[pkgsrc/trunk]: pkgsrc/chat/prosody prosody: support Lua 5.4 and improve secu...

[khorben <khorben%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/3d91ec49d99b
branches:  trunk
changeset: 383080:3d91ec49d99b
user:      khorben <khorben%pkgsrc.org@localhost>
date:      Thu Aug 11 15:41:30 2022 +0000

description:
prosody: support Lua 5.4 and improve security

The changes here are:

* prosody can be built with Lua 5.4 (as recommended since the 0.12
  series), also thanks to lua-unbound being available for Lua 5.4
* the prosody user's home directory is back to the default /nonexistent
  (prosody finds its own data directory nonetheless, as it is a
  compile-time option)
* the corresponding directories created (data directory, PID directory,
  logging) do not seem to actually require write access (or not anymore)

These last two changes together get rid of the security report "user
prosody home directory is group writable" from the daily insecurity
checks on NetBSD.

Tested on NetBSD/amd64.

diffstat:

 chat/prosody/Makefile |  12 ++++++------
 1 files changed, 6 insertions(+), 6 deletions(-)

diffs (42 lines):

diff -r 79a22da55982 -r 3d91ec49d99b chat/prosody/Makefile
--- a/chat/prosody/Makefile     Thu Aug 11 15:34:51 2022 +0000
+++ b/chat/prosody/Makefile     Thu Aug 11 15:41:30 2022 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.41 2022/07/27 01:53:40 khorben Exp $
+# $NetBSD: Makefile,v 1.42 2022/08/11 15:41:30 khorben Exp $
 
 DISTNAME=              prosody-0.12.1
+PKGREVISION=           1
 CATEGORIES=            chat
 MASTER_SITES=          https://prosody.im/downloads/source/
 
@@ -19,7 +20,7 @@
 USE_LANGUAGES=         c
 BUILD_DEFS+=           VARBASE
 
-LUA_VERSIONS_ACCEPTED= 52 51
+LUA_VERSIONS_ACCEPTED= 54 52 51
 
 .include "../../mk/bsd.prefs.mk"
 
@@ -29,9 +30,9 @@
 PROSODY_LOG?=          ${VARBASE}/log/prosody
 PROSODY_RUN?=          ${VARBASE}/run/prosody
 
-OWN_DIRS_PERMS+=       ${PROSODY_DATA} ${PROSODY_USER} ${PROSODY_GROUP} 0770
-OWN_DIRS_PERMS+=       ${PROSODY_LOG} ${PROSODY_USER} ${PROSODY_GROUP} 0770
-OWN_DIRS_PERMS+=       ${PROSODY_RUN} ${PROSODY_USER} ${PROSODY_GROUP} 0770
+OWN_DIRS_PERMS+=       ${PROSODY_DATA} ${PROSODY_USER} ${PROSODY_GROUP} 0750
+OWN_DIRS_PERMS+=       ${PROSODY_LOG} ${PROSODY_USER} ${PROSODY_GROUP} 0750
+OWN_DIRS_PERMS+=       ${PROSODY_RUN} ${PROSODY_USER} ${PROSODY_GROUP} 0750
 MAKE_DIRS+=            ${PKG_SYSCONFDIR}/certs
 
 PKG_USERS_VARS=                        PROSODY_USER
@@ -39,7 +40,6 @@
 PKG_GROUPS=                    ${PROSODY_GROUP}
 PKG_USERS=                     ${PROSODY_USER}:${PROSODY_GROUP}
 PKG_GECOS.${PROSODY_USER}=     Prosody daemon user
-PKG_HOME.${PROSODY_USER}=      ${PROSODY_DATA}
 PKG_SHELL.${PROSODY_USER}=     ${NOLOGIN}
 
 PKG_SYSCONFSUBDIR=     ${PKGBASE}