12:15 garga 

- Update security/sudo to 1.8.16 [1]
- Pet portlint using (pre|post)[un]exec items in plist

PR:		208111 [1]
Submitted by:	cy [1]
Sponsored by:	Rubicon Communications (Netgate)

 

09:44 garga 

- Update security/sudo to 1.8.15
- Remove patch-plugins__sudoers__Makefile.in, unnecessary on stagedir days
- Remove patch-plugins__sudoers__audit.c, sudo_gettext.h is already included
  by sudoers.h
- Rework patch-plugins__sudoers__sudoers.in to replace pkg_* utilities by
  pkg on message

 

13:34 garga 

Update to 1.8.14p3

 

12:28 garga 

Update to 1.8.14p2

 

13:13 garga 

- Fix installation with DOCS broken by my last commit
- Bump PORTREVISION

Pointyhat to:	garga

 

12:30 garga 

- Replace DISTVERSION by PORTVERSION otherwise it ends up as 1.8.14.p1,
  what is < 1.8.14. [1]
- While I'm here silence portlint warnings re-generating patches with
  make makepatch and removing unnecessary DOCS check

Reported by:	Robert Burmeister [1]

 

13:02 garga 

Update to 1.8.14p1

 

13:15 garga 

Update to 1.8.14

 

10:15 mat 

MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight

 

10:00 robak 

security/sudo: add CPE info

PR:		199367
Submitted by:	Shun <shun.fbsd.pr@dropcut.net>
Approved by:	portmgr blanket

 

11:39 garga 

Update to 1.8.13

 

15:58 garga 

Update to 1.8.12

 

03:39 wxs 

Over to garga@.

I don't have the cycles to handle these higher profile ports anymore.

 

02:05 wxs 

Update to 1.8.11p1

PR:		194259
Submitted by:	cy@ and Yasuhiro KIMURA <yasu@utahime.org>

 

18:34 tijl 

net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample

databases/libgdamm:
- Drop :keepla
- USES=tar:bzip2
- Use INSTALL_TARGET=install-strip

databases/libgdamm5:
- Add INSTALL_TARGET=install-strip
- Drop --enable-static (inherited from old repocopy)

devel/anjuta x11-toolkits/py-gnome-extras:
- Drop :keepla

dns/powerdns dns/powerdns-devel:
- Convert to USES=libtool
- Add INSTALL_TARGET=install-strip
- Disable static modules
- Stop creating library symlinks with .0 suffix, not needed for dynamically
  opened modules

mail/dovecot2:
- Add USES=libtool

mail/dovecot2-pigeonhole:
- Drop CONFIGURE_TARGET (incorrect for Dragonfly)
- Add USES=libtool and INSTALL_TARGET=install-strip

math/gnumeric:
- USES=libtool tar:xz

Approved by:	portmgr (implicit, bump unstaged ports)

 

16:57 adamw 

Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.

 

03:27 wxs 

Update to 1.8.10p3.

 

02:24 wxs 

Add option for sssd.

Submitted by:	petef@

 

17:55 wxs 

Update to 1.8.10p2.

PR:		ports/187567
Submitted by:	Yasuhiro KIMURA <yasu@utahime.org>

 

01:10 adamw 

Use OPTIONS helpers.

 

21:48 wxs 

Update to 1.8.9p5.

PR:		ports/185581
Submitted by:	Yasuhiro KIMURA <yasu@utahime.org>

 

13:28 wxs 

[1]: Update to 1.8.8.
[2]: Switch logging to authpriv.

PR:		[1] ports/182618
Submitted by:	[1] Yasuhiro KIMURA <yasu@utahime.org>
		[2] des@

 

22:55 bapt 

Add NO_STAGE all over the place in preparation for the staging support (cat:
security)

 

22:35 ak 

- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)

 

18:46 wxs 

Fix missing include.

This was causing the "Undefined symbol '_'" message when hitting ^C or
entering an incorect command.

PR:		ports/180262
Submitted by:	Christophe Juniet <c.juniet@gmail.com>

 

00:58 wxs 

Update to 1.8.7.

 

22:30 wxs 

Disable PIE on ARM. This was causing a crash at runtime.

Submitted by:	Lukasz Siemiradzki

 

18:10 ak 

- Convert USE_GETTEXT to USES (part 3)

Approved by:	portmgr (bapt)

 

15:30 wxs 

Update to 1.8.6p8.

Feature safe:	yes

 

01:57 wxs 

Update to 1.8.6p7.

VuXML entry coming in the next day or two tops.

 

18:16 wxs 

Update to 1.8.6p5.

 

15:42 wxs 

Update to 1.8.6.p4.
Trim header.
Remove ia64 fix, included upstream.

 

20:33 wxs 

Disable PIE on ia64. This was causing a run-time failure.

Submitted by:	Anton Shterenlikht, Todd Miller

 

13:36 wxs 

If OPIE option is on we can not pass --with-pam in CONFIGURE_ARGS. Make it
so that OPIE will pass --with-opie and if it is off we pass --with-pam. [1]

No functional changes with this, just a build fix.

While here use tabs where appropriate and cleanup pkg-descr. [2]

Feature safe:	yes

 

13:44 wxs 

Fix the temporary workaround by passing the appropriate flag in
LDFLAGS. Since I want to ensure those who built it on i386 with this
workaround will rebuild it now that it is fixed bump PORTREVISION.

 

02:57 wxs 

Fix build on i386 by disabling hardening measures. This is a temporary
fix until I can figure out what is really going on.

 

01:49 wxs 

Update to 1.8.6p3

PR:		ports/171837
Submitted by:	cy@

 

18:25 wxs 

Update to 1.8.5p3

13:01 wxs 

Fix typo.

PR:             ports/169284
Submitted by:   From: Bryan Drewery <bryan@shatow.net>

01:38 wxs 

Add option to enable OPIE support (off by default). [1]
While here, convert to new-style options.

PR:             ports/168812 [1]
Submitted by:   Zak Blacher <zblacher@sandvine.com> [1]

20:21 wxs 

Update to 1.8.5p2.

15:39 wxs 

Update to 1.8.5p1.

Changes: http://www.sudo.ws/sudo/stable.html#1.8.5p1

14:26 wxs 

Update to 1.8.4p5

Security:       b3435b68-9ee8-11e1-997c-002354ed89bc

15:25 wxs 

Update to 1.8.4p4

Changes from 1.8.4p2 through 1.8.4p4 are here:
http://www.sudo.ws/sudo/stable.html#1.8.4p4

Feature safe:   yes

02:06 wxs 

Update to 1.8.4p2

PR:             ports/165528
Submitted by:   rea@

02:47 wxs 

If you used LDAP and NOPORTDOCS then the documentation directory would be
left behind on install. The upstream Makefile would create the directory
and put sudoers2ldif there, but pkg-plist would not register it properly.

This fix moves sudoers2ldif to 'bin' since it isn't really documentation.
It's installation is still controlled by the LDAP knob though.

Spotted by:     scheidell@

16:37 wxs 

Update to 1.8.3p2

Security:       7c920bb7-4b5f-11e1-9f47-00e0815b8da8

17:18 wxs 

Switch to using MASTER_SITE_SUDO.

15:26 miwi 

- Remove WITH_FBSD10_FIX, is no longer needed

14:13 wxs 

- Use DISTNAME instead of DISTFILES and remove WRKSRC.

Submitted by:   sunpoet@

14:24 wxs 

Fix version number going backwards.

Noticed by:     erwin@

02:49 wxs 

- Update to 1.8.3p1

10:31 kwm 

Fix build on FreeBSD 10

Approved by:    portmgr (miwi)

15:00 wxs 

- Update to 1.8.3.

22:26 amdmi3 

- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav

01:30 wxs 

- Switch to using bsd.port.options.mk.

18:07 wxs 

- Update to 1.8.2
- Now depend on gettext
- While here, use DISTVERSION.

21:35 wxs 

- Remove dead MASTER_SITES.

Noticed by:     The Distilator

19:33 wxs 

Update to 1.8.1p2

14:30 wxs 

Add an AUDIT option, which is off by default for now. I will turn it on
with the next significant bump.

Submitted by:   Mike Kelly (private mail)

13:50 wxs 

Update to 1.8.1p1.
No longer need to worry about etc/sudoers.d problem, as it is no longer
a fatal error.

19:43 wxs 

The install process checks the validity of sudoers before installing
etc/sudoers.d. If you have an sudoers with the includedir directive the
install will fail. Fix this by creating the directory in a pre-install
target.

This should fix "The Great sudo Debacle of 2011" once and for all.

Tested by:      dougb@

16:50 wxs 

Revert the removal of sudoers.d. It is a POLA violation. While here remove
the UPDATING entry as it no longer applies.

12:47 wxs 

We don't install a sudoers.d, remove that from the default sudoers file.

PR:             ports/156305
Submitted by:   Helmut Schneider <jumper99@gmx.de>
                Anatoly Borodin <anatoly.borodin@gmail.com>

01:39 wxs 

Update to 1.8.1. There are a lot of behind-the-scenes changes in this port,
including a plugin system now.

While here, do some whitespace fixes.

18:32 wxs 

Update to 1.7.4p6.

"This release fixes a bug in the I/O logging support that could cause visual
artifacts in full-screen programs such as text editors.  This bug was listed as
fixed in sudo 1.7.4p5 but the fix was merged incorrectly."

Feature safe:   yes

20:00 wxs 

Update to 1.7.4p5.

Special thanks to rea@ for commiting the appropriate VuXML for me. :)

PR:             ports/153939
Submitted by:   rea@
Security:       908f4cf2-1e8b-11e0-a587-001b77d09812
Feature safe:   yes

23:34 wxs 

Work around annoying, but harmless, bug with install(1) using "-b~" by changing
it to use "-b ~".
While here also strip libsudo_noexec.so.

Submitted by:   John Hein (private mail)

01:51 wxs 

Add a bunch of new mirrors and remove dead ones. The mirror list now matches
http://www.sudo.ws/sudo/download_mirrors.html.

Noticed by:     The Distilator

00:25 wxs 

Remove SHELL_SETS_HOME knob since as far as I can tell it doesn't do anything
anymore. The configure script still supports it but the behavior is now
controlled by a setting in the configuration file "Defaults env_keep += HOME".

20:46 wxs 

Fix packaging.

PR:             ports/150371
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>, dim@

18:13 wxs 

Update to 1.7.4p4 to address a couple of minor bugs and Runas group
vulnerability.
While I'm here also cleanup files/patch-Makefile.in.

Security:       67b514c3-ba8f-11df-8f6e-000c29a67389

21:33 wxs 

Fix package installation by correcting usage of %B and installing a file
to make sure the empty directory is created.

PR:             ports/149912
Submitted by:   Alexey V.Degtyarev <alexey@renatasystems.org>

12:32 wxs 

Strip the binaries by default. No need to bump PORTREVISION for such a
minor change.

PR:             ports/149135
Submitted by:   Anonymous <swell.k@gmail.com>

01:58 wxs 

Update to 1.7.4p3
Install etc/pam.d/sudo and etc/pam.d/sudo.default

13:06 wxs 

Fix problems when upgrading using packages:
 - Always install sudoers.sample.
 - There is no need for pkg-install anymore.
 - Bump PORTREVISION.

02:16 wxs 

Update to 1.7.4p2.

16:34 wxs 

Remove unsupported argument to configure.

PR:             ports/148378
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com>
Feature safe:   yes

18:56 wxs 

Update to 1.7.3

Feature safe:   yes

00:11 wxs 

Update to 1.7.2p7.

Security:       d42e5b66-6ea0-11df-9c8d-00e0815b8da8

20:55 wxs 

- Update to 1.7.2p6 (security fix).

Security:       1a9f678d-48ca-11df-85f8-000c29a67389

17:48 wxs 

- Update to 1.7.2p5. Security fix (1.7.2p4) and general bug fixes beyond that.

Security:       018a84d0-2548-11df-b4a3-00e0815b8da8
Feature safe:   yes

14:57 wxs 

- Fix options screen to have a shorter description.

Noticed by:     garga@

21:28 wxs 

- Update to 1.7.2.2
- Mark jobs safe
- Cleanup whitespace in OPTIONS
- [1] Add ability to specify syslog facility at build time (defaults to local2,
  no functional change)
- [2] Add ability to specify ldap configuration file (defaults to
  ${PREFIX}/etc/ldap.conf, no functional change)

PR:             [2]: ports/127822
Submitted by:   [1]: skreuzer@ (private mail)
                [2]: Sergey Skvortsov <skv@freebsd.org>

17:55 wxs 

- Take maintainer. Thanks Tom for all your hard work on this.

Approved by:    tmclaugh

00:46 tmclaugh 

Add OPTIONS for WITH_DISABLE_ROOT_SUDO, WITH_DISABLE_AUTH, and
WITH_NOARGS_SHELL

Submitted by:   Scott Fultz

19:35 tmclaugh 

Security update for sudo to 1.6.9p20 for CVE 2009-0034

Changes:
- Only use the cached supplementory group vector when matching groups
  for the invoking user. (security)
- When setting the umask, use the union of the user's umask and the
  default value set in sudoers so that we never lower the user's umask
  when running a command.
- Sudo now operates in the C locale again when doing a match against
  sudoers.

PR:             131446
Submitted by:   Eygene Ryabinkin
Security:       vid:13d6d997-f455-11dd-8516-001b77d09812

06:18 rafan 

Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
 - Remove CONFIGURE_TARGET hack in various bsd.*.mk
 - USE_GNOME=gnometarget is now an no-op

Changes to individual ports, other than removing the CONFIGURE_TARGET hack:

= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
  - comms/gnuradio
  - science/abinit
  - science/elmer-fem
  - science/elmer-matc
  - science/elmer-meshgen2d
  - science/elmerfront
  - science/elmerpost

= use x86_64 as ARCH
  - devel/g-wrap

= other changes
  - print/magicfilter
    GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf

Total # of ports modified:  1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)

PR:             126524 (obsoletes 52917)
Submitted by:   rafan
Tested on:      two pointyhat 7-amd64 exp runs (by pav)
Approved by:    portmgr (pav)

23:20 tmclaugh 

- Update to 1.6.9p17
* the -i flag implies resetting the environment as it did prior to
  1.6.9.  The -i and -E flags are now mutually-exclusive.

14:00 tmclaugh 

- Fix pkg-plist, libtool archive is no longer installed.

Prompted by:    pavmail

16:44 tmclaugh 

- Update to 1.6.9p15
* The HOME environment variable is once again preserved by default, as per
  the documentation.

- Finally remember to fix the $FreeBSD$ line in pam file.

20:51 tmclaugh 

- Update to 1.6.9p14

* Check sudoers even if user is found in LDAP so Defaults can take
  effect.
* Fix crash when pam_lastlog is (incorrectly) usesd in session section
  of PAM file.

06:29 tmclaugh 

Update to 1.6.9p12

Changes:
- The ALL command in sudoers now implies SETENV permissions.
- The command search is now performed using the target user's auxiliary
  group vector too.
- Various LDAP code improvements.
- Added passprompt_override flag to sudoers to cause sudo's prompt to be
  used in all cases.  Also set when the -p flag is used.
- New %p prompt escape that expands to the user whose password is being
  prompted, as specified by the rootpw, targetpw and runaspw sudoers
  flags.

01:21 tmclaugh 

- Make fetchable again.  Add my MASTER_SITE_LOCAL to the mix and replace
  a number of outdated sites.

Notified by:    Ferenc Gartner
Approved by:    portmgr (linimon, erwin)

00:46 tmclaugh 

Update to 1.6.9p6
- Sudo now only prints the password prompt if the process is in the
  foreground.

14:55 tmclaugh 

Update to 1.6.9p5:
- Fixed a bug in the IP address matching introduced by the IPV6 merge.
- Fixed sudoedit when used on a non-existent file.
- Groups and netgroups are now valid in an LDAP sudoRunas statement.

17:13 tmclaugh 

Install schema.OpenLDAP into DOCSDIR.

Prompted by:    flz

19:40 tmclaugh 

Update to 1.6.9p4
- IPv6 support added.
- Added notes to default sudoers for handling environmental variables
  related to our pkg_* tools and portupgrade.

00:14 tmclaugh 

- Work around broken configure script and explicitly set location of
  sudo_noexec.so to unbreak NOEXEC option. [1]
- Build using --with-secure-path if SUDO_SECURE_PATH is set when
  building the port.  SUDO_SECURE_PATH should be set to a PATH string.
  [2]
- Don't bother deleting sudo_noexec.la.  Deleting the file after it's
  installed is ugly and since it's not harmful it's not worth patching
  the install.
- Set CONFIGURE_TARGET.

PR:             115442 [1], 115381 [2]
Submitted by:   vd [1], Janos Mohacsi [2]

00:56 tmclaugh 

Fix session stack in default pam file.