From louie@whizzo.transsys.com  Wed May 24 14:50:52 2000
Return-Path: <louie@whizzo.transsys.com>
Received: from whizzo.transsys.com (whizzo.TransSys.COM [144.202.42.10])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3047037B6F8; Wed, 24 May 2000 14:50:49 -0700 (PDT)
	(envelope-from louie@whizzo.transsys.com)
Received: (from louie@localhost)
	by whizzo.transsys.com (8.9.3/8.9.1) id RAA94526;
	Wed, 24 May 2000 17:50:47 -0400 (EDT)
	(envelope-from louie)
Message-Id: <200005242150.RAA94526@whizzo.transsys.com>
Date: Wed, 24 May 2000 17:50:47 -0400 (EDT)
From: Louis Mamakos <louie@TransSys.COM>
Sender: louie@whizzo.transsys.com
Reply-To: louie@TransSys.COM
To: FreeBSD-gnats-submit@freebsd.org, green@freebsd.org
Subject: security/cfs ports installation fix
X-Send-Pr-Version: 3.2

>Number:         18800
>Category:       ports
>Synopsis:       security/cfs ports installation fix
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    green
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 24 15:00:00 PDT 2000
>Closed-Date:    Wed Jun 08 11:11:45 GMT 2005
>Last-Modified:  Wed Jun 08 11:11:45 GMT 2005
>Originator:     Louis Mamakos
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:

FreeBSD 5.0-current from a couple of weeks ago.  New version of
cfs port.

>Description:

The /usr/local/etc/rc.d/cfs.sh start-up script is incomplete

>How-To-Repeat:

Run it, and notice that /crypt isn't mounted.

>Fix:

How about a version like this instead:

#!/bin/sh

case "$1" in
start)
	if [ -x /usr/local/sbin/cfsd ]; then
	    echo -n ' [cfs'  > /dev/console
		/usr/local/sbin/cfsd && mount -o port=3049,intr localhost:/null /crypt
		echo -n ']' > /dev/console
	fi
	;;
*)
	exit
	;;
esac




>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports->green 
Responsible-Changed-By: steve 
Responsible-Changed-When: Sun May 28 19:05:40 PDT 2000 
Responsible-Changed-Why:  
Over to port's maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=18800 
State-Changed-From-To: open->suspended 
State-Changed-By: green 
State-Changed-When: Sat Sep 30 12:01:40 PDT 2000 
State-Changed-Why:  
Can you think of an optimal way to do this that will work nicely for a 
default in all cases?  The point is that I don't think there is one -- 
I think this program just plain needs special assistance to set up. 
Thanks for the suggestion; if I can think of something that will really 
do the right thing in all cases, instead of doing weird stuff in some 
cases, I'll try to incorporate it. 

From: "Louis A. Mamakos" <louie@TransSys.COM>
To: freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: ports/18800: security/cfs ports installation fix
Date: Sun, 17 Dec 2000 23:40:07 -0500

 I had occasion to re-install the CFS port, and the cause of this PR
 is still broken:  you've got to perform the 
 
  mount -o port=3049,intr localhost:/null /crypt
 
 operation for this port to function.  Additionally, the /null bootstrap
 mount point also needs to be created, either by the package install or
 perhaps in the start-up script.  And the /etc/exports file needs to
 be updated with a line to export /null to localhost.
 
 I don't believe that this port is actually usable unless you do these
 thing.  If this isn't the case, I'd sure like to hear about it.  The
 README.install file in the CFS distribution discusses this pretty 
 clearly.
 
 

From: Bugghy <bugghy@rootshell.be>
To: freebsd-gnats-submit@FreeBSD.org, louie@TransSys.COM
Cc:  
Subject: Re: ports/18800: security/cfs ports installation fix
Date: Sun, 12 Sep 2004 13:55:17 +0000

 I found this to fix some errors:
 mount -o port=3049,intr,nfsv2,noinet6 127.0.0.1:/null /crypt
 
 Reason:
 	some ipv6 related errors
 	freezes (can't resolve hostname I guess) if you have "::1 localhost" in
 /etc/hosts before "127.0.0.1 localhost"
 
 		Bugghy
 

From: Florent Thoumie <flz@xbsd.org>
To: louie@TransSys.COM, freebsd-gnats-submit@FreeBSD.org
Cc: green@FreeBSD.org
Subject: Re: ports/18800: security/cfs ports installation fix
Date: Tue, 12 Apr 2005 15:47:17 +0200

 	What's the issue here ?
 
 	If that's just to say that there are some options to use to make
 	it works on FreeBSD, I guess we can just move this information 
 	from pkg-descr (shouldn't be here btw) to pkg-message.
 
 	If that's to automate /crypt mount, I think that's a really bad 
 	idea since people don't want to use /crypt is all case.
 
 -- 
 Florent Thoumie
 flz@xbsd.org
 
State-Changed-From-To: suspended->closed 
State-Changed-By: flz 
State-Changed-When: Tue Apr 12 14:31:08 GMT 2005 
State-Changed-Why:  
Brian doesn't want /crypt to be mounted automatically. 

Thank you for your submission anyway. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=18800 

From: Jean-Yves Lefort <jylefort@FreeBSD.org>
To: bug-followup@FreeBSD.org,louie@TransSys.COM,green@FreeBSD.org
Cc:  
Subject: Re: ports/18800: security/cfs ports installation fix
Date: Wed, 8 Jun 2005 03:18:28 +0200

 Brian, please approve or commit the following patch:
 
   - convert cfsd.sh to rcNG
   - add a CFS bootstrap directory to the port (${PREFIX}/cfsd-bootstrap)
   - mount that CFS bootstrap directory in cfsd.sh (default mountpoint is
     /crypt, configurable in /etc/rc.conf)
   - explain how to quickly setup cfsd in pkg-message
   - do display pkg-message
   - while here, use USE_RC_SUBR
 
 Thanks
 
 diff -ruN /usr/ports/security/cfs/Makefile cfs/Makefile
 --- /usr/ports/security/cfs/Makefile	Tue Apr 12 11:06:25 2005
 +++ cfs/Makefile	Wed Jun  8 01:54:20 2005
 @@ -7,7 +7,7 @@
  
  PORTNAME=	cfs
  PORTVERSION=	1.4.1
 -PORTREVISION=	3
 +PORTREVISION=	4
  CATEGORIES=	security
  MASTER_SITES=	http://www.crypto.com/software/
  
 @@ -19,6 +19,12 @@
  MAN1=		cattach.1 cdetach.1 cmkdir.1 cpasswd.1 cfssh.1
  MAN8=		ccat.8 cfsd.8 cname.8
  
 +CFSD_BOOTSTRAP=	${PREFIX}/cfsd-bootstrap
 +USE_RC_SUBR=	cfsd.sh
 +SUB_FILES=	pkg-message
 +SUB_LIST=	CFSD_BOOTSTRAP=${CFSD_BOOTSTRAP}
 +PLIST_SUB=	CFSD_BOOTSTRAP=${CFSD_BOOTSTRAP}
 +
  post-patch:
  	${REINPLACE_CMD} 's/^\.TH SSH/.TH CFSSH/' ${WRKSRC}/cfssh.1
  
 @@ -31,8 +37,7 @@
  	    ${INSTALL_MAN} ${MAN8} ${PREFIX}/man/man8; \
  	    ${MKDIR} ${PREFIX}/share/doc/cfs; \
  	    ${INSTALL_DATA} README.install notes.ms ${PREFIX}/share/doc/cfs
 -	@if [ ! -f ${PREFIX}/etc/rc.d/cfsd.sh ]; then \
 -		${INSTALL_SCRIPT} -m 751 ${FILESDIR}/cfsd.sh ${PREFIX}/etc/rc.d/cfsd.sh; \
 -	fi
 +	${INSTALL} -d ${_BINOWNGRP} -m 0 ${CFSD_BOOTSTRAP}
 +	@${CAT} ${PKGMESSAGE}
  
  .include <bsd.port.mk>
 diff -ruN /usr/ports/security/cfs/files/cfsd.sh cfs/files/cfsd.sh
 --- /usr/ports/security/cfs/files/cfsd.sh	Tue Jul 18 05:42:14 2000
 +++ cfs/files/cfsd.sh	Thu Jan  1 01:00:00 1970
 @@ -1,20 +0,0 @@
 -#!/bin/sh
 -
 -if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then
 -    echo "$0: Cannot determine the PREFIX" >&2
 -    exit 1
 -fi
 -
 -case "$1" in
 -start)
 -	[ -x ${PREFIX}/sbin/cfsd ] && ${PREFIX}/sbin/cfsd > /dev/null 2>&1 && echo -n ' cfsd'
 -	;;
 -stop)
 -	killall cfsd && echo -n ' cfsd'
 -	;;
 -*)
 -	echo "Usage: `basename $0` {start|stop}" >&2
 -	;;
 -esac
 -
 -exit 0
 diff -ruN /usr/ports/security/cfs/files/cfsd.sh.in cfs/files/cfsd.sh.in
 --- /usr/ports/security/cfs/files/cfsd.sh.in	Thu Jan  1 01:00:00 1970
 +++ cfs/files/cfsd.sh.in	Wed Jun  8 02:21:58 2005
 @@ -0,0 +1,51 @@
 +#!/bin/sh
 +#
 +# $FreeBSD$
 +#
 +
 +# PROVIDE: cfsd
 +# REQUIRE: mountd
 +
 +#
 +# Add the following line to /etc/rc.conf to enable cfsd:
 +#
 +# cfsd_enable="YES"
 +#
 +# Additional options:
 +#
 +# cfsd_port="3049"		# the port to listen to
 +# cfsd_mountpoint="/crypt"	# the CFS mountpoint
 +#
 +
 +. %%RC_SUBR%%
 +
 +name="cfsd"
 +rcvar=`set_rcvar`
 +
 +command="%%PREFIX%%/sbin/cfsd"
 +start_postcmd="cfsd_poststart"
 +stop_precmd="cfsd_prestop"
 +
 +cfsd_poststart()
 +{
 +	if [ -n "$cfsd_mountpoint" ]; then
 +		mount -o port="$cfsd_port",nfsv2 localhost:%%CFSD_BOOTSTRAP%% "$cfsd_mountpoint"
 +	fi
 +}
 +
 +cfsd_prestop()
 +{
 +	if [ -n "$cfsd_mountpoint" ]; then
 +		umount "$cfsd_mountpoint"
 +	fi
 +}
 +
 +load_rc_config $name
 +: ${cfsd_enable="NO"}
 +: ${cfsd_port="3049"}
 +: ${cfsd_mountpoint="/crypt"}
 +
 +command_args="$cfsd_port >/dev/null 2>&1"
 +required_dirs="%%CFSD_BOOTSTRAP%% $cfsd_mountpoint"
 +
 +run_rc_command "$1"
 diff -ruN /usr/ports/security/cfs/files/pkg-message.in cfs/files/pkg-message.in
 --- /usr/ports/security/cfs/files/pkg-message.in	Thu Jan  1 01:00:00 1970
 +++ cfs/files/pkg-message.in	Wed Jun  8 02:49:01 2005
 @@ -0,0 +1,27 @@
 +===============================================================================
 +Quick start instructions:
 +
 +  - add the following entry to /etc/exports:
 +
 +    %%CFSD_BOOTSTRAP%% localhost
 +
 +  - create the default CFS mountpoint (if you want to use a different
 +    mountpoint, set the cfsd_mountpoint variable in /etc/rc.conf):
 +
 +    mkdir /crypt
 +
 +  - enable rpcbind, mountd and cfsd in /etc/rc.conf:
 +
 +    FreeBSD 4.x:
 +
 +      portmap_enable="YES"
 +      single_mountd_enable="YES"
 +      cfsd_enable="YES"
 +
 +    FreeBSD 5.x:
 +
 +      mountd_enable="YES"
 +      cfsd_enable="YES"
 +
 +  - reboot the system
 +===============================================================================
 diff -ruN /usr/ports/security/cfs/pkg-descr cfs/pkg-descr
 --- /usr/ports/security/cfs/pkg-descr	Tue Apr 12 11:06:25 2005
 +++ cfs/pkg-descr	Wed Jun  8 01:41:16 2005
 @@ -8,9 +8,6 @@
  
      http://www.crypto.com/papers/cfs.pdf
  
 -Under FreeBSD, the mount command for the CFS tree must include
 -"-o port=3049,nfsv2".
 -
  WWW: http://www.crypto.com/software/
  
  John Polstra <jdp@polstra.com>
 diff -ruN /usr/ports/security/cfs/pkg-message cfs/pkg-message
 --- /usr/ports/security/cfs/pkg-message	Mon Feb  3 16:37:54 2003
 +++ cfs/pkg-message	Thu Jan  1 01:00:00 1970
 @@ -1,2 +0,0 @@
 -Please make sure to edit rc.conf(5) to include -L in the flags for
 -rpcbind(8) if necessary.
 diff -ruN /usr/ports/security/cfs/pkg-plist cfs/pkg-plist
 --- /usr/ports/security/cfs/pkg-plist	Mon Jun  5 05:31:19 2000
 +++ cfs/pkg-plist	Wed Jun  8 01:51:11 2005
 @@ -3,10 +3,11 @@
  bin/cmkdir
  bin/cpasswd
  bin/cfssh
 -etc/rc.d/cfsd.sh
  sbin/ccat
  sbin/cfsd
  sbin/cname
  share/doc/cfs/README.install
  share/doc/cfs/notes.ms
 +@exec install -d -o root -g wheel -m 0 %%CFSD_BOOTSTRAP%% 2>/dev/null || true
 +@unexec rmdir %%CFSD_BOOTSTRAP%% 2>/dev/null || true
  @dirrm share/doc/cfs
 
 -- 
 Jean-Yves Lefort
 
 jylefort@FreeBSD.org
 http://lefort.be.eu.org/
State-Changed-From-To: closed->open 
State-Changed-By: jylefort 
State-Changed-When: Wed Jun 8 01:20:15 GMT 2005 
State-Changed-Why:  
Solution provided. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=18800 
State-Changed-From-To: open->closed 
State-Changed-By: jylefort 
State-Changed-When: Wed Jun 8 11:11:37 GMT 2005 
State-Changed-Why:  
Brian approved. Committed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=18800 
>Unformatted:
