diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2024-12-30 19:27:20 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2024-12-30 19:28:44 +0000 |
| commit | 121c0dbfd3952f623ab39c1126d69ea7ca8ea4cc (patch) | |
| tree | eca5a33d9aad8092d10a339279aafdb8a336a518 | |
| parent | 06dc848e03876957aea82400b6550de939a4fca7 (diff) | |
security/tinc-devel: security/tinc: add user and group tinc
The tinc daemon is now setgid
The daemon can drop privileges with:
sysrc tincd_flags=--user=tinc
Reported by: Poul-Henning Kamp
| -rw-r--r-- | GIDs | 2 | ||||
| -rw-r--r-- | UIDs | 2 | ||||
| -rw-r--r-- | security/tinc-devel/Makefile | 6 | ||||
| -rw-r--r-- | security/tinc/Makefile | 6 |
4 files changed, 10 insertions, 6 deletions
@@ -596,7 +596,7 @@ _xrdp:*:648: # free: 652 # free: 653 # free: 654 -# free: 655 +tinc:*:655: # free: 656 # free: 657 # free: 658 @@ -602,7 +602,7 @@ _xrdp:*:648:648::0:0:xrdp daemon:/nonexistent:/usr/sbin/nologin # free: 652 # free: 653 # free: 654 -# free: 655 +tinc:*:655:655::0:0:tinc daemon:/nonexistent:/usr/sbin/nologin # free: 656 # free: 657 # free: 658 diff --git a/security/tinc-devel/Makefile b/security/tinc-devel/Makefile index 36509ef02695..dbffc389914a 100644 --- a/security/tinc-devel/Makefile +++ b/security/tinc-devel/Makefile @@ -1,6 +1,6 @@ PORTNAME= tinc PORTVERSION= 1.1pre18 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security net-vpn MASTER_SITES= https://www.tinc-vpn.org/packages/ \ http://www.tinc-vpn.org/packages/ @@ -15,6 +15,8 @@ LICENSE_FILE= ${WRKSRC}/COPYING LIB_DEPENDS= liblzo2.so:archivers/lzo2 +USERS= tinc +GROUPS= tinc USES= cpe ssl makeinfo readline localbase:ldflags CPE_VENDOR= tinc-vpn GNU_CONFIGURE= yes @@ -22,7 +24,7 @@ GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share CONFIGURE_ARGS= --localstatedir=/var --with-curses=/usr USE_RC_SUBR= tincd INFO= tinc -PLIST_FILES= sbin/tincd sbin/tinc \ +PLIST_FILES= "@(root,tinc,2550) sbin/tincd" sbin/tinc \ share/bash-completion/completions/tinc \ share/man/man8/tinc-gui.8.gz share/man/man5/tinc.conf.5.gz \ share/man/man8/tinc.8.gz share/man/man8/tincd.8.gz diff --git a/security/tinc/Makefile b/security/tinc/Makefile index 4a99dd316315..39a42a4668a6 100644 --- a/security/tinc/Makefile +++ b/security/tinc/Makefile @@ -1,6 +1,6 @@ PORTNAME= tinc PORTVERSION= 1.0.36 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security net-vpn MASTER_SITES= https://www.tinc-vpn.org/packages/ \ http://www.tinc-vpn.org/packages/ @@ -13,6 +13,8 @@ LICENSE= GPLv3 LIB_DEPENDS= liblzo2.so:archivers/lzo2 +USERS= tinc +GROUPS= tinc USES= cpe ssl makeinfo CPE_VENDOR= tinc-vpn GNU_CONFIGURE= yes @@ -22,7 +24,7 @@ LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ARGS= --localstatedir=/var USE_RC_SUBR= tincd INFO= tinc -PLIST_FILES= sbin/tincd \ +PLIST_FILES= "@(root,tinc,2550) sbin/tincd" \ share/man/man5/tinc.conf.5.gz share/man/man8/tincd.8.gz .include <bsd.port.mk> |