summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--security/krb5-16/Makefile14
-rw-r--r--security/krb5-16/files/README.FreeBSD32
-rw-r--r--security/krb5-16/files/patch-appl::bsd::Makefile.in11
-rw-r--r--security/krb5-16/files/patch-appl::bsd::klogind.M34
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::Makefile.in11
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.822
-rw-r--r--security/krb5-16/pkg-plist1
-rw-r--r--security/krb5-17/Makefile14
-rw-r--r--security/krb5-17/files/README.FreeBSD32
-rw-r--r--security/krb5-17/files/patch-appl::bsd::Makefile.in11
-rw-r--r--security/krb5-17/files/patch-appl::bsd::klogind.M34
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::Makefile.in11
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.822
-rw-r--r--security/krb5-17/pkg-plist1
-rw-r--r--security/krb5-appl/Makefile14
-rw-r--r--security/krb5-appl/files/README.FreeBSD32
-rw-r--r--security/krb5-appl/files/patch-appl::bsd::Makefile.in11
-rw-r--r--security/krb5-appl/files/patch-appl::bsd::klogind.M34
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::Makefile.in11
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.822
-rw-r--r--security/krb5-appl/pkg-plist1
-rw-r--r--security/krb5/Makefile14
-rw-r--r--security/krb5/files/README.FreeBSD32
-rw-r--r--security/krb5/files/patch-appl::bsd::Makefile.in11
-rw-r--r--security/krb5/files/patch-appl::bsd::klogind.M34
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::Makefile.in11
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::telnetd.822
-rw-r--r--security/krb5/pkg-plist1
28 files changed, 492 insertions, 8 deletions
diff --git a/security/krb5-16/Makefile b/security/krb5-16/Makefile
index 7fac84161a4a..3a0bf189ab7f 100644
--- a/security/krb5-16/Makefile
+++ b/security/krb5-16/Makefile
@@ -7,11 +7,11 @@
PORTNAME= krb5
PORTVERSION= 1.2.2
-PORTREVISION= 4
+PORTREVISION= 5
CATEGORIES= security
MASTER_SITES= # manual download
-MAINTAINER= Cy.Schubert@uumail.gov.bc.ca
+MAINTAINER= cy@FreeBSD.org
BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
@@ -113,5 +113,15 @@ post-install:
${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST}
${RM} ${TMPPLIST}.new
.endif
+ @${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR} > ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${CHMOD} 444 ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${ECHO} "------------------------------------------------------"
+ @${ECHO} "This port of MIT Kerberos 5 includes remote login "
+ @${ECHO} "daemons (telnetd and klogind). These daemons default "
+ @${ECHO} "to using the system login program (/usr/bin/login). "
+ @${ECHO} "Please see the file "
+ @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD"
+ @${ECHO} "for more information. "
+ @${ECHO} "------------------------------------------------------"
.include <bsd.port.post.mk>
diff --git a/security/krb5-16/files/README.FreeBSD b/security/krb5-16/files/README.FreeBSD
new file mode 100644
index 000000000000..e888e689eb04
--- /dev/null
+++ b/security/krb5-16/files/README.FreeBSD
@@ -0,0 +1,32 @@
+The MIT KRB5 port provides its own login program at
+${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
+the FreeBSD login.conf and login.access files that provide a means of
+setting up and controlling sessions under FreeBSD. To overcome this,
+the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
+interactive login password authentication instead of the login.krb5
+program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
+not have support for Kerberos V password authentication,
+e.g. authentication at the console. The pam_krb5 port must be used to
+provide Kerberos V password authentication.
+
+For more information about pam_krb5, please see pam(8) and pam_krb5(8).
+
+If you wish to use login.krb5 that is provided by the MIT KRB5 port,
+the arguments "-L ${PREFIX}/sbin/login.krb5" must be
+specified as arguments to klogind and KRB5 telnetd, e.g.
+
+klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
+eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
+telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
+
+Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
+of the FreeBSD provided /usr/bin/login for local tty logins,
+"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
+
+default:\
+ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
+ :if=/etc/issue:\
+ :lo=${PREFIX}/sbin/login.krb5:
+
+It is recommended that the FreeBSD /usr/bin/login be used with the
+pam_krb5 port instead of the MIT KRB5 provided login.krb5.
diff --git a/security/krb5-16/files/patch-appl::bsd::Makefile.in b/security/krb5-16/files/patch-appl::bsd::Makefile.in
new file mode 100644
index 000000000000..603c399a287f
--- /dev/null
+++ b/security/krb5-16/files/patch-appl::bsd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/bsd/Makefile.in.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/Makefile.in Mon Dec 31 21:52:45 2001
+@@ -28,7 +28,7 @@
+ -DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\"
+
+ DEFINES = $(RSH) $(BSD) $(RPROGS) \
+- -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
++ -DLOGIN_PROGRAM=\"/usr/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
+
+ all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP)
+
diff --git a/security/krb5-16/files/patch-appl::bsd::klogind.M b/security/krb5-16/files/patch-appl::bsd::klogind.M
new file mode 100644
index 000000000000..1523c3d593df
--- /dev/null
+++ b/security/krb5-16/files/patch-appl::bsd::klogind.M
@@ -0,0 +1,34 @@
+--- appl/bsd/klogind.M.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/klogind.M Mon Dec 31 21:22:27 2001
+@@ -14,6 +14,7 @@
+ ]
+ [
+ [ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]] ]
++[\fB\-L\fP \fIloginpath\fP]
+ .SH DESCRIPTION
+ .I Klogind
+ is the server for the
+@@ -107,6 +108,10 @@
+ Beta5 (May 1995)--present bogus checksums that prevent Kerberos
+ authentication from succeeding in the default mode.
+
++.IP \fB\-L\ loginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
++
+
+ .PP
+ If the
+@@ -157,12 +162,6 @@
+
+ .IP \fB\-M\ realm\fP
+ Set the Kerberos realm to use.
+-
+-.IP \fB\-L\ login\fP
+-Set the login program to use. This option only has an effect if
+-DO_NOT_USE_K_LOGIN was not defined when
+-.I klogind
+-was compiled.
+ .SH DIAGNOSTICS
+ All diagnostic messages are returned on the connection
+ associated with the
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::Makefile.in b/security/krb5-16/files/patch-appl::telnet::telnetd::Makefile.in
new file mode 100644
index 000000000000..cb5a0e26d49d
--- /dev/null
+++ b/security/krb5-16/files/patch-appl::telnet::telnetd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/telnet/telnetd/Makefile.in.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/Makefile.in Mon Dec 31 21:51:19 2001
+@@ -24,7 +24,7 @@
+ # @(#)Makefile.generic 5.5 (Berkeley) 3/1/91
+ #
+
+-AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN
++AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"/usr/bin/login\"
+ OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON
+ LOCALINCLUDES=-I.. -I$(srcdir)/..
+ DEFINES = $(AUTH_DEF) $(OTHERDEFS)
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.8 b/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.8
new file mode 100644
index 000000000000..951ee0d5692a
--- /dev/null
+++ b/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.8
@@ -0,0 +1,22 @@
+--- appl/telnet/telnetd/telnetd.8.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/telnetd.8 Mon Dec 31 21:16:55 2001
+@@ -43,7 +43,7 @@
+ [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
+ [\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
+ [\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
+-[\fB\-debug\fP [\fIport\fP]]
++[\fB\-debug\fP] [\fB\-L\fP \fIloginpath\fP] [\fIport\fP]
+ .SH DESCRIPTION
+ The
+ .B telnetd
+@@ -221,6 +221,10 @@
+ in response to a
+ .SM DO TIMING-MARK)
+ for kludge linemode support.
++.TP
++\fB\-L\fP \fIloginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
+ .TP
+ .B \-l
+ Specifies line mode. Tries to force clients to use line-at-a-time
diff --git a/security/krb5-16/pkg-plist b/security/krb5-16/pkg-plist
index df48394c37cf..5170610a1b3d 100644
--- a/security/krb5-16/pkg-plist
+++ b/security/krb5-16/pkg-plist
@@ -102,6 +102,7 @@ sbin/sserver
sbin/telnetd
sbin/uuserver
sbin/v5passwdd
+share/doc/krb5/README.FreeBSD
share/doc/krb5/admin.html
share/doc/krb5/admin_foot.html
share/doc/krb5/admin_toc.html
diff --git a/security/krb5-17/Makefile b/security/krb5-17/Makefile
index 7fac84161a4a..3a0bf189ab7f 100644
--- a/security/krb5-17/Makefile
+++ b/security/krb5-17/Makefile
@@ -7,11 +7,11 @@
PORTNAME= krb5
PORTVERSION= 1.2.2
-PORTREVISION= 4
+PORTREVISION= 5
CATEGORIES= security
MASTER_SITES= # manual download
-MAINTAINER= Cy.Schubert@uumail.gov.bc.ca
+MAINTAINER= cy@FreeBSD.org
BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
@@ -113,5 +113,15 @@ post-install:
${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST}
${RM} ${TMPPLIST}.new
.endif
+ @${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR} > ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${CHMOD} 444 ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${ECHO} "------------------------------------------------------"
+ @${ECHO} "This port of MIT Kerberos 5 includes remote login "
+ @${ECHO} "daemons (telnetd and klogind). These daemons default "
+ @${ECHO} "to using the system login program (/usr/bin/login). "
+ @${ECHO} "Please see the file "
+ @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD"
+ @${ECHO} "for more information. "
+ @${ECHO} "------------------------------------------------------"
.include <bsd.port.post.mk>
diff --git a/security/krb5-17/files/README.FreeBSD b/security/krb5-17/files/README.FreeBSD
new file mode 100644
index 000000000000..e888e689eb04
--- /dev/null
+++ b/security/krb5-17/files/README.FreeBSD
@@ -0,0 +1,32 @@
+The MIT KRB5 port provides its own login program at
+${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
+the FreeBSD login.conf and login.access files that provide a means of
+setting up and controlling sessions under FreeBSD. To overcome this,
+the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
+interactive login password authentication instead of the login.krb5
+program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
+not have support for Kerberos V password authentication,
+e.g. authentication at the console. The pam_krb5 port must be used to
+provide Kerberos V password authentication.
+
+For more information about pam_krb5, please see pam(8) and pam_krb5(8).
+
+If you wish to use login.krb5 that is provided by the MIT KRB5 port,
+the arguments "-L ${PREFIX}/sbin/login.krb5" must be
+specified as arguments to klogind and KRB5 telnetd, e.g.
+
+klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
+eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
+telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
+
+Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
+of the FreeBSD provided /usr/bin/login for local tty logins,
+"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
+
+default:\
+ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
+ :if=/etc/issue:\
+ :lo=${PREFIX}/sbin/login.krb5:
+
+It is recommended that the FreeBSD /usr/bin/login be used with the
+pam_krb5 port instead of the MIT KRB5 provided login.krb5.
diff --git a/security/krb5-17/files/patch-appl::bsd::Makefile.in b/security/krb5-17/files/patch-appl::bsd::Makefile.in
new file mode 100644
index 000000000000..603c399a287f
--- /dev/null
+++ b/security/krb5-17/files/patch-appl::bsd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/bsd/Makefile.in.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/Makefile.in Mon Dec 31 21:52:45 2001
+@@ -28,7 +28,7 @@
+ -DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\"
+
+ DEFINES = $(RSH) $(BSD) $(RPROGS) \
+- -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
++ -DLOGIN_PROGRAM=\"/usr/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
+
+ all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP)
+
diff --git a/security/krb5-17/files/patch-appl::bsd::klogind.M b/security/krb5-17/files/patch-appl::bsd::klogind.M
new file mode 100644
index 000000000000..1523c3d593df
--- /dev/null
+++ b/security/krb5-17/files/patch-appl::bsd::klogind.M
@@ -0,0 +1,34 @@
+--- appl/bsd/klogind.M.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/klogind.M Mon Dec 31 21:22:27 2001
+@@ -14,6 +14,7 @@
+ ]
+ [
+ [ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]] ]
++[\fB\-L\fP \fIloginpath\fP]
+ .SH DESCRIPTION
+ .I Klogind
+ is the server for the
+@@ -107,6 +108,10 @@
+ Beta5 (May 1995)--present bogus checksums that prevent Kerberos
+ authentication from succeeding in the default mode.
+
++.IP \fB\-L\ loginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
++
+
+ .PP
+ If the
+@@ -157,12 +162,6 @@
+
+ .IP \fB\-M\ realm\fP
+ Set the Kerberos realm to use.
+-
+-.IP \fB\-L\ login\fP
+-Set the login program to use. This option only has an effect if
+-DO_NOT_USE_K_LOGIN was not defined when
+-.I klogind
+-was compiled.
+ .SH DIAGNOSTICS
+ All diagnostic messages are returned on the connection
+ associated with the
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::Makefile.in b/security/krb5-17/files/patch-appl::telnet::telnetd::Makefile.in
new file mode 100644
index 000000000000..cb5a0e26d49d
--- /dev/null
+++ b/security/krb5-17/files/patch-appl::telnet::telnetd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/telnet/telnetd/Makefile.in.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/Makefile.in Mon Dec 31 21:51:19 2001
+@@ -24,7 +24,7 @@
+ # @(#)Makefile.generic 5.5 (Berkeley) 3/1/91
+ #
+
+-AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN
++AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"/usr/bin/login\"
+ OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON
+ LOCALINCLUDES=-I.. -I$(srcdir)/..
+ DEFINES = $(AUTH_DEF) $(OTHERDEFS)
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.8 b/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.8
new file mode 100644
index 000000000000..951ee0d5692a
--- /dev/null
+++ b/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.8
@@ -0,0 +1,22 @@
+--- appl/telnet/telnetd/telnetd.8.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/telnetd.8 Mon Dec 31 21:16:55 2001
+@@ -43,7 +43,7 @@
+ [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
+ [\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
+ [\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
+-[\fB\-debug\fP [\fIport\fP]]
++[\fB\-debug\fP] [\fB\-L\fP \fIloginpath\fP] [\fIport\fP]
+ .SH DESCRIPTION
+ The
+ .B telnetd
+@@ -221,6 +221,10 @@
+ in response to a
+ .SM DO TIMING-MARK)
+ for kludge linemode support.
++.TP
++\fB\-L\fP \fIloginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
+ .TP
+ .B \-l
+ Specifies line mode. Tries to force clients to use line-at-a-time
diff --git a/security/krb5-17/pkg-plist b/security/krb5-17/pkg-plist
index df48394c37cf..5170610a1b3d 100644
--- a/security/krb5-17/pkg-plist
+++ b/security/krb5-17/pkg-plist
@@ -102,6 +102,7 @@ sbin/sserver
sbin/telnetd
sbin/uuserver
sbin/v5passwdd
+share/doc/krb5/README.FreeBSD
share/doc/krb5/admin.html
share/doc/krb5/admin_foot.html
share/doc/krb5/admin_toc.html
diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile
index 7fac84161a4a..3a0bf189ab7f 100644
--- a/security/krb5-appl/Makefile
+++ b/security/krb5-appl/Makefile
@@ -7,11 +7,11 @@
PORTNAME= krb5
PORTVERSION= 1.2.2
-PORTREVISION= 4
+PORTREVISION= 5
CATEGORIES= security
MASTER_SITES= # manual download
-MAINTAINER= Cy.Schubert@uumail.gov.bc.ca
+MAINTAINER= cy@FreeBSD.org
BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
@@ -113,5 +113,15 @@ post-install:
${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST}
${RM} ${TMPPLIST}.new
.endif
+ @${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR} > ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${CHMOD} 444 ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${ECHO} "------------------------------------------------------"
+ @${ECHO} "This port of MIT Kerberos 5 includes remote login "
+ @${ECHO} "daemons (telnetd and klogind). These daemons default "
+ @${ECHO} "to using the system login program (/usr/bin/login). "
+ @${ECHO} "Please see the file "
+ @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD"
+ @${ECHO} "for more information. "
+ @${ECHO} "------------------------------------------------------"
.include <bsd.port.post.mk>
diff --git a/security/krb5-appl/files/README.FreeBSD b/security/krb5-appl/files/README.FreeBSD
new file mode 100644
index 000000000000..e888e689eb04
--- /dev/null
+++ b/security/krb5-appl/files/README.FreeBSD
@@ -0,0 +1,32 @@
+The MIT KRB5 port provides its own login program at
+${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
+the FreeBSD login.conf and login.access files that provide a means of
+setting up and controlling sessions under FreeBSD. To overcome this,
+the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
+interactive login password authentication instead of the login.krb5
+program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
+not have support for Kerberos V password authentication,
+e.g. authentication at the console. The pam_krb5 port must be used to
+provide Kerberos V password authentication.
+
+For more information about pam_krb5, please see pam(8) and pam_krb5(8).
+
+If you wish to use login.krb5 that is provided by the MIT KRB5 port,
+the arguments "-L ${PREFIX}/sbin/login.krb5" must be
+specified as arguments to klogind and KRB5 telnetd, e.g.
+
+klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
+eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
+telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
+
+Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
+of the FreeBSD provided /usr/bin/login for local tty logins,
+"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
+
+default:\
+ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
+ :if=/etc/issue:\
+ :lo=${PREFIX}/sbin/login.krb5:
+
+It is recommended that the FreeBSD /usr/bin/login be used with the
+pam_krb5 port instead of the MIT KRB5 provided login.krb5.
diff --git a/security/krb5-appl/files/patch-appl::bsd::Makefile.in b/security/krb5-appl/files/patch-appl::bsd::Makefile.in
new file mode 100644
index 000000000000..603c399a287f
--- /dev/null
+++ b/security/krb5-appl/files/patch-appl::bsd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/bsd/Makefile.in.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/Makefile.in Mon Dec 31 21:52:45 2001
+@@ -28,7 +28,7 @@
+ -DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\"
+
+ DEFINES = $(RSH) $(BSD) $(RPROGS) \
+- -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
++ -DLOGIN_PROGRAM=\"/usr/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
+
+ all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP)
+
diff --git a/security/krb5-appl/files/patch-appl::bsd::klogind.M b/security/krb5-appl/files/patch-appl::bsd::klogind.M
new file mode 100644
index 000000000000..1523c3d593df
--- /dev/null
+++ b/security/krb5-appl/files/patch-appl::bsd::klogind.M
@@ -0,0 +1,34 @@
+--- appl/bsd/klogind.M.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/klogind.M Mon Dec 31 21:22:27 2001
+@@ -14,6 +14,7 @@
+ ]
+ [
+ [ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]] ]
++[\fB\-L\fP \fIloginpath\fP]
+ .SH DESCRIPTION
+ .I Klogind
+ is the server for the
+@@ -107,6 +108,10 @@
+ Beta5 (May 1995)--present bogus checksums that prevent Kerberos
+ authentication from succeeding in the default mode.
+
++.IP \fB\-L\ loginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
++
+
+ .PP
+ If the
+@@ -157,12 +162,6 @@
+
+ .IP \fB\-M\ realm\fP
+ Set the Kerberos realm to use.
+-
+-.IP \fB\-L\ login\fP
+-Set the login program to use. This option only has an effect if
+-DO_NOT_USE_K_LOGIN was not defined when
+-.I klogind
+-was compiled.
+ .SH DIAGNOSTICS
+ All diagnostic messages are returned on the connection
+ associated with the
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::Makefile.in b/security/krb5-appl/files/patch-appl::telnet::telnetd::Makefile.in
new file mode 100644
index 000000000000..cb5a0e26d49d
--- /dev/null
+++ b/security/krb5-appl/files/patch-appl::telnet::telnetd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/telnet/telnetd/Makefile.in.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/Makefile.in Mon Dec 31 21:51:19 2001
+@@ -24,7 +24,7 @@
+ # @(#)Makefile.generic 5.5 (Berkeley) 3/1/91
+ #
+
+-AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN
++AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"/usr/bin/login\"
+ OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON
+ LOCALINCLUDES=-I.. -I$(srcdir)/..
+ DEFINES = $(AUTH_DEF) $(OTHERDEFS)
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.8 b/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.8
new file mode 100644
index 000000000000..951ee0d5692a
--- /dev/null
+++ b/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.8
@@ -0,0 +1,22 @@
+--- appl/telnet/telnetd/telnetd.8.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/telnetd.8 Mon Dec 31 21:16:55 2001
+@@ -43,7 +43,7 @@
+ [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
+ [\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
+ [\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
+-[\fB\-debug\fP [\fIport\fP]]
++[\fB\-debug\fP] [\fB\-L\fP \fIloginpath\fP] [\fIport\fP]
+ .SH DESCRIPTION
+ The
+ .B telnetd
+@@ -221,6 +221,10 @@
+ in response to a
+ .SM DO TIMING-MARK)
+ for kludge linemode support.
++.TP
++\fB\-L\fP \fIloginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
+ .TP
+ .B \-l
+ Specifies line mode. Tries to force clients to use line-at-a-time
diff --git a/security/krb5-appl/pkg-plist b/security/krb5-appl/pkg-plist
index df48394c37cf..5170610a1b3d 100644
--- a/security/krb5-appl/pkg-plist
+++ b/security/krb5-appl/pkg-plist
@@ -102,6 +102,7 @@ sbin/sserver
sbin/telnetd
sbin/uuserver
sbin/v5passwdd
+share/doc/krb5/README.FreeBSD
share/doc/krb5/admin.html
share/doc/krb5/admin_foot.html
share/doc/krb5/admin_toc.html
diff --git a/security/krb5/Makefile b/security/krb5/Makefile
index 7fac84161a4a..3a0bf189ab7f 100644
--- a/security/krb5/Makefile
+++ b/security/krb5/Makefile
@@ -7,11 +7,11 @@
PORTNAME= krb5
PORTVERSION= 1.2.2
-PORTREVISION= 4
+PORTREVISION= 5
CATEGORIES= security
MASTER_SITES= # manual download
-MAINTAINER= Cy.Schubert@uumail.gov.bc.ca
+MAINTAINER= cy@FreeBSD.org
BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
@@ -113,5 +113,15 @@ post-install:
${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST}
${RM} ${TMPPLIST}.new
.endif
+ @${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR} > ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${CHMOD} 444 ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${ECHO} "------------------------------------------------------"
+ @${ECHO} "This port of MIT Kerberos 5 includes remote login "
+ @${ECHO} "daemons (telnetd and klogind). These daemons default "
+ @${ECHO} "to using the system login program (/usr/bin/login). "
+ @${ECHO} "Please see the file "
+ @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD"
+ @${ECHO} "for more information. "
+ @${ECHO} "------------------------------------------------------"
.include <bsd.port.post.mk>
diff --git a/security/krb5/files/README.FreeBSD b/security/krb5/files/README.FreeBSD
new file mode 100644
index 000000000000..e888e689eb04
--- /dev/null
+++ b/security/krb5/files/README.FreeBSD
@@ -0,0 +1,32 @@
+The MIT KRB5 port provides its own login program at
+${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
+the FreeBSD login.conf and login.access files that provide a means of
+setting up and controlling sessions under FreeBSD. To overcome this,
+the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
+interactive login password authentication instead of the login.krb5
+program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
+not have support for Kerberos V password authentication,
+e.g. authentication at the console. The pam_krb5 port must be used to
+provide Kerberos V password authentication.
+
+For more information about pam_krb5, please see pam(8) and pam_krb5(8).
+
+If you wish to use login.krb5 that is provided by the MIT KRB5 port,
+the arguments "-L ${PREFIX}/sbin/login.krb5" must be
+specified as arguments to klogind and KRB5 telnetd, e.g.
+
+klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
+eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
+telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
+
+Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
+of the FreeBSD provided /usr/bin/login for local tty logins,
+"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
+
+default:\
+ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
+ :if=/etc/issue:\
+ :lo=${PREFIX}/sbin/login.krb5:
+
+It is recommended that the FreeBSD /usr/bin/login be used with the
+pam_krb5 port instead of the MIT KRB5 provided login.krb5.
diff --git a/security/krb5/files/patch-appl::bsd::Makefile.in b/security/krb5/files/patch-appl::bsd::Makefile.in
new file mode 100644
index 000000000000..603c399a287f
--- /dev/null
+++ b/security/krb5/files/patch-appl::bsd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/bsd/Makefile.in.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/Makefile.in Mon Dec 31 21:52:45 2001
+@@ -28,7 +28,7 @@
+ -DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\"
+
+ DEFINES = $(RSH) $(BSD) $(RPROGS) \
+- -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
++ -DLOGIN_PROGRAM=\"/usr/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
+
+ all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP)
+
diff --git a/security/krb5/files/patch-appl::bsd::klogind.M b/security/krb5/files/patch-appl::bsd::klogind.M
new file mode 100644
index 000000000000..1523c3d593df
--- /dev/null
+++ b/security/krb5/files/patch-appl::bsd::klogind.M
@@ -0,0 +1,34 @@
+--- appl/bsd/klogind.M.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/klogind.M Mon Dec 31 21:22:27 2001
+@@ -14,6 +14,7 @@
+ ]
+ [
+ [ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]] ]
++[\fB\-L\fP \fIloginpath\fP]
+ .SH DESCRIPTION
+ .I Klogind
+ is the server for the
+@@ -107,6 +108,10 @@
+ Beta5 (May 1995)--present bogus checksums that prevent Kerberos
+ authentication from succeeding in the default mode.
+
++.IP \fB\-L\ loginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
++
+
+ .PP
+ If the
+@@ -157,12 +162,6 @@
+
+ .IP \fB\-M\ realm\fP
+ Set the Kerberos realm to use.
+-
+-.IP \fB\-L\ login\fP
+-Set the login program to use. This option only has an effect if
+-DO_NOT_USE_K_LOGIN was not defined when
+-.I klogind
+-was compiled.
+ .SH DIAGNOSTICS
+ All diagnostic messages are returned on the connection
+ associated with the
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::Makefile.in b/security/krb5/files/patch-appl::telnet::telnetd::Makefile.in
new file mode 100644
index 000000000000..cb5a0e26d49d
--- /dev/null
+++ b/security/krb5/files/patch-appl::telnet::telnetd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/telnet/telnetd/Makefile.in.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/Makefile.in Mon Dec 31 21:51:19 2001
+@@ -24,7 +24,7 @@
+ # @(#)Makefile.generic 5.5 (Berkeley) 3/1/91
+ #
+
+-AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN
++AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"/usr/bin/login\"
+ OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON
+ LOCALINCLUDES=-I.. -I$(srcdir)/..
+ DEFINES = $(AUTH_DEF) $(OTHERDEFS)
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::telnetd.8 b/security/krb5/files/patch-appl::telnet::telnetd::telnetd.8
new file mode 100644
index 000000000000..951ee0d5692a
--- /dev/null
+++ b/security/krb5/files/patch-appl::telnet::telnetd::telnetd.8
@@ -0,0 +1,22 @@
+--- appl/telnet/telnetd/telnetd.8.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/telnetd.8 Mon Dec 31 21:16:55 2001
+@@ -43,7 +43,7 @@
+ [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
+ [\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
+ [\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
+-[\fB\-debug\fP [\fIport\fP]]
++[\fB\-debug\fP] [\fB\-L\fP \fIloginpath\fP] [\fIport\fP]
+ .SH DESCRIPTION
+ The
+ .B telnetd
+@@ -221,6 +221,10 @@
+ in response to a
+ .SM DO TIMING-MARK)
+ for kludge linemode support.
++.TP
++\fB\-L\fP \fIloginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
+ .TP
+ .B \-l
+ Specifies line mode. Tries to force clients to use line-at-a-time
diff --git a/security/krb5/pkg-plist b/security/krb5/pkg-plist
index df48394c37cf..5170610a1b3d 100644
--- a/security/krb5/pkg-plist
+++ b/security/krb5/pkg-plist
@@ -102,6 +102,7 @@ sbin/sserver
sbin/telnetd
sbin/uuserver
sbin/v5passwdd
+share/doc/krb5/README.FreeBSD
share/doc/krb5/admin.html
share/doc/krb5/admin_foot.html
share/doc/krb5/admin_toc.html