update security/freebsd-update: 1.3 -> 1.4

- Much cleaner code (FreeBSD Update is now a shell script, rather than a
    huge ugly makefile),
  - Better performance,
  - Reduced bandwidth usage when no updates are available,
  - Warnings about files which have been affected by security updates, but
    cannot be updated because they have been modified locally,
  - An "intrusion detection" mode which compares every file which can be
    installed as part of a RELEASE against a (signed) database of known good
    hashes.

PR:		58028
Submitted by:	Colin Percival <cperciva@daemonology.net> (maintainer)

security/freebsd-update/Makefile

@@ -6,11 +6,9 @@
 #
 
 PORTNAME=	freebsd-update
-PORTVERSION=	1.3
-PORTREVISION=	1
+PORTVERSION=	1.4
 CATEGORIES=	security
 MASTER_SITES=	http://www.daemonology.net/freebsd-update/
-DISTNAME=	${PORTNAME}-client-${PORTVERSION:S/./_/}
 
 MAINTAINER=	cperciva@daemonology.net
 COMMENT=	Fetches and installs binary updates to FreeBSD
@@ -20,32 +18,18 @@ RUN_DEPENDS=	bspatch:${PORTSDIR}/misc/bsdiff
 MAN5=		freebsd-update.conf.5
 MAN8=		freebsd-update.8
 
-NO_WRKSUBDIR=	yes
-ALL_TARGET=	verify
-
 PKGMESSAGE=	${WRKDIR}/pkg-message
 
+.ifdef NOPORTDOCS
+MAKE_ENV+=	NODOCS=yes
+.endif
+
 post-extract:
-	@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/freebsd-update \
-		> ${WRKSRC}/freebsd-update
+	${SED} -e "s#PREFIX=/usr/local#PREFIX=${PREFIX}#g" \
+		${WRKSRC}/freebsd-update > ${WRKSRC}/freebsd-update.new
+	${MV} ${WRKSRC}/freebsd-update.new ${WRKSRC}/freebsd-update
 	@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/pkg-message \
 		> ${PKGMESSAGE}
-	@${CP} ${FILESDIR}/freebsd-update.8 ${WRKSRC}
-	@${CP} ${FILESDIR}/freebsd-update.conf.5 ${WRKSRC}
-
-do-install:
-	@${MKDIR} ${PREFIX}/freebsd-update
-	${INSTALL_SCRIPT} ${WRKSRC}/freebsd-update ${PREFIX}/sbin
-	${INSTALL_PROGRAM} ${WRKSRC}/verify ${PREFIX}/freebsd-update
-	${INSTALL_DATA} ${WRKSRC}/Makefile ${PREFIX}/freebsd-update
-	${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/freebsd-update
-	${INSTALL_DATA} ${WRKSRC}/LICENSE ${PREFIX}/freebsd-update
-	${INSTALL_DATA} ${WRKSRC}/update.conf \
-		${PREFIX}/etc/freebsd-update.conf.sample
-.if !defined(WITHOUT_MAN)
-	${INSTALL_MAN} ${WRKSRC}/freebsd-update.conf.5 ${PREFIX}/man/man5/
-	${INSTALL_MAN} ${WRKSRC}/freebsd-update.8 ${PREFIX}/man/man8/
-.endif
 
 post-install:
 	@${CAT} ${PKGMESSAGE}

security/freebsd-update/distinfo

@@ -1 +1 @@
-MD5 (freebsd-update-client-1_3.tar.gz) = 2c10a7384de7cba56802511738564c2f
+MD5 (freebsd-update-1.4.tar.gz) = 431bc5215f14f3e07a11a55b005db372

security/freebsd-update/files/freebsd-update

@@ -1,32 +0,0 @@
-#!/bin/sh
-
-if [ ! -r %%PREFIX%%/etc/freebsd-update.conf ] ; then
-	echo "%%PREFIX%%/etc/freebsd-update.conf not found"
-	exit 1
-fi
-
-case "$1" in
-fetch)
-	cd %%PREFIX%%/freebsd-update && make 				\
-		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf fetch-update;;
-install)
-	cd %%PREFIX%%/freebsd-update && make 				\
-		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf install-update;;
-rollback)
-	cd %%PREFIX%%/freebsd-update && make 				\
-		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf rollback-update;;
-cron)
-	cd %%PREFIX%%/freebsd-update && make MAILTO=root QUIET=YES 	\
-		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf daily;;
-*)
-	echo "Usage: freebsd-update {fetch|install|rollback|cron}" >&2
-	echo "  freebsd-update fetch:    Fetches updates" >&2
-	echo "  freebsd-update install:  Installs fetched updates" >&2
-	echo "  freebsd-update rollback: Rolls back installed updates" >&2
-	echo "  freebsd-update cron:     Suitable for use in cron(8)," >&2
-	echo "                           fetches updates and sends an" >&2
-	echo "                           email to root if any exist." >&2
-	;;
-esac
-
-exit 0

security/freebsd-update/files/freebsd-update.8

@@ -1,66 +0,0 @@
-.Dd May 7, 2003
-.Dt FREEBSD-UPDATE 8
-.Os FreeBSD
-.Sh NAME
-.Nm freebsd-update
-.Nd fetch and install binary security updates to FreeBSD
-.Sh SYNOPSIS
-.Nm
-.Cm command
-.Sh DESCRIPTION
-The
-.Nm
-tool is used to fetch, install, and rollback
-binary security updates to the FreeBSD base system.
-.Sh OPTIONS
-The
-.Cm command
-can be any one of the following:
-.Pp
-.Bl -tag -width "rollback" -compact
-.It fetch
-Based on the currently installed world, fetch all available
-binary updates.  Any updates previously fetched but not
-installed will be fetched again.
-.Pp
-.It install
-Install the most recently fetched updates.
-.Pp
-.It rollback
-Uninstall the most recently installed updates.
-.Pp
-.It cron
-If any binary updates are available, fetch them and
-send an email to root; otherwise, exit silently. As
-the name suggests, this is intended for usage via
-cron(8).
-.Pp
-.El
-.Sh TIPS
-.Bl -bullet
-.It
-If your clock is set to local time, adding the line
-.Pp
-.Dl 0 3 * * * root /usr/local/sbin/freebsd-update cron
-.Pp
-to /etc/crontab will check for updates every night.  If your
-clock is set to UTC, please pick a random time instead of
-3AM, or the server hosting the updates will be very unhappy.
-.It
-.Nm
-.Cm cron
-waits a random amount of time, up to an hour, before contacting
-the server in order to reduce the risk of "flash crowds" resulting
-from cron jobs.
-.El
-.Sh FILES
-.Bl -tag -width "$PREFIX/etc/freebsd-update.conf"
-.It $PREFIX/freebsd-update/work
-Location of downloaded updates and backups of files
-which have been updated.
-.It $PREFIX/etc/freebsd-update.conf
-Location of the freebsd-update configuration file.
-.Sh SEE ALSO
-.Xr freebsd-update.conf 5
-.Sh AUTHORS
-.An Colin Percival Aq cperciva@daemonology.net

security/freebsd-update/files/freebsd-update.conf.5

@@ -1,36 +0,0 @@
-.Dd May 7, 2003
-.Dt FREEBSD-UPDATE.CONF 8
-.Os FreeBSD
-.Sh NAME
-.Nm freebsd-update.conf
-.Nd configuration file for freebsd-update
-.Sh DESCRIPTION
-The
-.Nm
-file controls where freebsd-update(8) fetches updates from, and
-which RSA key should be trusted to sign the updates.
-.Pp
-A line of the form
-.Dl URL=foobar
-specifies the source from which updates should be fetched.  This
-can be any type of URL suitable for fetch(1) -- in particular, HTTP,
-FTP, and local paths are all permitted.
-.Pp
-A line of the form
-.Dl KEYPRINT=0123456789ABCDEF0123456789ABCDEF
-specifies the MD5 hash of the 2048 bit modulus belonging to an RSA
-keypair which is trusted to sign updates.
-.Pp
-If more than one line of either of the above forms is included in
-.Nm
-then only the last one will take effect.  Any lines not of the above
-forms will be ignored.
-.Sh FILES
-.Bl -tag -width "$PREFIX/etc/freebsd-update.conf"
-.It $PREFIX/etc/freebsd-update.conf
-Location of the freebsd-update configuration file.
-.Sh SEE ALSO
-.Xr fetch 1
-.Xr freebsd-update 8
-.Sh AUTHORS
-.An Colin Percival Aq cperciva@daemonology.net

security/freebsd-update/files/patch-aa-rmverify

@@ -1,11 +0,0 @@
---- Makefile.orig	Sat Mar  8 00:44:19 2003
-+++ Makefile	Sat Mar 22 15:44:03 2003
-@@ -40,7 +40,7 @@
- NUM!=( [ -f ${WORKDIR}/num ] && expr `cat ${WORKDIR}/num` + 1 ) || echo 1
- .endif
- 
--fetch-update: verify
-+fetch-update:
- 	@[ ! -z "${FETCHROOT}" ] || (					\
- 		echo "Base URL not specified in ${CONFFILE}." &&	\
- 		false )

security/freebsd-update/files/patch-ab-path

@@ -1,20 +0,0 @@
---- Makefile.orig	Sat Mar 22 15:44:03 2003
-+++ Makefile	Fri Aug 22 15:58:45 2003
-@@ -14,6 +14,7 @@
- 		uname -r | cut -f 1 -d '-' ) | lam - -
- WORKDIR?=${.CURDIR}/work
- MAILTO?=root
-+BSPATCH!=which bspatch || echo /usr/local/bin/bspatch
- 
- daily:
- 	@sleep `jot -r 1 0 3600`
-@@ -78,7 +79,8 @@
- 		rmdir ${WORKDIR}/${NUM}/install$$f;			\
- 		( fetch -qo ${WORKDIR}/${NUM}/$$z-$$y			\
- 			${FETCHROOT}/$$z-$$y &&				\
--			bspatch $$f ${WORKDIR}/${NUM}/install$$f.tmp	\
-+			${BSPATCH} $$f					\
-+				${WORKDIR}/${NUM}/install$$f.tmp	\
- 				${WORKDIR}/${NUM}/$$z-$$y &&		\
- 			rm ${WORKDIR}/${NUM}/$$z-$$y ) ||		\
- 			touch ${WORKDIR}/${NUM}/install$$f.tmp;		\

security/freebsd-update/pkg-plist

@@ -1,7 +1,8 @@
 sbin/freebsd-update
-freebsd-update/Makefile
-freebsd-update/CHANGELOG
-freebsd-update/LICENSE
+sbin/freebsd-update-verify
 etc/freebsd-update.conf.sample
-freebsd-update/verify
+%%PORTDOCS%%%%DOCSDIR%%/LICENSE
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/VERSION
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
 @dirrm freebsd-update