From db@trunet.dk  Fri Jun 24 15:41:53 2005
Return-Path: <db@trunet.dk>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4B92316A41C
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 24 Jun 2005 15:41:53 +0000 (GMT)
	(envelope-from db@trunet.dk)
Received: from cicero1.cybercity.dk (cicero1.cybercity.dk [212.242.40.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CCCB643D1F
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 24 Jun 2005 15:41:52 +0000 (GMT)
	(envelope-from db@trunet.dk)
Received: from user5.cybercity.dk (user5.cybercity.dk [212.242.41.51])
	by cicero1.cybercity.dk (Postfix) with ESMTP id B032E7E48D3
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 24 Jun 2005 17:41:50 +0200 (CEST)
Received: from work.trunet.dk (port132.ds1-arsy.adsl.cybercity.dk [212.242.239.73])
	by user5.cybercity.dk (Postfix) with ESMTP id 39E963A1BFA
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 24 Jun 2005 17:41:50 +0200 (CEST)
Message-Id: <1119634987.0@work.trunet.dk>
Date: Fri, 24 Jun 2005 17:43:07 -0000
From: "Daniel Blankensteiner" <db@trunet.dk>
To: "FreeBSD gnats submit" <FreeBSD-gnats-submit@freebsd.org>
Subject: Update port: security/lockdown 1.0.1 -> 2.0.0
X-Send-Pr-Version: gtk-send-pr 0.4.6 
X-GNATS-Notify:

>Number:         82614
>Category:       ports
>Synopsis:       Update port: security/lockdown 1.0.1 -> 2.0.0
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    lawrance
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jun 24 15:50:11 GMT 2005
>Closed-Date:    Fri Jun 24 17:04:46 GMT 2005
>Last-Modified:  Fri Jun 24 17:04:46 GMT 2005
>Originator:     Daniel Blankensteiner
>Release:        FreeBSD 5.4-RELEASE i386
>Organization:
>Environment:


System: FreeBSD 5.4-RELEASE #0: Sun May  8 10:21:06 UTC 2005
    root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC



>Description:





>How-To-Repeat:





>Fix:


diff -ruN /usr/ports/security/lockdown/Makefile security/lockdown/Makefile
--- /usr/ports/security/lockdown/Makefile	Mon May 10 13:14:21 2004
+++ security/lockdown/Makefile	Fri Jun 24 17:39:05 2005
@@ -6,21 +6,36 @@
 #
 
 PORTNAME=	lockdown
-PORTVERSION=	1.0.1
+PORTVERSION=	2.0.0
 CATEGORIES=	security
 MASTER_SITES=	http://lockdown.trunet.dk/ \
 		http://lockdown.loproc.dk/
 
 MAINTAINER=	db@TruNet.dk
-COMMENT=	Hardening system for FreeBSD
+COMMENT=	Hardening script for FreeBSD
 
-MAN1=		lockdown.1
+MAN1=		editfile.1
+MAN1=		editfstab.1
+MAN1=		editkernel.1
+MAN1=		editlogin.1
+MAN1=		editttys.1
+
+INSTALLS_SHLIB= yes
 
 WRKSRC=		${WRKDIR}/lockdown
 
 do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/lockdown ${PREFIX}/bin/lockdown
-	${INSTALL_MAN} ${WRKSRC}/lockdown.1 ${PREFIX}/man/man1/lockdown.1
-	${INSTALL_DATA} ${WRKSRC}/lockdown.conf.sample ${PREFIX}/etc/lockdown.conf.sample
+	${INSTALL_DATA} ${WRKSRC}/cppe/src/cppe.so ${PREFIX}/lib/libcppe.so
+	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editfile/src/editfile ${PREFIX}/bin/editfile
+	${INSTALL_MAN} ${WRKSRC}/edittools/editfile/doc/editfile.1 ${PREFIX}/man/man1/editfile.1
+	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editfstab/src/editfstab ${PREFIX}/bin/editfstab
+	${INSTALL_MAN} ${WRKSRC}/edittools/editfstab/doc/editfstab.1 ${PREFIX}/man/man1/editfstab.1
+	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editkernel/src/editkernel ${PREFIX}/bin/editkernel
+	${INSTALL_MAN} ${WRKSRC}/edittools/editkernel/doc/editkernel.1 ${PREFIX}/man/man1/editkernel.1
+	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editlogin/src/editlogin ${PREFIX}/bin/editlogin
+	${INSTALL_MAN} ${WRKSRC}/edittools/editlogin/doc/editlogin.1 ${PREFIX}/man/man1/editlogin.1
+	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editttys/src/editttys ${PREFIX}/bin/editttys
+	${INSTALL_MAN} ${WRKSRC}/edittools/editttys/doc/editttys.1 ${PREFIX}/man/man1/editttys.1
+	${INSTALL_SCRIPT} ${WRKSRC}/lockdown ${PREFIX}/bin/lockdown
 
 .include <bsd.port.mk>
diff -ruN /usr/ports/security/lockdown/distinfo security/lockdown/distinfo
--- /usr/ports/security/lockdown/distinfo	Mon May 10 13:14:21 2004
+++ security/lockdown/distinfo	Fri Jun 24 17:37:09 2005
@@ -1,2 +1,2 @@
-MD5 (lockdown-1.0.1.tar.gz) = c8b0a81e691c11bf75699ec270b780fa
-SIZE (lockdown-1.0.1.tar.gz) = 13532
+MD5 (lockdown-2.0.0.tar.gz) = 340786366b916aefc1b08d258e0add4a 
+SIZE (lockdown-2.0.0.tar.gz) = 63364 
diff -ruN /usr/ports/security/lockdown/pkg-descr security/lockdown/pkg-descr
--- /usr/ports/security/lockdown/pkg-descr	Mon May 10 13:14:21 2004
+++ security/lockdown/pkg-descr	Fri Jun 24 17:27:25 2005
@@ -1,12 +1,4 @@
-Lockdown is a hardening system written in C++ for FreeBSD
-and released under the BSD license.
-
-Lockdown was designed to harden FreeBSD's base system. It does
-so by editing the systems configuration files and set
-permissions, flags and ownership on SUID, GID and "information"
-files.  Lockdown was meant to be run only once (after a system
-install or upgrade), so you can quickly and without forgetting
-something, get a secure system.
+Lockdown is a script designed to harden a FreeBSD system by editing the system's configuration files and set permissions, flags and ownership on SUID, GID and "information" files. However, the main goal of lockdown is to centralize knowledge on how much you can harden the system without breaking it.
 
 Mirror:	http://lockdown.loproc.dk/
 WWW:	http://lockdown.TruNet.dk/
diff -ruN /usr/ports/security/lockdown/pkg-plist security/lockdown/pkg-plist
--- /usr/ports/security/lockdown/pkg-plist	Sun Feb 29 23:22:12 2004
+++ security/lockdown/pkg-plist	Thu Jun 23 00:48:29 2005
@@ -1,3 +1,7 @@
 @comment $FreeBSD: ports/security/lockdown/pkg-plist,v 1.1 2004/02/29 23:22:12 sergei Exp $
 bin/lockdown
-etc/lockdown.conf.sample
+bin/editfile
+bin/editfstab
+bin/editkernel
+bin/editlogin
+bin/editttys



>Release-Note:
>Audit-Trail:

From: db <db@traceroute.dk>
To: bug-followup@FreeBSD.org, db@trunet.dk
Cc:  
Subject: Re: ports/82614: Update port: security/lockdown 1.0.1 -> 2.0.0
Date: Fri, 24 Jun 2005 18:11:42 +0000

 --Boundary-00=_fzEvCMsaxU7tKY9
 Content-Type: text/plain;
   charset="us-ascii"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline
 
 Hi
 
 Forgot to remove some compiled objects, so please use this fix instead.
 
 br
 db
 
 --Boundary-00=_fzEvCMsaxU7tKY9
 Content-Type: text/x-diff;
   charset="us-ascii";
   name="fix"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
 	filename="fix"
 
 diff -ruN /usr/ports/security/lockdown/Makefile security/lockdown/Makefile
 --- /usr/ports/security/lockdown/Makefile	Mon May 10 13:14:21 2004
 +++ security/lockdown/Makefile	Fri Jun 24 17:55:33 2005
 @@ -6,21 +6,36 @@
  #
  
  PORTNAME=	lockdown
 -PORTVERSION=	1.0.1
 +PORTVERSION=	2.0.0
  CATEGORIES=	security
  MASTER_SITES=	http://lockdown.trunet.dk/ \
  		http://lockdown.loproc.dk/
  
  MAINTAINER=	db@TruNet.dk
 -COMMENT=	Hardening system for FreeBSD
 +COMMENT=	Hardening script for FreeBSD
  
 -MAN1=		lockdown.1
 +MAN1=		editfile.1
 +MAN1=		editfstab.1
 +MAN1=		editkernel.1
 +MAN1=		editlogin.1
 +MAN1=		editttys.1
 +
 +INSTALLS_SHLIB= yes
  
  WRKSRC=		${WRKDIR}/lockdown
  
  do-install:
 -	${INSTALL_PROGRAM} ${WRKSRC}/lockdown ${PREFIX}/bin/lockdown
 -	${INSTALL_MAN} ${WRKSRC}/lockdown.1 ${PREFIX}/man/man1/lockdown.1
 -	${INSTALL_DATA} ${WRKSRC}/lockdown.conf.sample ${PREFIX}/etc/lockdown.conf.sample
 +	${INSTALL_DATA} ${WRKSRC}/cppe/src/libcppe.so ${PREFIX}/lib/libcppe.so
 +	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editfile/src/editfile ${PREFIX}/bin/editfile
 +	${INSTALL_MAN} ${WRKSRC}/edittools/editfile/doc/editfile.1 ${PREFIX}/man/man1/editfile.1
 +	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editfstab/src/editfstab ${PREFIX}/bin/editfstab
 +	${INSTALL_MAN} ${WRKSRC}/edittools/editfstab/doc/editfstab.1 ${PREFIX}/man/man1/editfstab.1
 +	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editkernel/src/editkernel ${PREFIX}/bin/editkernel
 +	${INSTALL_MAN} ${WRKSRC}/edittools/editkernel/doc/editkernel.1 ${PREFIX}/man/man1/editkernel.1
 +	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editlogin/src/editlogin ${PREFIX}/bin/editlogin
 +	${INSTALL_MAN} ${WRKSRC}/edittools/editlogin/doc/editlogin.1 ${PREFIX}/man/man1/editlogin.1
 +	${INSTALL_PROGRAM} ${WRKSRC}/edittools/editttys/src/editttys ${PREFIX}/bin/editttys
 +	${INSTALL_MAN} ${WRKSRC}/edittools/editttys/doc/editttys.1 ${PREFIX}/man/man1/editttys.1
 +	${INSTALL_SCRIPT} ${WRKSRC}/lockdown ${PREFIX}/bin/lockdown
  
  .include <bsd.port.mk>
 diff -ruN /usr/ports/security/lockdown/distinfo security/lockdown/distinfo
 --- /usr/ports/security/lockdown/distinfo	Mon May 10 13:14:21 2004
 +++ security/lockdown/distinfo	Fri Jun 24 18:04:54 2005
 @@ -1,2 +1,2 @@
 -MD5 (lockdown-1.0.1.tar.gz) = c8b0a81e691c11bf75699ec270b780fa
 -SIZE (lockdown-1.0.1.tar.gz) = 13532
 +MD5 (lockdown-2.0.0.tar.gz) = e174c016c1980e1c80581da2d42d491b 
 +SIZE (lockdown-2.0.0.tar.gz) = 38792
 diff -ruN /usr/ports/security/lockdown/pkg-descr security/lockdown/pkg-descr
 --- /usr/ports/security/lockdown/pkg-descr	Mon May 10 13:14:21 2004
 +++ security/lockdown/pkg-descr	Fri Jun 24 17:27:25 2005
 @@ -1,12 +1,4 @@
 -Lockdown is a hardening system written in C++ for FreeBSD
 -and released under the BSD license.
 -
 -Lockdown was designed to harden FreeBSD's base system. It does
 -so by editing the systems configuration files and set
 -permissions, flags and ownership on SUID, GID and "information"
 -files.  Lockdown was meant to be run only once (after a system
 -install or upgrade), so you can quickly and without forgetting
 -something, get a secure system.
 +Lockdown is a script designed to harden a FreeBSD system by editing the system's configuration files and set permissions, flags and ownership on SUID, GID and "information" files. However, the main goal of lockdown is to centralize knowledge on how much you can harden the system without breaking it.
  
  Mirror:	http://lockdown.loproc.dk/
  WWW:	http://lockdown.TruNet.dk/
 diff -ruN /usr/ports/security/lockdown/pkg-plist security/lockdown/pkg-plist
 --- /usr/ports/security/lockdown/pkg-plist	Sun Feb 29 23:22:12 2004
 +++ security/lockdown/pkg-plist	Thu Jun 23 00:48:29 2005
 @@ -1,3 +1,7 @@
  @comment $FreeBSD: ports/security/lockdown/pkg-plist,v 1.1 2004/02/29 23:22:12 sergei Exp $
  bin/lockdown
 -etc/lockdown.conf.sample
 +bin/editfile
 +bin/editfstab
 +bin/editkernel
 +bin/editlogin
 +bin/editttys
 
 --Boundary-00=_fzEvCMsaxU7tKY9--
Responsible-Changed-From-To: freebsd-ports-bugs->lawrance 
Responsible-Changed-By: lawrance 
Responsible-Changed-When: Fri Jun 24 16:41:24 GMT 2005 
Responsible-Changed-Why:  
Take 

http://www.freebsd.org/cgi/query-pr.cgi?pr=82614 
State-Changed-From-To: open->closed 
State-Changed-By: lawrance 
State-Changed-When: Fri Jun 24 17:02:34 GMT 2005 
State-Changed-Why:  
Committed, thanks! 
(with a few little changes to MAN1, do-install target and pkg-descr) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=82614 
>Unformatted:
