reorganizing FreeBSD port to make it clearer where it in /usr/ports and to make it...
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Thu, 30 Oct 2008 21:25:40 +0000 (17:25 -0400)
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Thu, 30 Oct 2008 21:25:40 +0000 (17:25 -0400)
18 files changed:
packaging/freebsd/Makefile [deleted file]
packaging/freebsd/distinfo [deleted file]
packaging/freebsd/files/patch-etclocation [deleted file]
packaging/freebsd/files/patch-sharelocation [deleted file]
packaging/freebsd/files/patch-varlocation [deleted file]
packaging/freebsd/pkg-deinstall [deleted file]
packaging/freebsd/pkg-descr [deleted file]
packaging/freebsd/pkg-install [deleted file]
packaging/freebsd/pkg-plist [deleted file]
packaging/freebsd/security/monkeysphere/Makefile [new file with mode: 0644]
packaging/freebsd/security/monkeysphere/distinfo [new file with mode: 0644]
packaging/freebsd/security/monkeysphere/files/patch-etclocation [new file with mode: 0644]
packaging/freebsd/security/monkeysphere/files/patch-sharelocation [new file with mode: 0644]
packaging/freebsd/security/monkeysphere/files/patch-varlocation [new file with mode: 0644]
packaging/freebsd/security/monkeysphere/pkg-deinstall [new file with mode: 0755]
packaging/freebsd/security/monkeysphere/pkg-descr [new file with mode: 0644]
packaging/freebsd/security/monkeysphere/pkg-install [new file with mode: 0755]
packaging/freebsd/security/monkeysphere/pkg-plist [new file with mode: 0644]

diff --git a/packaging/freebsd/Makefile b/packaging/freebsd/Makefile
deleted file mode 100644 (file)
index 984bc87..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-# New ports collection makefile for:   monkeysphere
-# Date created:        2008-09-11 23:38:27-0400
-# Whom:                Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-#
-# $FreeBSD$
-#
-
-PORTNAME=      monkeysphere
-PORTVERSION=   0.19
-CATEGORIES=    security
-MASTER_SITES=  http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/
-# hack for debian orig tarballs
-DISTFILES=      ${PORTNAME}_${DISTVERSION}.orig.tar.gz
-
-MAINTAINER=    dkg@fifthhorseman.net
-COMMENT=       use the OpenPGP web of trust to verify ssh connections
-
-LIB_DEPENDS=   gnutls.26:${PORTSDIR}/security/gnutls
-RUN_DEPENDS=    base64:${PORTSDIR}/converters/base64 \
-               gpg:${PORTSDIR}/security/gnupg1 \
-               lockfile:${PORTSDIR}/mail/procmail \
-               /usr/local/bin/getopt:${PORTSDIR}/misc/getopt \
-               bash:${PORTSDIR}/shells/bash
-
-MAN1=          monkeysphere.1 openpgp2ssh.1 monkeysphere-ssh-proxycommand.1
-MAN7=          monkeysphere.7
-MAN8=          monkeysphere-server.8
-MANCOMPRESSED= yes
-
-MAKE_ARGS= ETCPREFIX=${PREFIX} MANPREFIX=${PREFIX}/man ETCSUFFIX=.sample
-
-# get rid of cruft after the patching:
-post-patch:
-       find . -iname '*.orig' -delete
-
-post-install:
-       @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-host.conf ]; then \
-               ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-host.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-host.conf ; \
-       fi
-       @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ]; then \
-               ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ; \
-       fi
-       @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \
-               ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere.conf ; \
-       fi
-       @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ]; then \
-               ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ; \
-       fi
-.if !defined(PACKAGE_BUILDING)
-       @${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
-.endif
-
-post-deinstall:
-       @${SETENV} ${SH} ${PKGDEINSTALL} ${PKGNAME} POST-DEINSTALL
-
-.include <bsd.port.mk>
diff --git a/packaging/freebsd/distinfo b/packaging/freebsd/distinfo
deleted file mode 100644 (file)
index 86aecd1..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 (monkeysphere_0.19.orig.tar.gz) = 64c643dd0ab642bbc8814aec1718000e
-SHA256 (monkeysphere_0.19.orig.tar.gz) = 321b77c1e10fe48ffbef8491893f5dd22842c35c11464efa7893150ce756a522
-SIZE (monkeysphere_0.19.orig.tar.gz) = 68335
diff --git a/packaging/freebsd/files/patch-etclocation b/packaging/freebsd/files/patch-etclocation
deleted file mode 100644 (file)
index 2ab3ac0..0000000
+++ /dev/null
@@ -1,54 +0,0 @@
-diff --git etc/monkeysphere-server.conf etc/monkeysphere-server.conf
-index c001f2d..d33fd36 100644
---- etc/monkeysphere-server.conf
-+++ etc/monkeysphere-server.conf
-@@ -17,7 +17,7 @@
- # authorized_keys file.  '%h' will be replaced by the home directory
- # of the user, and %u will be replaced by the username of the user.
- # For purely admin-controlled authorized_user_ids, you might put them
--# in /etc/monkeysphere/authorized_user_ids/%u, for instance.
-+# in /usr/local/etc/monkeysphere/authorized_user_ids/%u, for instance.
- #AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids"
- # Whether to add user controlled authorized_keys file to
-diff --git man/man1/monkeysphere.1 man/man1/monkeysphere.1
-index 3ece735..09320d2 100644
---- man/man1/monkeysphere.1
-+++ man/man1/monkeysphere.1
-@@ -111,7 +111,7 @@ Path to ssh authorized_keys file (~/.ssh/authorized_keys).
- ~/.monkeysphere/monkeysphere.conf
- User monkeysphere config file.
- .TP
--/etc/monkeysphere/monkeysphere.conf
-+/usr/local/etc/monkeysphere/monkeysphere.conf
- System-wide monkeysphere config file.
- .TP
- ~/.monkeysphere/authorized_user_ids
-diff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
-index f207e2c..360408e 100644
---- man/man8/monkeysphere-server.8
-+++ man/man8/monkeysphere-server.8
-@@ -203,10 +203,10 @@ User to control authentication keychain (monkeysphere).
- .SH FILES
- .TP
--/etc/monkeysphere/monkeysphere-server.conf
-+/usr/local/etc/monkeysphere/monkeysphere-server.conf
- System monkeysphere-server config file.
- .TP
--/etc/monkeysphere/monkeysphere.conf
-+/usr/local/etc/monkeysphere/monkeysphere.conf
- System-wide monkeysphere config file.
- .TP
- /var/lib/monkeysphere/authorized_keys/USER
---- src/common.orig    2008-10-12 14:58:00.000000000 -0400
-+++ src/common 2008-10-25 17:40:34.000000000 -0400
-@@ -16,7 +16,7 @@
- ### COMMON VARIABLES
- # managed directories
--SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
-+SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/usr/local/etc/monkeysphere"}
- export SYSCONFIGDIR
- ########################################################################
diff --git a/packaging/freebsd/files/patch-sharelocation b/packaging/freebsd/files/patch-sharelocation
deleted file mode 100644 (file)
index 99c9604..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
---- src/monkeysphere.orig      2008-10-12 14:58:00.000000000 -0400
-+++ src/monkeysphere   2008-10-25 17:41:41.000000000 -0400
-@@ -13,7 +13,7 @@
- ########################################################################
- PGRM=$(basename $0)
--SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
-+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
- export SYSSHAREDIR
- . "${SYSSHAREDIR}/common" || exit 1
---- src/monkeysphere-server.orig       2008-10-25 14:17:50.000000000 -0400
-+++ src/monkeysphere-server    2008-10-25 17:42:50.000000000 -0400
-@@ -13,7 +13,7 @@
- ########################################################################
- PGRM=$(basename $0)
--SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
-+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
- export SYSSHAREDIR
- . "${SYSSHAREDIR}/common" || exit 1
diff --git a/packaging/freebsd/files/patch-varlocation b/packaging/freebsd/files/patch-varlocation
deleted file mode 100644 (file)
index c4d8dcd..0000000
+++ /dev/null
@@ -1,90 +0,0 @@
-diff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
-index f207e2c..29c7b6a 100644
---- man/man8/monkeysphere-server.8
-+++ man/man8/monkeysphere-server.8
-@@ -128,7 +128,7 @@ command to push the key to a keyserver.  You must also modify the
- sshd_config on the server to tell sshd where the new server host key
- is located:
--HostKey /var/lib/monkeysphere/ssh_host_rsa_key
-+HostKey /var/monkeysphere/ssh_host_rsa_key
- In order for users logging into the system to be able to verify the
- host via the monkeysphere, at least one person (e.g. a server admin)
-@@ -170,7 +170,7 @@ users.  You must also tell sshd to look at the monkeysphere-generated
- authorized_keys file for user authentication by setting the following
- in the sshd_config:
--AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
-+AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
- It is recommended to add "monkeysphere-server update-users" to a
- system crontab, so that user keys are kept up-to-date, and key
-@@ -209,17 +209,17 @@ System monkeysphere-server config file.
- /etc/monkeysphere/monkeysphere.conf
- System-wide monkeysphere config file.
- .TP
--/var/lib/monkeysphere/authorized_keys/USER
-+/var/monkeysphere/authorized_keys/USER
- Monkeysphere-generated user authorized_keys files.
- .TP
--/var/lib/monkeysphere/ssh_host_rsa_key
-+/var/monkeysphere/ssh_host_rsa_key
- Copy of the host's private key in ssh format, suitable for use by
- sshd.
- .TP
--/var/lib/monkeysphere/gnupg-host
-+/var/monkeysphere/gnupg-host
- Monkeysphere host GNUPG home directory.
- .TP
--/var/lib/monkeysphere/gnupg-authentication
-+/var/monkeysphere/gnupg-authentication
- Monkeysphere authentication GNUPG home directory.
- .SH AUTHOR
-diff --git doc/getting-started-admin.mdwn doc/getting-started-admin.mdwn
-index 6c8ad53..67fdda1 100644
---- doc/getting-started-admin.mdwn
-+++ doc/getting-started-admin.mdwn
-@@ -30,7 +30,7 @@ To use the newly-generated host key for ssh connections, put the
- following line in `/etc/ssh/sshd_config` (be sure to remove references
- to any other keys):
--      HostKey /var/lib/monkeysphere/ssh_host_rsa_key
-+      HostKey /var/monkeysphere/ssh_host_rsa_key
- FIXME: should we just suggest symlinks in the filesystem here instead?
-@@ -40,7 +40,7 @@ To enable users to use the monkeysphere to authenticate using the
- OpenPGP web of trust, add this line to `/etc/ssh/sshd_config` (again,
- making sure that no other AuthorizedKeysFile directive exists):
--      AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
-+      AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
- And then read the section below about how to ensure these files are
- maintained.  You'll need to restart `sshd` to have your changes take
---- src/monkeysphere-server.orig       2008-10-25 18:01:19.000000000 -0400
-+++ src/monkeysphere-server    2008-10-25 18:01:24.000000000 -0400
-@@ -17,7 +17,7 @@
- export SYSSHAREDIR
- . "${SYSSHAREDIR}/common" || exit 1
--SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
-+SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/monkeysphere"}
- export SYSDATADIR
- # UTC date in ISO 8601 format if needed
---- etc/gnupg-authentication.conf.orig 2008-10-25 18:02:58.000000000 -0400
-+++ etc/gnupg-authentication.conf      2008-10-25 18:03:04.000000000 -0400
-@@ -4,8 +4,8 @@
- # It is highly recommended that you
- #    DO NOT MODIFY
- # these variables.
--primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg
--keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg
-+primary-keyring /var/monkeysphere/gnupg-authentication/pubring.gpg
-+keyring /var/monkeysphere/gnupg-host/pubring.gpg
- # PGP keyserver to use for PGP queries.
- keyserver hkp://pgp.mit.edu
diff --git a/packaging/freebsd/pkg-deinstall b/packaging/freebsd/pkg-deinstall
deleted file mode 100755 (executable)
index 3000878..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-
-# a package removal script for monkeysphere (borrowing from
-# monkeysphere's debian/monkeysphere.postrm)
-
-# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-# Copyright 2008
-
-# FIXME: is /var/lib/monkeysphere the right place for this stuff on
-# FreeBSD?
-VARLIB="/var/monkeysphere"
-
-
-case $2 in
-POST-DEINSTALL)
-        USER=monkeysphere
-# FIXME: This doesn't do anything!  Under what circumstances do we
-# want to actually automatically purge all of /var/monkeysphere?
-
-# (note: FreeBSD does not seem to want the package-specific user to be
-# purged at package removal)
-       if pw user show "${USER}" 2>/dev/null >/dev/null; then
-           echo "Warning: If you will *NOT* use this package anymore, please remove the monkeysphere user manually."
-       fi
-       if [ -d "$VARLIB" ] ; then
-           echo "Warning: You may want to remove monkeysphere's cached authentication data and keyrings in $VARLIB"
-       fi
-;;
-esac
diff --git a/packaging/freebsd/pkg-descr b/packaging/freebsd/pkg-descr
deleted file mode 100644 (file)
index 9adc44f..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-SSH key-based authentication is tried-and-true, but it lacks a true
-Public Key Infrastructure for key certification, revocation and
-expiration.  Monkeysphere is a framework that uses the OpenPGP web of
-trust for these PKI functions.  It can be used in both directions: for
-users to get validated host keys, and for hosts to authenticate users.
-
-WWW: http://web.monkeysphere.info/
diff --git a/packaging/freebsd/pkg-install b/packaging/freebsd/pkg-install
deleted file mode 100755 (executable)
index 70d37b5..0000000
+++ /dev/null
@@ -1,72 +0,0 @@
-#!/bin/sh
-
-# an installation script for monkeysphere (borrowing liberally from
-# postgresql and mysql pkg-install scripts, and from monkeysphere's
-# debian/monkeysphere.postinst)
-
-# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-# Copyright 2008
-
-# FIXME: is /var/lib/monkeysphere the right place for this stuff on
-# FreeBSD?
-
-# PostgreSQL puts its data in /usr/local/pgsql/data
-
-# MySQL puts its data in /var/db/mysql
-
-VARLIB="/var/monkeysphere"
-ETCDIR="/usr/local/etc/monkeysphere"
-
-case $2 in
-POST-INSTALL)
-        USER=monkeysphere
-        GROUP=${USER}
-        UID=641
-        GID=${UID}
-        SHELL=/usr/local/bin/bash
-
-        if pw group show "${GROUP}" >/dev/null 2>&1; then
-                echo "You already have a group \"${GROUP}\", so I will use it."
-        else
-                if pw groupadd ${GROUP} -g ${GID}; then
-                        echo "Added group \"${GROUP}\"."
-                else
-                        echo "Adding group \"${GROUP}\" failed..."
-                        exit 1
-                fi
-        fi
-
-       if pw user show "${USER}" >/dev/null 2>&1; then
-            oldshell=`pw user show "${USER}" 2>/dev/null | cut -f10 -d:`
-           if [ x"$oldshell" != x"$SHELL" ]; then
-               echo "You already have a \"${USER}\" user, but its shell is '$oldshell'."
-               echo "This package requires that \"${USER}\"'s shell be '$SHELL'."
-               echo "You should fix this by hand and then re-install the package."
-               echo "   hint: pw usermod '$USER' -s '$SHELL'"
-               exit 1
-           fi
-            echo "You already have a user \"${USER}\" with the proper shell, so I will use it."
-        else
-                if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
-                        -d "$VARLIB" -s /usr/local/bin/bash -c "monkeysphere authentication user,,,"
-                then
-                        echo "Added user \"${USER}\"."
-                else
-                        echo "Adding user \"${USER}\" failed..."
-                        exit 1
-                fi
-        fi
-
-       ## set up the cache directories, and link them to the config files:
-
-       install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host
-       ln -sf "$ETCDIR"/gnupg-host.conf  "$VARLIB"/gnupg-host/gpg.conf
-
-       install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authentication
-       ln -sf "$ETCDIR"/gnupg-authentication.conf  "$VARLIB"/gnupg-authentication/gpg.conf
-
-       install -d "$VARLIB"/tmp "$VARLIB"/authorized_keys
-
-       monkeysphere-server diagnostics
-        ;;
-esac
diff --git a/packaging/freebsd/pkg-plist b/packaging/freebsd/pkg-plist
deleted file mode 100644 (file)
index 04a704a..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-sbin/monkeysphere-server
-share/doc/monkeysphere/TODO
-share/doc/monkeysphere/MonkeySpec
-share/doc/monkeysphere/getting-started-user.mdwn
-share/doc/monkeysphere/getting-started-admin.mdwn
-bin/openpgp2ssh
-bin/monkeysphere-ssh-proxycommand
-bin/monkeysphere
-share/monkeysphere/common
-@unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/monkeysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere.conf; fi
-etc/monkeysphere/monkeysphere.conf.sample
-@exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/%F %B/monkeysphere.conf; fi
-@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-server.conf.sample %D/etc/monkeysphere/monkeysphere-server.conf; then rm -f %D/etc/monkeysphere/monkeysphere-server.conf; fi
-etc/monkeysphere/monkeysphere-server.conf.sample
-@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-server.conf ] ; then cp -p %D/%F %B/monkeysphere-server.conf; fi
-@dirrm share/doc/monkeysphere
-@dirrm share/monkeysphere
-@dirrm etc/monkeysphere
diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile
new file mode 100644 (file)
index 0000000..984bc87
--- /dev/null
@@ -0,0 +1,56 @@
+# New ports collection makefile for:   monkeysphere
+# Date created:        2008-09-11 23:38:27-0400
+# Whom:                Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+#
+# $FreeBSD$
+#
+
+PORTNAME=      monkeysphere
+PORTVERSION=   0.19
+CATEGORIES=    security
+MASTER_SITES=  http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/
+# hack for debian orig tarballs
+DISTFILES=      ${PORTNAME}_${DISTVERSION}.orig.tar.gz
+
+MAINTAINER=    dkg@fifthhorseman.net
+COMMENT=       use the OpenPGP web of trust to verify ssh connections
+
+LIB_DEPENDS=   gnutls.26:${PORTSDIR}/security/gnutls
+RUN_DEPENDS=    base64:${PORTSDIR}/converters/base64 \
+               gpg:${PORTSDIR}/security/gnupg1 \
+               lockfile:${PORTSDIR}/mail/procmail \
+               /usr/local/bin/getopt:${PORTSDIR}/misc/getopt \
+               bash:${PORTSDIR}/shells/bash
+
+MAN1=          monkeysphere.1 openpgp2ssh.1 monkeysphere-ssh-proxycommand.1
+MAN7=          monkeysphere.7
+MAN8=          monkeysphere-server.8
+MANCOMPRESSED= yes
+
+MAKE_ARGS= ETCPREFIX=${PREFIX} MANPREFIX=${PREFIX}/man ETCSUFFIX=.sample
+
+# get rid of cruft after the patching:
+post-patch:
+       find . -iname '*.orig' -delete
+
+post-install:
+       @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-host.conf ]; then \
+               ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-host.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-host.conf ; \
+       fi
+       @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ]; then \
+               ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ; \
+       fi
+       @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \
+               ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere.conf ; \
+       fi
+       @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ]; then \
+               ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ; \
+       fi
+.if !defined(PACKAGE_BUILDING)
+       @${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+.endif
+
+post-deinstall:
+       @${SETENV} ${SH} ${PKGDEINSTALL} ${PKGNAME} POST-DEINSTALL
+
+.include <bsd.port.mk>
diff --git a/packaging/freebsd/security/monkeysphere/distinfo b/packaging/freebsd/security/monkeysphere/distinfo
new file mode 100644 (file)
index 0000000..86aecd1
--- /dev/null
@@ -0,0 +1,3 @@
+MD5 (monkeysphere_0.19.orig.tar.gz) = 64c643dd0ab642bbc8814aec1718000e
+SHA256 (monkeysphere_0.19.orig.tar.gz) = 321b77c1e10fe48ffbef8491893f5dd22842c35c11464efa7893150ce756a522
+SIZE (monkeysphere_0.19.orig.tar.gz) = 68335
diff --git a/packaging/freebsd/security/monkeysphere/files/patch-etclocation b/packaging/freebsd/security/monkeysphere/files/patch-etclocation
new file mode 100644 (file)
index 0000000..2ab3ac0
--- /dev/null
@@ -0,0 +1,54 @@
+diff --git etc/monkeysphere-server.conf etc/monkeysphere-server.conf
+index c001f2d..d33fd36 100644
+--- etc/monkeysphere-server.conf
++++ etc/monkeysphere-server.conf
+@@ -17,7 +17,7 @@
+ # authorized_keys file.  '%h' will be replaced by the home directory
+ # of the user, and %u will be replaced by the username of the user.
+ # For purely admin-controlled authorized_user_ids, you might put them
+-# in /etc/monkeysphere/authorized_user_ids/%u, for instance.
++# in /usr/local/etc/monkeysphere/authorized_user_ids/%u, for instance.
+ #AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids"
+ # Whether to add user controlled authorized_keys file to
+diff --git man/man1/monkeysphere.1 man/man1/monkeysphere.1
+index 3ece735..09320d2 100644
+--- man/man1/monkeysphere.1
++++ man/man1/monkeysphere.1
+@@ -111,7 +111,7 @@ Path to ssh authorized_keys file (~/.ssh/authorized_keys).
+ ~/.monkeysphere/monkeysphere.conf
+ User monkeysphere config file.
+ .TP
+-/etc/monkeysphere/monkeysphere.conf
++/usr/local/etc/monkeysphere/monkeysphere.conf
+ System-wide monkeysphere config file.
+ .TP
+ ~/.monkeysphere/authorized_user_ids
+diff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
+index f207e2c..360408e 100644
+--- man/man8/monkeysphere-server.8
++++ man/man8/monkeysphere-server.8
+@@ -203,10 +203,10 @@ User to control authentication keychain (monkeysphere).
+ .SH FILES
+ .TP
+-/etc/monkeysphere/monkeysphere-server.conf
++/usr/local/etc/monkeysphere/monkeysphere-server.conf
+ System monkeysphere-server config file.
+ .TP
+-/etc/monkeysphere/monkeysphere.conf
++/usr/local/etc/monkeysphere/monkeysphere.conf
+ System-wide monkeysphere config file.
+ .TP
+ /var/lib/monkeysphere/authorized_keys/USER
+--- src/common.orig    2008-10-12 14:58:00.000000000 -0400
++++ src/common 2008-10-25 17:40:34.000000000 -0400
+@@ -16,7 +16,7 @@
+ ### COMMON VARIABLES
+ # managed directories
+-SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
++SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/usr/local/etc/monkeysphere"}
+ export SYSCONFIGDIR
+ ########################################################################
diff --git a/packaging/freebsd/security/monkeysphere/files/patch-sharelocation b/packaging/freebsd/security/monkeysphere/files/patch-sharelocation
new file mode 100644 (file)
index 0000000..99c9604
--- /dev/null
@@ -0,0 +1,22 @@
+--- src/monkeysphere.orig      2008-10-12 14:58:00.000000000 -0400
++++ src/monkeysphere   2008-10-25 17:41:41.000000000 -0400
+@@ -13,7 +13,7 @@
+ ########################################################################
+ PGRM=$(basename $0)
+-SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
++SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
+ export SYSSHAREDIR
+ . "${SYSSHAREDIR}/common" || exit 1
+--- src/monkeysphere-server.orig       2008-10-25 14:17:50.000000000 -0400
++++ src/monkeysphere-server    2008-10-25 17:42:50.000000000 -0400
+@@ -13,7 +13,7 @@
+ ########################################################################
+ PGRM=$(basename $0)
+-SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
++SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"}
+ export SYSSHAREDIR
+ . "${SYSSHAREDIR}/common" || exit 1
diff --git a/packaging/freebsd/security/monkeysphere/files/patch-varlocation b/packaging/freebsd/security/monkeysphere/files/patch-varlocation
new file mode 100644 (file)
index 0000000..c4d8dcd
--- /dev/null
@@ -0,0 +1,90 @@
+diff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8
+index f207e2c..29c7b6a 100644
+--- man/man8/monkeysphere-server.8
++++ man/man8/monkeysphere-server.8
+@@ -128,7 +128,7 @@ command to push the key to a keyserver.  You must also modify the
+ sshd_config on the server to tell sshd where the new server host key
+ is located:
+-HostKey /var/lib/monkeysphere/ssh_host_rsa_key
++HostKey /var/monkeysphere/ssh_host_rsa_key
+ In order for users logging into the system to be able to verify the
+ host via the monkeysphere, at least one person (e.g. a server admin)
+@@ -170,7 +170,7 @@ users.  You must also tell sshd to look at the monkeysphere-generated
+ authorized_keys file for user authentication by setting the following
+ in the sshd_config:
+-AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
++AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
+ It is recommended to add "monkeysphere-server update-users" to a
+ system crontab, so that user keys are kept up-to-date, and key
+@@ -209,17 +209,17 @@ System monkeysphere-server config file.
+ /etc/monkeysphere/monkeysphere.conf
+ System-wide monkeysphere config file.
+ .TP
+-/var/lib/monkeysphere/authorized_keys/USER
++/var/monkeysphere/authorized_keys/USER
+ Monkeysphere-generated user authorized_keys files.
+ .TP
+-/var/lib/monkeysphere/ssh_host_rsa_key
++/var/monkeysphere/ssh_host_rsa_key
+ Copy of the host's private key in ssh format, suitable for use by
+ sshd.
+ .TP
+-/var/lib/monkeysphere/gnupg-host
++/var/monkeysphere/gnupg-host
+ Monkeysphere host GNUPG home directory.
+ .TP
+-/var/lib/monkeysphere/gnupg-authentication
++/var/monkeysphere/gnupg-authentication
+ Monkeysphere authentication GNUPG home directory.
+ .SH AUTHOR
+diff --git doc/getting-started-admin.mdwn doc/getting-started-admin.mdwn
+index 6c8ad53..67fdda1 100644
+--- doc/getting-started-admin.mdwn
++++ doc/getting-started-admin.mdwn
+@@ -30,7 +30,7 @@ To use the newly-generated host key for ssh connections, put the
+ following line in `/etc/ssh/sshd_config` (be sure to remove references
+ to any other keys):
+-      HostKey /var/lib/monkeysphere/ssh_host_rsa_key
++      HostKey /var/monkeysphere/ssh_host_rsa_key
+ FIXME: should we just suggest symlinks in the filesystem here instead?
+@@ -40,7 +40,7 @@ To enable users to use the monkeysphere to authenticate using the
+ OpenPGP web of trust, add this line to `/etc/ssh/sshd_config` (again,
+ making sure that no other AuthorizedKeysFile directive exists):
+-      AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
++      AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u
+ And then read the section below about how to ensure these files are
+ maintained.  You'll need to restart `sshd` to have your changes take
+--- src/monkeysphere-server.orig       2008-10-25 18:01:19.000000000 -0400
++++ src/monkeysphere-server    2008-10-25 18:01:24.000000000 -0400
+@@ -17,7 +17,7 @@
+ export SYSSHAREDIR
+ . "${SYSSHAREDIR}/common" || exit 1
+-SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
++SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/monkeysphere"}
+ export SYSDATADIR
+ # UTC date in ISO 8601 format if needed
+--- etc/gnupg-authentication.conf.orig 2008-10-25 18:02:58.000000000 -0400
++++ etc/gnupg-authentication.conf      2008-10-25 18:03:04.000000000 -0400
+@@ -4,8 +4,8 @@
+ # It is highly recommended that you
+ #    DO NOT MODIFY
+ # these variables.
+-primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg
+-keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg
++primary-keyring /var/monkeysphere/gnupg-authentication/pubring.gpg
++keyring /var/monkeysphere/gnupg-host/pubring.gpg
+ # PGP keyserver to use for PGP queries.
+ keyserver hkp://pgp.mit.edu
diff --git a/packaging/freebsd/security/monkeysphere/pkg-deinstall b/packaging/freebsd/security/monkeysphere/pkg-deinstall
new file mode 100755 (executable)
index 0000000..3000878
--- /dev/null
@@ -0,0 +1,29 @@
+#!/bin/sh
+
+# a package removal script for monkeysphere (borrowing from
+# monkeysphere's debian/monkeysphere.postrm)
+
+# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# Copyright 2008
+
+# FIXME: is /var/lib/monkeysphere the right place for this stuff on
+# FreeBSD?
+VARLIB="/var/monkeysphere"
+
+
+case $2 in
+POST-DEINSTALL)
+        USER=monkeysphere
+# FIXME: This doesn't do anything!  Under what circumstances do we
+# want to actually automatically purge all of /var/monkeysphere?
+
+# (note: FreeBSD does not seem to want the package-specific user to be
+# purged at package removal)
+       if pw user show "${USER}" 2>/dev/null >/dev/null; then
+           echo "Warning: If you will *NOT* use this package anymore, please remove the monkeysphere user manually."
+       fi
+       if [ -d "$VARLIB" ] ; then
+           echo "Warning: You may want to remove monkeysphere's cached authentication data and keyrings in $VARLIB"
+       fi
+;;
+esac
diff --git a/packaging/freebsd/security/monkeysphere/pkg-descr b/packaging/freebsd/security/monkeysphere/pkg-descr
new file mode 100644 (file)
index 0000000..9adc44f
--- /dev/null
@@ -0,0 +1,7 @@
+SSH key-based authentication is tried-and-true, but it lacks a true
+Public Key Infrastructure for key certification, revocation and
+expiration.  Monkeysphere is a framework that uses the OpenPGP web of
+trust for these PKI functions.  It can be used in both directions: for
+users to get validated host keys, and for hosts to authenticate users.
+
+WWW: http://web.monkeysphere.info/
diff --git a/packaging/freebsd/security/monkeysphere/pkg-install b/packaging/freebsd/security/monkeysphere/pkg-install
new file mode 100755 (executable)
index 0000000..70d37b5
--- /dev/null
@@ -0,0 +1,72 @@
+#!/bin/sh
+
+# an installation script for monkeysphere (borrowing liberally from
+# postgresql and mysql pkg-install scripts, and from monkeysphere's
+# debian/monkeysphere.postinst)
+
+# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# Copyright 2008
+
+# FIXME: is /var/lib/monkeysphere the right place for this stuff on
+# FreeBSD?
+
+# PostgreSQL puts its data in /usr/local/pgsql/data
+
+# MySQL puts its data in /var/db/mysql
+
+VARLIB="/var/monkeysphere"
+ETCDIR="/usr/local/etc/monkeysphere"
+
+case $2 in
+POST-INSTALL)
+        USER=monkeysphere
+        GROUP=${USER}
+        UID=641
+        GID=${UID}
+        SHELL=/usr/local/bin/bash
+
+        if pw group show "${GROUP}" >/dev/null 2>&1; then
+                echo "You already have a group \"${GROUP}\", so I will use it."
+        else
+                if pw groupadd ${GROUP} -g ${GID}; then
+                        echo "Added group \"${GROUP}\"."
+                else
+                        echo "Adding group \"${GROUP}\" failed..."
+                        exit 1
+                fi
+        fi
+
+       if pw user show "${USER}" >/dev/null 2>&1; then
+            oldshell=`pw user show "${USER}" 2>/dev/null | cut -f10 -d:`
+           if [ x"$oldshell" != x"$SHELL" ]; then
+               echo "You already have a \"${USER}\" user, but its shell is '$oldshell'."
+               echo "This package requires that \"${USER}\"'s shell be '$SHELL'."
+               echo "You should fix this by hand and then re-install the package."
+               echo "   hint: pw usermod '$USER' -s '$SHELL'"
+               exit 1
+           fi
+            echo "You already have a user \"${USER}\" with the proper shell, so I will use it."
+        else
+                if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
+                        -d "$VARLIB" -s /usr/local/bin/bash -c "monkeysphere authentication user,,,"
+                then
+                        echo "Added user \"${USER}\"."
+                else
+                        echo "Adding user \"${USER}\" failed..."
+                        exit 1
+                fi
+        fi
+
+       ## set up the cache directories, and link them to the config files:
+
+       install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host
+       ln -sf "$ETCDIR"/gnupg-host.conf  "$VARLIB"/gnupg-host/gpg.conf
+
+       install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authentication
+       ln -sf "$ETCDIR"/gnupg-authentication.conf  "$VARLIB"/gnupg-authentication/gpg.conf
+
+       install -d "$VARLIB"/tmp "$VARLIB"/authorized_keys
+
+       monkeysphere-server diagnostics
+        ;;
+esac
diff --git a/packaging/freebsd/security/monkeysphere/pkg-plist b/packaging/freebsd/security/monkeysphere/pkg-plist
new file mode 100644 (file)
index 0000000..04a704a
--- /dev/null
@@ -0,0 +1,18 @@
+sbin/monkeysphere-server
+share/doc/monkeysphere/TODO
+share/doc/monkeysphere/MonkeySpec
+share/doc/monkeysphere/getting-started-user.mdwn
+share/doc/monkeysphere/getting-started-admin.mdwn
+bin/openpgp2ssh
+bin/monkeysphere-ssh-proxycommand
+bin/monkeysphere
+share/monkeysphere/common
+@unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/monkeysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere.conf; fi
+etc/monkeysphere/monkeysphere.conf.sample
+@exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/%F %B/monkeysphere.conf; fi
+@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-server.conf.sample %D/etc/monkeysphere/monkeysphere-server.conf; then rm -f %D/etc/monkeysphere/monkeysphere-server.conf; fi
+etc/monkeysphere/monkeysphere-server.conf.sample
+@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-server.conf ] ; then cp -p %D/%F %B/monkeysphere-server.conf; fi
+@dirrm share/doc/monkeysphere
+@dirrm share/monkeysphere
+@dirrm etc/monkeysphere