New port: security/doas

The doas program allows users to run commands as another user (usually root). The doas program was written by the OpenBSD team to provide a lightweight, simplified (and more secure) alternative to the sudo command. Original upstream (OpenBSD) source: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/doas/ FreeBSD version: https://github.com/slicer69/doas NOTE: I added the two patch files to workaround issues mentioned in the PR about hardcoding of /usr/local. PR: 210473 Submitted by: jsmith@resonatingmedia.com Modified by: jrm@ftfl.ca (see PR) and me (roberto)
svn path=/head/; revision=417407
2025-02-01 10:59:55 +00:00 · 2016-06-24 00:07:13 +00:00 · 2016-06-24 00:07:13 +00:00 · f93bc3ba8f · 2021-03-31 03:12:20 +00:00
commit f93bc3ba8f
parent c7b4fec823
6 changed files with 69 additions and 0 deletions
--- a/security/doas/Makefile
+++ b/security/doas/Makefile
@ -0,0 +1,29 @@
+# $FreeBSD$
+
+PORTNAME=	doas
+PORTVERSION=	5.9
+CATEGORIES=	security
+
+MAINTAINER=	jsmith@resonatingmedia.com
+COMMENT=	Simple sudo alternative to run commands as another user
+
+LICENSE=	ISCL
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	slicer69
+GH_PROJECT=	doas
+GH_TAGNAME=	e6f1456
+
+BINMODE=	4755
+
+SUB_FILES=	pkg-message
+PLIST_FILES=	bin/doas \
+		man/man5/doas.conf.5.gz \
+		man/man1/doas.1.gz
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin
+	${INSTALL_MAN} ${WRKSRC}/doas.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
+	${INSTALL_MAN} ${WRKSRC}/doas.conf.5 ${STAGEDIR}${MAN5PREFIX}/man/man5
+
+.include <bsd.port.mk>
--- a/security/doas/distinfo
+++ b/security/doas/distinfo
@ -0,0 +1,3 @@
+TIMESTAMP = 1466641283
+SHA256 (slicer69-doas-5.9-e6f1456_GH0.tar.gz) = 304008cfca04b8825393d3cf50b6085842b36c2668fda81d24bf16e56a042c49
+SIZE (slicer69-doas-5.9-e6f1456_GH0.tar.gz) = 10469
--- a/security/doas/files/patch-Makefile
+++ b/security/doas/files/patch-Makefile
@ -0,0 +1,11 @@
+--- Makefile.orig	2016-06-22 22:59:03 UTC
+++ Makefile
+@@ -3,7 +3,7 @@ YC?=yacc
+ BIN=doas
+ PREFIX?=/usr/local
+ OBJECTS=doas.o env.o execvpe.o y.tab.o
+-CFLAG+= -DUSE_PAM
+CFLAG+= -DUSE_PAM -DDOAS_CONF=\"${PREFIX}/etc/doas.conf\"
+ LFLAG+= -lpam
+ 
+ all: $(OBJECTS)
--- a/security/doas/files/patch-doas.c
+++ b/security/doas/files/patch-doas.c
@ -0,0 +1,11 @@
+--- doas.c.orig	2016-06-22 22:59:03 UTC
+++ doas.c
+@@ -324,7 +324,7 @@ main(int argc, char **argv)
+ 	int pam_silent = PAM_SILENT;
+ #endif
+ 
+-	parseconfig("/usr/local/etc/doas.conf", 1);
+	parseconfig(DOAS_CONF, 1);
+ 
+ 	/* cmdline is used only for logging, no need to abort on truncate */
+ 	(void) strlcpy(cmdline, argv[0], sizeof(cmdline));
--- a/security/doas/files/pkg-message.in
+++ b/security/doas/files/pkg-message.in
@ -0,0 +1,9 @@
+============================================================
+To use doas,
+
+%%ETCDIR%%/doas.conf
+
+must be created.
+
+Refer to doas.conf(5).
+============================================================
--- a/security/doas/pkg-descr
+++ b/security/doas/pkg-descr
@ -0,0 +1,6 @@
+This is the FreeBSD port of the OpenBSD "doas" command. The doas program
+allows a regular user to run commands as another user (usually root). The
+doas command is a simplified (hopefully more secure) version of the "sudo"
+command and offers an easier to read/modify configuration.
+
+WWW: https://github.com/slicer69/doas/