5 files changed, 27 insertions, 6 deletions

diff --git a/security/stunnel/Makefile b/security/stunnel/Makefile
index 6db2dad118db..ea08a6fc6780 100644
--- a/security/stunnel/Makefile
+++ b/security/stunnel/Makefile
@@ -16,7 +16,7 @@ LICENSE=	GPLv2 GPLv3
 LICENSE_COMB=	dual
 
 BROKEN_SSL=	libressl libressl-devel
-BROKEN_SSL_REASON=	Missing upstream support
+BROKEN_SSL_REASON=	missing upstream support
 
 USES=		cpe libtool perl5 shebangfix ssl
 USE_PERL5=	build
@@ -27,6 +27,10 @@ GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--localstatedir=/var/tmp --enable-static --disable-systemd \
 		--with-ssl="${OPENSSLBASE}"
 SHEBANG_FILES=	src/stunnel3.in
+SUB_FILES=	daemon.conf
+SUB_LIST=	STUNNEL_PIDFILE=${STUNNEL_PIDFILE} \
+		STUNNEL_USER=${STUNNEL_USER} \
+		STUNNEL_GROUP=${STUNNEL_GROUP}
 
 OPTIONS_DEFINE=			DOCS EXAMPLES FIPS IPV6 LIBWRAP
 OPTIONS_SINGLE=			THREAD
@@ -42,6 +46,7 @@ FORK_DESC=			Use the fork(3) threading model
 PTHREAD_DESC=			Use the pthread(3) threading model
 UCONTEXT_DESC=			Use the ucontext(3) threading model
 
+STUNNEL_PIDFILE=/var/run/stunnel/stunnel.pid
 STUNNEL_USER?=	stunnel
 STUNNEL_GROUP?=	stunnel
 
@@ -101,7 +106,7 @@ post-build:
 
 post-install:
 	${MKDIR} ${STAGEDIR}${ETCDIR}/conf.d/
-	${INSTALL_DATA} ${FILESDIR}/pid.conf ${STAGEDIR}${ETCDIR}/conf.d/00-pid.conf
+	${INSTALL_DATA} ${WRKDIR}/daemon.conf ${STAGEDIR}${ETCDIR}/conf.d/00-daemon.conf
 
 cert:
 	@${ECHO} ""
diff --git a/security/stunnel/files/daemon.conf.in b/security/stunnel/files/daemon.conf.in
new file mode 100644
index 000000000000..af40302a0927
--- /dev/null
+++ b/security/stunnel/files/daemon.conf.in
@@ -0,0 +1,3 @@
+pid = %%STUNNEL_PIDFILE%%
+setuid = %%STUNNEL_USER%%
+setgid = %%STUNNEL_GROUP%%
diff --git a/security/stunnel/files/pid.conf b/security/stunnel/files/pid.conf
deleted file mode 100644
index f2b23cc181bb..000000000000
--- a/security/stunnel/files/pid.conf
+++ /dev/null
@@ -1 +0,0 @@
-pid = /var/run/stunnel.pid
diff --git a/security/stunnel/files/stunnel.in b/security/stunnel/files/stunnel.in
index a36dd7eb01ed..0d90942e1827 100644
--- a/security/stunnel/files/stunnel.in
+++ b/security/stunnel/files/stunnel.in
@@ -13,9 +13,11 @@
 #				Set it to the full path to the config file
 #				that stunnel will use during the automated
 #				start-up.
-# stunnel_pidfile (str):	Default "%%PREFIX%%/var/stunnel/stunnel.pid"
+# stunnel_pidfile (str):	Default "%%STUNNEL_PIDFILE%%"
 #				Set it to the value of 'pid' in
 #				the stunnel.conf file.
+# stunnel_uid (str):		Default "%%STUNNEL_USER%%"
+# stunnel_gid (str):		Default "%%STUNNEL_GROUP%%"
 #
 
 . /etc/rc.subr
@@ -27,7 +29,9 @@ load_rc_config $name
 
 : ${stunnel_enable="NO"}
 : ${stunnel_config="%%ETCDIR%%/${name}.conf"}
-: ${stunnel_pidfile="/var/run/${name}.pid"}
+: ${stunnel_pidfile="%%STUNNEL_PIDFILE%%"}
+: ${stunnel_uid="%%STUNNEL_USER%%"}
+: ${stunnel_gid="%%STUNNEL_GROUP%%"}
 
 command="%%PREFIX%%/bin/stunnel"
 command_args=${stunnel_config}
@@ -35,4 +39,14 @@ pidfile=${stunnel_pidfile}
 
 required_files="${stunnel_config}"
 
+start_precmd=stunnel_start_precmd
+
+stunnel_start_precmd () {
+	local piddir
+	piddir=`/usr/bin/dirname "${pidfile}"`
+	if [ ! -d "${piddir}" ] ; then
+		/usr/bin/install -d -o "${stunnel_uid}" -g "${stunnel_gid}" "${piddir}"
+	fi
+}
+
 run_rc_command "$1"
diff --git a/security/stunnel/pkg-plist b/security/stunnel/pkg-plist
index f886b2582c5a..2e74830fd335 100644
--- a/security/stunnel/pkg-plist
+++ b/security/stunnel/pkg-plist
@@ -1,7 +1,7 @@
 bin/stunnel
 bin/stunnel3
 %%ETCDIR%%/stunnel.conf-sample
-%%ETCDIR%%/conf.d/00-pid.conf
+%%ETCDIR%%/conf.d/00-daemon.conf
 lib/stunnel/libstunnel.a
 lib/stunnel/libstunnel.so
 man/man8/stunnel.8.gz