.gz
+man/man8/libnss_oslogin.so.2.8.gz
+man/man8/nss-cache-oslogin.8.gz
+man/man8/nss-oslogin.8.gz