ports-mgmt/portsnap: Resurrect

portsnap will be removed from the base from 14.0-RELEASE onwards. To facilitate usage of portsnap from 14.0-RELEASE onwards extract portsnap from base and create seperate port. Portsnap is a system for securely updating the ports tree by distributing signed compressed snapshots. This is the client half of that system; it downloads compressed snapshots into /usr/local/portsnap ("portsnap fetch") and uses those to extract a ports tree into /usr/ports ("portsnap extract") or update an existing tree ("portsnap update"). In addition to operating entirely over HTTP, portsnap can use under a tenth of the bandwidth required by CVSup if a copy of the ports tree is being updated every few days. Approved by: portmgr
2023-04-09 18:34:31 +02:00 · 2023-04-09 18:34:31 +02:00 · 0e9127b12d
commit 0e9127b12d
parent 19c5ede3df
12 changed files with 1039 additions and 1 deletions
--- a/1
+++ b/1
@ -390,7 +390,6 @@ java/ecj-bootstrap||2009-01-06|Removed
 emulators/mupen64plus-sound||2009-01-06|No supported anymore by mupen64plus team
 misc/heyu||2009-01-07|Has expired: no longer under development, use misc/heyu2
 sysutils/pkill||2009-01-07|Part of the base system since FreeBSD 5.3
-ports-mgmt/portsnap||2009-01-07|Part of the base system since FreeBSD 5.5
 lang/py-compiler||2009-01-08|Included with Python since 2.2
 net/nvnet||2009-01-08|Part of the base system since FreeBSD 6.0
 security/openssl-beta|security/openssl|2009-01-09|Removed
--- a/ports-mgmt/Makefile
+++ b/ports-mgmt/Makefile
@ -60,6 +60,7 @@
    SUBDIR += portsearch
    SUBDIR += portshaker
    SUBDIR += portshaker-config
+    SUBDIR += portsnap
    SUBDIR += portsreinstall
    SUBDIR += porttools
    SUBDIR += porttree
--- a/ports-mgmt/portsnap/Makefile
+++ b/ports-mgmt/portsnap/Makefile
@ -0,0 +1,41 @@
+PORTNAME=	portsnap
+PORTVERSION=	1.1
+PORTREVISION=	1
+CATEGORIES=	ports-mgmt net
+MASTER_SITES=	http://www.daemonology.net/portsnap/
+
+MAINTAINER=	bofh@FreBSD.org
+COMMENT=	Provides secure snapshots of the ports directory
+WWW=		http://www.daemonology.net/portsnap/
+
+LICENSE=	BSD2CLAUSE
+
+SUB_FILES=		pkg-message
+
+PLIST_FILES=	"@sample etc/portsnap.conf.sample" \
+				libexec/make_index \
+				sbin/portsnap \
+				man/man5/portsnap.conf.5.gz \
+				man/man8/portsnap.8.gz
+
+.include <bsd.port.pre.mk>
+
+.if ${OPSYS} == FreeBSD && ${OSVERSION} < 1500000
+IGNORE=	portsnap is in base systems but will be removed from 14.0-RELEASE
+.endif
+
+post-patch:
+	${REINPLACE_CMD} -e "s,%%PREFIX%%,${PREFIX},g" \
+		${WRKSRC}/portsnap \
+		${WRKSRC}/portsnap.conf.5 \
+		${WRKSRC}/portsnap.8
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/portsnap ${STAGEDIR}/${PREFIX}/sbin
+	${INSTALL_PROGRAM} ${WRKSRC}/make_index ${STAGEDIR}/${PREFIX}/libexec
+	${INSTALL_MAN} ${WRKSRC}/portsnap.conf.5 ${STAGEDIR}/${PREFIX}/man/man5/
+	${INSTALL_MAN} ${WRKSRC}/portsnap.8 ${STAGEDIR}/${PREFIX}/man/man8/
+	${INSTALL_DATA} ${WRKSRC}/portsnap.conf		\
+		${STAGEDIR}/${PREFIX}/etc/portsnap.conf.sample
+
+.include <bsd.port.post.mk>
--- a/ports-mgmt/portsnap/distinfo
+++ b/ports-mgmt/portsnap/distinfo
@ -0,0 +1,3 @@
+TIMESTAMP = 1681052114
+SHA256 (portsnap-1.1.tar.gz) = 08bf6db8738d5c4fe757737d97366e7e899a6d0cfb244a46055f97f4b116b36c
+SIZE (portsnap-1.1.tar.gz) = 20875
--- a/ports-mgmt/portsnap/files/patch-Makefile
+++ b/ports-mgmt/portsnap/files/patch-Makefile
@ -0,0 +1,12 @@
+--- Makefile.orig	2023-04-09 15:24:50 UTC
+++ Makefile
+@@ -1,8 +1,6 @@
+-all:		make_index phttpget
+all:		make_index
+ 
+ make_index:	make_index.c
+-
+-phttpget:	phttpget.c
+ 
+ install:
+ 	install -m 555 portsnap /usr/local/sbin
--- a/ports-mgmt/portsnap/files/patch-make__index.c
+++ b/ports-mgmt/portsnap/files/patch-make__index.c
@ -0,0 +1,18 @@
+--- make_index.c.orig	2023-04-09 15:19:46 UTC
+++ make_index.c
+@@ -1,4 +1,6 @@
+ /*-
+ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+ *
+  * Copyright 2005 Colin Percival
+  * All rights reserved
+  *
+@@ -25,7 +27,7 @@
+  */
+ 
+ #include <sys/cdefs.h>
+-__FBSDID("$FreeBSD: src/usr.sbin/portsnap/make_index/make_index.c,v 1.5 2005/12/01 22:14:44 cperciva Exp $");
+__FBSDID("$FreeBSD$");
+ 
+ #include <err.h>
+ #include <stdio.h>
--- a/ports-mgmt/portsnap/files/patch-portsnap
+++ b/ports-mgmt/portsnap/files/patch-portsnap
--- a/ports-mgmt/portsnap/files/patch-portsnap.8
+++ b/ports-mgmt/portsnap/files/patch-portsnap.8
@ -0,0 +1,183 @@
+--- portsnap.8.orig	2006-05-26 23:21:29 UTC
+++ portsnap.8
+@@ -23,9 +23,9 @@
+ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ .\" POSSIBILITY OF SUCH DAMAGE.
+ .\"
+-.\" $FreeBSD: src/usr.sbin/portsnap/portsnap/portsnap.8,v 1.9 2006/05/13 18:04:48 cperciva Exp $
+.\" $FreeBSD$
+ .\"
+-.Dd August 13, 2005
+.Dd July 1, 2018
+ .Dt PORTSNAP 8
+ .Os FreeBSD
+ .Sh NAME
+@@ -50,20 +50,25 @@ of the
+ .Fx
+ ports tree, and extract and update an
+ uncompressed ports tree.
+.Pp
+In a normal update operation,
+.Nm
+will routinely restore modified files to their unmodified state and
+delete unrecognized local files.
+ .Sh OPTIONS
+ The following options are supported:
+ .Bl -tag -width "-f conffile"
+ .It Fl d Ar workdir
+-Store working files (e.g. downloaded updates) in
+Store working files (e.g.\& downloaded updates) in
+ .Ar workdir .
+ (default:
+-.Pa $PREFIX/portsnap ,
+.Pa /var/db/portsnap ,
+ or as given in the configuration file.)
+ .It Fl f Ar conffile
+-Read the configuration from from
+Read the configuration from
+ .Ar conffile .
+ (default:
+-.Pa $PREFIX/etc/portsnap.conf )
+.Pa %%PREFIX%%/etc/portsnap.conf )
+ .It Fl I
+ For the
+ .Cm update
+@@ -72,7 +77,7 @@ command, update INDEX files, but not the rest of the p
+ Expect a public key with given SHA256 hash.
+ (default: read value from configuration file.)
+ .It Fl l Ar descfile
+-Merge the specified local describes file into the INDEX files being 
+Merge the specified local describes file into the INDEX files being
+ built.
+ The
+ .Ar descfile
+@@ -88,25 +93,30 @@ operate on the directory
+ or as given in the configuration file.)
+ .It Fl s Ar server
+ Fetch files from the specified server or server pool.
+-(default: portsnap.FreeBSD.org , or as given in the
+(default: portsnap.FreeBSD.org, or as given in the
+ configuration file.)
+ .It path
+ For
+ .Cm extract
+ command only, operate only on parts of the ports tree starting with
+ .Ar path .
+-(e.g.
+(e.g.\&
+ .Nm
+-.cm extract
+.Cm extract
+ .Ar sysutils/port
+ would extract sysutils/portsman, sysutils/portsnap,
+ sysutils/portupgrade, etc.)
+.It Fl Fl interactive
+override auto-detection of calling process.
+Only use this when calling portsnap from an
+.Sy interactive, non-terminal application.
+(Cron jobs are particularly bad since they cause
+load spikes on the Portsnap mirrors.)
+ .El
+ .Sh COMMANDS
+ The
+ .Cm command
+ can be any one of the following:
+-.Pp
+ .Bl -tag -width "-f conffile"
+ .It fetch
+ Fetch a compressed snapshot of the ports tree, or update
+@@ -151,21 +161,52 @@ or
+ commands.
+ Again, note that in the parts of the ports tree which are being
+ updated, any local changes or additions will be removed.
+.It auto
+Run
+.Cm fetch
+or
+.Cm cron
+depending on whether stdin is a terminal; then run
+.Cm update
+or
+.Cm extract
+depending on whether
+.Ar portsdir
+exists.
+ .El
+ .Sh TIPS
+ .Bl -bullet
+ .It
+ If your clock is set to local time, adding the line
+ .Pp
+-.Dl 0 3 * * * root /usr/local/sbin/portsnap cron
+.Dl 0 3 * * * root %%PREFIX%%/sbin/portsnap cron
+ .Pp
+-to /etc/crontab is a good way to make sure you always have
+to
+.Pa /etc/crontab
+is a good way to make sure you always have
+ an up-to-date snapshot of the ports tree available which
+ can quickly be extracted into
+ .Pa /usr/ports .
+ If your clock is set to UTC, please pick a random time other
+ than 3AM, to avoid overly imposing an uneven load on the
+ server(s) hosting the snapshots.
+.Pp
+Note that running
+.Nm
+.Cm cron
+or
+.Nm
+.Cm fetch
+does not apply the changes that were received: they only download
+them.
+To apply the changes, you must follow these commands with
+.Nm
+.Cm update .
+The
+.Nm
+.Cm update
+command is normally run by hand at a time when you are sure that
+no one is manually working in the ports tree.
+ .It
+ Running
+ .Nm
+@@ -183,7 +224,7 @@ However, running
+ .Fl I
+ .Cm update
+ is probably safe, and can be used together with
+-.Xr portversion 1
+.Xr pkg-version 8
+ to identify installed software which is out of date.
+ .It
+ If you wish to use
+@@ -206,22 +247,22 @@ of files are not needed by any particular client.
+ .Sh PRIVACY NOTICE
+ As an unavoidable part of its operation, a machine running
+ .Nm
+-will make its public IP address and the list of files it fetches 
+will make its public IP address and the list of files it fetches
+ available to the server from which it fetches updates.
+-Using these it may be possible to recognize a machine over an extended 
+-period of time, determine when it is updated, and identify which 
+-portions of the FreeBSD ports tree, if any, are being ignored using 
+Using these it may be possible to recognize a machine over an extended
+period of time, determine when it is updated, and identify which
+portions of the FreeBSD ports tree, if any, are being ignored using
+ "REFUSE" directives in
+ .Pa portsnap.conf .
+ .Pp
+-Statistical data generated from information collected in this manner 
+Statistical data generated from information collected in this manner
+ may be published, but only in aggregate and after anonymizing the
+ individual systems.
+ .Sh FILES
+-.Bl -tag -width "$PREFIX/etc/portsnap.conf"
+-.It $PREFIX/etc/portsnap.conf
+.Bl -tag -width "%%PREFIX%%/etc/portsnap.conf"
+.It %%PREFIX%%/etc/portsnap.conf
+ Default location of the portsnap configuration file.
+-.It $PREFIX/portsnap
+.It /var/db//portsnap
+ Default location where compressed snapshots are stored.
+ .It /usr/ports
+ Default location where the ports tree is extracted.
--- a/ports-mgmt/portsnap/files/patch-portsnap.conf
+++ b/ports-mgmt/portsnap/files/patch-portsnap.conf
@ -0,0 +1,21 @@
+--- portsnap.conf.orig	2023-04-09 15:47:31 UTC
+++ portsnap.conf
+@@ -1,7 +1,7 @@
+-# $FreeBSD: src/etc/portsnap.conf,v 1.3 2006/01/18 03:40:57 cperciva Exp $
+# $FreeBSD$
+ 
+ # Default directory where compressed snapshots are stored.
+-# WORKDIR=/usr/local/portsnap
+# WORKDIR=/var/db/portsnap
+ 
+ # Default location of the ports tree (target for "update" and "extract").
+ # PORTSDIR=/usr/ports
+@@ -28,3 +28,8 @@ KEYPRINT=9b5feee6d69f170e3dd0a2c8e469ddbd64f13f978f2f3
+ #
+ # REFUSE arabic chinese french german hebrew hungarian japanese
+ # REFUSE korean polish portuguese russian ukrainian vietnamese
+
+# List of INDEX files to build and the DESCRIBE file to use for each
+#INDEX INDEX-12 DESCRIBE.12
+#INDEX INDEX-13 DESCRIBE.13
+#INDEX INDEX-14 DESCRIBE.14
--- a/ports-mgmt/portsnap/files/patch-portsnap.conf.5
+++ b/ports-mgmt/portsnap/files/patch-portsnap.conf.5
@ -0,0 +1,65 @@
+--- portsnap.conf.5.orig	2006-05-26 23:20:32 UTC
+++ portsnap.conf.5
+@@ -23,7 +23,7 @@
+ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ .\" POSSIBILITY OF SUCH DAMAGE.
+ .\"
+-.\" $FreeBSD: src/share/man/man5/portsnap.conf.5,v 1.2 2005/09/06 19:28:37 cperciva Exp $
+.\" $FreeBSD$
+ .\"
+ .Dd January 30, 2005
+ .Dt PORTSNAP.CONF 5
+@@ -68,7 +68,8 @@ snapshot of the ports tree.
+ This is equivalent to the
+ .Fl d Ar workdir
+ option to
+-.Xr portsnap 8 , and will be ignored if the command-line option
+.Xr portsnap 8 ,
+and will be ignored if the command-line option
+ is used.
+ .Pp
+ A line of the form
+@@ -82,13 +83,21 @@ commands.
+ This is equivalent to the
+ .Fl p Ar portsdir
+ option to
+-.Xr portsnap 8 , and will be ignored if the command-line option
+.Xr portsnap 8 ,
+and will be ignored if the command-line option
+ is used.
+ .Pp
+ If more than one line of any of the above forms is included in
+ .Nm
+ then only the last one will take effect.
+ .Pp
+A line of the form
+.Dl INDEX INDEXFILE DESCRIBEFILE
+will instruct
+.Xr portsnap 8
+that the specified INDEX file is generated from the specified
+describe file distributed by the portsnap server.
+.Pp
+ Finally, a line of the form
+ .Dl REFUSE foo bar
+ will instruct
+@@ -123,14 +132,14 @@ supported and may cause unexpected results.
+ .Pp
+ Any lines not of the above forms will be ignored.
+ .Sh FILES
+-.Bl -tag -width "$PREFIX/portsnap.conf"
+-.It $PREFIX/portsnap.conf
+.Bl -tag -width "%%PREFIX%%/etc/portsnap.conf"
+.It Pa %%PREFIX%/etc/portsnap.conf
+ Default location of the portsnap configuration file.
+ .El
+ .Sh SEE ALSO
+-.Xr egrep 1
+-.Xr fetch 1
+.Xr egrep 1 ,
+.Xr fetch 1 ,
+.Xr sha256 1 ,
+ .Xr portsnap 8
+-.Xr sha256 8
+ .Sh AUTHORS
+-.An Colin Percival Aq cperciva@FreeBSD.org
+.An Colin Percival Aq Mt cperciva@FreeBSD.org
--- a/ports-mgmt/portsnap/files/pkg-message.in
+++ b/ports-mgmt/portsnap/files/pkg-message.in
@ -0,0 +1,28 @@
+[
+{ type: install
+  message: <<EOM
+Before you can use portsnap, you will have to create an update configuration
+file specifying the server from which to fetch snapshots and the sha256 hash
+of the openssl public key which is trusted to sign the snapshots.
+
+A sample configuration file has been installed in
+
+  %%PREFIX%%/etc/portsnap.conf.sample
+
+which will fetch snapshots built and signed by the author.  If you want to
+use these updates, copy that file to
+
+  %%PREFIX%%/etc/portsnap.conf
+
+otherwise, create that file as appropriate.
+EOM
+}
+{
+  type: upgrade
+  maximum_version: "0.3.2"
+  message: <<EOM
+The structure of the portsnap configuration file has changed; you will
+have to replace your existing portsnap.conf with a new version.
+EOM
+}
+]
--- a/ports-mgmt/portsnap/pkg-descr
+++ b/ports-mgmt/portsnap/pkg-descr
@ -0,0 +1,13 @@
+Portsnap is a system for securely updating the ports tree by
+distributing signed compressed snapshots.  This is the client
+half of that system; it downloads compressed snapshots into
+/usr/local/portsnap ("portsnap fetch") and uses those to extract
+a ports tree into /usr/ports ("portsnap extract") or update an
+existing tree ("portsnap update").
+
+In addition to operating entirely over HTTP, portsnap can use under
+a tenth of the bandwidth required by CVSup if a copy of the ports
+tree is being updated every few days.
+
+- Colin Percival
+cperciva@daemonology.net