From 7476b33479358958677810b1f1284260bbddb5bc Mon Sep 17 00:00:00 2001
From: Andy Fiddaman <illumos@fiddaman.net>
Date: Wed, 10 Apr 2024 16:34:00 +0000
Subject: [PATCH] squid: Fix man page locations, pinger setuid and directory
 layout

---
 build/squid/build.sh        | 33 ++++++++++++++++-----------------
 build/squid/files/exec_attr |  2 +-
 build/squid/files/squid     |  6 +++---
 build/squid/files/squid.xml |  2 +-
 build/squid/local.mog       | 20 ++++++++------------
 5 files changed, 29 insertions(+), 34 deletions(-)

diff --git a/build/squid/build.sh b/build/squid/build.sh
index bcf056de3..e6f117023 100755
--- a/build/squid/build.sh
+++ b/build/squid/build.sh
@@ -21,15 +21,16 @@ PROG=squid
 VER=6.9
 PKG=ooce/network/proxy/squid
 SUMMARY="Squid WEB Proxy"
-DESC="Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more."
+DESC="Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, "
+DESC+="and more."
 
 OPREFIX=$PREFIX
 PREFIX+=/$PROG
 CONFPATH=/etc$PREFIX
-LOGPATH=/var$PREFIX/logs
 VARPATH=/var$PREFIX
-RUNPATH=$LOGPATH
-PIDFILE=/var/run/squid.pid
+LOGPATH=$VARPATH/logs
+RUNPATH=$VARPATH/run
+PIDFILE=$RUNPATH/squid.pid
 
 set_arch 64
 
@@ -40,17 +41,16 @@ XFORM_ARGS="
     -DPKGROOT=$PROG
     -DUSER=squid
     -DGROUP=squid
-    -DPIDFILE=${PIDFILE}
+    -DPIDFILE=$PIDFILE
 "
 
 CONFIGURE_OPTS="
-    --sysconfdir=/etc${PREFIX}
-    --localstatedir=/var${PREFIX}
-    --with-swapdir=/var${PREFIX}/cache
-    --mandir=/usr/share/man
+    --sysconfdir=$CONFPATH
+    --localstatedir=$VARPATH
+    --with-swapdir=$VARPATH/cache
     --with-default-user=squid
-    --with-logdir=/var${PREFIX}/logs
-    --with-pidfile=${PIDFILE}
+    --with-logdir=$LOGPATH
+    --with-pidfile=$PIDFILE
     --enable-large-cache-files
     --disable-static
     --with-mit-krb5
@@ -105,22 +105,21 @@ CONFIGURE_OPTS="
 "
 
 CONFIGURE_OPTS[amd64]+="
-    --libdir=$PREFIX/lib/amd64
+    --libdir=$PREFIX/${LIBDIRS[amd64]}
 "
 
 CXXFLAGS+=" -Wno-unknown-pragmas -Wno-deprecated-declarations"
 export LIBLDAP_LIBS="-lldap -llber"
-export LIBLDAP_PATH="-L$OPREFIX/lib/amd64 "
-LDFLAGS[amd64]+=" -Wl,-z -Wl,ignore -L$OPREFIX/lib/amd64 -R$OPREFIX/lib/amd64"
+export LIBLDAP_PATH="-L$OPREFIX/${LIBDIRS[amd64]}"
+LDFLAGS[amd64]+=" -Wl,-z -Wl,ignore"
+LDFLAGS[amd64]+=" -L$OPREFIX/${LIBDIRS[amd64]} -R$OPREFIX/${LIBDIRS[amd64]}"
 
 init
 download_source $PROG $PROG $VER
 patch_source
 prep_build
 build
-for f in squid; do
-    xform files/$f > $TMPDIR/$f
-done
+xform files/$PROG > $TMPDIR/$PROG
 install_execattr
 install_smf -oocemethod ooce $PROG.xml $PROG
 make_package
diff --git a/build/squid/files/exec_attr b/build/squid/files/exec_attr
index df51dc4ae..c984bd290 100644
--- a/build/squid/files/exec_attr
+++ b/build/squid/files/exec_attr
@@ -1 +1 @@
-Forced Privilege:solaris:cmd:::/opt/ooce/squid/libexec/amd64/pinger:privs=net_icmpaccess
+Forced Privilege:solaris:cmd:::/$(PREFIX)/libexec/amd64/pinger:privs=net_icmpaccess
diff --git a/build/squid/files/squid b/build/squid/files/squid
index 0f94d1644..035a13e23 100644
--- a/build/squid/files/squid
+++ b/build/squid/files/squid
@@ -2,8 +2,8 @@
 
 source /lib/svc/share/smf_include.sh
 
-typeset -r SQUID_HOME=/$(PREFIX)
-typeset -r CONF_FILE=/etc${SQUID_HOME}/squid.conf
+typeset -r SQUID_HOME="/$(PREFIX)"
+typeset -r CONF_FILE="/etc${SQUID_HOME}/squid.conf"
 typeset -r SQUID="${SQUID_HOME}/sbin/squid"
 
 [[ ! -f ${CONF_FILE} ]] && exit $SMF_EXIT_ERR_CONFIG
@@ -24,7 +24,7 @@ stop)
         ;;
 *)
         print "Usage: $0 {start|stop}"
-        exit 1
+        exit $SMF_EXIT_ERR_FATAL
         ;;
 esac
 
diff --git a/build/squid/files/squid.xml b/build/squid/files/squid.xml
index e6121633f..a6ccbfc27 100644
--- a/build/squid/files/squid.xml
+++ b/build/squid/files/squid.xml
@@ -34,7 +34,7 @@
             <exec_method name="start"
                          type="method"
                          exec="/lib/svc/method/ooce/squid start"
-                         timeout_seconds="60"></exec_method>
+                         timeout_seconds="60" />
 
             <exec_method name="stop"
                          type="method"
diff --git a/build/squid/local.mog b/build/squid/local.mog
index 231c2b249..b1af7fe63 100644
--- a/build/squid/local.mog
+++ b/build/squid/local.mog
@@ -9,6 +9,7 @@
 # http://www.illumos.org/license/CDDL.
 #
 # Copyright 2020 Carsten Grzemba
+# Copyright 2024 OmniOS Community Edition (OmniOSce) Association.
 
 license COPYING license=GPLv2
 
@@ -19,21 +20,16 @@ group groupname=$(GROUP) gid=98
 user ftpuser=false username=$(USER) uid=98 group=$(GROUP) \
     gcos-field="$(PROG) User" home-dir=/var/$(PREFIX) password=NP
 
-<transform file path=etc/opt/ooce/squid/.* -> set preserve renamenew>
+<transform file path=etc/opt/ooce/squid -> set preserve renamenew>
+
+# See also files/exec_attr
+<transform file path=$(PREFIX)/libexec/amd64/pinger -> set mode 04555>
 
 # Restart services on upgrade
 <transform file path=$(PREFIX)/sbin/squid$ \
     -> set restart_fmri svc:/ooce/proxy/$(PROG):default>
 
-<transform dir path=$(PREFIX)/var \
-    -> drop >
-<transform dir path=var/run \
-    -> drop >
-<transform dir path=var/opt/ooce/squid/run(/.*)* \
-    -> drop >
-
-<transform dir path=var/$(PREFIX)(/.*)* \
-    -> default group squid >
-<transform dir path=var/$(PREFIX)(/.*)* \
-    -> default owner squid>
+<transform dir path=var/$(PREFIX)/run/squid -> drop>
+<transform dir path=var/$(PREFIX) -> set group squid>
+<transform dir path=var/$(PREFIX) -> set owner squid>