diff options
| -rw-r--r-- | GIDs | 2 | ||||
| -rw-r--r-- | UIDs | 2 | ||||
| -rw-r--r-- | UPDATING | 9 | ||||
| -rw-r--r-- | security/hitch/Makefile | 6 | ||||
| -rw-r--r-- | security/hitch/files/hitch.conf.sample | 4 | ||||
| -rw-r--r-- | security/hitch/files/hitch.in | 4 |
6 files changed, 18 insertions, 9 deletions
@@ -753,7 +753,7 @@ clickhouse:*:800: # free: 810 # free: 811 foreman_proxy:*:812: -# free: 813 +hitch:*:813: puppet:*:814: uchiwa:*:815: # free: 816 @@ -759,7 +759,7 @@ clickhouse:*:800:800::0:0:ClickHouse Daemon:/var/db/clickhouse:/usr/sbin/nologin # free: 810 # free: 811 foreman_proxy:*:812:812::0:0:Foreman Smart Proxy:/usr/local/share/foreman-proxy:/usr/sbin/nologin -# free: 813 +hitch:*:813:813::0:0:Hitch TLS Proxy:/nonexistent:/usr/sbin/nologin puppet:*:814:814::0:0:Puppet Daemon:/nonexistent:/usr/sbin/nologin uchiwa:*:815:815::0:0:Uchiwa Dashboard:/nonexistent:/usr/sbin/nologin # free: 816 @@ -5,6 +5,15 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20181018: + AFFECTS: users of security/hitch + AUTHOR: zi@FreeBSD.org + + Hitch has been updated to run as the hitch user/group, instead of the + previous default of nobody/nobody. You should review your hitch + configuration to ensure that everything has been updated to reflect + this change. + 20181014: AFFECTS: users of sysutils/ansible AUTHOR: lifanov@FreeBSD.org diff --git a/security/hitch/Makefile b/security/hitch/Makefile index 3954df6bfdaf..38962c9a0e5a 100644 --- a/security/hitch/Makefile +++ b/security/hitch/Makefile @@ -3,7 +3,7 @@ PORTNAME= hitch PORTVERSION= 1.4.8 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= http://hitch-tls.org/source/ \ ZI @@ -16,8 +16,8 @@ LICENSE= BSD2CLAUSE BUILD_DEPENDS= rst2man:textproc/py-docutils LIB_DEPENDS= libev.so:devel/libev -USERS= nobody -GROUPS= nobody +USERS= hitch +GROUPS= hitch USES= pkgconfig ssl GNU_CONFIGURE= yes diff --git a/security/hitch/files/hitch.conf.sample b/security/hitch/files/hitch.conf.sample index 8c10a1936305..10d74f64cdc5 100644 --- a/security/hitch/files/hitch.conf.sample +++ b/security/hitch/files/hitch.conf.sample @@ -68,12 +68,12 @@ chroot = "" # Set uid after binding a socket # # type: string -user = "nobody" +user = "hitch" # Set gid after binding a socket # # type: string -group = "nobody" +group = "hitch" # Quiet execution, report only error messages # diff --git a/security/hitch/files/hitch.in b/security/hitch/files/hitch.in index f393160da4f2..9d74e76d2258 100644 --- a/security/hitch/files/hitch.in +++ b/security/hitch/files/hitch.in @@ -30,8 +30,8 @@ load_rc_config $name : ${hitch_enable="NO"} : ${hitch_config="%%PREFIX%%/etc/hitch.conf"} -: ${hitch_huser:=nobody} -: ${hitch_hgroup:=nobody} +: ${hitch_huser:=hitch} +: ${hitch_hgroup:=hitch} command="%%PREFIX%%/sbin/hitch" command_args="--daemon -u ${hitch_huser} -g ${hitch_hgroup} -s --config=${hitch_config}" |