Context Navigation

Back to Ticket #50421

Ticket #50421: Portfile

File Portfile, 9.9 KB (added by akkornel (A. Karl Kornel), 8 years ago)
Updated Portfile

Line
1	# -- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
2	# $Id$
3
4	PortSystem 1.0
5	PortGroup perl5 1.0
6	perl5.branches 5.24
7
8	name wallet
9	version 1.3
10	revision 0
11	categories net security
12	license MIT
13	maintainers kornel.us:karl
14	description Kerberos-authenticated secure data management
15	long_description The wallet is a system for managing secure data, \
16	authorization rules to retrieve or change that data, \
17	and audit rules for documenting actions taken on that \
18	data. Objects of various types may be stored in the \
19	wallet or generated on request and retrieved by \
20	authorized users. The wallet tracks ACLs, metadata, \
21	and trace information. It uses Kerberos \
22	authentication. One of the object types it supports \
23	is Kerberos keytabs, making it suitable as a \
24	user-accessible front-end to Kerberos kadmind with \
25	richer ACL and metadata operations.
26	homepage http://eyrie.org/~eagle/software/wallet/
27
28	platforms darwin
29	master_sites http://archives.eyrie.org/software/kerberos/ \
30	http://archives.eyrie.org/software/ARCHIVE/wallet/
31	checksums rmd160 188b3561fcffe99342fcfb1312b58df3f3d919b5 \
32	sha256 676d3d6e407509fc9da1dd87d98fadc71920dabfbc4bdeb8cde5e2bc937268b8
33
34	# Start with the dependencies we know we need
35	depends_lib-append port:kerberos5 \
36	port:remctl
37	#
38	# Add a dependency on Module::Build
39	if {${perl5.major} != ""} {
40	depends_lib-append port:p${perl5.major}-module-build
41	}
42
43	# wallet 1.3 does not support Perl paths other than /usr/bin/perl, nor does it
44	# support perl binaries not named "perl". The perl/Build.PL script is also
45	# missing some testing prerequisites.
46	# Since we are patching autoconf and automake files, we need autoreconf.
47	patchfiles patch-autogen.diff \
48	patch-configure.ac.diff \
49	patch-Makefile.am.diff \
50	patch-README.diff \
51	patch-perl-Build.PL.diff \
52	patch-portable-system.h.diff \
53	patch-rename-server-keytab-backend.diff \
54	patch-rename-server-wallet-admin.diff \
55	patch-rename-server-wallet-backend.diff \
56	patch-rename-server-wallet-report.diff
57	use_autoreconf yes
58
59	# Use configure, and pass in the paths to MacPorts kerberos5, remctl, and perl.
60	use_configure yes
61	configure.args --enable-reduced-depends \
62	--with-remctl=${prefix} \
63	PATH_KRB5_CONFIG=${prefix}/bin/krb5-config \
64	PERL=${prefix}/bin/perl${perl5.major}
65
66	# The Wallet client is just a couple of binaries, plus man pages and docs.
67	variant client {
68	long_description-append The wallet client uses the remctl protocol to \
69	communicate with a wallet server.
70	}
71
72	# The Wallet server is entirely Perl, spawned by the remctl daemon.
73	# TODO: Patch wallet remctl config files to use ${destroot}${prefix}
74	variant server {
75	# We can't use perl5.setup because it overrides alot of settings that
76	# we need.
77	#perl5.setup Wallet 1.003
78
79	long_description-append The wallet server, run by remctld, maintains \
80	the database of object metadata and secure \
81	objects, and responds to requests from the \
82	wallet client.
83
84	if {${perl5.major} != ""} {
85	depends_lib-append port:p${perl5.major}-datetime \
86	port:p${perl5.major}-dbi \
87	port:p${perl5.major}-dbix-class \
88	port:p${perl5.major}-digest-md5 \
89	port:p${perl5.major}-sql-translator \
90	port:p${perl5.major}-timedate
91	depends_build-append port:p${perl5.major}-crypt-generatepassword \
92	port:p${perl5.major}-datetime-format-sqlite \
93	port:p${perl5.major}-module-build
94	}
95
96	# TODO: Tests have a Stanford-specific part, and a NetDB-verifier part,
97	# which need to be disabled.
98	# test.run yes
99	# test.target check
100
101	notes-append "
102	*************************************************************************
103	* Before using the Wallet server, you will need to choose a database *
104	* backend to use. MySQL, Postgres, and SQLite are known to work. *
105	* Then you will need to install the p5-datetime-format-* and p5-dbd-* *
106	* ports that match the database backend you chose. *
107	* *
108	* If you want to support getting keytabs through Wallet, then your KDC *
109	* will need to have the wallet+kerberos5_keytab port installed. *
110	* *
111	* Other Perl modules may be required, depending on what you want to *
112	* support. Read share/doc/wallet/setup for additional server *
113	* configuration instructions. *
114	* *
115	* Wallet server runs via remctl, so be sure that remctld is running, *
116	* and is configured correctly! *
117	*************************************************************************
118	"
119	}
120
121	# kdc just installs a couple of helper files that a Kerberos 5 KDC
122	# can use to generate unchanging keytabs for a Wallet server.
123	# TODO: Patch keytab and wallet remctl config files to use ${destroot}${prefix}
124	variant kdc {
125	long_description-append This port contains a remctl script, to be \
126	run on the Kerberos 5 KDC, that will generate keytabs \
127	at the request of a Wallet server. This variant is \
128	only meant to be installed on a KDC, and does not \
129	inclue Wallet server or client.
130
131	notes-append "
132	********************************************************************
133	* To configure your KDC to generate keytabs for the Wallet server, *
134	* you will need to configure etc/krb5kdc/allow-extract, as well as *
135	* /etc/remctl/acl/keytab. This uses remctl, so remctld must also *
136	* be running. *
137	********************************************************************
138	"
139	}
140
141	# Only install the client by default
142	default_variants +client
143
144	# Our install process has some common bits, and some variant-specific bits.
145	destroot {
146	# First, install common files from the distribution
147	xinstall -d ${destroot}${prefix}/share/doc/wallet
148	xinstall -m 644 ${worksrcpath}/LICENSE \
149	${worksrcpath}/NEWS \
150	${worksrcpath}/README \
151	${worksrcpath}/TODO \
152	${destroot}${prefix}/share/doc/wallet
153
154	# If installing the server or kdc variants, make common directories
155	if {[variant_isset server] \|\| [variant_isset kdc]} {
156	xinstall -d ${destroot}${prefix}/etc/remctl/acl
157	xinstall -d ${destroot}${prefix}/etc/remctl/conf.d
158	}
159
160	# If the client variant is active, install client files
161	if {[variant_isset client]} {
162	# Install the wallet client executables
163	# ${destroot}${prefix}/bin already exists
164	xinstall -m 755 ${worksrcpath}/client/wallet \
165	${worksrcpath}/client/wallet-rekey \
166	${destroot}${prefix}/bin
167
168	# Install the wallet client man pages
169	xinstall -d ${destroot}${prefix}/share/man/man1
170	xinstall -m 644 ${worksrcpath}/client/wallet.1 \
171	${worksrcpath}/client/wallet-rekey.1 \
172	${destroot}${prefix}/share/man/man1
173	}
174
175	# If the server variant is active, install server files.
176	if {[variant_isset server]} {
177	# Install a set of starter remctl ACLs and configurations
178	# ${destroot}${prefix}/etc/remctl/acl is created above
179	xinstall -m 644 ${worksrcpath}/config/wallet-report.acl \
180	${destroot}${prefix}/etc/remctl/acl/wallet-report
181
182	# ${destroot}${prefix}/etc/remctl/conf.d is created above
183	xinstall -m 644 ${worksrcpath}/config/wallet \
184	${destroot}${prefix}/etc/remctl/conf.d/wallet
185
186	# Install the wallet server executables
187	# ${destroot}${prefix}/sbin already exists
188	xinstall -m 755 ${worksrcpath}/server/wallet-admin \
189	${worksrcpath}/server/wallet-backend \
190	${worksrcpath}/server/wallet-report \
191	${destroot}${prefix}/sbin
192
193	# Install the wallet server man pages
194	# ${destroot}${prefix}/share/man/man8 already exists
195	xinstall -m 644 ${worksrcpath}/server/wallet-admin.8 \
196	${worksrcpath}/server/wallet-backend.8 \
197	${worksrcpath}/server/wallet-report.8 \
198	${destroot}${prefix}/share/man/man8
199
200	# Install protocol documentataion
201	xinstall -m 644 {}[glob ${worksrcpath}/docs/] \
202	${destroot}${prefix}/share/doc/wallet
203
204	# The Perl components of Wallet server are installed by a
205	# Module::Build installer that is normally run by the Makefile.
206	# PERL_INSTALL_ROOT is used to set the destroot path; we don't
207	# set a prefix because that is already configured into MacPorts
208	# Perl, and so Module::Build uses it automatically.
209	set env(PERL_INSTALL_ROOT) ${destroot}
210	ui_info [exec ${prefix}/bin/perl${perl5.major} ${worksrcpath}/perl/Build install]
211	}
212
213	# If the KDC variant is active, install KDC files
214	if {[variant_isset kdc]} {
215	# Install a stub KDC ACL that keytab-backend will use
216	xinstall -d ${destroot}${prefix}/etc/krb5kdc
217	xinstall -m 640 ${worksrcpath}/config/allow-extract \
218	${destroot}${prefix}/etc/krb5kdc/allow-extract
219
220	# Install example remctl ACLs and configurations
221	# ${destroot}${prefix}/etc/remctl/acl is created above
222	xinstall -m 644 ${worksrcpath}/config/keytab.acl \
223	${destroot}${prefix}/etc/remctl/acl/keytab
224
225	# ${destroot}${prefix}/etc/remctl/conf.d is created above
226	xinstall -m 644 ${worksrcpath}/config/keytab \
227	${destroot}${prefix}/etc/remctl/conf.d/keytab
228
229	# Install the keytab-backend executable
230	# ${destroot}${prefix}/sbin already exists
231	xinstall -m 755 ${worksrcpath}/server/keytab-backend \
232	${destroot}${prefix}/sbin
233
234	# Install the keytab-backend man page
235	# ${destroot}${prefix}/share/man/man8 already exists
236	xinstall -m 644 ${worksrcpath}/server/keytab-backend.8 \
237	${destroot}${prefix}/share/man/man8/keytab-backend.8
238	}
239	}

Download in other formats:

Original Format