From e0cf7bd8b9f21a64e8df91ee55de3c517ef60563 Mon Sep 17 00:00:00 2001 From: John Marino Date: Mon, 11 Aug 2014 21:34:57 +0000 Subject: [PATCH] Stage security/pks and pass maintainership to submitter PR: 181507 Submitted by: Tassilo Philipp Approved by: former maintainer (G. Todd) --- security/pks/Makefile | 53 ++++++++++++++--------- security/pks/files/EMAIL | 60 ++++++++++++++++++++++++++ security/pks/files/patch-mkpksdconf.in | 20 +++++++++ security/pks/files/pkg-message.in | 39 ++++++++++++++--- security/pks/files/pksd.in | 58 ++++++++++++++++++++----- security/pks/pkg-plist | 20 +++++---- 6 files changed, 204 insertions(+), 46 deletions(-) create mode 100644 security/pks/files/EMAIL create mode 100644 security/pks/files/patch-mkpksdconf.in diff --git a/security/pks/Makefile b/security/pks/Makefile index c49efecc8ea3..1feb28707c96 100644 --- a/security/pks/Makefile +++ b/security/pks/Makefile @@ -8,40 +8,51 @@ MASTER_SITES= http://pks.sourceforge.net/:sf ${MASTER_SITE_LOCAL}:local MASTER_SITE_SUBDIR= .:sf mandree:local DISTFILES= pks-current.tgz:sf,local -MAINTAINER= gtodd@bellanet.org +MAINTAINER= tphilipp@potion-studios.com COMMENT= PGP Public Key Server -USE_BDB= 41 # 42 would be ok -WRKSRC= ${WRKDIR}/${PORTNAME} +LICENSE= BSD4CLAUSE +LICENSE_FILE= ${WRKSRC}/LICENSE -NO_STAGE= yes -.include +WRKSRC= ${WRKDIR}/${PORTNAME} +USE_GCC= any +USE_BDB= yes +WANT_BDB_VER= 41 # pks dumps core with 42 and doesn't build with 43+ + +OPTIONS_DEFINE= DOCS +PORTDOCS= pks_help.* README EMAIL GNU_CONFIGURE= yes USE_AUTOTOOLS= autoconf CONFIGURE_ARGS= --datadir=${PREFIX}/share/pks --localstatedir=/var/pks \ - --sysconfdir=${EXAMPLESDIR} \ + --docdir=${PREFIX}/share/doc/pks --sysconfdir=${EXAMPLESDIR} \ --libdir=${LOCALBASE}/lib --with-libwrap MAKE_ENV+= SUBDIRS= LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ENV= DBLIB="-L${BDB_LIB_DIR} -l${BDB_LIB_NAME}" DBINC=-I${BDB_INCLUDE_DIR} DBHDR=db.h -USE_RC_SUBR= pksd -MAN5= pksd.conf.5 -MAN8= pks-intro.8 pksclient.8 pksd.8 pksdctl.8 pks-mail.sh.8 \ - pks-queue-run.sh.8 pgpsplit.8 -SUB_FILES= pkg-message pkg-deinstall +SUB_FILES= pkg-message +PKGMESSAGE= ${WRKDIR}/pkg-message + +USE_RC_SUBR= pksd + +.include + +post-extract: + @${CP} -a ${FILESDIR}/EMAIL ${WRKSRC} post-install: - ${INSTALL_DATA} ${WRKSRC}/pksd.conf ${PREFIX}/etc/pksd.conf.sample -.if !defined(NOPORTDOCS) - ${MKDIR} ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/pks_help.en ${WRKSRC}/pks_help.es ${WRKSRC}/pks_help.fr \ - ${WRKSRC}/pks_help.cz ${WRKSRC}/pks_help.de ${WRKSRC}/pks_help.ja \ - ${WRKSRC}/mail_intro ${DOCSDIR} - PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL -.endif - @${CAT} ${PKGMESSAGE} + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pgpsplit + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pksdctl + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pksclient + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/pksd + ${INSTALL_DATA} ${WRKSRC}/pksd.conf ${STAGEDIR}${PREFIX}/etc/pksd.conf.sample + #${CHOWN} pksd:pksd /var/pks -.include +.if ${PORT_OPTIONS:MDOCS} + ${MKDIR} ${STAGEDIR}${DOCSDIR}/ + cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}/ +.endif + +.include diff --git a/security/pks/files/EMAIL b/security/pks/files/EMAIL new file mode 100644 index 000000000000..42489fb54ec4 --- /dev/null +++ b/security/pks/files/EMAIL @@ -0,0 +1,60 @@ +From the English README and pksd_help.en files: + +If you have configured the mail server component of the key +server, there is one more step you need to take so that the server +can actually handle mail. In your aliases file (usually one of +/etc/aliases or /etc/mail/aliases), create the following lines: + + pgp-public-keys: "|PREFIX/bin/pks-mail.sh PREFIX/etc/pksd.conf" + pgp: pgp-public-keys + +Or, if you are using qmail, create these files for use with the +dot-qmail(5) framework : + +cd /var/qmail/alias/ +echo "&pgp-public-keys@localhost" > .qmail-pgp +echo "|preline /usr/local/bin/pks-mail.sh /usr/local/etc/pksd.conf" > .qmail-pgp-public-keys + +You might also need to add aliases for the mail addresses you +configured in pksd.conf. + +You will also need to make sure the permissions on PREFIX/var/incoming +allow both the mailer and whatever user the pksd program runs as +to insert and delete files. + +OpenPGP public email key servers allow users to exchange public +keys running using the Internet and properly configured e-mail +servers. This service exists only to help transfer keys between +PGP users. It does NOT attempt to guarantee that a key is a valid +key; use the signatures on a key for that kind of security. + +Each keyserver processes requests in the form of mail messages. +The commands for the server are entered on the Subject: line. +---------------------------------------------- ======== ----- +Note that they should NOT be included in the body of the message. +--------------------- === --------------------------------------- + + To: pgp-public-keys@keys.pgp.net + From: johndoe@some.site.edu + Subject: help + +Sending your key to ONE server is enough. After it processes your +key, it will forward your add request to other servers automagically. + +For example, to add your key to the keyserver, or to update your key +if it is already there, send a message similar to the following to any +server: + + To: pgp-public-keys@keys.pgp.net + From: johndoe@some.site.edu + Subject: add + + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: 2.6 + + + -----END PGP PUBLIC KEY BLOCK----- + +COMPROMISED KEYS: Create a Key Revocation Certificate (read the PGP +docs on how to do that) and mail your key to the server once again, +with the ADD command. diff --git a/security/pks/files/patch-mkpksdconf.in b/security/pks/files/patch-mkpksdconf.in new file mode 100644 index 000000000000..b48a3d74e9e5 --- /dev/null +++ b/security/pks/files/patch-mkpksdconf.in @@ -0,0 +1,20 @@ +--- ./mkpksdconf.in.orig 2014-01-22 15:36:39.574285045 -0500 ++++ ./mkpksdconf.in 2014-01-22 15:37:49.289280305 -0500 +@@ -44,7 +44,7 @@ + + cat << EOF + pks_bin_dir @bindir@ +-pid_dir @localstatedir@/db ++pid_dir /var/run + ### Set chroot_dir to make pksd chroot itself. Must be an absolute path. + # chroot_dir @prefix@ + ### uid and gid for pksd to run as. Leave unset, or set to 0 to disable +@@ -70,7 +70,7 @@ + ### of each message. + maintainer_email PGP Key Server Administrator + mail_intro_file @datadir@/mail_intro +-help_dir @datadir@ ++help_dir @docdir@ + mail_dir @localstatedir@/incoming + ### If you change this, make sure to put a corresponding help file in + ### the help_dir named above diff --git a/security/pks/files/pkg-message.in b/security/pks/files/pkg-message.in index 5726e54df7b6..b9676fef7e2a 100644 --- a/security/pks/files/pkg-message.in +++ b/security/pks/files/pkg-message.in @@ -1,11 +1,38 @@ +Add the following lines to /etc/rc.conf.local or /etc/rc.conf to enable this service: + + pksd_enable (bool): Set to NO by default. + Set it to YES to enable pksd. + + pksd_config (path): Set to %%PREFIX%%/etc/pksd.conf + by default. + + pksd_mailq_enable (bool): Set to NO by default. Process incoming + mail queue of commands and key requests + (you will need to configure your mail + infrastructure to enable this. See: + %%PREFIX%%/share/doc/pks/README and + %%PREFIX%%/share/doc/pks/EMAIL for details. + + pksd_queue_delay (int): Periodically process incoming mail. + Set to 60 seconds by default. + + ############################################# + + To enable adding keys via the web interface + please create a configuration file at: + + %%PREFIX%%/etc/pksd.conf + + Check sample file at: + + %%PREFIX%%/etc/pksd.conf.sample - ################################## + Also note that the database used by pks + sometimes needs to be created manually, to + do that refer to: - To enable adding keys via the - web interface please edit the - configuration file at: + man 8 pksclient - %%PREFIX%%/etc/pksd.conf + ############################################# - ################################## diff --git a/security/pks/files/pksd.in b/security/pks/files/pksd.in index ff9a23a6f05e..8750b5be1064 100644 --- a/security/pks/files/pksd.in +++ b/security/pks/files/pksd.in @@ -5,17 +5,47 @@ # # PROVIDE: pksd # REQUIRE: DAEMON +# KEYWORD: SHUTDOWN +# +# Add the following lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# +# pksd_enable (bool): Set to NO by default. +# Set it to YES to enable pksd. +# +# pksd_config (path): Set to %%PREFIX%%/etc/pksd.conf +# by default. +# +# pksd_mailq_enable (bool): Set to NO by default. Process incoming +# mail queue of commands and key requests +# (you will need to configure your mail +# infrastructure to enable this. See: +# %%PREFIX%%/share/doc/pks/README and +# %%PREFIX%%/share/doc/pks/EMAIL for details. +# +# pksd_queue_delay (int): Periodically process incoming mail. +# Set to 60 seconds by default. . /etc/rc.subr name="pksd" rcvar=pksd_enable -command="%%PREFIX%%/sbin/pksd" -command_args="%%PREFIX%%/etc/${name}.conf &" -required_files="%%PREFIX%%/etc/${name}.conf" -start_precmd="pksd_precmd" -start_postcmd="pksd_runqueue" -stop_command="pksd_clean_stop" + +load_rc_config $name + +: ${pksd_enable:="NO"} +: ${pksd_mailq_enable:="NO"} +: ${pksd_config="%%PREFIX%%/etc/pksd.conf"} +: ${pksd_queue_delay="60"} + +command="%%PREFIX%%/sbin/${name}" +command_args="%%PREFIX%%/etc/${name}.conf" +required_files="${pksd_config}" +start_precmd="${name}_precmd" +start_cmd="${name}_start" +#start_postcmd="${name}_runqueue" +stop_command="${name}_clean_stop" +pidfile="/var/run/${name}.pid" pksd_precmd() { @@ -31,14 +61,20 @@ pksd_precmd() fi } +pksd_start() +{ + echo "Starting pksd" + /usr/sbin/daemon -f -p ${pidfile} ${command} ${command_args} +} + pksd_runqueue() { - if [ -x %%PREFIX%%/bin/${name} -a -x %%PREFIX%%/bin/pks-queue-run.sh ] + if [ -x %%PREFIX%%/bin/${name}ctl -a -x %%PREFIX%%/bin/pks-queue-run.sh ] && checkyesno pksd_mailq_enable then - echo "Doing queue run for ${name}." - sleep 5 - %%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf - fi + echo "Doing queue run for ${name} every ${pksd_queue_delay} seconds." + sleep 2 + %%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf ${pksd_queue_delay} + fi } pksd_clean_stop() diff --git a/security/pks/pkg-plist b/security/pks/pkg-plist index 02f8a7ae7ada..699bccfbf3b7 100644 --- a/security/pks/pkg-plist +++ b/security/pks/pkg-plist @@ -8,14 +8,18 @@ etc/pksd.conf.sample %%DATADIR%%/mail_intro %%DATADIR%%/pks-commands.html %%DATADIR%%/pks-commands.php -%%PORTDOCS%%%%DOCSDIR%%/mail_intro -%%PORTDOCS%%%%DOCSDIR%%/pks_help.en -%%PORTDOCS%%%%DOCSDIR%%/pks_help.es -%%PORTDOCS%%%%DOCSDIR%%/pks_help.fr -%%PORTDOCS%%%%DOCSDIR%%/pks_help.de -%%PORTDOCS%%%%DOCSDIR%%/pks_help.cz -%%PORTDOCS%%%%DOCSDIR%%/pks_help.ja -%%PORTDOCS%%@dirrm %%DOCSDIR%% %%EXAMPLESDIR%%/pksd.conf +man/man5/pksd.conf.5.gz +man/man8/pgpsplit.8.gz +man/man8/pks-intro.8.gz +man/man8/pks-mail.sh.8.gz +man/man8/pks-queue-run.sh.8.gz +man/man8/pksclient.8.gz +man/man8/pksd.8.gz +man/man8/pksdctl.8.gz +/var/pks/index.html +@unexec rmdir "/var/pks/db" >/dev/null 2>&1 || : +@unexec rmdir "/var/pks/incoming" >/dev/null 2>&1 || : +@unexec rmdir "/var/pks" >/dev/null 2>&1 || : @dirrm %%EXAMPLESDIR%% @dirrm share/pks