diff options
author | Ollivier Robert <roberto@FreeBSD.org> | 2016-06-24 00:07:13 +0000 |
---|---|---|
committer | Ollivier Robert <roberto@FreeBSD.org> | 2016-06-24 00:07:13 +0000 |
commit | f93bc3ba8f68da7bdcb686b5f3b39f569a8f52fd (patch) | |
tree | fcc91731c2f567092779d8a06d676c49f2ef9dbc | |
parent | c7b4fec8238f96fe003b0d1f920cfdb2b6022e87 (diff) | |
download | ports-f93bc3ba8f68da7bdcb686b5f3b39f569a8f52fd.tar.gz ports-f93bc3ba8f68da7bdcb686b5f3b39f569a8f52fd.zip |
New port: security/doas
The doas program allows users to run commands as another user (usually
root). The doas program was written by the OpenBSD team to provide a
lightweight, simplified (and more secure) alternative to the sudo command.
Original upstream (OpenBSD) source:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/doas/
FreeBSD version: https://github.com/slicer69/doas
NOTE: I added the two patch files to workaround issues mentioned in the PR
about hardcoding of /usr/local.
PR: 210473
Submitted by: jsmith@resonatingmedia.com
Modified by: jrm@ftfl.ca (see PR) and me (roberto)
Notes
Notes:
svn path=/head/; revision=417407
-rw-r--r-- | security/doas/Makefile | 29 | ||||
-rw-r--r-- | security/doas/distinfo | 3 | ||||
-rw-r--r-- | security/doas/files/patch-Makefile | 11 | ||||
-rw-r--r-- | security/doas/files/patch-doas.c | 11 | ||||
-rw-r--r-- | security/doas/files/pkg-message.in | 9 | ||||
-rw-r--r-- | security/doas/pkg-descr | 6 |
6 files changed, 69 insertions, 0 deletions
diff --git a/security/doas/Makefile b/security/doas/Makefile new file mode 100644 index 000000000000..4246dafd5c9a --- /dev/null +++ b/security/doas/Makefile @@ -0,0 +1,29 @@ +# $FreeBSD$ + +PORTNAME= doas +PORTVERSION= 5.9 +CATEGORIES= security + +MAINTAINER= jsmith@resonatingmedia.com +COMMENT= Simple sudo alternative to run commands as another user + +LICENSE= ISCL + +USE_GITHUB= yes +GH_ACCOUNT= slicer69 +GH_PROJECT= doas +GH_TAGNAME= e6f1456 + +BINMODE= 4755 + +SUB_FILES= pkg-message +PLIST_FILES= bin/doas \ + man/man5/doas.conf.5.gz \ + man/man1/doas.1.gz + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin + ${INSTALL_MAN} ${WRKSRC}/doas.1 ${STAGEDIR}${MAN1PREFIX}/man/man1 + ${INSTALL_MAN} ${WRKSRC}/doas.conf.5 ${STAGEDIR}${MAN5PREFIX}/man/man5 + +.include <bsd.port.mk> diff --git a/security/doas/distinfo b/security/doas/distinfo new file mode 100644 index 000000000000..753a8c17a243 --- /dev/null +++ b/security/doas/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1466641283 +SHA256 (slicer69-doas-5.9-e6f1456_GH0.tar.gz) = 304008cfca04b8825393d3cf50b6085842b36c2668fda81d24bf16e56a042c49 +SIZE (slicer69-doas-5.9-e6f1456_GH0.tar.gz) = 10469 diff --git a/security/doas/files/patch-Makefile b/security/doas/files/patch-Makefile new file mode 100644 index 000000000000..454df08c8988 --- /dev/null +++ b/security/doas/files/patch-Makefile @@ -0,0 +1,11 @@ +--- Makefile.orig 2016-06-22 22:59:03 UTC ++++ Makefile +@@ -3,7 +3,7 @@ YC?=yacc + BIN=doas + PREFIX?=/usr/local + OBJECTS=doas.o env.o execvpe.o y.tab.o +-CFLAG+= -DUSE_PAM ++CFLAG+= -DUSE_PAM -DDOAS_CONF=\"${PREFIX}/etc/doas.conf\" + LFLAG+= -lpam + + all: $(OBJECTS) diff --git a/security/doas/files/patch-doas.c b/security/doas/files/patch-doas.c new file mode 100644 index 000000000000..c646109dc1e1 --- /dev/null +++ b/security/doas/files/patch-doas.c @@ -0,0 +1,11 @@ +--- doas.c.orig 2016-06-22 22:59:03 UTC ++++ doas.c +@@ -324,7 +324,7 @@ main(int argc, char **argv) + int pam_silent = PAM_SILENT; + #endif + +- parseconfig("/usr/local/etc/doas.conf", 1); ++ parseconfig(DOAS_CONF, 1); + + /* cmdline is used only for logging, no need to abort on truncate */ + (void) strlcpy(cmdline, argv[0], sizeof(cmdline)); diff --git a/security/doas/files/pkg-message.in b/security/doas/files/pkg-message.in new file mode 100644 index 000000000000..53362267ea80 --- /dev/null +++ b/security/doas/files/pkg-message.in @@ -0,0 +1,9 @@ +============================================================ +To use doas, + +%%ETCDIR%%/doas.conf + +must be created. + +Refer to doas.conf(5). +============================================================ diff --git a/security/doas/pkg-descr b/security/doas/pkg-descr new file mode 100644 index 000000000000..b0c3977bd835 --- /dev/null +++ b/security/doas/pkg-descr @@ -0,0 +1,6 @@ +This is the FreeBSD port of the OpenBSD "doas" command. The doas program +allows a regular user to run commands as another user (usually root). The +doas command is a simplified (hopefully more secure) version of the "sudo" +command and offers an easier to read/modify configuration. + +WWW: https://github.com/slicer69/doas/ |