diff options
| -rw-r--r-- | security/cyrus-saslauthd/Makefile | 6 | ||||
| -rw-r--r-- | security/cyrus-saslauthd/files/smf/manifest.xml | 55 | ||||
| -rw-r--r-- | security/cyrus-saslauthd/files/smf/saslauthd.sh | 82 |
3 files changed, 141 insertions, 2 deletions
diff --git a/security/cyrus-saslauthd/Makefile b/security/cyrus-saslauthd/Makefile index 09b2ee1a548..a836fc9d16f 100644 --- a/security/cyrus-saslauthd/Makefile +++ b/security/cyrus-saslauthd/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.50 2016/10/17 13:45:45 hans Exp $ +# $NetBSD: Makefile,v 1.51 2016/12/16 15:42:20 hans Exp $ PKGNAME= ${DISTNAME:S/sasl/saslauthd/} -PKGREVISION= 5 +PKGREVISION= 6 CONFLICTS+= cyrus-sasl<2.1.15nb2 .include "../../security/cyrus-sasl/Makefile.common" @@ -23,6 +23,8 @@ BUILD_DIRS= saslauthd .include "options.mk" RCD_SCRIPTS= saslauthd +SMF_METHODS= saslauthd +SMF_NAME= saslauthd FILES_SUBST+= ROOT_USER=${REAL_ROOT_USER:Q} INSTALLATION_DIRS= bin diff --git a/security/cyrus-saslauthd/files/smf/manifest.xml b/security/cyrus-saslauthd/files/smf/manifest.xml new file mode 100644 index 00000000000..8d7c30726a7 --- /dev/null +++ b/security/cyrus-saslauthd/files/smf/manifest.xml @@ -0,0 +1,55 @@ +<?xml version="1.0"?> +<!-- + +This file and its contents are supplied under the terms of the +Common Development and Distribution License ("CDDL"), version 1.0. +You may only use this file in accordance with the terms of version +1.0 of the CDDL. +A full copy of the text of the CDDL should have accompanied this +source. A copy of the CDDL is also available via the Internet at +http://www.illumos.org/license/CDDL. + +--> +<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> +<!-- + Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org> +--> +<service_bundle type='manifest' name='@SMF_NAME@'> + <service name='@SMF_PREFIX@/@SMF_NAME@' type='service' version='1'> + <dependency name='filesystem_minimal' grouping='require_all' restart_on='none' type='service'> + <service_fmri value='svc:/system/filesystem/local' /> + </dependency> + <dependency name='loopback' grouping='require_any' restart_on='error' type='service'> + <service_fmri value='svc:/network/loopback' /> + </dependency> + <dependency name='network' grouping='optional_all' restart_on='error' type='service'> + <service_fmri value='svc:/milestone/network' /> + </dependency> + <instance name='default' enabled='false'> + <exec_method type='method' name='start' exec='@PREFIX@/@SMF_METHOD_FILE.saslauthd@ %m %i' timeout_seconds='60' /> + <exec_method type='method' name='stop' exec=':kill' timeout_seconds='60' /> + <!-- Default property settings for saslauthd(8) instance. --> + <property_group name='options' type='application'> + <!-- authmech: authentication mechanism --> + <propval name='authmech' type='astring' value='pam' /> + <!-- mechopts: authentication mechanism specific options --> + <propval name='mechopts' type='astring' value='' /> + <!-- nthreads: number of threads to use --> + <propval name='nthreads' type='integer' value='' /> + <!-- caching: enable caching of authentication data --> + <propval name='caching' type='boolean' value='true' /> + <!-- sockpath: path to socket for connection requests --> + <propval name='sockpath' type='astring' value='@SASLSOCKETDIR@' /> + </property_group> + </instance> + <stability value='Unstable' /> + <template> + <common_name> + <loctext xml:lang='C'>cyrus-saslauthd</loctext> + </common_name> + <documentation> + <manpage title='saslauthd' section='8' manpath='@PREFIX@/@PKGMANDIR@' /> + </documentation> + </template> + </service> +</service_bundle> diff --git a/security/cyrus-saslauthd/files/smf/saslauthd.sh b/security/cyrus-saslauthd/files/smf/saslauthd.sh new file mode 100644 index 00000000000..f98018572b1 --- /dev/null +++ b/security/cyrus-saslauthd/files/smf/saslauthd.sh @@ -0,0 +1,82 @@ +#!@SMF_METHOD_SHELL@ +# +# $NetBSD: saslauthd.sh,v 1.1 2016/12/16 15:42:20 hans Exp $ +# +# This file and its contents are supplied under the terms of the +# Common Development and Distribution License ("CDDL"), version 1.0. +# You may only use this file in accordance with the terms of version +# 1.0 of the CDDL. +# +# A full copy of the text of the CDDL should have accompanied this +# source. A copy of the CDDL is also available via the Internet at +# http://www.illumos.org/license/CDDL. +# +# Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org> +# + +# smf_method(5) start/stop script required for cyrus-saslauthd + +. /lib/svc/share/smf_include.sh + + +get_config () +{ + cmdopts="" + properties="authmech mechopts nthreads caching sockpath" + + for prop in $properties + do + value=`/usr/bin/svcprop -p options/${prop} ${SMF_FMRI}` + if [ -z "${value}" -o "${value}" = '""' ]; then + continue; + fi + + case $prop in + 'caching') + if [ ${value} = "true" ]; then + cmdopts="${cmdopts} -c" + fi + ;; + 'authmech') + authmech=${value} + ;; + 'mechopts') + cmdopts="${cmdopts} -O ${value}" + ;; + 'nthreads') + if [ ${value} -gt 0 ]; then + cmdopts="${cmdopts} -n ${value}" + fi + ;; + 'sockpath') + cmdopts="${cmdopts} -m ${value}" + sockpath=${value} + ;; + esac + done +} + +result=${SMF_EXIT_OK} + +# Set defaults; SMF_FMRI should have been set, but just in case. +if [ -z "$SMF_FMRI" ]; then + SMF_FMRI="svc:/@SMF_PREFIX@/@SMF_NAME@:${instance}" +fi + +get_config + +if [ -z "${authmech}" ]; then + echo "saslauthd: authmech must be set" + exit ${SMF_EXIT_ERR_CONFIG} +fi + +if [ ! -z "${sockpath}" -a ! -d "${sockpath}" ]; then + mkdir -p ${sockpath} + chmod 0755 ${sockpath} + chown root ${sockpath} +fi + +# Execute spamd with relevant command line options. +ppriv -s A-all -s A+basic,net_privaddr,file_dac_read,file_dac_search,sys_resource,proc_setid -e @PREFIX@/sbin/saslauthd -a ${authmech} ${cmdopts} + +exit $? |