From bkoenig@alpha-tierchen.de  Sat Mar 29 07:07:32 2008
Return-Path: <bkoenig@alpha-tierchen.de>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CBD42106566B
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 29 Mar 2008 07:07:32 +0000 (UTC)
	(envelope-from bkoenig@alpha-tierchen.de)
Received: from mail.liberty-hosting.de (mail.smartterra.de [195.225.132.203])
	by mx1.freebsd.org (Postfix) with ESMTP id 911788FC18
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 29 Mar 2008 07:07:32 +0000 (UTC)
	(envelope-from bkoenig@alpha-tierchen.de)
Received: from home.alpha-tierchen.de (port-212-202-42-206.dynamic.qsc.de [212.202.42.206])
	by mail.liberty-hosting.de (Postfix) with ESMTP id E86533E9F73;
	Sat, 29 Mar 2008 08:05:26 +0100 (CET)
Received: from muhkuh.lan (muhkuh.lan [192.168.1.2])
	by home.alpha-tierchen.de (Postfix) with SMTP id 4A58F2844B;
	Sat, 29 Mar 2008 08:07:28 +0100 (CET)
Received: by muhkuh.lan (sSMTP sendmail emulation); Sat, 29 Mar 2008 08:07:33 +0100
Message-Id: <20080329070728.4A58F2844B@home.alpha-tierchen.de>
Date: Sat, 29 Mar 2008 08:07:33 +0100
From: "Bjrn Knig" <bkoenig@alpha-tierchen.de>
Reply-To: Bjoern Koenig <bkoenig@alpha-tierchen.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc: portmgr@freebsd.org
Subject: Disable security checks of ports optionally.
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         122224
>Category:       ports
>Synopsis:       bsd.port.mk: Disable security checks of ports optionally.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    portmgr
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 29 07:10:01 UTC 2008
>Closed-Date:    Mon Apr 14 16:48:15 UTC 2008
>Last-Modified:  Mon Apr 14 16:50:20 UTC 2008
>Originator:     Bjrn Knig
>Release:        
>Organization:
>Environment:
>Description:
	After a port has been installed and registered some security checks
	will be performed. These checks are relatively time-consuming. This
	is generally not a problem, but on very slow machines (e.g. embedded
	hardware) these checks may hurt.

	Therefore I suggest to introduce a DISABLE_SECURITY_CHECK variable
	that a user can set in /etc/make.conf or specify at command line.

>How-To-Repeat:
	
>Fix:

	

--- DISABLE_SECURITY_CHECK.diff begins here ---
diff --git a/Mk/bsd.port.mk b/Mk/bsd.port.mk
index 431703e..b9bd22b 100644
--- a/Mk/bsd.port.mk
+++ b/Mk/bsd.port.mk
@@ -3900,6 +3900,7 @@ install-ldconfig-file:
 .endif
 .endif
 
+.if !defined(DISABLE_SECURITY_CHECK)
 .if !target(security-check)
 .if !defined(OLD_SECURITY_CHECK)
 
@@ -4034,6 +4035,10 @@ security-check:
 	fi
 .endif # !defined(OLD_SECURITY_CHECK)
 .endif
+.else # i.e. defined(DISABLE_SECURITY_CHECK)
+security-check:
+	@${ECHO_MSG} "      WARNING: Security check has been disabled."
+.endif # !defined(DISABLE_SECURITY_CHECK)
 
 ################################################################
 # Skeleton targets start here
--- DISABLE_SECURITY_CHECK.diff ends here ---


>Release-Note:
>Audit-Trail:

From: =?iso-8859-1?Q?Bj=F6rn_K=F6nig?= <bkoenig@alpha-tierchen.de>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/122224: Disable security checks of ports optionally.
Date: Sat, 29 Mar 2008 08:19:48 +0100 (CET)

 Small fix up: the if-else-endif block should be within the
 !target(security-check) block.
 
 
Responsible-Changed-From-To: freebsd-ports-bugs->portmgr 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sat Mar 29 16:49:36 UTC 2008 
Responsible-Changed-Why:  
portmgr chow. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=122224 
State-Changed-From-To: open->analyzed 
State-Changed-By: pav 
State-Changed-When: Thu Apr 10 22:47:13 UTC 2008 
State-Changed-Why:  
Being tested in an exprun 

http://www.freebsd.org/cgi/query-pr.cgi?pr=122224 
State-Changed-From-To: analyzed->closed 
State-Changed-By: pav 
State-Changed-When: Mon Apr 14 16:48:09 UTC 2008 
State-Changed-Why:  
Committed, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=122224 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/122224: commit references a PR
Date: Mon, 14 Apr 2008 16:46:54 +0000 (UTC)

 pav         2008-04-14 16:46:41 UTC
 
   FreeBSD ports repository
 
   Modified files:
     Mk                   bsd.commands.mk bsd.port.mk 
   Log:
   Support @rmtry in pkg-plist, analogous to @dirrmtry but for single file rm.
   
   PR:             ports/116219
   Submitted by:   edwin
   
   Make USE_DISPLAY more general: set up virtual X server when USE_DISPLAY is
   defined and no DISPLAY variable is in environment; pass DISPLAY value in
   CONFIGURE_ENV and MAKE_ENV.
   
   PR:             ports/116244
   Submitted by:   edwin
   
   Define ${PW}.
   
   PR:             ports/119821
   Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>
   
   Move SHA256, MD5, GMAKE and XMKMF to bsd.commands.mk.
   
   PR:             ports/119879
   Submitted by:   edwin
   
   Fix a build failure for ports that define their own MTREE File.
   
   PR:             ports/120200
   Submitted by:   dinoex
   
   Don't recreate mtree symlinks if they are already present.
   
   PR:             ports/121681
   Submitted by:   sobomax
   
   Fix LIB_DEPENDS for libraries whose name contains plus sign. Both intuitive and
   old escaped syntax works.
   
   PR:             ports/121741 (based on)
   Submitted by:   fjoe
   
   Disable post-install security checks if DISABLE_SECURITY_CHECK variable is
   defined.
   
   PR:             ports/122224
   Submitted by:   Bjoern Koenig <bkoenig@alpha-tierchen.de>
   
   Remove versioned Tcl/Tk categories.
   
   PR:             ports/122622
   Submitted by:   pav
   
   Revision  Changes    Path
   1.3       +17 -1     ports/Mk/bsd.commands.mk
   1.592     +31 -29    ports/Mk/bsd.port.mk
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
