diff options
| author | khorben <khorben@pkgsrc.org> | 2022-08-11 15:41:30 +0000 |
|---|---|---|
| committer | khorben <khorben@pkgsrc.org> | 2022-08-11 15:41:30 +0000 |
| commit | 384249ca6b10fd00853140753445b534de4da6d9 (patch) | |
| tree | 924c1e29e70751417e38169bbc1ba20d977de6ed | |
| parent | 93c37d84476858d5cfd81c6e95b03a285eb6e2b2 (diff) | |
| download | pkgsrc-384249ca6b10fd00853140753445b534de4da6d9.tar.gz | |
prosody: support Lua 5.4 and improve security
The changes here are:
* prosody can be built with Lua 5.4 (as recommended since the 0.12
series), also thanks to lua-unbound being available for Lua 5.4
* the prosody user's home directory is back to the default /nonexistent
(prosody finds its own data directory nonetheless, as it is a
compile-time option)
* the corresponding directories created (data directory, PID directory,
logging) do not seem to actually require write access (or not anymore)
These last two changes together get rid of the security report "user
prosody home directory is group writable" from the daily insecurity
checks on NetBSD.
Tested on NetBSD/amd64.
| -rw-r--r-- | chat/prosody/Makefile | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/chat/prosody/Makefile b/chat/prosody/Makefile index 0f88f4be88f..d7d75e2e005 100644 --- a/chat/prosody/Makefile +++ b/chat/prosody/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.41 2022/07/27 01:53:40 khorben Exp $ +# $NetBSD: Makefile,v 1.42 2022/08/11 15:41:30 khorben Exp $ DISTNAME= prosody-0.12.1 +PKGREVISION= 1 CATEGORIES= chat MASTER_SITES= https://prosody.im/downloads/source/ @@ -19,7 +20,7 @@ HAS_CONFIGURE= yes USE_LANGUAGES= c BUILD_DEFS+= VARBASE -LUA_VERSIONS_ACCEPTED= 52 51 +LUA_VERSIONS_ACCEPTED= 54 52 51 .include "../../mk/bsd.prefs.mk" @@ -29,9 +30,9 @@ PROSODY_DATA?= ${VARBASE}/db/prosody PROSODY_LOG?= ${VARBASE}/log/prosody PROSODY_RUN?= ${VARBASE}/run/prosody -OWN_DIRS_PERMS+= ${PROSODY_DATA} ${PROSODY_USER} ${PROSODY_GROUP} 0770 -OWN_DIRS_PERMS+= ${PROSODY_LOG} ${PROSODY_USER} ${PROSODY_GROUP} 0770 -OWN_DIRS_PERMS+= ${PROSODY_RUN} ${PROSODY_USER} ${PROSODY_GROUP} 0770 +OWN_DIRS_PERMS+= ${PROSODY_DATA} ${PROSODY_USER} ${PROSODY_GROUP} 0750 +OWN_DIRS_PERMS+= ${PROSODY_LOG} ${PROSODY_USER} ${PROSODY_GROUP} 0750 +OWN_DIRS_PERMS+= ${PROSODY_RUN} ${PROSODY_USER} ${PROSODY_GROUP} 0750 MAKE_DIRS+= ${PKG_SYSCONFDIR}/certs PKG_USERS_VARS= PROSODY_USER @@ -39,7 +40,6 @@ PKG_GROUPS_VARS= PROSODY_GROUP PKG_GROUPS= ${PROSODY_GROUP} PKG_USERS= ${PROSODY_USER}:${PROSODY_GROUP} PKG_GECOS.${PROSODY_USER}= Prosody daemon user -PKG_HOME.${PROSODY_USER}= ${PROSODY_DATA} PKG_SHELL.${PROSODY_USER}= ${NOLOGIN} PKG_SYSCONFSUBDIR= ${PKGBASE} |