aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Price <steve@FreeBSD.org>2000-01-24 05:22:22 +0000
committerSteve Price <steve@FreeBSD.org>2000-01-24 05:22:22 +0000
commitb901a9df679c70a345a12e673c67a68785730fc0 (patch)
tree1a717e1dc04b240ad8bd5ff42de629200fed8fd2
parentcece4cac83a51884228bf4f4d3ff7e6ef26707d1 (diff)
downloadports-b901a9df679c70a345a12e673c67a68785730fc0.tar.gz
ports-b901a9df679c70a345a12e673c67a68785730fc0.zip
Notes
-rw-r--r--security/cyrus-sasl/Makefile40
-rw-r--r--security/cyrus-sasl/distinfo2
-rw-r--r--security/cyrus-sasl/files/patch-ab31
-rw-r--r--security/cyrus-sasl/files/pwcheck.sh5
-rw-r--r--security/cyrus-sasl/pkg-install73
-rw-r--r--security/cyrus-sasl/pkg-message4
-rw-r--r--security/cyrus-sasl/pkg-plist13
-rw-r--r--security/cyrus-sasl2/Makefile40
-rw-r--r--security/cyrus-sasl2/distinfo2
-rw-r--r--security/cyrus-sasl2/files/patch-ab31
-rw-r--r--security/cyrus-sasl2/files/pwcheck.sh5
-rw-r--r--security/cyrus-sasl2/pkg-install73
-rw-r--r--security/cyrus-sasl2/pkg-message4
-rw-r--r--security/cyrus-sasl2/pkg-plist13
14 files changed, 230 insertions, 106 deletions
diff --git a/security/cyrus-sasl/Makefile b/security/cyrus-sasl/Makefile
index 298e22de1bfb..a97f3cbe1ecd 100644
--- a/security/cyrus-sasl/Makefile
+++ b/security/cyrus-sasl/Makefile
@@ -17,7 +17,7 @@ MAINTAINER= hetzels@westbend.net
BUILD_DEPENDS= openssl:${PORTSDIR}/security/openssl
LIB_DEPENDS= crypto.1:${PORTSDIR}/security/openssl
-SASL_VER= 1.5.13
+SASL_VER= 1.5.15
RESTRICTED= "Contains cryptography"
@@ -35,27 +35,14 @@ CONFIGURE_ARGS= \
--with-dbpath=${PREFIX}/etc/sasldb \
--includedir=${PREFIX}/include/sasl \
--enable-static \
+ --enable-login \
+ --with-pwcheck=/var/pwcheck \
--with-rc4=openssl
.if defined(KRB5_HOME) && exists(${KRB5_HOME})
CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME}
.endif
-CONFIGURE_ARGS+= \
- --with-pwcheck=/var/pwcheck
-
-# --with-dbpath=PATH set the DB path to use [/etc/sasldb]
-# --with-pam=DIR use PAM (rooted in DIR) [yes]
-# --with-pwcheck=DIR enable use of the pwcheck daemonusing statedir DIR
-# --enable-cram enable CRAM-MD5 authentication [yes]
-# --enable-scram enable SCRAM-MD5 authentication [no]
-# --enable-digest enable DIGEST-MD5 authentication [yes]
-# --enable-krb4 enable KERBEROS_V4 authentication [yes]
-# --enable-gssapi enable GSSAPI authentication [yes]
-# --enable-anon enable ANONYMOUS authentication [yes]
-# --enable-plain enable PLAIN authentication [yes]
-# --with-rc4=DIR use rc4 (look in DIR) [yes]
-
DOCS= README README.Y2K TODO INSTALL ChangeLog NEWS
DOC2= draft-newman-auth-scram-03.txt \
@@ -65,11 +52,18 @@ DOC2= draft-newman-auth-scram-03.txt \
HTDOCS= index programming sysadmin
+# Create Cyrus user and group
+pre-install:
+ @${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL
+
post-install:
@${SETENV} OBJFORMAT=${PORTOBJFORMAT} ${LDCONFIG} -m ${PREFIX}/lib
-# ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
+ @${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
+ > ${PREFIX}/etc/rc.d/pwcheck.sh
+ @${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
+ ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
.if !defined(NOPORTDOCS)
- ${MKDIR} ${PREFIX}/share/doc/SASL/html
+ @${MKDIR} ${PREFIX}/share/doc/SASL/html
.for file in ${DOCS}
@${ECHO} share/doc/SASL/${file} >>${TMPPLIST}
@${INSTALL_DATA} ${WRKSRC}/${file} ${PREFIX}/share/doc/SASL
@@ -79,19 +73,19 @@ post-install:
@${INSTALL_DATA} ${WRKSRC}/doc/${file} ${PREFIX}/share/doc/SASL
.endfor
.for file in ${HTDOCS}
- ${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
+ @${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
@${ECHO} share/doc/SASL/html/${file}.html >>${TMPPLIST}
.endfor
@${ECHO} "@dirrm share/doc/SASL/html" >>${TMPPLIST}
@${ECHO} "@dirrm share/doc/SASL" >>${TMPPLIST}
.endif
.if !defined(KRB5_HOME) || !exists(${KRB5_HOME})
- ${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
- ${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+ @${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+ @${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
.endif
.if !defined(MAKE_EBONES) || exists(/usr/lib/libkrb.a)
- ${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
- ${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+ @${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+ @${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
.endif
.include <bsd.port.mk>
diff --git a/security/cyrus-sasl/distinfo b/security/cyrus-sasl/distinfo
index 631e6eeef45f..d84401cee1a3 100644
--- a/security/cyrus-sasl/distinfo
+++ b/security/cyrus-sasl/distinfo
@@ -1 +1 @@
-MD5 (cyrus-sasl-1.5.13.tar.gz) = 6bfa1ac9f34d30e36cc827667f657521
+MD5 (cyrus-sasl-1.5.15.tar.gz) = a1c0f6ef22f34b0a2366e7ec70bdf705
diff --git a/security/cyrus-sasl/files/patch-ab b/security/cyrus-sasl/files/patch-ab
index 0b4cbade7bcf..7818e6664158 100644
--- a/security/cyrus-sasl/files/patch-ab
+++ b/security/cyrus-sasl/files/patch-ab
@@ -1,6 +1,6 @@
---- configure.in.orig Thu Dec 2 14:10:30 1999
-+++ configure.in Sat Dec 4 17:59:13 1999
-@@ -213,6 +213,7 @@
+--- configure.in.orig Thu Jan 13 23:00:16 2000
++++ configure.in Fri Jan 14 17:56:41 2000
+@@ -222,6 +222,7 @@
AC_CHECK_LIB(crypt, crypt,
LIB_CRYPT="-lcrypt"; cmu_have_crypt=yes,
cmu_have_crypt=no))
@@ -8,28 +8,3 @@
CMU_SOCKETS
-@@ -503,15 +504,22 @@
- with_rc4=no)
-
- if test "$with_rc4" = no; then
-+
-+ dnl if openssl has been compiled with the rsaref2 libraries,
-+ dnl we need to include the rsaref libraries in the crypto check
-+ LIB_RSAREF=""
-+ AC_CHECK_LIB(rsaref, RSAPublicEncrypt,
-+ LIB_RSAREF="-lRSAglue -lrsaref"; cmu_have_rsaref=yes,
-+ cmu_have_rsaref=no)
-+
- AC_CHECK_LIB(crypto, RC4_set_key,
- AC_CHECK_HEADER(openssl/rc4.h, [AC_DEFINE(WITH_SSL_RC4)
- LIB_RC4="-lcrypto";
- with_rc4="openssl"],
- AC_WARN([SSL: Disabling rc4 support]);
- with_rc4=no),
-- AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no)
-+ AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no, $LIB_RSAREF)
- fi
--
- LIBS="$cmu_save_LIBS"
- fi
-
diff --git a/security/cyrus-sasl/files/pwcheck.sh b/security/cyrus-sasl/files/pwcheck.sh
index 17c4597433bb..ba07b9fc580a 100644
--- a/security/cyrus-sasl/files/pwcheck.sh
+++ b/security/cyrus-sasl/files/pwcheck.sh
@@ -1,7 +1,9 @@
#!/bin/sh
#
+# $FreeBSD$
+#
-PREFIX=/usr/local
+PREFIX=%%PREFIX%%
case "$1" in
@@ -16,6 +18,7 @@ stop)
if [ -r /var/run/pwcheck.pid ]
then
kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
+ rm /var/run/pwcheck.pid
fi
;;
diff --git a/security/cyrus-sasl/pkg-install b/security/cyrus-sasl/pkg-install
new file mode 100644
index 000000000000..d008d0c8ac5a
--- /dev/null
+++ b/security/cyrus-sasl/pkg-install
@@ -0,0 +1,73 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+# Created by: stb@FreeBSD.org for the cyrus imap server
+# Added to the cyrus-sasl port by hetzel@westbend.net
+
+#set -vx
+
+#
+# create 'cyrus' user and group before installing
+#
+
+create() {
+ if [ ! -x /usr/sbin/pw ]; then
+ echo "*** Please add a user and a group named \`cyrus' before installing this package."
+ exit 69
+ fi
+
+ if ! pw show group cyrus -q >/dev/null; then
+ gid=60
+ while pw show group -g ${gid} -q >/dev/null; do
+ gid=`expr ${gid} + 1`
+ done
+ if ! pw add group cyrus -g ${gid}; then
+ e=$?
+ echo "*** Failed to add group \`cyrus'. Please add it manually."
+ exit ${e}
+ fi
+ echo "*** Added group \`cyrus' (id ${gid})"
+ else
+ gid=`pw show group cyrus 2>/dev/null | cut -d: -f3`
+ fi
+
+ if [ -x /sbin/nologin ]; then
+ shell=/sbin/nologin
+ else
+ shell=/nonexistent
+ fi
+ if ! pw show user cyrus -q >/dev/null; then
+ uid=60
+ while pw show user -u ${uid} -q >/dev/null; do
+ uid=`expr ${uid} + 1`
+ done
+ if ! pw add user cyrus -u ${uid} -g ${gid} -d "/nonexistent" \
+ -c "the cyrus mail server" -s "${shell}" -p "*" \
+ ; then
+ e=$?
+ echo "*** Failed to add user \`cyrus'. Please add it manually."
+ exit ${e}
+ fi
+ echo "*** Added user \`cyrus' (id ${uid})"
+ else
+ if ! pw mod user cyrus -g ${gid} -d "/nonexistent" \
+ -c "the cyrus mail server" -s "${shell}" -p "*" \
+ ; then
+ e=$?
+ echo "*** Failed to update user \`cyrus'."
+ exit ${e}
+ fi
+ echo "*** Updated user \`cyrus'."
+ fi
+ if ! pw group mod cyrus -m daemon; then
+ echo "*** can't add user \`daemon' to group \`cyrus'"
+ fi
+}
+
+case $2 in
+ PRE-INSTALL)
+ create
+ ;;
+
+esac
diff --git a/security/cyrus-sasl/pkg-message b/security/cyrus-sasl/pkg-message
new file mode 100644
index 000000000000..6f87cd3c393b
--- /dev/null
+++ b/security/cyrus-sasl/pkg-message
@@ -0,0 +1,4 @@
+Start the pwcheck program to have clients use the SASL libraries
+as a non-root user:
+
+ /usr/local/etc/rc.d/pwcheck.sh [start|stop]
diff --git a/security/cyrus-sasl/pkg-plist b/security/cyrus-sasl/pkg-plist
index 6c944edf1d6c..1c28d9a55a0f 100644
--- a/security/cyrus-sasl/pkg-plist
+++ b/security/cyrus-sasl/pkg-plist
@@ -1,3 +1,5 @@
+@unexec %D/etc/rc.d/pwcheck.sh stop ; echo " stopped."
+etc/rc.d/pwcheck.sh
include/sasl/hmac-md5.h
include/sasl/md5.h
include/sasl/md5global.h
@@ -25,8 +27,19 @@ lib/sasl/libgssapiv2.so.1
lib/sasl/libkerberos4.a
lib/sasl/libkerberos4.so
lib/sasl/libkerberos4.so.1
+lib/sasl/liblogin.a
+lib/sasl/liblogin.so
+lib/sasl/liblogin.so.0
lib/sasl/libplain.a
lib/sasl/libplain.so
lib/sasl/libplain.so.1
@dirrm lib/sasl
sbin/saslpasswd
+sbin/pwcheck
+@mode u=rwx,go=
+@exec mkdir /var/pwcheck
+@exec chown cyrus:cyrus /var/pwcheck
+@exec chmod go= /var/pwcheck
+@comment This file gets create by the pwcheck program
+@unexec rm -f /var/pwcheck/pwcheck
+@unexec rmdir /var/pwcheck
diff --git a/security/cyrus-sasl2/Makefile b/security/cyrus-sasl2/Makefile
index 298e22de1bfb..a97f3cbe1ecd 100644
--- a/security/cyrus-sasl2/Makefile
+++ b/security/cyrus-sasl2/Makefile
@@ -17,7 +17,7 @@ MAINTAINER= hetzels@westbend.net
BUILD_DEPENDS= openssl:${PORTSDIR}/security/openssl
LIB_DEPENDS= crypto.1:${PORTSDIR}/security/openssl
-SASL_VER= 1.5.13
+SASL_VER= 1.5.15
RESTRICTED= "Contains cryptography"
@@ -35,27 +35,14 @@ CONFIGURE_ARGS= \
--with-dbpath=${PREFIX}/etc/sasldb \
--includedir=${PREFIX}/include/sasl \
--enable-static \
+ --enable-login \
+ --with-pwcheck=/var/pwcheck \
--with-rc4=openssl
.if defined(KRB5_HOME) && exists(${KRB5_HOME})
CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME}
.endif
-CONFIGURE_ARGS+= \
- --with-pwcheck=/var/pwcheck
-
-# --with-dbpath=PATH set the DB path to use [/etc/sasldb]
-# --with-pam=DIR use PAM (rooted in DIR) [yes]
-# --with-pwcheck=DIR enable use of the pwcheck daemonusing statedir DIR
-# --enable-cram enable CRAM-MD5 authentication [yes]
-# --enable-scram enable SCRAM-MD5 authentication [no]
-# --enable-digest enable DIGEST-MD5 authentication [yes]
-# --enable-krb4 enable KERBEROS_V4 authentication [yes]
-# --enable-gssapi enable GSSAPI authentication [yes]
-# --enable-anon enable ANONYMOUS authentication [yes]
-# --enable-plain enable PLAIN authentication [yes]
-# --with-rc4=DIR use rc4 (look in DIR) [yes]
-
DOCS= README README.Y2K TODO INSTALL ChangeLog NEWS
DOC2= draft-newman-auth-scram-03.txt \
@@ -65,11 +52,18 @@ DOC2= draft-newman-auth-scram-03.txt \
HTDOCS= index programming sysadmin
+# Create Cyrus user and group
+pre-install:
+ @${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL
+
post-install:
@${SETENV} OBJFORMAT=${PORTOBJFORMAT} ${LDCONFIG} -m ${PREFIX}/lib
-# ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
+ @${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
+ > ${PREFIX}/etc/rc.d/pwcheck.sh
+ @${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
+ ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
.if !defined(NOPORTDOCS)
- ${MKDIR} ${PREFIX}/share/doc/SASL/html
+ @${MKDIR} ${PREFIX}/share/doc/SASL/html
.for file in ${DOCS}
@${ECHO} share/doc/SASL/${file} >>${TMPPLIST}
@${INSTALL_DATA} ${WRKSRC}/${file} ${PREFIX}/share/doc/SASL
@@ -79,19 +73,19 @@ post-install:
@${INSTALL_DATA} ${WRKSRC}/doc/${file} ${PREFIX}/share/doc/SASL
.endfor
.for file in ${HTDOCS}
- ${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
+ @${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
@${ECHO} share/doc/SASL/html/${file}.html >>${TMPPLIST}
.endfor
@${ECHO} "@dirrm share/doc/SASL/html" >>${TMPPLIST}
@${ECHO} "@dirrm share/doc/SASL" >>${TMPPLIST}
.endif
.if !defined(KRB5_HOME) || !exists(${KRB5_HOME})
- ${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
- ${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+ @${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+ @${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
.endif
.if !defined(MAKE_EBONES) || exists(/usr/lib/libkrb.a)
- ${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
- ${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+ @${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+ @${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
.endif
.include <bsd.port.mk>
diff --git a/security/cyrus-sasl2/distinfo b/security/cyrus-sasl2/distinfo
index 631e6eeef45f..d84401cee1a3 100644
--- a/security/cyrus-sasl2/distinfo
+++ b/security/cyrus-sasl2/distinfo
@@ -1 +1 @@
-MD5 (cyrus-sasl-1.5.13.tar.gz) = 6bfa1ac9f34d30e36cc827667f657521
+MD5 (cyrus-sasl-1.5.15.tar.gz) = a1c0f6ef22f34b0a2366e7ec70bdf705
diff --git a/security/cyrus-sasl2/files/patch-ab b/security/cyrus-sasl2/files/patch-ab
index 0b4cbade7bcf..7818e6664158 100644
--- a/security/cyrus-sasl2/files/patch-ab
+++ b/security/cyrus-sasl2/files/patch-ab
@@ -1,6 +1,6 @@
---- configure.in.orig Thu Dec 2 14:10:30 1999
-+++ configure.in Sat Dec 4 17:59:13 1999
-@@ -213,6 +213,7 @@
+--- configure.in.orig Thu Jan 13 23:00:16 2000
++++ configure.in Fri Jan 14 17:56:41 2000
+@@ -222,6 +222,7 @@
AC_CHECK_LIB(crypt, crypt,
LIB_CRYPT="-lcrypt"; cmu_have_crypt=yes,
cmu_have_crypt=no))
@@ -8,28 +8,3 @@
CMU_SOCKETS
-@@ -503,15 +504,22 @@
- with_rc4=no)
-
- if test "$with_rc4" = no; then
-+
-+ dnl if openssl has been compiled with the rsaref2 libraries,
-+ dnl we need to include the rsaref libraries in the crypto check
-+ LIB_RSAREF=""
-+ AC_CHECK_LIB(rsaref, RSAPublicEncrypt,
-+ LIB_RSAREF="-lRSAglue -lrsaref"; cmu_have_rsaref=yes,
-+ cmu_have_rsaref=no)
-+
- AC_CHECK_LIB(crypto, RC4_set_key,
- AC_CHECK_HEADER(openssl/rc4.h, [AC_DEFINE(WITH_SSL_RC4)
- LIB_RC4="-lcrypto";
- with_rc4="openssl"],
- AC_WARN([SSL: Disabling rc4 support]);
- with_rc4=no),
-- AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no)
-+ AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no, $LIB_RSAREF)
- fi
--
- LIBS="$cmu_save_LIBS"
- fi
-
diff --git a/security/cyrus-sasl2/files/pwcheck.sh b/security/cyrus-sasl2/files/pwcheck.sh
index 17c4597433bb..ba07b9fc580a 100644
--- a/security/cyrus-sasl2/files/pwcheck.sh
+++ b/security/cyrus-sasl2/files/pwcheck.sh
@@ -1,7 +1,9 @@
#!/bin/sh
#
+# $FreeBSD$
+#
-PREFIX=/usr/local
+PREFIX=%%PREFIX%%
case "$1" in
@@ -16,6 +18,7 @@ stop)
if [ -r /var/run/pwcheck.pid ]
then
kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
+ rm /var/run/pwcheck.pid
fi
;;
diff --git a/security/cyrus-sasl2/pkg-install b/security/cyrus-sasl2/pkg-install
new file mode 100644
index 000000000000..d008d0c8ac5a
--- /dev/null
+++ b/security/cyrus-sasl2/pkg-install
@@ -0,0 +1,73 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+# Created by: stb@FreeBSD.org for the cyrus imap server
+# Added to the cyrus-sasl port by hetzel@westbend.net
+
+#set -vx
+
+#
+# create 'cyrus' user and group before installing
+#
+
+create() {
+ if [ ! -x /usr/sbin/pw ]; then
+ echo "*** Please add a user and a group named \`cyrus' before installing this package."
+ exit 69
+ fi
+
+ if ! pw show group cyrus -q >/dev/null; then
+ gid=60
+ while pw show group -g ${gid} -q >/dev/null; do
+ gid=`expr ${gid} + 1`
+ done
+ if ! pw add group cyrus -g ${gid}; then
+ e=$?
+ echo "*** Failed to add group \`cyrus'. Please add it manually."
+ exit ${e}
+ fi
+ echo "*** Added group \`cyrus' (id ${gid})"
+ else
+ gid=`pw show group cyrus 2>/dev/null | cut -d: -f3`
+ fi
+
+ if [ -x /sbin/nologin ]; then
+ shell=/sbin/nologin
+ else
+ shell=/nonexistent
+ fi
+ if ! pw show user cyrus -q >/dev/null; then
+ uid=60
+ while pw show user -u ${uid} -q >/dev/null; do
+ uid=`expr ${uid} + 1`
+ done
+ if ! pw add user cyrus -u ${uid} -g ${gid} -d "/nonexistent" \
+ -c "the cyrus mail server" -s "${shell}" -p "*" \
+ ; then
+ e=$?
+ echo "*** Failed to add user \`cyrus'. Please add it manually."
+ exit ${e}
+ fi
+ echo "*** Added user \`cyrus' (id ${uid})"
+ else
+ if ! pw mod user cyrus -g ${gid} -d "/nonexistent" \
+ -c "the cyrus mail server" -s "${shell}" -p "*" \
+ ; then
+ e=$?
+ echo "*** Failed to update user \`cyrus'."
+ exit ${e}
+ fi
+ echo "*** Updated user \`cyrus'."
+ fi
+ if ! pw group mod cyrus -m daemon; then
+ echo "*** can't add user \`daemon' to group \`cyrus'"
+ fi
+}
+
+case $2 in
+ PRE-INSTALL)
+ create
+ ;;
+
+esac
diff --git a/security/cyrus-sasl2/pkg-message b/security/cyrus-sasl2/pkg-message
new file mode 100644
index 000000000000..6f87cd3c393b
--- /dev/null
+++ b/security/cyrus-sasl2/pkg-message
@@ -0,0 +1,4 @@
+Start the pwcheck program to have clients use the SASL libraries
+as a non-root user:
+
+ /usr/local/etc/rc.d/pwcheck.sh [start|stop]
diff --git a/security/cyrus-sasl2/pkg-plist b/security/cyrus-sasl2/pkg-plist
index 6c944edf1d6c..1c28d9a55a0f 100644
--- a/security/cyrus-sasl2/pkg-plist
+++ b/security/cyrus-sasl2/pkg-plist
@@ -1,3 +1,5 @@
+@unexec %D/etc/rc.d/pwcheck.sh stop ; echo " stopped."
+etc/rc.d/pwcheck.sh
include/sasl/hmac-md5.h
include/sasl/md5.h
include/sasl/md5global.h
@@ -25,8 +27,19 @@ lib/sasl/libgssapiv2.so.1
lib/sasl/libkerberos4.a
lib/sasl/libkerberos4.so
lib/sasl/libkerberos4.so.1
+lib/sasl/liblogin.a
+lib/sasl/liblogin.so
+lib/sasl/liblogin.so.0
lib/sasl/libplain.a
lib/sasl/libplain.so
lib/sasl/libplain.so.1
@dirrm lib/sasl
sbin/saslpasswd
+sbin/pwcheck
+@mode u=rwx,go=
+@exec mkdir /var/pwcheck
+@exec chown cyrus:cyrus /var/pwcheck
+@exec chmod go= /var/pwcheck
+@comment This file gets create by the pwcheck program
+@unexec rm -f /var/pwcheck/pwcheck
+@unexec rmdir /var/pwcheck