Stage security/pks and pass maintainership to submitter

PR: 181507 Submitted by: Tassilo Philipp Approved by: former maintainer (G. Todd)
svn path=/head/; revision=364668
2024-11-21 00:25:50 +00:00 · 2014-08-11 21:34:57 +00:00 · 2014-08-11 21:34:57 +00:00 · e0cf7bd8b9 · 2021-03-31 03:12:20 +00:00
commit e0cf7bd8b9
parent 60470628e8
6 changed files with 204 additions and 46 deletions
--- a/security/pks/Makefile
+++ b/security/pks/Makefile
@ -8,40 +8,51 @@ MASTER_SITES=		http://pks.sourceforge.net/:sf ${MASTER_SITE_LOCAL}:local
 MASTER_SITE_SUBDIR=	.:sf mandree:local
 DISTFILES=		pks-current.tgz:sf,local

-MAINTAINER=	gtodd@bellanet.org
+MAINTAINER=	tphilipp@potion-studios.com
 COMMENT=	PGP Public Key Server

-USE_BDB=		41 # 42 would be ok
-WRKSRC=			${WRKDIR}/${PORTNAME}
+LICENSE=        BSD4CLAUSE
+LICENSE_FILE=	${WRKSRC}/LICENSE

-NO_STAGE=	yes
-.include <bsd.port.pre.mk>
+WRKSRC=		${WRKDIR}/${PORTNAME}

+USE_GCC=	any
+USE_BDB=	yes
+WANT_BDB_VER=	41 # pks dumps core with 42 and doesn't build with 43+
+
+OPTIONS_DEFINE= DOCS
+PORTDOCS=       pks_help.* README EMAIL
 GNU_CONFIGURE=	yes
 USE_AUTOTOOLS=	autoconf
 CONFIGURE_ARGS=	--datadir=${PREFIX}/share/pks --localstatedir=/var/pks \
-		--sysconfdir=${EXAMPLESDIR} \
+		--docdir=${PREFIX}/share/doc/pks --sysconfdir=${EXAMPLESDIR} \
 		--libdir=${LOCALBASE}/lib --with-libwrap
 MAKE_ENV+=	SUBDIRS=
 LDFLAGS+=	-L${LOCALBASE}/lib
 CONFIGURE_ENV=	DBLIB="-L${BDB_LIB_DIR} -l${BDB_LIB_NAME}" DBINC=-I${BDB_INCLUDE_DIR} DBHDR=db.h

-USE_RC_SUBR=	pksd
-MAN5=		pksd.conf.5
-MAN8=		pks-intro.8 pksclient.8 pksd.8 pksdctl.8 pks-mail.sh.8 \
-		pks-queue-run.sh.8 pgpsplit.8

-SUB_FILES=	pkg-message pkg-deinstall
+SUB_FILES=	pkg-message
+PKGMESSAGE=	${WRKDIR}/pkg-message
+
+USE_RC_SUBR=	pksd
+
+.include <bsd.port.options.mk>
+
+post-extract:
+	@${CP} -a ${FILESDIR}/EMAIL ${WRKSRC}

 post-install:
-	${INSTALL_DATA} ${WRKSRC}/pksd.conf ${PREFIX}/etc/pksd.conf.sample
-.if !defined(NOPORTDOCS)
-	${MKDIR} ${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/pks_help.en ${WRKSRC}/pks_help.es ${WRKSRC}/pks_help.fr \
-	${WRKSRC}/pks_help.cz ${WRKSRC}/pks_help.de ${WRKSRC}/pks_help.ja \
-	${WRKSRC}/mail_intro ${DOCSDIR}
-	PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
-.endif
-	@${CAT} ${PKGMESSAGE}
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pgpsplit
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pksdctl
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pksclient
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/pksd
+	${INSTALL_DATA}  ${WRKSRC}/pksd.conf ${STAGEDIR}${PREFIX}/etc/pksd.conf.sample
+	#${CHOWN} pksd:pksd /var/pks

-.include <bsd.port.post.mk>
+.if ${PORT_OPTIONS:MDOCS}
+	${MKDIR} ${STAGEDIR}${DOCSDIR}/
+	cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}/
+.endif
+
+.include <bsd.port.mk>
--- a/security/pks/files/EMAIL
+++ b/security/pks/files/EMAIL
@ -0,0 +1,60 @@
+From the English README and pksd_help.en files:
+
+If you have configured the mail server component of the key
+server, there is one more step you need to take so that the server
+can actually handle mail.  In your aliases file (usually one of
+/etc/aliases or /etc/mail/aliases), create the following lines:
+
+    pgp-public-keys: "|PREFIX/bin/pks-mail.sh PREFIX/etc/pksd.conf"
+    pgp: pgp-public-keys
+
+Or, if you are using qmail, create these files for use with the 
+dot-qmail(5) framework :
+
+cd /var/qmail/alias/
+echo "&pgp-public-keys@localhost" > .qmail-pgp
+echo "|preline /usr/local/bin/pks-mail.sh /usr/local/etc/pksd.conf" > .qmail-pgp-public-keys 
+
+You might also need to add aliases for the mail addresses you
+configured in pksd.conf.  
+
+You will also need to make sure the permissions on PREFIX/var/incoming
+allow both the mailer and whatever user the pksd program runs as
+to insert and delete files.
+
+OpenPGP public email key servers allow users to exchange public
+keys running using the Internet and properly configured e-mail
+servers.  This service exists only to help transfer keys between
+PGP users.  It does NOT attempt to guarantee that a key is a valid
+key; use the signatures on a key for that kind of security.
+
+Each keyserver processes requests in the form of mail messages.
+The commands for the server are entered on the Subject: line.
+---------------------------------------------- ======== -----
+Note that they should NOT be included in the body of the message.
+--------------------- === ---------------------------------------
+
+        To: pgp-public-keys@keys.pgp.net
+        From: johndoe@some.site.edu
+        Subject: help
+
+Sending your key to ONE server is enough.  After it processes your
+key, it will forward your add request to other servers automagically.
+
+For example, to add your key to the keyserver, or to update your key
+if it is already there, send a message similar to the following to any
+server:
+
+        To: pgp-public-keys@keys.pgp.net
+        From: johndoe@some.site.edu
+        Subject: add
+
+        -----BEGIN PGP PUBLIC KEY BLOCK-----
+        Version: 2.6
+
+        <blah blah blah>
+        -----END PGP PUBLIC KEY BLOCK-----
+
+COMPROMISED KEYS:  Create a Key Revocation Certificate (read the PGP
+docs on how to do that) and mail your key to the server once again,
+with the ADD command.
--- a/security/pks/files/patch-mkpksdconf.in
+++ b/security/pks/files/patch-mkpksdconf.in
@ -0,0 +1,20 @@
+--- ./mkpksdconf.in.orig	2014-01-22 15:36:39.574285045 -0500
+++ ./mkpksdconf.in	2014-01-22 15:37:49.289280305 -0500
+@@ -44,7 +44,7 @@
+ 
+ cat << EOF
+ pks_bin_dir @bindir@
+-pid_dir @localstatedir@/db
+pid_dir /var/run
+ ### Set chroot_dir to make pksd chroot itself. Must be an absolute path.
+ # chroot_dir @prefix@
+ ### uid and gid for pksd to run as. Leave unset, or set to 0 to disable
+@@ -70,7 +70,7 @@
+ ###   of each message.
+ maintainer_email PGP Key Server Administrator <nobody>
+ mail_intro_file @datadir@/mail_intro
+-help_dir @datadir@
+help_dir @docdir@
+ mail_dir @localstatedir@/incoming
+ ### If you change this, make sure to put a corresponding help file in
+ ### the help_dir named above
--- a/security/pks/files/pkg-message.in
+++ b/security/pks/files/pkg-message.in
@ -1,11 +1,38 @@
+Add the following lines to /etc/rc.conf.local or /etc/rc.conf to enable this service:
+
+ pksd_enable (bool):           Set to NO by default.
+                               Set it to YES to enable pksd.
+
+ pksd_config (path):           Set to %%PREFIX%%/etc/pksd.conf
+                               by default.
+
+ pksd_mailq_enable (bool):     Set to NO by default. Process incoming
+                               mail queue of commands and key requests
+                               (you will need to configure your mail
+                               infrastructure to enable this. See:
+                               %%PREFIX%%/share/doc/pks/README and
+                               %%PREFIX%%/share/doc/pks/EMAIL for details.
+ 
+ pksd_queue_delay (int):       Periodically process incoming mail.
+                               Set to 60 seconds by default.
+
+        #############################################
+
+          To enable adding keys via the web interface
+          please create a configuration file at:
+
+            %%PREFIX%%/etc/pksd.conf
+
+          Check sample file at:
+
+            %%PREFIX%%/etc/pksd.conf.sample


-	##################################
+          Also note that the database used by pks
+          sometimes needs to be created manually, to
+          do that refer to:

-	  To enable adding keys via the
-	  web interface please edit the
-	  configuration file at:
+            man 8 pksclient

-	   %%PREFIX%%/etc/pksd.conf
+        #############################################

-	##################################
--- a/security/pks/files/pksd.in
+++ b/security/pks/files/pksd.in
@ -5,17 +5,47 @@
 #
 # PROVIDE: pksd
 # REQUIRE: DAEMON
+# KEYWORD: SHUTDOWN
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# pksd_enable (bool):		Set to NO by default.
+#				Set it to YES to enable pksd.
+#
+# pksd_config (path):		Set to %%PREFIX%%/etc/pksd.conf
+#				by default.
+#
+# pksd_mailq_enable (bool):     Set to NO by default. Process incoming
+#                               mail queue of commands and key requests
+#                               (you will need to configure your mail
+#                               infrastructure to enable this. See:
+#                               %%PREFIX%%/share/doc/pks/README and
+#                               %%PREFIX%%/share/doc/pks/EMAIL for details.
+# 
+# pksd_queue_delay (int):       Periodically process incoming mail.
+#				Set to 60 seconds by default.

 . /etc/rc.subr

 name="pksd"
 rcvar=pksd_enable
-command="%%PREFIX%%/sbin/pksd"
-command_args="%%PREFIX%%/etc/${name}.conf &"
-required_files="%%PREFIX%%/etc/${name}.conf"
-start_precmd="pksd_precmd"
-start_postcmd="pksd_runqueue"
-stop_command="pksd_clean_stop"
+
+load_rc_config $name
+
+: ${pksd_enable:="NO"}
+: ${pksd_mailq_enable:="NO"}
+: ${pksd_config="%%PREFIX%%/etc/pksd.conf"}
+: ${pksd_queue_delay="60"}
+
+command="%%PREFIX%%/sbin/${name}"
+command_args="%%PREFIX%%/etc/${name}.conf"
+required_files="${pksd_config}"
+start_precmd="${name}_precmd"
+start_cmd="${name}_start"
+#start_postcmd="${name}_runqueue"
+stop_command="${name}_clean_stop"
+pidfile="/var/run/${name}.pid"

 pksd_precmd()
 {
@ -31,14 +61,20 @@ pksd_precmd()
 	fi
 }

+pksd_start()
+{
+	echo "Starting pksd"
+        /usr/sbin/daemon -f -p ${pidfile} ${command} ${command_args}
+}
+
 pksd_runqueue()
 {
-	if [ -x %%PREFIX%%/bin/${name} -a -x %%PREFIX%%/bin/pks-queue-run.sh ]
+	if [ -x %%PREFIX%%/bin/${name}ctl -a -x %%PREFIX%%/bin/pks-queue-run.sh ] && checkyesno pksd_mailq_enable
        then
-        	echo "Doing queue run for ${name}."
-		sleep 5
-        	%%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf
-	fi
+        	echo "Doing queue run for ${name} every ${pksd_queue_delay} seconds."
+	        sleep 2
+        	%%PREFIX%%/bin/pks-queue-run.sh %%PREFIX%%/etc/${name}.conf ${pksd_queue_delay}
+  fi
 }

 pksd_clean_stop()
--- a/security/pks/pkg-plist
+++ b/security/pks/pkg-plist
@ -8,14 +8,18 @@ etc/pksd.conf.sample
 %%DATADIR%%/mail_intro
 %%DATADIR%%/pks-commands.html
 %%DATADIR%%/pks-commands.php
-%%PORTDOCS%%%%DOCSDIR%%/mail_intro
-%%PORTDOCS%%%%DOCSDIR%%/pks_help.en
-%%PORTDOCS%%%%DOCSDIR%%/pks_help.es
-%%PORTDOCS%%%%DOCSDIR%%/pks_help.fr
-%%PORTDOCS%%%%DOCSDIR%%/pks_help.de
-%%PORTDOCS%%%%DOCSDIR%%/pks_help.cz
-%%PORTDOCS%%%%DOCSDIR%%/pks_help.ja
-%%PORTDOCS%%@dirrm %%DOCSDIR%%
 %%EXAMPLESDIR%%/pksd.conf
+man/man5/pksd.conf.5.gz
+man/man8/pgpsplit.8.gz
+man/man8/pks-intro.8.gz
+man/man8/pks-mail.sh.8.gz
+man/man8/pks-queue-run.sh.8.gz
+man/man8/pksclient.8.gz
+man/man8/pksd.8.gz
+man/man8/pksdctl.8.gz
+/var/pks/index.html
+@unexec rmdir "/var/pks/db" >/dev/null 2>&1 || :
+@unexec rmdir "/var/pks/incoming" >/dev/null 2>&1 || :
+@unexec rmdir "/var/pks" >/dev/null 2>&1 || :
@dirrm %%EXAMPLESDIR%%
@dirrm share/pks