Suggestions on how to deal with architecture detection for pam authentication in pure-ftpd

Ryan Schmidt ryandesign at macports.org
Sat May 1 10:35:27 PDT 2010 

On Apr 30, 2010, at 16:08, Scott Haneda wrote:

> I needed to add a variant to the Pure-FTPd port that I am maintaining.  There is a feature called uploadscript, which will allow a script to be run after any upload action is taken.  This can be handy for triggering ftp maintenance, or, in the case I am now considering, passing the uploaded files to clamAV and having them scanned to be sure they are not malicious.
> 
> Regardless of how it is used, it is one of few configure configure args that I do not have a variant for at all.
> 
> I altered the Portfile to add this:
> variant uploadscript description "Configures ${name} to support post processing of uploaded files" {
>    configure.args-append --with-uploadscript
> }
> 
> Does that look correct?  

It looks like the variant appends the configure argument "--with-uploadscript", so if that's what you want it to do, then it looks correct.


> I am able to build with successfully with +uploadscript.  Using -d I was able to see if the configure.arg was appended.  Is there any way, post installation of a port, to see what the exact install command was, as well as what the resulting configure command was?

Not that I'm aware of. But MacPorts 1.9.0 will have logging and I believe the logs are preserved after the port is installed, so if you're already running MacPorts from trunk, you could find the configure args in the log.


> At the very least, I need to test 10.5 PPC and Intel.  I have a feeling 10.5 is going to use "pam_securityserver.so".  However, this worked at one point on 10.6 Intel as far as I remember.  This leads me to believe a change was made by Apple within the 10.6 release cycle.  If anyone has a 10.6.0 install and can tell me the contents of /etc/pam.d/ftpd that would answer if this is a change within the 10.6 lifecycle or not.

On 10.6.3:

# login: auth account password session
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so


> How do I figure out the chronology of pam_securityserver.so and pam_opendirectory.so?  I also know that it should not be too hard to conditionally decide which .sample file to copy in for the user based on the major version, ie: 10.5 or 10.6 PPC or Intel, if CPU architecture even matters.  But if this turns out to be a change in minor dot releases of 10.6, I do not know how to detect that granularity in MacPorts.

You can use the ${os.version} variable and the rpm-vercomp procedure. See the xinit port for an example; it has special step it only runs on 10.6.3 and later.

http://guide.macports.org/chunked/reference.variables.html

More information about the macports-dev mailing list