From nobody@FreeBSD.org  Sat Sep 20 20:10:25 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 683FD106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 20 Sep 2008 20:10:25 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 5685C8FC19
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 20 Sep 2008 20:10:25 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id m8KKAOpY011864
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 20 Sep 2008 20:10:24 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id m8KKAOE7011863;
	Sat, 20 Sep 2008 20:10:24 GMT
	(envelope-from nobody)
Message-Id: <200809202010.m8KKAOE7011863@www.freebsd.org>
Date: Sat, 20 Sep 2008 20:10:24 GMT
From: olli hauer <ohauer@gmx.de>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [patch] add authpf folders to BSD.root.dist and BSD.var.dist mtree files
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         127511
>Category:       conf
>Synopsis:       [patch] /usr/sbin/authpf: add authpf folders to BSD.root.dist and BSD.var.dist mtree files
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-pf
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Sep 20 20:20:01 UTC 2008
>Closed-Date:    Tue Mar 31 12:50:30 UTC 2009
>Last-Modified:  Tue Mar 31 12:50:30 UTC 2009
>Originator:     olli hauer
>Release:        
>Organization:
>Environment:
>Description:
Since 6.x authpf is in the base system, but there are two folders missing 
for authpf to work out of the box (/etc/authpf and /var/authpf)

Also it will be nice to have the authpf login calss in login.conf



>How-To-Repeat:
setup a fresh install, create a user and assign authpf as loginshell according to man authpf(8).

unless the folders created manualy authpf does not work
>Fix:


Patch attached with submission follows:

--- etc/login.conf.orig
+++ etc/login.conf
@@ -62,7 +62,10 @@
        :tc=default:
 dialer:\
        :tc=default:
-
+authpf:\
+       :welcome=/etc/motd.authpf:\
+       :shell=/usr/sbin/authpf:\
+       :tc=default:
 #
 # Root can always login
 #
--- etc/mtree/BSD.root.dist.orig
+++ etc/mtree/BSD.root.dist
@@ -24,6 +24,8 @@
     etc
         X11
         ..
+        authpf
+        ..
         bluetooth
         ..
         defaults

--- etc/mtree/BSD.var.dist.orig
+++ etc/mtree/BSD.var.dist
@@ -19,6 +19,11 @@
 /set gname=audit
     audit
     ..
+/set mode=0770
+/set gname=authpf
+    authpf
+    ..
+/set mode=0750
 /set gname=wheel
     backups
     ..


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-pf 
Responsible-Changed-By: remko 
Responsible-Changed-When: Sat Sep 20 20:21:17 UTC 2008 
Responsible-Changed-Why:  
reassign to Pf team since that's their region. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=127511 

From: Max Laier <max@love2party.net>
To: bug-followup@freebsd.org,
 ohauer@gmx.de
Cc:  
Subject: Re: conf/127511: [patch] /usr/sbin/authpf: add authpf folders to BSD.root.dist and BSD.var.dist mtree files
Date: Mon, 22 Sep 2008 00:07:36 +0200

 Leaving this to the administrator was a deliberate choice at the time in order 
 to make sure people who use authpf had read the documentation carefully enough 
 to not shoot themselfs in their feet.  I don't have strong feelings about 
 this, however.  So if people feel that we should rather provide more rope, 
 I'll commit your patch.
 
 Voting time, all in favor say "Aye"?  Keep this on freebsd-pf@ though, please.
 
 --
   Max

From: "Olli Hauer" <ohauer@gmx.de>
To: Max Laier <max@love2party.net>, bug-followup@freebsd.org
Cc:  
Subject: Re: conf/127511: [patch] /usr/sbin/authpf: add authpf folders to
 BSD.root.dist and BSD.var.dist mtree files
Date: Mon, 22 Sep 2008 00:37:47 +0200

 -------- Original-Nachricht --------
 > Datum: Mon, 22 Sep 2008 00:07:36 +0200
 > Von: Max Laier <max@love2party.net>
 > An: bug-followup@freebsd.org, ohauer@gmx.de
 > Betreff: Re: conf/127511: [patch] /usr/sbin/authpf: add authpf folders to BSD.root.dist and BSD.var.dist mtree files
 
 > Leaving this to the administrator was a deliberate choice at the time in
 > order 
 > to make sure people who use authpf had read the documentation carefully
 > enough 
 > to not shoot themselfs in their feet.  I don't have strong feelings about 
 > this, however.  So if people feel that we should rather provide more rope,
 > I'll commit your patch.
 > 
 > Voting time, all in favor say "Aye"?  Keep this on freebsd-pf@ though,
 > please.
 > 
 > --
 >   Max
 
 Hm, normaly everyone expect users are reading the man pages or other manuals.
 Sometime the learning curve will speed up, if you shoot yourself in the food.
 
 Something I missed in the patch (see additional diff)
 
 --- etc/shells.orig 2000-04-27 23:58:46.000000000 +0200
 +++ etc/shells      2008-09-22 00:34:08.000000000 +0200
 @@ -7,3 +7,4 @@
  /bin/sh
  /bin/csh
  /bin/tcsh
 +/usr/sbin/authpf
 
 
 --
  olli
 -- 
 GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
 Jetzt dabei sein: http://www.shortview.de/wasistshortview.php?mc=sv_ext_mf@gmx
State-Changed-From-To: open->closed 
State-Changed-By: mlaier 
State-Changed-When: Tue Mar 31 12:49:33 UTC 2009 
State-Changed-Why:  
No votes have been cas so I'll keep the safety on. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=127511 
>Unformatted:
