diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/courier-authlib/DEINSTALL | 25 | ||||
-rw-r--r-- | security/courier-authlib/DESCR | 18 | ||||
-rw-r--r-- | security/courier-authlib/MESSAGE | 8 | ||||
-rw-r--r-- | security/courier-authlib/Makefile | 79 | ||||
-rw-r--r-- | security/courier-authlib/Makefile.common | 17 | ||||
-rw-r--r-- | security/courier-authlib/PLIST | 30 | ||||
-rw-r--r-- | security/courier-authlib/distinfo | 5 | ||||
-rw-r--r-- | security/courier-authlib/files/authdaemond.sh | 46 | ||||
-rw-r--r-- | security/courier-authlib/options.mk | 93 | ||||
-rw-r--r-- | security/courier-authlib/patches/patch-aa | 98 |
10 files changed, 419 insertions, 0 deletions
diff --git a/security/courier-authlib/DEINSTALL b/security/courier-authlib/DEINSTALL new file mode 100644 index 00000000000..82e9db36334 --- /dev/null +++ b/security/courier-authlib/DEINSTALL @@ -0,0 +1,25 @@ +# $NetBSD: DEINSTALL,v 1.1.1.1 2005/02/10 03:21:30 jlam Exp $ + +case ${STAGE} in +DEINSTALL) + # + # Note some additional files that are may be created by the + # sysadmin that can probably be removed. + # + if ${TEST} -x ./+FILES; then + { ${ECHO} "# FILE: ${PKG_SYSCONFDIR}/userdb . /dev/null"; + ${ECHO} "# FILE: ${PKG_SYSCONFDIR}/userdb.dat . /dev/null"; + ${ECHO} "# FILE: ${PKG_SYSCONFDIR}/userdbshadow.dat . /dev/null"; + } >> ./+FILES + fi + ;; + +POST-DEINSTALL) + # + # Unconditionally remove authdaemon state directory as it contains + # files and sockets that authdaemond creates every time it is + # started. + # + ${RM} -rf @AUTHDAEMONVAR@ + ;; +esac diff --git a/security/courier-authlib/DESCR b/security/courier-authlib/DESCR new file mode 100644 index 00000000000..4d43fe864f0 --- /dev/null +++ b/security/courier-authlib/DESCR @@ -0,0 +1,18 @@ +The Courier authentication library provides authentication services for +other Courier applications. In this context, the term "authentication" +refers to the following functions: + + 1. Take a userid or a loginid, and a password. Determine whether the + loginid and the password are valid. + 2. Given a userid, obtain the following information about the userid: + + A. The account's home directory. + B. The numeric system userid and groupid that owns all files + associated with this account. + C. The location of the account's maildir. + D. Any maildir quota defined for this account. See the Courier + documentation for more information on maildir quotas. + E. Other miscellaneous account-specific options. + + 3. Change the password associated with a loginid. + 4. Obtain a complete list of all loginids. diff --git a/security/courier-authlib/MESSAGE b/security/courier-authlib/MESSAGE new file mode 100644 index 00000000000..6fce3a8e6b4 --- /dev/null +++ b/security/courier-authlib/MESSAGE @@ -0,0 +1,8 @@ +=========================================================================== +$NetBSD: MESSAGE,v 1.1.1.1 2005/02/10 03:21:30 jlam Exp $ + +To enable changing the system password via a Courier authentication +module, the following packages will need to be installed: + + tcl-expect Tcl extension for scripting of interactive programs +=========================================================================== diff --git a/security/courier-authlib/Makefile b/security/courier-authlib/Makefile new file mode 100644 index 00000000000..c1b7998c0c6 --- /dev/null +++ b/security/courier-authlib/Makefile @@ -0,0 +1,79 @@ +# $NetBSD: Makefile,v 1.1.1.1 2005/02/10 03:21:30 jlam Exp $ + +.include "Makefile.common" + +DISTNAME= courier-authlib-0.53 +COMMENT= Courier Authentication Library +CATEGORIES= security +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=courier/} +EXTRACT_SUFX= .tar.bz2 + +CONFLICTS+= courier-auth-[0-9]* +CONFLICTS+= courier-authldap-[0-9]* +CONFLICTS+= courier-authmysql-[0-9]* +CONFLICTS+= courier-authpgsql-[0-9]* + +USE_GNU_TOOLS+= make +USE_BUILDLINK3= yes +USE_LIBTOOL= yes +PKG_SYSCONFSUBDIR= authlib + +USE_PERL5= run +REPLACE_PERL= sysconftool + +CONFIGURE_ARGS+= --with-pkgconfdir=${PKG_SYSCONFDIR} +CONFIGURE_ARGS+= --without-stdheaderdir + +AUTHDAEMONVAR?= ${VARBASE}/authdaemon +CONFIGURE_ARGS+= --with-authdaemonvar=${AUTHDAEMONVAR} +OWN_DIRS_PERMS= ${AUTHDAEMONVAR} ${COURIER_USER} ${COURIER_GROUP} 0750 +FILES_SUBST+= AUTHDAEMONVAR=${AUTHDAEMONVAR} + +# Expect is used to change the password from within the courier webmail +# application (sqwebmail). +# +CONFIGURE_ENV+= EXPECT="${LOCALBASE}/bin/expect" + +AUTHLIBDIR= lib/courier-authlib +AUTHLIBEXECDIR= libexec/courier-authlib +AUTHEXAMPLEDIR= share/examples/courier-authlib +FILES_SUBST+= AUTHLIBEXECDIR=${AUTHLIBEXECDIR} +FILES_SUBST+= AUTHEXAMPLEDIR=${AUTHEXAMPLEDIR} + +EGDIR= ${PREFIX}/${AUTHEXAMPLEDIR} +RCD_SCRIPTS= authdaemond +GEN_FILES= authdaemonrc +FILES_SUBST+= GEN_FILES=${GEN_FILES:Q} +AUTHLIB_PLIST= ${AUTHEXAMPLEDIR}/authdaemonrc.dist + +DEINSTALL_EXTRA_TMPL+= ${.CURDIR}/DEINSTALL + +# Install the example config files into ${EGDIR}. +INSTALL_MAKE_FLAGS= ${MAKE_FLAGS} \ + authdaemonrc=${EGDIR}/authdaemonrc \ + authldaprc=${EGDIR}/authldaprc \ + authmysqlrc=${EGDIR}/authmysqlrc \ + authpgsqlrc=${EGDIR}/authpgsqlrc + +.include "options.mk" +.include "../../devel/libltdl/buildlink3.mk" + +.for _file_ in ${GEN_FILES} +CONF_FILES_PERMS+= ${EGDIR}/${_file_}.dist ${PKG_SYSCONFDIR}/${_file_} \ + ${COURIER_USER} ${COURIER_GROUP} 0660 +.endfor + +.for _file_ in ${AUTHLIB_PLIST} +GENERATE_PLIST+= ${TEST} -f ${PREFIX}/${_file_} && ${ECHO} "${_file_}"; +.endfor +GENERATE_PLIST+= ${ECHO} "@dirrm ${AUTHEXAMPLEDIR}"; +GENERATE_PLIST+= ${ECHO} "@dirrm ${AUTHLIBEXECDIR}"; +GENERATE_PLIST+= ${ECHO} "@dirrm ${AUTHLIBDIR}"; + +INSTALLATION_DIRS= ${EGDIR} ${PREFIX}/sbin + +post-install: + ${INSTALL_DATA} ${WRKSRC}/authldap.schema ${EGDIR} + ${INSTALL_SCRIPT} ${WRKSRC}/sysconftool ${PREFIX}/sbin + +.include "../../mk/bsd.pkg.mk" diff --git a/security/courier-authlib/Makefile.common b/security/courier-authlib/Makefile.common new file mode 100644 index 00000000000..89dbe1214a8 --- /dev/null +++ b/security/courier-authlib/Makefile.common @@ -0,0 +1,17 @@ +# $NetBSD: Makefile.common,v 1.1.1.1 2005/02/10 03:21:30 jlam Exp $ + +MAINTAINER= jlam@NetBSD.org +HOMEPAGE= http://www.courier-mta.org/ + +COURIER_USER?= courier +COURIER_GROUP?= courier +FILES_SUBST+= COURIER_USER=${COURIER_USER} +FILES_SUBST+= COURIER_GROUP=${COURIER_GROUP} + +USE_PKGINSTALL= yes +PKG_GROUPS= ${COURIER_GROUP} +PKG_USERS= ${COURIER_USER}:${COURIER_GROUP}::Courier\\ user + +GNU_CONFIGURE= yes +CONFIGURE_ARGS+= --with-mailuser=${COURIER_USER} +CONFIGURE_ARGS+= --with-mailgroup=${COURIER_GROUP} diff --git a/security/courier-authlib/PLIST b/security/courier-authlib/PLIST new file mode 100644 index 00000000000..6d83cdb06ef --- /dev/null +++ b/security/courier-authlib/PLIST @@ -0,0 +1,30 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2005/02/10 03:21:30 jlam Exp $ +bin/courierauthconfig +include/courier_auth_config.h +include/courierauth.h +include/courierauthdebug.h +include/courierauthsasl.h +include/courierauthsaslclient.h +lib/courier-authlib/libcourierauth.la +lib/courier-authlib/libcourierauthcommon.la +lib/courier-authlib/libcourierauthsasl.la +lib/courier-authlib/libcourierauthsaslclient.la +libexec/courier-authlib/authdaemond +libexec/courier-authlib/authsystem.passwd +man/man1/courierlogger.1 +man/man3/auth_enumerate.3 +man/man3/auth_generic.3 +man/man3/auth_getoption.3 +man/man3/auth_getuserinfo.3 +man/man3/auth_login.3 +man/man3/auth_passwd.3 +man/man3/auth_sasl.3 +man/man3/authlib.3 +man/man8/makeuserdb.8 +man/man8/userdb.8 +man/man8/userdbpw.8 +sbin/authdaemond +sbin/authenumerate +sbin/authtest +sbin/courierlogger +sbin/sysconftool diff --git a/security/courier-authlib/distinfo b/security/courier-authlib/distinfo new file mode 100644 index 00000000000..76240e00b24 --- /dev/null +++ b/security/courier-authlib/distinfo @@ -0,0 +1,5 @@ +$NetBSD: distinfo,v 1.1.1.1 2005/02/10 03:21:30 jlam Exp $ + +SHA1 (courier-authlib-0.53.tar.bz2) = 98ee21462a81452c4b637b66b1e71ab1d49e0caa +Size (courier-authlib-0.53.tar.bz2) = 1966836 bytes +SHA1 (patch-aa) = ef333fefd1331d577d9fdad50d7dcc6e28283d58 diff --git a/security/courier-authlib/files/authdaemond.sh b/security/courier-authlib/files/authdaemond.sh new file mode 100644 index 00000000000..2d446d3b6ac --- /dev/null +++ b/security/courier-authlib/files/authdaemond.sh @@ -0,0 +1,46 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: authdaemond.sh,v 1.1.1.1 2005/02/10 03:21:31 jlam Exp $ +# +# Courier user authentication daemon +# +# PROVIDE: authdaemond +# REQUIRE: LOGIN + +. /etc/rc.subr + +name="authdaemond" +rcvar=${name} +command="@PREFIX@/sbin/courierlogger" +ctl_command="@PREFIX@/@AUTHLIBEXECDIR@/authdaemond" +pidfile="@AUTHDAEMONVAR@/pid" +required_files="@PKG_SYSCONFDIR@/authdaemonrc" + +start_cmd="courier_doit start" +stop_cmd="courier_doit stop" + +courier_doit() +{ + action=$1 + case ${action} in + start) + for f in $required_files; do + if [ ! -r "$f" ]; then + @ECHO@ 1>&2 "$0: WARNING: $f is not readable" + if [ -z $rc_force ]; then + return 1 + fi + fi + done + @ECHO@ "Starting ${name}." + ;; + stop) + @ECHO@ "Stopping ${name}." + ;; + esac + + ${ctl_command} ${action} +} + +load_rc_config $name +run_rc_command "$1" diff --git a/security/courier-authlib/options.mk b/security/courier-authlib/options.mk new file mode 100644 index 00000000000..a67fa1214a4 --- /dev/null +++ b/security/courier-authlib/options.mk @@ -0,0 +1,93 @@ +# $NetBSD: options.mk,v 1.1.1.1 2005/02/10 03:21:31 jlam Exp $ + +PKG_OPTIONS_VAR= PKG_OPTIONS.courier-authlib +PKG_SUPPORTED_OPTIONS= PAM bdb ldap mysql pgsql + +.if !defined(PKG_OPTIONS.courier-auth) +PKG_DEFAULT_OPTIONS+= bdb +.endif +.include "../../mk/bsd.options.mk" + +### +### UNIX (shadow) password authentication +### +AUTHLIB_PLIST+= ${AUTHLIBDIR}/libauthpwd.la +AUTHLIB_PLIST+= ${AUTHLIBDIR}/libauthshadow.la + +### +### PAM authentication +### +.if !empty(PKG_OPTIONS:MPAM) +. include "../../mk/pam.buildlink3.mk" +CONFIGURE_ARGS+= --with-authpam +AUTHLIB_PLIST+= ${AUTHLIBDIR}/libauthpam.la +.else +CONFIGURE_ARGS+= --without-authpam +.endif + +### +### Berkeley DB password authentication +### +.if !empty(PKG_OPTIONS:Mbdb) +USE_DB185= yes +. include "../../mk/bdb.buildlink3.mk" +CONFIGURE_ARGS+= --with-db=db +CONFIGURE_ARGS+= --with-authuserdb +AUTHLIB_PLIST+= ${AUTHLIBDIR}/libauthuserdb.la +AUTHLIB_PLIST+= ${AUTHLIBEXECDIR}/makedatprog +AUTHLIB_PLIST+= sbin/vchkpw2userdb +AUTHLIB_PLIST+= sbin/pw2userdb +AUTHLIB_PLIST+= sbin/makeuserdb +AUTHLIB_PLIST+= sbin/userdb +AUTHLIB_PLIST+= sbin/userdbpw +AUTHLIB_PLIST+= sbin/userdb-test-cram-md5 +.else +CONFIGURE_ARGS+= --without-authuserdb +PLIST_SUBST+= BDB="@comment " +.endif + +### +### LDAP authentication +### +.if !empty(PKG_OPTIONS:Mldap) +. include "../../databases/openldap/buildlink3.mk" +CONFIGURE_ARGS+= --with-authldap +AUTHLIB_PLIST+= ${AUTHLIBDIR}/libauthldap.la +AUTHLIB_PLIST+= ${AUTHEXAMPLEDIR}/authldaprc.dist +AUTHLIB_PLIST+= ${AUTHEXAMPLEDIR}/authldap.schema +GEN_FILES+= authldaprc +.else +CONFIGURE_ARGS+= --without-authldap +.endif + +### +### MySQL authentication +### +.if !empty(PKG_OPTIONS:Mmysql) +. include "../../databases/mysql4-client/buildlink3.mk" +CONFIGURE_ARGS+= --with-authmysql +AUTHLIB_PLIST+= ${AUTHLIBDIR}/libauthmysql.la +AUTHLIB_PLIST+= ${AUTHEXAMPLEDIR}/authmysqlrc.dist +GEN_FILES+= authmysqlrc +.else +CONFIGURE_ARGS+= --without-authmysql +.endif + +### +### PostgreSQL authentication +### +.if !empty(PKG_OPTIONS:Mpgsql) +. include "../../mk/pgsql.buildlink3.mk" +CONFIGURE_ARGS+= --with-authpgsql +AUTHLIB_PLIST+= ${AUTHLIBDIR}/libauthpgsql.la +AUTHLIB_PLIST+= ${AUTHEXAMPLEDIR}/authpgsqlrc.dist +GEN_FILES+= authpgsqlrc +.else +CONFIGURE_ARGS+= --without-authpgsql +.endif + +### +### We never build the following modules (unsupported by author). +### +CONFIGURE_ARGS+= --without-authvchkpw +CONFIGURE_ARGS+= --without-authcustom diff --git a/security/courier-authlib/patches/patch-aa b/security/courier-authlib/patches/patch-aa new file mode 100644 index 00000000000..818ddab0c6d --- /dev/null +++ b/security/courier-authlib/patches/patch-aa @@ -0,0 +1,98 @@ +$NetBSD: patch-aa,v 1.1.1.1 2005/02/10 03:21:31 jlam Exp $ + +--- Makefile.in.orig 2005-01-11 21:42:54.000000000 -0500 ++++ Makefile.in +@@ -608,8 +608,8 @@ authdaemondprog_SOURCES = authdaemond.c + authdaemondprog_DEPENDENCIES = libcourierauthcommon.la \ + liblock/liblock.la $(modules) + +-authdaemondprog_LDADD = $(LIBLTDL) libcourierauthcommon.la liblock/liblock.la +-authdaemondprog_LDFLAGS = -export-dynamic $(modules:%=-dlopen %) @NETLIBS@ ++authdaemondprog_LDADD = $(LIBLTDL) libcourierauthcommon.la liblock/liblock.la $(DL_LIBS) ++authdaemondprog_LDFLAGS = -export-dynamic $(modules:%=-dlopen %) $(DL_LDFLAGS) @NETLIBS@ + authdaemontest_SOURCES = authdaemontest.c + authdaemontest_DEPENDENCIES = libcourierauthcommon.la + authdaemontest_LDADD = libcourierauthcommon.la @NETLIBS@ +@@ -1437,14 +1437,12 @@ vpopmail_config.h: + authpgsqllib.lo: authpgsqllib.c authpgsqlrc.h + + @HAVE_AUTHPGSQL_TRUE@install-authpgsqlrc: +-@HAVE_AUTHPGSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname @authpgsqlrc@` +-@HAVE_AUTHPGSQL_TRUE@ $(INSTALL_DATA) -m 660 $(srcdir)/authpgsqlrc \ +-@HAVE_AUTHPGSQL_TRUE@ $(DESTDIR)@authpgsqlrc@.dist +-@HAVE_AUTHPGSQL_TRUE@ -chown @mailuser@ $(DESTDIR)@authpgsqlrc@.dist +-@HAVE_AUTHPGSQL_TRUE@ -chgrp @mailgroup@ $(DESTDIR)@authpgsqlrc@.dist ++@HAVE_AUTHPGSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname $(authpgsqlrc)` ++@HAVE_AUTHPGSQL_TRUE@ $(INSTALL_DATA) $(srcdir)/authpgsqlrc \ ++@HAVE_AUTHPGSQL_TRUE@ $(DESTDIR)$(authpgsqlrc).dist + + @HAVE_AUTHPGSQL_TRUE@uninstall-authpgsqlrc: +-@HAVE_AUTHPGSQL_TRUE@ rm -f $(DESTDIR)@authpgsqlrc@.dist ++@HAVE_AUTHPGSQL_TRUE@ rm -f $(DESTDIR)$(authpgsqlrc).dist + + @HAVE_AUTHPGSQL_FALSE@install-authpgsqlrc: + @HAVE_AUTHPGSQL_FALSE@ @: +@@ -1458,14 +1456,12 @@ authpgsqlrc.h: + authldaplib.lo: authldaplib.c authldaprc.h + + @HAVE_LDAP_TRUE@install-authldaprc: +-@HAVE_LDAP_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname @authldaprc@` +-@HAVE_LDAP_TRUE@ $(INSTALL_DATA) -m 660 $(srcdir)/authldaprc \ +-@HAVE_LDAP_TRUE@ $(DESTDIR)@authldaprc@.dist +-@HAVE_LDAP_TRUE@ -chown @mailuser@ $(DESTDIR)@authldaprc@.dist +-@HAVE_LDAP_TRUE@ -chgrp @mailgroup@ $(DESTDIR)@authldaprc@.dist ++@HAVE_LDAP_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname $(authldaprc)` ++@HAVE_LDAP_TRUE@ $(INSTALL_DATA) $(srcdir)/authldaprc \ ++@HAVE_LDAP_TRUE@ $(DESTDIR)$(authldaprc).dist + + @HAVE_LDAP_TRUE@uninstall-authldaprc: +-@HAVE_LDAP_TRUE@ rm -f $(DESTDIR)@authldaprc@.dist ++@HAVE_LDAP_TRUE@ rm -f $(DESTDIR)$(authldaprc).dist + + @HAVE_LDAP_FALSE@install-authldaprc: + @HAVE_LDAP_FALSE@ @: +@@ -1479,14 +1475,12 @@ authldaprc.h: + authmysqllib.lo: authmysqllib.c authmysqlrc.h + + @HAVE_AUTHMYSQL_TRUE@install-authmysqlrc: +-@HAVE_AUTHMYSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname @authmysqlrc@` +-@HAVE_AUTHMYSQL_TRUE@ $(INSTALL_DATA) -m 660 $(srcdir)/authmysqlrc \ +-@HAVE_AUTHMYSQL_TRUE@ $(DESTDIR)@authmysqlrc@.dist +-@HAVE_AUTHMYSQL_TRUE@ -chown @mailuser@ $(DESTDIR)@authmysqlrc@.dist +-@HAVE_AUTHMYSQL_TRUE@ -chgrp @mailgroup@ $(DESTDIR)@authmysqlrc@.dist ++@HAVE_AUTHMYSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname $(authmysqlrc)` ++@HAVE_AUTHMYSQL_TRUE@ $(INSTALL_DATA) $(srcdir)/authmysqlrc \ ++@HAVE_AUTHMYSQL_TRUE@ $(DESTDIR)$(authmysqlrc).dist + + @HAVE_AUTHMYSQL_TRUE@uninstall-authmysqlrc: +-@HAVE_AUTHMYSQL_TRUE@ rm -f $(DESTDIR)@authmysqlrc@.dist ++@HAVE_AUTHMYSQL_TRUE@ rm -f $(DESTDIR)$(authmysqlrc).dist + + @HAVE_AUTHMYSQL_FALSE@install-authmysqlrc: + @HAVE_AUTHMYSQL_FALSE@ @: +@@ -1498,12 +1492,10 @@ authmysqlrc.h: + echo "#define AUTHMYSQLRC \"@authmysqlrc@\"" >authmysqlrc.h + + install-authdaemonrc: +- $(mkinstalldirs) $(DESTDIR)`dirname @authdaemonrc@` ++ $(mkinstalldirs) $(DESTDIR)`dirname $(authdaemonrc)` + sed 's/@ALLMODULES@/$(modules:lib%.la=%)/' <authdaemonrc >authdaemonrc.tmp +- $(INSTALL_DATA) -m 660 authdaemonrc.tmp $(DESTDIR)@authdaemonrc@.dist ++ $(INSTALL_DATA) authdaemonrc.tmp $(DESTDIR)$(authdaemonrc).dist + rm -f authdaemonrc.tmp +- -chown @mailuser@ $(DESTDIR)@authdaemonrc@.dist +- -chgrp @mailgroup@ $(DESTDIR)@authdaemonrc@.dist + + uninstall-authdaemonrc: + rm -f $(DESTDIR)@authdaemonrc@.dist +@@ -1557,10 +1549,6 @@ install-exec-hook: + $(mkinstalldirs) $(DESTDIR)$(sbindir) + $(mkinstalldirs) $(DESTDIR)$(pkglibexecdir) + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) authdaemondprog $(DESTDIR)$(pkglibexecdir)/authdaemond +- $(mkinstalldirs) $(DESTDIR)@authdaemonvar@ +- chmod 750 $(DESTDIR)@authdaemonvar@ +- -chown @mailuser@ $(DESTDIR)@authdaemonvar@ +- -chgrp @mailgroup@ $(DESTDIR)@authdaemonvar@ + test "@LIBAUTHUSERDB@" = "" && exit 0 ;\ + $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) makedat/makedatprog \ + $(DESTDIR)$(pkglibexecdir)/makedatprog ; \ |