an easy and consistent way of installing software ported to FreeBSD
#!/bin/sh
#
# $FreeBSD: ports/security/cyrus-sasl/pkg-deinstall,v 1.8 2003/05/09 12:41:21 arved Exp $
#
# Created by: hetzels@westbend.net
#set -vx
PKG_BATCH=${BATCH:=NO}
PKG_PREFIX=${PKG_PREFIX:=/usr/local}
SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%%
CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%}
remove_file()
{
file=$1
if cmp -s ${file} ${file}.tmp; then
rm -f ${file}
fi
rm -f ${file}.tmp
}
# delete sasldb database
delete_sasldb() {
if [ -f ${SASLDB_NAME} ] ; then
if [ `${PKG_PREFIX}/sbin/sasldblistusers | wc -l` -eq 0 ] ; then
rm ${SASLDB_NAME}
else
echo "WARNING: Users SASL passwords are in ${SASLDB_NAME}, keeping this file"
fi
fi
}
delete_user() {
if pw usershow ${CYRUS_USER} 2>/dev/null 1>&2; then
echo "To delete Cyrus user permanently, use 'pw userdel ${CYRUS_USER}'"
fi
if pw groupshow ${CYRUS_GROUP} 2>/dev/null 1>&2; then
echo "To delete Cyrus group permanently, use 'pw groupdel ${CYRUS_GROUP}'"
fi
}
# This should really be uninstalled by Sendmail
sendmail_conf() {
if [ -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf ]; then
echo "pwcheck_method: %%PWCHECK_METHOD%%" > ${PKG_PREFIX}/lib/sasl/Sendmail.conf.tmp
remove_file ${PKG_PREFIX}/lib/sasl/Sendmail.conf
fi
}
case $2 in
DEINSTALL)
delete_sasldb
sendmail_conf
;;
POST-DEINSTALL)
delete_user
;;
esac
This is a port of Cyrus SASL (Simple Authentication and Security Layer).
SASL is a method for adding authentication support to connection-based
protocols. To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating protection of
subsequent protocol interactions. If its use is negotiated, a security layer is
inserted between the protocol and the connection.
The following mechanisms are included in this distribution: ANONYMOUS,
CRAM-MD5, DIGEST-MD5, GSSAPI (MIT Kerberos 5 or Heimdal Kerberos 5), KERBEROS_V4
and PLAIN.
The library can use a Berkeley DB, gdbm or ndbm file on the server side
to store per-user authentication secrets. The utility saslpasswd has been
included for adding authentication secrets to the file.
PLAIN can either check /etc/passwd, Kerberos V4, use PAM, or the sasl
secrets database. By default PAM is used if PAM is found, then Kerberos,
finally /etc/passwd (non-shadow). This is tweakable in the configuration file.
Please see "${PREFIX}/share/doc/sasl/sysadmin.html".
The sample directory contains two programs which provide a reference for
using the library, as well as making it easy to test a mechanism on the command
line. See "${PREFIX}/share/doc/sasl/programming.html" for more information.
WWW: http://cyrusimap.web.cmu.edu/
#!/bin/sh
#
# $FreeBSD: ports/security/cyrus-sasl/pkg-install,v 1.13 2006/05/26 18:49:05 ume Exp $
#
# Created by: stb@FreeBSD.org for the cyrus imap server
# Added to the cyrus-sasl port by hetzels@westbend.net
#set -vx
PKG_BATCH=${BATCH:=NO}
PKG_PREFIX=${PKG_PREFIX:=/usr/local}
SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%%
CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%}
#
# create 'cyrus' user and group before installing
#
create_user() {
USER=${CYRUS_USER}
GROUP=${CYRUS_GROUP}
PW=/usr/sbin/pw
if [ -x /sbin/nologin ]; then
shell=/sbin/nologin
else
shell=/nonexistent
fi
uhome="/nonexistent"
if ! ${PW} show group ${GROUP} -q >/dev/null; then
gid=60
while ${PW} show group -g ${gid} -q >/dev/null; do
gid=`expr ${gid} + 1`
done
if ! ${PW} add group ${GROUP} -g ${gid}; then
e=$?
echo "*** Failed to add group \`${GROUP}'. Please add it manually."
exit ${e}
fi
echo "*** Added group \`${GROUP}' (id ${gid})"
else
gid=`${PW} show group ${GROUP} 2>/dev/null | cut -d: -f3`
fi
if ! ${PW} show user ${USER} -q >/dev/null; then
uid=60
while ${PW} show user -u ${uid} -q >/dev/null; do
uid=`expr ${uid} + 1`
done
if ! ${PW} add user ${USER} -u ${uid} -g ${gid} -d "${uhome}" \
-c "the cyrus mail server" -s "${shell}" -p "*" \
; then
e=$?
echo "*** Failed to add user \`${USER}'. Please add it manually."
exit ${e}
fi
echo "*** Added user \`${USER}' (id ${uid})"
else
if ! ${PW} mod user ${USER} -g ${gid} -d "${uhome}" \
-c "the cyrus mail server" -s "${shell}" -p "*" \
; then
e=$?
echo "*** Failed to update user \`${USER}'."
exit ${e}
fi
echo "*** Updated user \`${USER}'."
fi
}
create_sasldb() {
if [ ! -f ${SASLDB_NAME} ]; then
echo "test" | ${PKG_PREFIX}/sbin/saslpasswd -p -c cyrus
if [ `${PKG_PREFIX}/sbin/sasldblistusers | wc -l` -eq 0 ] ; then
echo "WARNING: Failed to create ${SASLDB_NAME}"
else
${PKG_PREFIX}/sbin/saslpasswd -d cyrus
chown ${CYRUS_USER}:mail ${SASLDB_NAME}
chmod 640 ${SASLDB_NAME}
fi
fi
}
# This should really be installed by Sendmail
sendmail_conf() {
if [ ! -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf ]; then
echo "pwcheck_method: %%PWCHECK_METHOD%%" > ${PKG_PREFIX}/lib/sasl/Sendmail.conf
fi
}
case $2 in
PRE-INSTALL)
create_user
;;
POST-INSTALL)
if [ "${PKG_BATCH}" = "NO" ]; then
create_sasldb
sendmail_conf
fi
;;
esac
You may need to start the pwcheck or saslauthd daemon for authentication
with the system password files:
%%PREFIX%%/etc/rc.d/cyrus_pwcheck.sh start
or
%%PREFIX%%/etc/rc.d/saslauthd1.sh start
or you can use sasldb for authentication, to add users use:
saslpasswd -c username
If you want to enable SMTP AUTH with the system Sendmail, read Sendmail.README
NOTE: This port has been compiled with a default pwcheck_method of
%%PWCHECK_METHOD%%. You may need to set sasl_pwcheck_method to
%%PWCHECK_METHOD%% after installing either the Cyrus-IMAPd 1.6.24
or 2.0.17 ports.
You should also check the %%PREFIX%%/lib/sasl/*.conf files for the
correct pwcheck_method.
@comment The following makes sure that the pwcheck and saslauthd
@comment daemons are stopped before removing the files.
@unexec if [ -f /var/run/pwcheck.pid ] ; then %D/etc/rc.d/cyrus_pwcheck.sh stop ; echo " stopped." ; fi
@unexec if [ -f /var/state/saslauthd1/mux.pid ] ; then %D/etc/rc.d/saslauthd1.sh stop ; echo " stopped." ; fi
etc/rc.d/cyrus_pwcheck.sh
etc/rc.d/cyrus_sasl1
etc/rc.d/saslauthd1.sh
include/sasl1/hmac-md5.h
include/sasl1/md5.h
include/sasl1/md5global.h
include/sasl1/sasl.h
include/sasl1/saslplug.h
include/sasl1/saslutil.h
@dirrm include/sasl1
%%JAVASASL%%lib/libjavasasl.a
%%JAVASASL%%lib/libjavasasl.la
%%JAVASASL%%lib/libjavasasl.so
%%JAVASASL%%lib/libjavasasl.so.1
lib/libsasl.a
lib/libsasl.la
lib/libsasl.so
lib/libsasl.so.8
%%ANON%%lib/sasl/libanonymous.a
%%ANON%%lib/sasl/libanonymous.la
%%ANON%%lib/sasl/libanonymous.so
%%ANON%%lib/sasl/libanonymous.so.1
%%CRAM%%lib/sasl/libcrammd5.a
%%CRAM%%lib/sasl/libcrammd5.la
%%CRAM%%lib/sasl/libcrammd5.so
%%CRAM%%lib/sasl/libcrammd5.so.1
%%DIGEST%%lib/sasl/libdigestmd5.a
%%DIGEST%%lib/sasl/libdigestmd5.la
%%DIGEST%%lib/sasl/libdigestmd5.so
%%DIGEST%%lib/sasl/libdigestmd5.so.0
%%GSSAPI%%lib/sasl/libgssapiv2.a
%%GSSAPI%%lib/sasl/libgssapiv2.la
%%GSSAPI%%lib/sasl/libgssapiv2.so
%%GSSAPI%%lib/sasl/libgssapiv2.so.1
%%EBONES%%lib/sasl/libkerberos4.a
%%EBONES%%lib/sasl/libkerberos4.la
%%EBONES%%lib/sasl/libkerberos4.so
%%EBONES%%lib/sasl/libkerberos4.so.1
%%LOGIN%%lib/sasl/liblogin.a
%%LOGIN%%lib/sasl/liblogin.la
%%LOGIN%%lib/sasl/liblogin.so
%%LOGIN%%lib/sasl/liblogin.so.0
%%PLAIN%%lib/sasl/libplain.a
%%PLAIN%%lib/sasl/libplain.la
%%PLAIN%%lib/sasl/libplain.so
%%PLAIN%%lib/sasl/libplain.so.1
sbin/sasldblistusers
sbin/saslpasswd
sbin/pwcheck
sbin/pwcheck_pam
sbin/saslauthd1
%%EXAMPLESDIR%%/cyrus.pam
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ClientFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericClient.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericCommon.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericServer.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/Sasl.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClient.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClientFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslException.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslInputStream.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslOutputStream.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServer.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServerFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslUtils.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ServerFactory.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/Callback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/CallbackHandler.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/NameCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/PasswordCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/RealmCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/UnsupportedCallbackException.class
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
%%PORTDOCS%%%%DOCSDIR%%/COPYING
%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
%%PORTDOCS%%%%DOCSDIR%%/INSTALL
%%PORTDOCS%%%%DOCSDIR%%/NEWS
%%PORTDOCS%%%%DOCSDIR%%/README
%%PORTDOCS%%%%DOCSDIR%%/Sendmail.README
%%PORTDOCS%%%%DOCSDIR%%/TODO
%%PORTDOCS%%%%DOCSDIR%%/draft-newman-auth-scram-03.txt
%%PORTDOCS%%%%DOCSDIR%%/draft-weltman-java-sasl-02.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc1321.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2095.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2104.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2222.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2245.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2831.txt
%%PORTDOCS%%%%DOCSDIR%%/gssapi.html
%%PORTDOCS%%%%DOCSDIR%%/index.html
%%PORTDOCS%%%%DOCSDIR%%/macosx.html
%%PORTDOCS%%%%DOCSDIR%%/programming.html
%%PORTDOCS%%%%DOCSDIR%%/sysadmin.html
%%PORTDOCS%%@dirrm %%DOCSDIR%%
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth/callback
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security
%%JAVASASL%%@dirrm share/java/classes/sasl/javax
%%JAVASASL%%@dirrm share/java/classes/sasl/CyrusSasl
%%JAVASASL%%@dirrm share/java/classes/sasl
@dirrm %%EXAMPLESDIR%%
@dirrm lib/sasl
@cwd /var
@exec install -d -m 770 -o cyrus -g cyrus %D/pwcheck
@comment This file is created by the pwcheck program
@unexec rm -f %D/pwcheck/pwcheck
@dirrm pwcheck
@mode ug=rwx,o=
@exec mkdir -p /var/state/saslauthd1
@exec chown -R cyrus:cyrus state
@exec chmod -R o= state
@comment These files are created by the saslauthd program
@unexec rm -fr /var/state/saslauthd1
@unexec rmdir /var/state
@cwd %%PREFIX%%