gc() + add patch from Markj

(some of them don't applies correctly)

devel/gmake3/Makefile

@@ -0,0 +1,29 @@
+PORTNAME=	make
+DISTVERSION=	3.81
+CATEGORIES=	devel
+MASTER_SITES=	GNU
+PKGNAMEPREFIX=	g
+PKGNAMESUFFIX=	3
+
+# note: before committing to this port, contact portmgr to arrange for an
+# experimental ports run.  Untested commits may be backed out at portmgr's
+# discretion.
+MAINTAINER=	allanjude@FreeBSD.org
+COMMENT=	Last GPLv2 version of GNU 'make' utility
+WWW=		https://www.gnu.org/software/make/
+
+LICENSE=	GPLv2
+LICENSE_FILE=	${WRKSRC}/COPYING
+
+USES=		cpe tar:bz2
+CPE_VENDOR=	gnu
+
+GNU_CONFIGURE=	yes
+GNU_CONFIGURE_MANPREFIX=${PREFIX}/share
+CONFIGURE_ARGS=	--program-prefix=g \
+		--program-suffix=3 \
+		--disable-nls \
+		--disable-info \
+		--without-guile
+
+.include <bsd.port.mk>

devel/gmake3/distinfo

@@ -0,0 +1,3 @@
+TIMESTAMP = 1747413857
+SHA256 (make-3.81.tar.bz2) = f3e69023771e23908f5d5592954d8271d3d6af09693cecfd29cee6fde8550dc8
+SIZE (make-3.81.tar.bz2) = 1151445

devel/gmake3/pkg-descr

@@ -0,0 +1,4 @@
+This is the last GPLv2 licensed version of GNU make.
+GNU make is a tool that controls the generation of executables and other
+non-source files from source files.  Its purpose is the same as that
+of the utility make(1).

devel/gmake3/pkg-plist

@@ -0,0 +1,2 @@
+bin/gmake3
+share/man/man1/gmake3.1.gz

devel/kati/Makefile

@@ -0,0 +1,38 @@
+PORTNAME=	kati
+MASTER_SITES=	http://yhm1.klara.systems/kati/
+PORTVERSION=	0.1
+CATEGORIES=	devel
+
+MAINTAINER=	allanjude@FreeBSD.org
+COMMENT=	Apache licensed replacement for GNU make
+WWW=		https://github.com/google/kati
+
+LICENSE=	APACHE20
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+#Kati is pretending to be gmake, so we can't USES gmake here
+##USES=		gmake
+
+BUILD_DEPENDS+=		gmake>=4.4.1:devel/gmake
+CONFIGURE_ENV+=		MAKE=gmake
+MAKE_CMD=		gmake
+
+CONFLICTS_INSTALL=	gmake
+
+# PROJECT TOKEN:
+#   Name: kati-port-ci
+#   Token: glpat-m9-NUmzPFAWfDFhur99s
+#   Scopes: read_repository
+#USE_GITLAB=	yes
+#GL_SITE=	https://gitlab.klara.systems
+#GL_SITE=        https://xavier.beaudouin\@klarasystems.com:xMwy3nX7PTwUudg@gitlab.klara.systems
+#GL_ACCOUNT=	prettybsd
+#GL_PROJECT=	kati
+#GL_TAGNAME=	1dc6868c0a4a6d17bf5527e06a5cb23cac5a6043
+
+NO_CHECKSUM=	yes
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/ckati ${STAGEDIR}${PREFIX}/bin/gmake
+
+.include <bsd.port.mk>

devel/kati/pkg-descr

@@ -0,0 +1 @@
+Kati is an apache licensed replacement for GNU make

devel/kati/pkg-plist

@@ -0,0 +1 @@
+bin/gmake

net/freeipa-client/Makefile

@@ -1,55 +0,0 @@
-PORTNAME=	freeipa-client
-DISTVERSION=	4.12.2
-PORTREVISION=	2
-CATEGORIES=	net
-MASTER_SITES=	https://releases.pagure.org/freeipa/
-DISTNAME=	freeipa-${DISTVERSION}
-
-MAINTAINER=	kiwi@oav.net
-COMMENT=	FreeIPA Client tools
-WWW=		https://www.freeipa.org/
-
-LICENSE=	GPLv3+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-BUILD_DEPENDS=	${PY_SETUPTOOLS} \
-		${PYTHON_PKGNAMEPREFIX}pip>0:devel/py-pip@${PY_FLAVOR}
-
-LIB_DEPENDS=	libcmocka.so:sysutils/cmocka \
-		libcurl.so:ftp/curl \
-		libini_config.so:devel/ding-libs \
-		libjansson.so:devel/jansson \
-		libnspr4.so:devel/nspr \
-		libnss3.so:security/nss \
-		libpopt.so:devel/popt \
-		libpwquality.so:security/libpwquality \
-		libsasl2.so:security/cyrus-sasl2 \
-		libxmlrpc.so:net/xmlrpc-c
-
-USES=		autoreconf gettext gmake gssapi:mit ldap libtool \
-		localbase:ldflags pkgconfig python
-
-GNU_CONFIGURE=	yes
-GNU_CONFIGURE_MANPREFIX=${PREFIX}/share
-CONFIGURE_ARGS=	--disable-dependency-tracking \
-		--disable-server \
-		--with-ipaplatform=freebsd \
-		--without-ipatests \
-		--without-server
-
-# Don't bytecode python files
-MAKE_ENV=	PYTHONDONTWRITEBYTECODE=1
-
-# Remove all systemd dependant things
-EXTRACT_AFTER_ARGS=	--exclude client/systemd --exclude daemons/dnssec \
-			--exclude daemons/ipa-otpd --exclude \
-			daemons/ipa-slapi-plugins --exclude init/systemd \
-			--exclude init/tmpfilesd
-
-PLIST_SUB=	DISTVERSION=${DISTVERSION}
-
-# Make sample configuration file
-post-install:
-	@${MV} ${STAGEDIR}${PREFIX}/etc/ipa/epn.conf ${STAGEDIR}${PREFIX}/etc/ipa/epn.conf.sample
-
-.include <bsd.port.mk>

net/freeipa-client/distinfo

@@ -1,3 +0,0 @@
-TIMESTAMP = 1725364321
-SHA256 (freeipa-4.12.2.tar.gz) = dc88f5404e7613eb6530d71142ef43a9f89019d59cdc6ec25b778413258c317f
-SIZE (freeipa-4.12.2.tar.gz) = 5699673

net/freeipa-client/files/patch-asn1_asn1c_INTEGER.c

@@ -1,10 +0,0 @@
---- asn1/asn1c/INTEGER.c.orig	2024-08-21 15:06:37 UTC
-+++ asn1/asn1c/INTEGER.c
-@@ -7,6 +7,7 @@
- #include <INTEGER.h>
- #include <asn_codecs_prim.h>	/* Encoder and decoder of a primitive type */
- #include <errno.h>
-+#include <stdlib.h>
- 
- /*
-  * INTEGER basic type description.

net/freeipa-client/files/patch-asn1_asn1c_Makefile.am

@@ -1,11 +0,0 @@
---- asn1/asn1c/Makefile.am.orig	2021-11-25 17:34:42 UTC
-+++ asn1/asn1c/Makefile.am
-@@ -70,7 +70,7 @@ libasn1c_la_SOURCES =		\
- 
- EXTRA_DIST = ipa.asn1
- 
--AM_CPPFLAGS = -I$(top_srcdir)/util
-+AM_CPPFLAGS = -I$(top_srcdir)/util -D_GNU_SOURCE
- 
- noinst_LTLIBRARIES=libasn1c.la
- 

net/freeipa-client/files/patch-asn1_asn1c_NativeEnumerated.c

@@ -1,10 +0,0 @@
---- asn1/asn1c/NativeEnumerated.c.orig	2024-08-21 15:06:37 UTC
-+++ asn1/asn1c/NativeEnumerated.c
-@@ -11,6 +11,7 @@
-  */
- #include <asn_internal.h>
- #include <NativeEnumerated.h>
-+#include <stdlib.h>
- 
- /*
-  * NativeEnumerated basic type description.

net/freeipa-client/files/patch-asn1_asn1c_der__encoder.c

@@ -1,10 +0,0 @@
---- asn1/asn1c/der_encoder.c.orig	2024-08-21 15:06:37 UTC
-+++ asn1/asn1c/der_encoder.c
-@@ -4,6 +4,7 @@
-  */
- #include <asn_internal.h>
- #include <errno.h>
-+#include <stdlib.h>
- 
- static ssize_t der_write_TL(ber_tlv_tag_t tag, ber_tlv_len_t len,
- 	asn_app_consume_bytes_f *cb, void *app_key, int constructed);

net/freeipa-client/files/patch-client_Makefile.am

@@ -1,11 +0,0 @@
---- client/Makefile.am.orig	2024-08-21 15:06:37 UTC
-+++ client/Makefile.am
-@@ -94,8 +94,6 @@ SUBDIRS =			\
- SUBDIRS =			\
- 	share		        \
- 	man			\
--	sysconfig	        \
--	systemd			\
- 	$(NULL)
- #       init                    
- 

net/freeipa-client/files/patch-client_ipa-getkeytab.c

@@ -1,16 +0,0 @@
---- client/ipa-getkeytab.c.orig	2023-08-21 14:29:00 UTC
-+++ client/ipa-getkeytab.c
-@@ -34,6 +34,13 @@
- #include <time.h>
- #include <krb5.h>
- #include <ldap.h>
-+typedef unsigned char   u_char;
-+typedef unsigned short  u_short;
-+typedef unsigned int    u_int;
-+typedef unsigned long   u_long;
-+#include <sys/types.h>
-+#include <netinet/in.h>
-+#include <arpa/nameser.h>
- #include <resolv.h>
- #include <sasl/sasl.h>
- #include <popt.h>

net/freeipa-client/files/patch-configure.ac

@@ -1,112 +0,0 @@
---- configure.ac.orig	2024-08-21 15:06:37 UTC
-+++ configure.ac
-@@ -25,9 +25,12 @@ dnl fail hard when includes statements are missing
- dnl Enable features like strndup()
- CFLAGS="$CFLAGS -D_POSIX_C_SOURCE=200809L"
- dnl fail hard when includes statements are missing
--CFLAGS="$CFLAGS -Werror=implicit-function-declaration"
-+dnl Removing this failing hard because on implicit declaration of 
-+dnl alloca() used several plaice in the code.
-+dnl CFLAGS="$CFLAGS -Werror=implicit-function-declaration"
- 
- AC_PROG_CC_C99
-+AC_GNU_SOURCE
- AC_DISABLE_STATIC
- LT_INIT
- 
-@@ -211,14 +214,7 @@ SAVE_LIBS="$LIBS"
- dnl - Check for libintl
- dnl ---------------------------------------------------------------------------
- SAVE_LIBS="$LIBS"
--LIBINTL_LIBS=
--AC_CHECK_HEADER(libintl.h, [], [AC_MSG_ERROR([libintl.h not found, please install xgettext])])
--AC_SEARCH_LIBS([bindtextdomain], [libintl],[], [])
--if test "x$ac_cv_search_bindtextdomain" = "xno" ; then
--  AC_MSG_ERROR([libintl is not found and your libc does not support gettext, please install xgettext])
--elif test "x$ac_cv_search_bindtextdomain" != "xnone required" ; then
--  LIBINTL_LIBS="$ac_cv_search_bindtextdomain"
--fi
-+LIBINTL_LIBS="-lintl"
- LIBS="$SAVELIBS"
- AC_SUBST(LIBINTL_LIBS)
- 
-@@ -249,39 +245,13 @@ dnl --------------------------------------------------
- AC_SUBST([runstatedir])
- 
- dnl ---------------------------------------------------------------------------
--dnl - Check for systemd directories
--dnl ---------------------------------------------------------------------------
--
--PKG_CHECK_EXISTS([systemd], [], [AC_MSG_ERROR([systemd not found])])
--AC_ARG_WITH([systemdsystemunitdir],
--            AS_HELP_STRING([--with-systemdsystemunitdir=DIR],
--               [Directory for systemd service files]),
--            [systemdsystemunitdir=$with_systemdsystemunitdir],
--        [systemdsystemunitdir=$($PKG_CONFIG --define-variable=prefix='${prefix}' --variable=systemdsystemunitdir systemd)])
--AC_SUBST([systemdsystemunitdir])
--
--AC_ARG_WITH([systemdtmpfilesdir],
--            AS_HELP_STRING([--with-systemdtmpfilesdir=DIR],
--               [Directory for systemd-tmpfiles configuration files]),
--            [systemdtmpfilesdir=$with_systemdtmpfilesdir],
--        [systemdtmpfilesdir=$($PKG_CONFIG --define-variable=prefix='${prefix}' --variable=tmpfilesdir systemd)])
--AC_SUBST([systemdtmpfilesdir])
--
--AC_ARG_WITH([systemdcatalogdir],
--            AS_HELP_STRING([--with-systemdcatalogdir=DIR],
--               [Directory for systemd journal catalog files]),
--            [systemdcatalogdir=$with_systemdcatalogdir],
--        [systemdcatalogdir=$($PKG_CONFIG --define-variable=prefix='${prefix}' --variable=catalogdir systemd)])
--AC_SUBST([systemdcatalogdir])
--
--dnl ---------------------------------------------------------------------------
- dnl - Server-only configuration
- dnl ---------------------------------------------------------------------------
- 
--AM_COND_IF([ENABLE_SERVER], [
--    m4_include(server.m4)
--])
--AM_CONDITIONAL([USE_SSS_NSS_TIMEOUT], [test "x$ac_cv_have_decl_sss_nss_getpwnam_timeout" = xyes])
-+dnl AM_COND_IF([ENABLE_SERVER], [
-+dnl     m4_include(server.m4)
-+dnl ])
-+dnl AM_CONDITIONAL([USE_SSS_NSS_TIMEOUT], [test "x$ac_cv_have_decl_sss_nss_getpwnam_timeout" = xyes])
- 
- dnl ---------------------------------------------------------------------------
- dnl - Check if IPA certauth plugin can be build
-@@ -625,35 +595,11 @@ AC_CONFIG_FILES([
-     client/Makefile
-     client/share/Makefile
-     client/man/Makefile
--    client/sysconfig/Makefile
--    client/systemd/Makefile
-     contrib/completion/Makefile
-     contrib/Makefile
--    daemons/dnssec/Makefile
-     daemons/Makefile
-     daemons/ipa-kdb/Makefile
-     daemons/ipa-sam/Makefile
--    daemons/ipa-otpd/Makefile
--    daemons/ipa-slapi-plugins/Makefile
--    daemons/ipa-slapi-plugins/libotp/Makefile
--    daemons/ipa-slapi-plugins/ipa-cldap/Makefile
--    daemons/ipa-slapi-plugins/ipa-dns/Makefile
--    daemons/ipa-slapi-plugins/ipa-enrollment/Makefile
--    daemons/ipa-slapi-plugins/ipa-graceperiod/Makefile
--    daemons/ipa-slapi-plugins/ipa-lockout/Makefile
--    daemons/ipa-slapi-plugins/ipa-otp-counter/Makefile
--    daemons/ipa-slapi-plugins/ipa-otp-lasttoken/Makefile
--    daemons/ipa-slapi-plugins/ipa-pwd-extop/Makefile
--    daemons/ipa-slapi-plugins/ipa-extdom-extop/Makefile
--    daemons/ipa-slapi-plugins/ipa-winsync/Makefile
--    daemons/ipa-slapi-plugins/ipa-version/Makefile
--    daemons/ipa-slapi-plugins/ipa-uuid/Makefile
--    daemons/ipa-slapi-plugins/ipa-modrdn/Makefile
--    daemons/ipa-slapi-plugins/ipa-sidgen/Makefile
--    daemons/ipa-slapi-plugins/ipa-range-check/Makefile
--    daemons/ipa-slapi-plugins/topology/Makefile
--    init/systemd/Makefile
--    init/tmpfilesd/Makefile
-     init/Makefile
-     install/Makefile
-     install/certmonger/Makefile

net/freeipa-client/files/patch-daemons_Makefile.am

@@ -1,14 +0,0 @@
---- daemons/Makefile.am.orig	2023-08-21 16:29:00.040643147 +0200
-+++ daemons/Makefile.am	2023-10-24 17:56:44.164932000 +0200
-@@ -9,11 +9,8 @@
- 
- SUBDIRS =			\
- 	.			\
--	dnssec			\
- 	ipa-kdb			\
--	ipa-slapi-plugins	\
- 	ipa-sam			\
--	ipa-otpd		\
- 	$(NULL)
- 
- ipa-version.h: ipa-version.h.in $(top_builddir)/$(CONFIG_STATUS)

net/freeipa-client/files/patch-init_Makefile.am

@@ -1,11 +0,0 @@
---- init/Makefile.am.orig	2023-10-24 17:29:14.662539000 +0200
-+++ init/Makefile.am	2023-10-24 17:29:28.779983000 +0200
-@@ -2,7 +2,7 @@
- #
- AUTOMAKE_OPTIONS = 1.7
- 
--SUBDIRS = systemd tmpfilesd
-+#SUBDIRS = systemd tmpfilesd
- 
- dist_sysconfenv_DATA = 		\
- 	ipa-dnskeysyncd		\

net/freeipa-client/files/patch-ipaplatform_freebsd___init__.py

@@ -1,4 +0,0 @@
---- /dev/null	2023-10-25 10:42:48.658581000 +0200
-+++ ipaplatform/freebsd/__init__.py	2023-10-25 10:42:03.380066000 +0200
-@@ -0,0 +1 @@
-+NAME = 'freebsd'

net/freeipa-client/files/patch-ipaplatform_setup.py

@@ -1,10 +0,0 @@
---- ipaplatform/setup.py.orig	2023-10-03 12:48:36 UTC
-+++ ipaplatform/setup.py
-@@ -37,6 +37,7 @@ if __name__ == '__main__':
-             "ipaplatform.debian",
-             "ipaplatform.fedora",
-             "ipaplatform.fedora_container",
-+            "ipaplatform.freebsd",
-             "ipaplatform.nixos",
-             "ipaplatform.redhat",
-             "ipaplatform.rhel",

net/freeipa-client/files/patch-util_ipa__krb5.c

@@ -1,10 +0,0 @@
---- util/ipa_krb5.c.orig	2021-11-25 17:34:42 UTC
-+++ util/ipa_krb5.c
-@@ -25,6 +25,7 @@
- #include <errno.h>
- #include <lber.h>
- #include <errno.h>
-+#include <sys/endian.h>
- 
- #include <libintl.h>
- #define _(STRING) gettext(STRING)

net/freeipa-client/pkg-descr

@@ -1,2 +0,0 @@
-FreeIPA is a free and open source identity management system. This
-package provides its command-line administration tools.

net/freeipa-client/pkg-plist

@@ -1,446 +0,0 @@
-bin/ipa
-etc/bash_completion.d/ipa
-@sample etc/ipa/epn.conf.sample
-etc/ipa/epn/expire_msg.template
-%%PYTHON_SITELIBDIR%%/ipaclient-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/PKG-INFO
-%%PYTHON_SITELIBDIR%%/ipaclient-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/SOURCES.txt
-%%PYTHON_SITELIBDIR%%/ipaclient-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/dependency_links.txt
-%%PYTHON_SITELIBDIR%%/ipaclient-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/entry_points.txt
-%%PYTHON_SITELIBDIR%%/ipaclient-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/not-zip-safe
-%%PYTHON_SITELIBDIR%%/ipaclient-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/requires.txt
-%%PYTHON_SITELIBDIR%%/ipaclient-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/top_level.txt
-%%PYTHON_SITELIBDIR%%/ipaclient/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/__main__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/discovery.py
-%%PYTHON_SITELIBDIR%%/ipaclient/frontend.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/automount.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/client.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/ipa_certupdate.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/ipa_client_automount.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/ipa_client_install.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/ipa_client_samba.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/ipa_epn.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/ipachangeconf.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/ipadiscovery.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/sssd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install/timeconf.py
-%%PYTHON_SITELIBDIR%%/ipaclient/install_files.txt
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/automember.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/automount.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/baseuser.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/ca.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/cert.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/certmap.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/certprofile.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/dns.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/hbacrule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/hbactest.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/host.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/idrange.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/internal.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/location.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/migration.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/misc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/otptoken.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/otptoken_yubikey.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/passwd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/permission.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/rpcclient.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/server.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/service.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/stageuser.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/sudorule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/topology.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/trust.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/user.py
-%%PYTHON_SITELIBDIR%%/ipaclient/plugins/vault.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/aci.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/automember.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/automount.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/batch.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/cert.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/config.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/delegation.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/dns.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/group.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/hbacrule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/hbacsvc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/hbacsvcgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/hbactest.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/host.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/hostgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/idrange.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/idviews.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/internal.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/join.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/krbtpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/migration.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/misc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/netgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/otpconfig.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/otptoken.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/otptoken_yubikey.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/passwd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/permission.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/ping.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/pkinit.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/privilege.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/pwpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/radiusproxy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/realmdomains.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/role.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/selfservice.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/selinuxusermap.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/service.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/session.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/sudocmd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/sudocmdgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/sudorule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/trust.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_114/user.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/aci.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/automember.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/automount.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/batch.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/caacl.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/cert.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/certprofile.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/config.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/delegation.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/dns.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/domainlevel.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/group.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/hbacrule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/hbacsvc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/hbacsvcgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/hbactest.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/host.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/hostgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/idrange.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/idviews.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/internal.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/join.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/krbtpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/migration.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/misc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/netgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/otpconfig.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/otptoken.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/otptoken_yubikey.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/passwd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/permission.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/ping.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/pkinit.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/privilege.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/pwpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/radiusproxy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/realmdomains.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/role.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/selfservice.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/selinuxusermap.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/server.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/service.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/servicedelegation.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/session.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/stageuser.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/sudocmd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/sudocmdgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/sudorule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/topology.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/trust.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/user.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_156/vault.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/aci.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/automember.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/automount.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/batch.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/caacl.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/cert.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/certprofile.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/config.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/delegation.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/dns.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/domainlevel.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/group.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/hbacrule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/hbacsvc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/hbacsvcgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/hbactest.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/host.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/hostgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/idrange.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/idviews.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/internal.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/join.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/krbtpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/migration.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/misc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/netgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/otpconfig.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/otptoken.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/otptoken_yubikey.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/passwd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/permission.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/ping.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/pkinit.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/privilege.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/pwpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/radiusproxy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/realmdomains.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/role.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/selfservice.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/selinuxusermap.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/server.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/service.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/servicedelegation.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/session.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/stageuser.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/sudocmd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/sudocmdgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/sudorule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/topology.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/trust.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/user.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_164/vault.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/aci.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/automember.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/automount.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/batch.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/cert.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/config.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/delegation.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/dns.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/entitle.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/group.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/hbacrule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/hbacsvc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/hbacsvcgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/hbactest.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/host.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/hostgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/idrange.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/internal.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/join.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/krbtpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/migration.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/misc.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/netgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/passwd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/permission.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/ping.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/pkinit.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/privilege.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/pwpolicy.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/role.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/selfservice.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/selinuxusermap.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/service.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/session.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/sudocmd.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/sudocmdgroup.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/sudorule.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/trust.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/2_49/user.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/compat.py
-%%PYTHON_SITELIBDIR%%/ipaclient/remote_plugins/schema.py
-%%PYTHON_SITELIBDIR%%/ipalib-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/PKG-INFO
-%%PYTHON_SITELIBDIR%%/ipalib-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/SOURCES.txt
-%%PYTHON_SITELIBDIR%%/ipalib-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/dependency_links.txt
-%%PYTHON_SITELIBDIR%%/ipalib-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/requires.txt
-%%PYTHON_SITELIBDIR%%/ipalib-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/top_level.txt
-%%PYTHON_SITELIBDIR%%/ipalib/__init__.py
-%%PYTHON_SITELIBDIR%%/ipalib/aci.py
-%%PYTHON_SITELIBDIR%%/ipalib/backend.py
-%%PYTHON_SITELIBDIR%%/ipalib/base.py
-%%PYTHON_SITELIBDIR%%/ipalib/capabilities.py
-%%PYTHON_SITELIBDIR%%/ipalib/cli.py
-%%PYTHON_SITELIBDIR%%/ipalib/config.py
-%%PYTHON_SITELIBDIR%%/ipalib/constants.py
-%%PYTHON_SITELIBDIR%%/ipalib/crud.py
-%%PYTHON_SITELIBDIR%%/ipalib/dns.py
-%%PYTHON_SITELIBDIR%%/ipalib/errors.py
-%%PYTHON_SITELIBDIR%%/ipalib/facts.py
-%%PYTHON_SITELIBDIR%%/ipalib/frontend.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/__init__.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/certmonger.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/certstore.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/dnsforwarders.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/hostname.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/kinit.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/service.py
-%%PYTHON_SITELIBDIR%%/ipalib/install/sysrestore.py
-%%PYTHON_SITELIBDIR%%/ipalib/install_files.txt
-%%PYTHON_SITELIBDIR%%/ipalib/krb_utils.py
-%%PYTHON_SITELIBDIR%%/ipalib/messages.py
-%%PYTHON_SITELIBDIR%%/ipalib/misc.py
-%%PYTHON_SITELIBDIR%%/ipalib/output.py
-%%PYTHON_SITELIBDIR%%/ipalib/parameters.py
-%%PYTHON_SITELIBDIR%%/ipalib/pkcs10.py
-%%PYTHON_SITELIBDIR%%/ipalib/plugable.py
-%%PYTHON_SITELIBDIR%%/ipalib/request.py
-%%PYTHON_SITELIBDIR%%/ipalib/rpc.py
-%%PYTHON_SITELIBDIR%%/ipalib/sysrestore.py
-%%PYTHON_SITELIBDIR%%/ipalib/text.py
-%%PYTHON_SITELIBDIR%%/ipalib/util.py
-%%PYTHON_SITELIBDIR%%/ipalib/x509.py
-%%PYTHON_SITELIBDIR%%/ipaplatform-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/PKG-INFO
-%%PYTHON_SITELIBDIR%%/ipaplatform-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/SOURCES.txt
-%%PYTHON_SITELIBDIR%%/ipaplatform-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/dependency_links.txt
-%%PYTHON_SITELIBDIR%%/ipaplatform-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/requires.txt
-%%PYTHON_SITELIBDIR%%/ipaplatform-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/top_level.txt
-%%PYTHON_SITELIBDIR%%/ipaplatform/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/_importhook.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/base/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/base/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/base/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/base/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/base/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/debian/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/debian/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/debian/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/debian/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/debian/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora_container/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora_container/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora_container/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora_container/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/fedora_container/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/freebsd/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/install_files.txt
-%%PYTHON_SITELIBDIR%%/ipaplatform/nixos/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/nixos/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/nixos/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/nixos/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/nixos/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/osinfo.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/override.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/redhat/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/redhat/authconfig.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/redhat/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/redhat/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/redhat/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/redhat/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel_container/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel_container/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel_container/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel_container/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/rhel_container/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/suse/__init__.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/suse/constants.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/suse/paths.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/suse/services.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/suse/tasks.py
-%%PYTHON_SITELIBDIR%%/ipaplatform/tasks.py
-%%PYTHON_SITELIBDIR%%/ipapython-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/PKG-INFO
-%%PYTHON_SITELIBDIR%%/ipapython-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/SOURCES.txt
-%%PYTHON_SITELIBDIR%%/ipapython-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/dependency_links.txt
-%%PYTHON_SITELIBDIR%%/ipapython-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/requires.txt
-%%PYTHON_SITELIBDIR%%/ipapython-%%DISTVERSION%%-py%%PYTHON_VER%%.egg-info/top_level.txt
-%%PYTHON_SITELIBDIR%%/ipapython/__init__.py
-%%PYTHON_SITELIBDIR%%/ipapython/admintool.py
-%%PYTHON_SITELIBDIR%%/ipapython/certdb.py
-%%PYTHON_SITELIBDIR%%/ipapython/config.py
-%%PYTHON_SITELIBDIR%%/ipapython/cookie.py
-%%PYTHON_SITELIBDIR%%/ipapython/directivesetter.py
-%%PYTHON_SITELIBDIR%%/ipapython/dn.py
-%%PYTHON_SITELIBDIR%%/ipapython/dn_ctypes.py
-%%PYTHON_SITELIBDIR%%/ipapython/dnsutil.py
-%%PYTHON_SITELIBDIR%%/ipapython/dogtag.py
-%%PYTHON_SITELIBDIR%%/ipapython/errors.py
-%%PYTHON_SITELIBDIR%%/ipapython/fqdn.py
-%%PYTHON_SITELIBDIR%%/ipapython/graph.py
-%%PYTHON_SITELIBDIR%%/ipapython/install/__init__.py
-%%PYTHON_SITELIBDIR%%/ipapython/install/cli.py
-%%PYTHON_SITELIBDIR%%/ipapython/install/common.py
-%%PYTHON_SITELIBDIR%%/ipapython/install/core.py
-%%PYTHON_SITELIBDIR%%/ipapython/install/typing.py
-%%PYTHON_SITELIBDIR%%/ipapython/install/util.py
-%%PYTHON_SITELIBDIR%%/ipapython/install_files.txt
-%%PYTHON_SITELIBDIR%%/ipapython/ipa_log_manager.py
-%%PYTHON_SITELIBDIR%%/ipapython/ipachangeconf.py
-%%PYTHON_SITELIBDIR%%/ipapython/ipaldap.py
-%%PYTHON_SITELIBDIR%%/ipapython/ipautil.py
-%%PYTHON_SITELIBDIR%%/ipapython/ipavalidate.py
-%%PYTHON_SITELIBDIR%%/ipapython/kerberos.py
-%%PYTHON_SITELIBDIR%%/ipapython/kernel_keyring.py
-%%PYTHON_SITELIBDIR%%/ipapython/nsslib.py
-%%PYTHON_SITELIBDIR%%/ipapython/session_storage.py
-%%PYTHON_SITELIBDIR%%/ipapython/ssh.py
-%%PYTHON_SITELIBDIR%%/ipapython/version.py
-libexec/ipa/acme/certbot-dns-ipa
-share/man/man1/ipa-certupdate.1.gz
-share/man/man1/ipa-client-automount.1.gz
-share/man/man1/ipa-client-install.1.gz
-share/man/man1/ipa-client-samba.1.gz
-share/man/man1/ipa-epn.1.gz
-share/man/man1/ipa-getkeytab.1.gz
-share/man/man1/ipa-join.1.gz
-share/man/man1/ipa-rmkeytab.1.gz
-share/man/man1/ipa.1.gz
-share/man/man5/default.conf.5.gz
-share/man/man5/epn.conf.5.gz
-sbin/ipa-certupdate
-sbin/ipa-client-automount
-sbin/ipa-client-install
-sbin/ipa-client-samba
-sbin/ipa-epn
-sbin/ipa-getkeytab
-sbin/ipa-join
-sbin/ipa-rmkeytab
-share/ipa/client/freeipa.template
-share/ipa/client/ssh_ipa.conf.template
-share/ipa/client/sshd_ipa.conf.template
-share/locale/bn_IN/LC_MESSAGES/ipa.mo
-share/locale/ca/LC_MESSAGES/ipa.mo
-share/locale/cs/LC_MESSAGES/ipa.mo
-share/locale/de/LC_MESSAGES/ipa.mo
-share/locale/en_GB/LC_MESSAGES/ipa.mo
-share/locale/es/LC_MESSAGES/ipa.mo
-share/locale/eu/LC_MESSAGES/ipa.mo
-share/locale/fi/LC_MESSAGES/ipa.mo
-share/locale/fr/LC_MESSAGES/ipa.mo
-share/locale/hi/LC_MESSAGES/ipa.mo
-share/locale/hu/LC_MESSAGES/ipa.mo
-share/locale/id/LC_MESSAGES/ipa.mo
-share/locale/ja/LC_MESSAGES/ipa.mo
-share/locale/ka/LC_MESSAGES/ipa.mo
-share/locale/kn/LC_MESSAGES/ipa.mo
-share/locale/ko/LC_MESSAGES/ipa.mo
-share/locale/mr/LC_MESSAGES/ipa.mo
-share/locale/nl/LC_MESSAGES/ipa.mo
-share/locale/pa/LC_MESSAGES/ipa.mo
-share/locale/pl/LC_MESSAGES/ipa.mo
-share/locale/pt/LC_MESSAGES/ipa.mo
-share/locale/pt_BR/LC_MESSAGES/ipa.mo
-share/locale/ru/LC_MESSAGES/ipa.mo
-share/locale/sk/LC_MESSAGES/ipa.mo
-share/locale/tg/LC_MESSAGES/ipa.mo
-share/locale/tr/LC_MESSAGES/ipa.mo
-share/locale/uk/LC_MESSAGES/ipa.mo
-share/locale/zh_CN/LC_MESSAGES/ipa.mo
-@dir etc/ipa/nssdb
-@dir share/selinux/packages/targeted
-@dir /var/lib/ipa-client/pki
-@dir /var/lib/ipa-client/sysrestore
-@dir /var/lib/ipa-client
-@dir /var/lib

ports-mgmt/poudriere-devel/6cd972994ddd6cca1376260dbd2675eb77187ae8.diff

@@ -1,240 +0,0 @@
-diff --git a/src/etc/poudriere.conf.sample b/src/etc/poudriere.conf.sample
-index c0ba896d927ca1700cc78e57cb953deec43b5484..337eb1827904daba5bf5df5790d005f6e7fa3de9 100644
---- a/src/etc/poudriere.conf.sample
-+++ b/src/etc/poudriere.conf.sample
-@@ -383,3 +383,16 @@ DISTFILES_CACHE=/usr/ports/distfiles
- # be fetched.
- # Default: everything
- #PACKAGE_FETCH_WHITELIST="gcc* rust llvm*"
-+
-+# Have pkg create the repo such that each package is named with the short hash
-+# of its file contents in the package filename, with symlinks to the traditional
-+# package filenames. The packagesite.yaml file will point to the hashed version
-+# of these files. By using hashed pkg filenames, this allows users to lazily
-+# cache packages without conflicting with the existing packages, or serving stale
-+# packages from a cache. Once the packages are synced the much
-+# smaller meta files can then be synced. Allowing a near atomic update of the repo.
-+# On caching CDNs this means a need to purge 2-5 files instead of all pkgs that
-+# have been updated.
-+# The symlinks are only required for the local poudriere for resovling dependencies,
-+# they do not need to be uploaded to the CDN.
-+#PKG_HASH="no"
-diff --git a/src/man/poudriere-bulk.8 b/src/man/poudriere-bulk.8
-index 81cf698eeb6670048628d83e819fd84ad433be93..dac4eb3211a9fd0afe451779449693acade24430 100644
---- a/src/man/poudriere-bulk.8
-+++ b/src/man/poudriere-bulk.8
-@@ -28,7 +28,7 @@
- .\"
- .\" Note: The date here should be updated whenever a non-trivial
- .\" change is made to the manual page.
--.Dd July 5, 2022
-+.Dd September 26, 2022
- .Dt POUDRIERE-BULK 8
- .Os
- .Sh NAME
-@@ -38,7 +38,7 @@
- .Nm
- .Fl a
- .Fl j Ar name
--.Op Fl CcFIikNnRrSTtvw
-+.Op Fl CcFHIikNnRrSTtvw
- .Op Fl B Ar name
- .Op Fl b Ar branch
- .Op Fl J Ar maxjobs Ns Op Cm \&: Ns Ar prebuildmaxjobs
-@@ -48,7 +48,7 @@
- .Nm
- .Fl f Ar file Op Fl f Ar file2 Ar ...
- .Fl j Ar name
--.Op Fl CcFIikNnRrSTtvw
-+.Op Fl CcFHIikNnRrSTtvw
- .Op Fl B Ar name
- .Op Fl b Ar branch
- .Op Fl J Ar maxjobs Ns Op Cm \&: Ns Ar prebuildmaxjobs
-@@ -57,7 +57,7 @@
- .Op Fl z Ar set
- .Nm
- .Fl j Ar name
--.Op Fl CcFIikNnRrSTtvw
-+.Op Fl CcFHIikNnRrSTtvw
- .Op Fl B Ar name
- .Op Fl b Ar branch
- .Op Fl J Ar maxjobs Ns Op Cm \&: Ns Ar prebuildmaxjobs
-@@ -232,6 +232,8 @@ Fetch only from the original
- Skip
- .Fx
- mirrors.
-+.It Fl H
-+Create a repository where the package filenames contain the short hash of the contents.
- .It Fl I
- Advanced interactive mode.
- .Pp
-diff --git a/src/share/poudriere/bulk.sh b/src/share/poudriere/bulk.sh
-index 3507ceb3548910c8aa688148614f1eadf72dd695..126b3becc6d050ede819bddebc0ae55b6712aaba 100755
---- a/src/share/poudriere/bulk.sh
-+++ b/src/share/poudriere/bulk.sh
-@@ -47,6 +47,8 @@ Options:
-                    -f file.  Implies -c for -a.
-     -c          -- Clean all the previously built binary packages and logs.
-     -F          -- Only fetch from original master_site (skip FreeBSD mirrors)
-+    -H          -- Create a repository where the package filenames contain the
-+                   short hash of the contents.
-     -I          -- Advanced Interactive mode. Leaves jail running with ports
-                    installed after test.
-     -i          -- Interactive mode. Enter jail for interactive testing and
-@@ -97,7 +99,7 @@ if [ $# -eq 0 ]; then
- 	usage
- fi
- 
--while getopts "ab:B:CcFf:iIj:J:knNO:p:RrSTtvwz:" FLAG; do
-+while getopts "ab:B:CcFf:HiIj:J:knNO:p:RrSTtvwz:" FLAG; do
- 	case "${FLAG}" in
- 		a)
- 			ALL=1
-@@ -126,6 +128,9 @@ while getopts "ab:B:CcFf:iIj:J:knNO:p:RrSTtvwz:" FLAG; do
- 			fi
- 			LISTPKGS="${LISTPKGS:+${LISTPKGS} }${OPTARG}"
- 			;;
-+		H)
-+			PKG_REPO_FLAGS="${PKG_REPO_FLAGS:+${PKG_REPO_FLAGS} }--hash --symlink"
-+			;;
- 		I)
- 			INTERACTIVE_MODE=2
- 			;;
-diff --git a/src/share/poudriere/common.sh b/src/share/poudriere/common.sh
-index a4907362c76000bc81fb8b7dbd61918fb7426538..e52cfb432e15783e9d3b47a018d8d1735a70a5cf 100755
---- a/src/share/poudriere/common.sh
-+++ b/src/share/poudriere/common.sh
-@@ -6473,6 +6473,10 @@ delete_old_pkg() {
- 		if [ -L "${pkg}" ]; then
- 			is_sym=1
- 		fi
-+		if [ -d "${pkg}" ] && [ "${pkgfile}" = "Hashed" ]; then
-+			msg_debug "Ignoring directory"
-+			return 0;
-+		fi
- 		if [ "${is_sym}" -eq 1 ] && [ ! -e "${pkg}" ]; then
- 			msg "Deleting ${COLOR_PORT}${pkgfile}${COLOR_RESET}: dead symlink"
- 			delete_pkg "${pkg}"
-@@ -9468,12 +9472,16 @@ clean_restricted() {
- }
- 
- build_repo() {
--	local origin pkg_repo_list_files
-+	local origin pkg_repo_list_files hashcmd
- 
- 	msg "Creating pkg repository"
- 	if [ ${DRY_RUN} -eq 1 ]; then
- 		return 0
- 	fi
-+	if [ ${PKG_HASH} != "no" ]; then
-+		hashcmd="--hash --symlink"
-+		PKG_REPO_FLAGS="${PKG_REPO_FLAGS:+${PKG_REPO_FLAGS} }$hashcmd"
-+	fi
- 	bset status "pkgrepo:"
- 	ensure_pkg_installed force_extract || \
- 	    err 1 "Unable to extract pkg."
-@@ -9493,12 +9501,20 @@ build_repo() {
- 		install -m 0400 "${PKG_REPO_META_FILE}" \
- 		    "${MASTERMNT:?}/tmp/pkgmeta"
- 	fi
-+
-+	# Remount rw
-+	# mount_nullfs does not support mount -u
-+	umount ${UMOUNT_NONBUSY} ${MASTERMNT}/packages || \
-+	    umount -f ${MASTERMNT}/packages
-+	mount_packages
-+
- 	mkdir -p ${MASTERMNT}/tmp/packages
- 	if [ -n "${PKG_REPO_SIGNING_KEY}" ]; then
- 		msg "Signing repository with key: ${PKG_REPO_SIGNING_KEY}"
- 		install -m 0400 "${PKG_REPO_SIGNING_KEY}" \
- 			"${MASTERMNT:?}/tmp/repo.key"
- 		injail ${PKG_BIN:?} repo \
-+			${PKG_REPO_FLAGS} \
- 			${pkg_repo_list_files:+"${pkg_repo_list_files}"} \
- 			-o /tmp/packages \
- 			${PKG_META} \
-@@ -9515,6 +9531,7 @@ build_repo() {
- 		# using SSH with DNSSEC as older hosts don't support
- 		# it.
- 		${MASTERMNT:?}${PKG_BIN:?} repo \
-+		    ${PKG_REPO_FLAGS} \
- 		    ${pkg_repo_list_files:+"${pkg_repo_list_files}"} \
- 		    -o "${MASTERMNT:?}/tmp/packages" ${PKG_META_MASTERMNT} \
- 		    "${MASTERMNT:?}/packages" \
-@@ -9527,6 +9544,7 @@ build_repo() {
- 			;;
- 		esac
- 		JNETNAME="n" injail ${PKG_BIN:?} repo \
-+		    ${PKG_REPO_FLAGS} \
- 		    ${pkg_repo_list_files:+"${pkg_repo_list_files}"} \
- 		    -o /tmp/packages ${PKG_META} /packages \
- 		    ${SIGNING_COMMAND:+signing_command: ${SIGNING_COMMAND}} ||
-@@ -9542,6 +9560,11 @@ build_repo() {
- 			sign_pkg pubkey "${PACKAGES:?}/Latest/pkg.${PKG_EXT}"
- 		fi
- 	fi
-+
-+	# Remount ro
-+	umount ${UMOUNT_NONBUSY} ${MASTERMNT}/packages || \
-+	    umount -f ${MASTERMNT}/packages
-+	mount_packages -o ro
- }
- 
- calculate_size_in_mb() {
-@@ -10109,6 +10132,7 @@ esac
- : ${FLAVOR_DEFAULT_ALL:=no}
- : ${NULLFS_PATHS:="/rescue /usr/share /usr/tests /usr/lib32"}
- : ${PACKAGE_FETCH_URL:="pkg+http://pkg.FreeBSD.org/\${ABI}"}
-+: ${PKG_HASH:=no}
- 
- : ${POUDRIERE_TMPDIR:=$(command mktemp -dt poudriere)}
- : ${SHASH_VAR_PATH_DEFAULT:=${POUDRIERE_TMPDIR}}
-diff --git a/src/share/poudriere/include/pkg.sh b/src/share/poudriere/include/pkg.sh
-index d4821400cb2ad20a6994a5d9145604f8081a98f6..360518520d6f1067531380ea9040ec2d1d4c1f33 100644
---- a/src/share/poudriere/include/pkg.sh
-+++ b/src/share/poudriere/include/pkg.sh
-@@ -400,6 +400,10 @@ delete_pkg() {
- 	local pkg="$1"
- 
- 	clear_pkg_cache "${pkg}"
-+
-+	# If ${pkg} is a symlink, delete the target as well
-+	[ -L "${pkg}" ] && unlink $(realpath "${pkg}")
-+
- 	# Delete the package and the depsfile since this package is being deleted,
- 	# which will force it to be recreated
- 	unlink "${pkg}"
-@@ -417,6 +421,8 @@ delete_pkg_xargs() {
- 	# Delete the package and the depsfile since this package is being deleted,
- 	# which will force it to be recreated
- 	{
-+		# If ${pkg} is a symlink, delete the target as well
-+		[ -L "${pkg}" ] && echo $(realpath "${pkg}")
- 		echo "${pkg}"
- 		echo "${pkg_cache_dir}"
- 	} >> "${listfile}"
-diff --git a/src/share/poudriere/pkgclean.sh b/src/share/poudriere/pkgclean.sh
-old mode 100755
-new mode 100644
-index fafc3c0a547335ddee32033bf9d0700ccf556fca..5458d3d04dd2e05727c1c79ce0ba0d73d3946665
---- a/src/share/poudriere/pkgclean.sh
-+++ b/src/share/poudriere/pkgclean.sh
-@@ -289,6 +289,8 @@ check_should_delete_pkg() {
- 	*".${PKG_EXT}")
- 		if should_delete "${file}"; then
- 			echo "${file}" >> "${BADFILES_LIST:?}"
-+			# If the pkg is a symlink to a hashed package, remove the hashed version as well
-+			[ -L "${file}" ] && echo "$(realpath ${file})" >> ${BADFILES_LIST}
- 		fi
- 		;;
- 	*.txz)
-@@ -305,6 +307,8 @@ check_should_delete_pkg() {
- 	*)
- 		msg_verbose "Found incorrect format file: ${file}"
- 		echo "${file}" >> "${BADFILES_LIST:?}"
-+		# If the pkg is a symlink to a hashed package, remove the hashed version as well
-+		[ -L "${file}" ] && echo "$(realpath ${file})" >> ${BADFILES_LIST}
- 		;;
- 	esac
- }

ports-mgmt/poudriere-devel/Makefile

@@ -1,93 +0,0 @@
-PORTNAME=	poudriere
-DISTVERSION=	3.4.99.20240826
-PORTREVISION=	0
-CATEGORIES=	ports-mgmt
-MASTER_SITES=	LOCAL/bdrewery/${PORTNAME}/ \
-		http://mirror.shatow.net/freebsd/${PORTNAME}/ \
-		GH
-PKGNAMESUFFIX=	-devel
-
-MAINTAINER=	bdrewery@FreeBSD.org
-COMMENT=	Port build and test system
-WWW=		https://github.com/freebsd/poudriere/wiki
-
-LICENSE=	BSD2CLAUSE
-
-CONFLICTS_INSTALL=	poudriere
-
-USE_GITHUB=	yes
-GH_ACCOUNT=	freebsd
-GH_TAGNAME=	3.3.0-1769-gbac754676d
-
-GNU_CONFIGURE=	yes
-ETCDIR=		${PREFIX}/etc/poudriere.d
-
-OPTIONS_DEFINE=	BASH MANIFESTS PORTCONFIG EXAMPLES QEMU ZSH
-OPTIONS_DEFAULT=BASH MANIFESTS PORTCONFIG ZSH
-OPTIONS_SUB=	yes
-
-MANIFESTS_DESC=		Install manifests for jail creation
-MANIFESTS_RUN_DEPENDS+=	freebsd-release-manifests>0:misc/freebsd-release-manifests
-
-PORTCONFIG_DESC=	Install portconfig for options command
-PORTCONFIG_RUN_DEPENDS=	portconfig>0:ports-mgmt/portconfig
-
-QEMU_DESC=	Add qemu-user-static for non-x86 architectures
-QEMU_RUN_DEPENDS=	qemu-user-static>0:emulators/qemu-user-static
-
-
-# gmake is not strictly needed but handles test jobs better
-TEST_DEPENDS=	gmake>0:devel/gmake
-TEST_ENV=	MAKE=gmake
-.if make(test)
-MAKE_CMD=	gmake
-.endif
-TEST_TARGET=	check
-TEST_ARGS=	-s
-TEST_ARGS+=	${_MAKE_JOBS}
-# ccache passthrough helps for building pkg a few hundred times.
-# ccache not added as a dependency because it is only used if setup
-# and provided in the env already.
-# XXX: Passthrough local PKGREPOSITORY dir for fetch support
-ccache_vars=	CCACHE_DIR_NON_ROOT_SAFE CCACHE_GROUP \
-		CCACHE_GID CCACHE_STATIC_PREFIX CCACHE_TEMPDIR \
-		CCACHE_DIR CCACHE_NLEVELS
-.for _cv in ${ccache_vars}
-.  if !empty(${_cv})
-TEST_ENV+=	${_cv}=${${_cv}}
-.  endif
-.endfor
-
-.include <bsd.port.options.mk>
-
-# rm -x support came in 10.0.  A bundled rm is used if not supported in base.
-# While <10 is technically not supported in the Ports Tree, Poudriere
-# detects this and it being a package build tool it should still be
-# supported as a user may be installing this to build packages for upgrading
-# their system to a supported release.
-.if ${OSVERSION} < 1000000
-PLIST_SUB+=	RM=""
-.else
-PLIST_SUB+=	RM="@comment "
-.endif
-
-post-patch:
-	${REINPLACE_CMD} \
-	    -e "s,^\(POUDRIERE_VERSION\)=.*,\1='${PKGVERSION}'," \
-	    ${WRKSRC}/src/bin/poudriere.in
-
-post-install:
-	${LN} -fs ${LOCALBASE}/share/freebsd/MANIFESTS \
-	    ${STAGEDIR}${DATADIR}/MANIFESTS
-
-post-install-BASH-on:
-	@${MKDIR} ${STAGEDIR}${PREFIX}/share/bash-completion/completions/
-	${INSTALL_DATA} ${WRKSRC}/completions/bash/poudriere \
-	    ${STAGEDIR}${PREFIX}/share/bash-completion/completions/
-
-post-install-ZSH-on:
-	@${MKDIR} ${STAGEDIR}${PREFIX}/share/zsh/site-functions/
-	${INSTALL_DATA} ${WRKSRC}/completions/zsh/_poudriere \
-	    ${STAGEDIR}${PREFIX}/share/zsh/site-functions/
-
-.include <bsd.port.mk>

ports-mgmt/poudriere-devel/distinfo

@@ -1,3 +0,0 @@
-TIMESTAMP = 1724665577
-SHA256 (freebsd-poudriere-3.4.99.20240826-3.3.0-1769-gbac754676d_GH0.tar.gz) = 57f602eb6de964fa131992879971799bf1192d9bc9ccf0a37bd7925368993f48
-SIZE (freebsd-poudriere-3.4.99.20240826-3.3.0-1769-gbac754676d_GH0.tar.gz) = 5744773

ports-mgmt/poudriere-devel/files/patch-src_etc_poudriere.conf.sample

@@ -1,19 +0,0 @@
---- src/etc/poudriere.conf.sample.orig	2024-08-11 06:43:13 UTC
-+++ src/etc/poudriere.conf.sample
-@@ -385,3 +385,16 @@ DISTFILES_CACHE=/usr/ports/distfiles
- # be fetched.
- # Default: everything
- #PACKAGE_FETCH_WHITELIST="gcc* rust llvm*"
-+
-+# Have pkg create the repo such that each package is named with the short hash
-+# of its file contents in the package filename, with symlinks to the traditional
-+# package filenames. The packagesite.yaml file will point to the hashed version
-+# of these files. By using hashed pkg filenames, this allows users to lazily
-+# cache packages without conflicting with the existing packages, or serving stale
-+# packages from a cache. Once the packages are synced the much
-+# smaller meta files can then be synced. Allowing a near atomic update of the repo.
-+# On caching CDNs this means a need to purge 2-5 files instead of all pkgs that
-+# have been updated.
-+# The symlinks are only required for the local poudriere for resovling dependencies,
-+# they do not need to be uploaded to the CDN.
-+#PKG_HASH="no"

ports-mgmt/poudriere-devel/files/patch-src_man_poudriere-bulk.8

@@ -1,38 +0,0 @@
---- src/man/poudriere-bulk.8.orig	2024-08-11 06:43:13 UTC
-+++ src/man/poudriere-bulk.8
-@@ -38,7 +38,7 @@
- .Nm
- .Fl a
- .Fl j Ar name
--.Op Fl CcFIikNnRrSTtvw
-+.Op Fl CcFHIikNnRrSTtvw
- .Op Fl B Ar name
- .Op Fl b Ar branch
- .Op Fl J Ar maxjobs Ns Op Cm \&: Ns Ar prebuildmaxjobs
-@@ -48,7 +48,7 @@
- .Nm
- .Fl f Ar file Op Fl f Ar file2 Ar ...
- .Fl j Ar name
--.Op Fl CcFIikNnRrSTtvw
-+.Op Fl CcFHIikNnRrSTtvw
- .Op Fl B Ar name
- .Op Fl b Ar branch
- .Op Fl J Ar maxjobs Ns Op Cm \&: Ns Ar prebuildmaxjobs
-@@ -57,7 +57,7 @@
- .Op Fl z Ar set
- .Nm
- .Fl j Ar name
--.Op Fl CcFIikNnRrSTtvw
-+.Op Fl CcFHIikNnRrSTtvw
- .Op Fl B Ar name
- .Op Fl b Ar branch
- .Op Fl J Ar maxjobs Ns Op Cm \&: Ns Ar prebuildmaxjobs
-@@ -232,6 +232,8 @@ mirrors.
- Skip
- .Fx
- mirrors.
-+.It Fl H
-+Create a repository where the package filenames contain the short hash of the contents.
- .It Fl I
- Advanced interactive mode.
- .Pp

ports-mgmt/poudriere-devel/files/patch-src_share_poudriere_bulk.sh

@@ -1,30 +0,0 @@
---- src/share/poudriere/bulk.sh.orig	2024-08-11 06:43:13 UTC
-+++ src/share/poudriere/bulk.sh
-@@ -47,6 +47,8 @@ Options:
-                    -f file.  Implies -c for -a.
-     -c          -- Clean all the previously built binary packages and logs.
-     -F          -- Only fetch from original master_site (skip FreeBSD mirrors)
-+    -H          -- Create a repository where the package filenames contain the
-+                   short hash of the contents.
-     -I          -- Advanced Interactive mode. Leaves jail running with ports
-                    installed after test.
-     -i          -- Interactive mode. Enter jail for interactive testing and
-@@ -101,7 +103,7 @@ fi
- 	usage
- fi
- 
--while getopts "ab:B:CcFf:iIj:J:knNO:p:RrSTtvwz:" FLAG; do
-+while getopts "ab:B:CcFf:HiIj:J:knNO:p:RrSTtvwz:" FLAG; do
- 	case "${FLAG}" in
- 		a)
- 			ALL=1
-@@ -129,6 +131,9 @@ while getopts "ab:B:CcFf:iIj:J:knNO:p:RrSTtvwz:" FLAG;
- 				OPTARG="${SAVED_PWD}/${OPTARG}"
- 			fi
- 			LISTPKGS="${LISTPKGS:+${LISTPKGS} }${OPTARG}"
-+			;;
-+		H)
-+			PKG_REPO_FLAGS="${PKG_REPO_FLAGS:+${PKG_REPO_FLAGS} }--hash --symlink"
- 			;;
- 		I)
- 			INTERACTIVE_MODE=2

ports-mgmt/poudriere-devel/files/patch-src_share_poudriere_common.sh

@@ -1,88 +0,0 @@
---- src/share/poudriere/common.sh.orig	2024-08-11 06:43:13 UTC
-+++ src/share/poudriere/common.sh
-@@ -6626,6 +6626,10 @@ _delete_old_pkg() {
- 		if [ -L "${pkg}" ]; then
- 			is_sym=1
- 		fi
-+		if [ -d "${pkg}" ] && [ "${pkgfile}" = "Hashed" ]; then
-+			msg_debug "Ignoring directory"
-+			return 0;
-+		fi
- 		if [ "${is_sym}" -eq 1 ] && [ ! -e "${pkg}" ]; then
- 			msg "Deleting ${COLOR_PORT}${pkgfile}${COLOR_RESET}: dead symlink"
- 			delete_pkg "${pkg}"
-@@ -9835,12 +9839,16 @@ build_repo() {
- }
- 
- build_repo() {
--	local origin pkg_repo_list_files
-+	local origin pkg_repo_list_files hashcmd
- 
- 	msg "Creating pkg repository"
- 	if [ ${DRY_RUN} -eq 1 ]; then
- 		return 0
- 	fi
-+	if [ ${PKG_HASH} != "no" ]; then
-+		hashcmd="--hash --symlink"
-+		PKG_REPO_FLAGS="${PKG_REPO_FLAGS:+${PKG_REPO_FLAGS} }$hashcmd"
-+	fi
- 	bset status "pkgrepo:"
- 	ensure_pkg_installed force_extract || \
- 	    err 1 "Unable to extract pkg."
-@@ -9860,12 +9868,20 @@ build_repo() {
- 		install -m 0400 "${PKG_REPO_META_FILE}" \
- 		    "${MASTERMNT:?}/tmp/pkgmeta"
- 	fi
-+
-+	# Remount rw
-+	# mount_nullfs does not support mount -u
-+	umount ${UMOUNT_NONBUSY} ${MASTERMNT}/packages || \
-+	    umount -f ${MASTERMNT}/packages
-+	mount_packages
-+
- 	mkdir -p ${MASTERMNT}/tmp/packages
- 	if [ -n "${PKG_REPO_SIGNING_KEY}" ]; then
- 		msg "Signing repository with key: ${PKG_REPO_SIGNING_KEY}"
- 		install -m 0400 "${PKG_REPO_SIGNING_KEY}" \
- 			"${MASTERMNT:?}/tmp/repo.key"
- 		injail ${PKG_BIN:?} repo \
-+			${PKG_REPO_FLAGS} \
- 			${pkg_repo_list_files:+"${pkg_repo_list_files}"} \
- 			-o /tmp/packages \
- 			${PKG_META} \
-@@ -9882,6 +9898,7 @@ build_repo() {
- 		# using SSH with DNSSEC as older hosts don't support
- 		# it.
- 		${MASTERMNT:?}${PKG_BIN:?} repo \
-+		    ${PKG_REPO_FLAGS} \
- 		    ${pkg_repo_list_files:+"${pkg_repo_list_files}"} \
- 		    -o "${MASTERMNT:?}/tmp/packages" ${PKG_META_MASTERMNT} \
- 		    "${MASTERMNT:?}/packages" \
-@@ -9894,6 +9911,7 @@ build_repo() {
- 			;;
- 		esac
- 		JNETNAME="n" injail ${PKG_BIN:?} repo \
-+		    ${PKG_REPO_FLAGS} \
- 		    ${pkg_repo_list_files:+"${pkg_repo_list_files}"} \
- 		    -o /tmp/packages ${PKG_META} /packages \
- 		    ${SIGNING_COMMAND:+signing_command: ${SIGNING_COMMAND}} ||
-@@ -9909,6 +9927,11 @@ build_repo() {
- 			sign_pkg pubkey "${PACKAGES:?}/Latest/pkg.${PKG_EXT}"
- 		fi
- 	fi
-+
-+	# Remount ro
-+	umount ${UMOUNT_NONBUSY} ${MASTERMNT}/packages || \
-+	    umount -f ${MASTERMNT}/packages
-+	mount_packages -o ro
- }
- 
- calculate_size_in_mb() {
-@@ -10477,6 +10500,7 @@ esac
- : ${FLAVOR_DEFAULT_ALL:=no}
- : ${NULLFS_PATHS:="/rescue /usr/share /usr/tests /usr/lib32"}
- : ${PACKAGE_FETCH_URL:="pkg+http://pkg.FreeBSD.org/\${ABI}"}
-+: ${PKG_HASH:=no}
- 
- : ${POUDRIERE_TMPDIR:=$(command mktemp -dt poudriere)}
- : ${SHASH_VAR_PATH_DEFAULT:=${POUDRIERE_TMPDIR}}

ports-mgmt/poudriere-devel/files/patch-src_share_poudriere_include_pkg.sh

@@ -1,22 +0,0 @@
---- src/share/poudriere/include/pkg.sh.orig	2024-08-11 06:43:13 UTC
-+++ src/share/poudriere/include/pkg.sh
-@@ -466,6 +466,10 @@ delete_pkg() {
- 	local pkg="$1"
- 
- 	clear_pkg_cache "${pkg}"
-+
-+	# If ${pkg} is a symlink, delete the target as well
-+	[ -L "${pkg}" ] && unlink $(realpath "${pkg}")
-+
- 	# Delete the package and the depsfile since this package is being deleted,
- 	# which will force it to be recreated
- 	unlink "${pkg}"
-@@ -483,6 +487,8 @@ delete_pkg_xargs() {
- 	# Delete the package and the depsfile since this package is being deleted,
- 	# which will force it to be recreated
- 	{
-+		# If ${pkg} is a symlink, delete the target as well
-+		[ -L "${pkg}" ] && echo $(realpath "${pkg}")
- 		echo "${pkg}"
- 		echo "${pkg_cache_dir}"
- 	} >> "${listfile}"

ports-mgmt/poudriere-devel/files/patch-src_share_poudriere_pkgclean.sh

@@ -1,20 +0,0 @@
---- src/share/poudriere/pkgclean.sh.orig	2024-08-11 06:43:13 UTC
-+++ src/share/poudriere/pkgclean.sh
-@@ -289,6 +289,8 @@ check_should_delete_pkg() {
- 	*".${PKG_EXT}")
- 		if should_delete "${file}"; then
- 			echo "${file}" >> "${BADFILES_LIST:?}"
-+			# If the pkg is a symlink to a hashed package, remove the hashed version as well
-+			[ -L "${file}" ] && echo "$(realpath ${file})" >> ${BADFILES_LIST}
- 		fi
- 		;;
- 	*.txz)
-@@ -305,6 +307,8 @@ check_should_delete_pkg() {
- 	*)
- 		msg_verbose "Found incorrect format file: ${file}"
- 		echo "${file}" >> "${BADFILES_LIST:?}"
-+		# If the pkg is a symlink to a hashed package, remove the hashed version as well
-+		[ -L "${file}" ] && echo "$(realpath ${file})" >> ${BADFILES_LIST}
- 		;;
- 	esac
- }

ports-mgmt/poudriere-devel/pkg-descr

@@ -1,3 +0,0 @@
-poudriere is a tool primarily designed to test package production on
-FreeBSD. However, most people will find it useful to bulk build ports
-for FreeBSD.

ports-mgmt/poudriere-devel/pkg-plist

@@ -1,115 +0,0 @@
-bin/poudriere
-@sample etc/poudriere.conf.sample
-%%ETCDIR%%/hooks/bulk.sh.sample
-%%ETCDIR%%/hooks/pkgbuild.sh.sample
-@sample(0,0,0) etc/poudriered.conf.sample
-etc/rc.d/poudriered
-@comment libexec/poudriere/cachec
-libexec/poudriere/clock
-libexec/poudriere/cpdup
-libexec/poudriere/dirempty
-libexec/poudriere/dirwatch
-libexec/poudriere/locked_mkdir
-libexec/poudriere/nc
-libexec/poudriere/poudriered
-libexec/poudriere/ptsort
-libexec/poudriere/pwait
-libexec/poudriere/rename
-%%RM%%libexec/poudriere/rm
-libexec/poudriere/setsid
-libexec/poudriere/sh
-libexec/poudriere/timeout
-libexec/poudriere/timestamp
-%%BASH%%share/bash-completion/completions/poudriere
-share/man/man8/poudriere-bulk.8.gz
-share/man/man8/poudriere-distclean.8.gz
-share/man/man8/poudriere-image.8.gz
-share/man/man8/poudriere-jail.8.gz
-share/man/man8/poudriere-logclean.8.gz
-share/man/man8/poudriere-options.8.gz
-share/man/man8/poudriere-pkgclean.8.gz
-share/man/man8/poudriere-ports.8.gz
-share/man/man8/poudriere-queue.8.gz
-share/man/man8/poudriere-status.8.gz
-share/man/man8/poudriere-testport.8.gz
-share/man/man8/poudriere-version.8.gz
-share/man/man8/poudriere.8.gz
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/Caddyfile.sample
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/httpd.conf.sample
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/nginx.conf.sample
-%%DATADIR%%/MANIFESTS
-%%DATADIR%%/api.sh
-%%DATADIR%%/awk/dependency_loop.awk
-%%DATADIR%%/awk/file_cmp_reg.awk
-%%DATADIR%%/awk/humanize.awk
-%%DATADIR%%/awk/json.awk
-%%DATADIR%%/awk/json_jail.awk
-%%DATADIR%%/awk/json_top.awk
-%%DATADIR%%/awk/parse_MOVED.awk
-%%DATADIR%%/awk/processonelog.awk
-%%DATADIR%%/awk/processonelog2.awk
-%%DATADIR%%/awk/siginfo_buildtime.awk
-%%DATADIR%%/awk/unique_pkgnames_from_flavored_origins.awk
-%%DATADIR%%/bulk.sh
-%%DATADIR%%/common.sh
-%%DATADIR%%/daemon.sh
-%%DATADIR%%/distclean.sh
-%%DATADIR%%/foreachport.sh
-%%DATADIR%%/html/assets/DataTables-1.13.8/css/dataTables.bootstrap5.min.css
-%%DATADIR%%/html/assets/DataTables-1.13.8/images/sort_asc.png
-%%DATADIR%%/html/assets/DataTables-1.13.8/images/sort_asc_disabled.png
-%%DATADIR%%/html/assets/DataTables-1.13.8/images/sort_both.png
-%%DATADIR%%/html/assets/DataTables-1.13.8/images/sort_desc.png
-%%DATADIR%%/html/assets/DataTables-1.13.8/images/sort_desc_disabled.png
-%%DATADIR%%/html/assets/DataTables-1.13.8/js/dataTables.bootstrap5.min.js
-%%DATADIR%%/html/assets/DataTables-1.13.8/js/jquery.dataTables.min.js
-%%DATADIR%%/html/assets/bootstrap-5.3.2/css/bootstrap.min.css
-%%DATADIR%%/html/assets/bootstrap-5.3.2/js/bootstrap.bundle.min.js
-%%DATADIR%%/html/assets/favicon.png
-%%DATADIR%%/html/assets/jquery-3.7.1/jquery-3.7.1.js
-%%DATADIR%%/html/assets/jquery-3.7.1/jquery-3.7.1.min.js
-%%DATADIR%%/html/assets/jquery-3.7.1/jquery-3.7.1.min.map
-%%DATADIR%%/html/assets/jquery.dataTables.rowGrouping-1.2.9.js
-%%DATADIR%%/html/assets/logo-dark.png
-%%DATADIR%%/html/assets/logo-light.png
-%%DATADIR%%/html/assets/poudriere.js
-%%DATADIR%%/html/build.html
-%%DATADIR%%/html/index.html
-%%DATADIR%%/html/jail.html
-%%DATADIR%%/html/robots.txt
-%%DATADIR%%/image.sh
-%%DATADIR%%/image_dump.sh
-%%DATADIR%%/image_firmware.sh
-%%DATADIR%%/image_hybridiso.sh
-%%DATADIR%%/image_iso.sh
-%%DATADIR%%/image_mfs.sh
-%%DATADIR%%/image_rawdisk.sh
-%%DATADIR%%/image_tar.sh
-%%DATADIR%%/image_usb.sh
-%%DATADIR%%/image_zfs.sh
-%%DATADIR%%/image_zsnapshot.sh
-%%DATADIR%%/include/asserts.sh
-%%DATADIR%%/include/cache.sh
-%%DATADIR%%/include/colors.pre.sh
-%%DATADIR%%/include/colors.sh
-%%DATADIR%%/include/common.sh.dragonfly
-%%DATADIR%%/include/common.sh.freebsd
-%%DATADIR%%/include/display.sh
-%%DATADIR%%/include/fs.sh
-%%DATADIR%%/include/hash.sh
-%%DATADIR%%/include/html.sh
-%%DATADIR%%/include/parallel.sh
-%%DATADIR%%/include/pkg.sh
-%%DATADIR%%/include/pkgqueue.sh
-%%DATADIR%%/include/shared_hash.sh
-%%DATADIR%%/include/util.sh
-%%DATADIR%%/jail.sh
-%%DATADIR%%/logclean.sh
-%%DATADIR%%/options.sh
-%%DATADIR%%/pkgclean.sh
-%%DATADIR%%/ports.sh
-%%DATADIR%%/processonelog.sh
-%%DATADIR%%/queue.sh
-%%DATADIR%%/status.sh
-%%DATADIR%%/testport.sh
-%%ZSH%%share/zsh/site-functions/_poudriere

security/ca_root_nss/Makefile

@@ -0,0 +1,60 @@
+PORTNAME=	ca_root_nss
+PORTVERSION=	${VERSION_NSS}
+PORTREVISION=	4
+CATEGORIES=	security
+MASTER_SITES=	MOZILLA/security/nss/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src
+DISTNAME=	nss-${VERSION_NSS}${NSS_SUFFIX}
+
+MAINTAINER=	ports-secteam@FreeBSD.org
+COMMENT=	Root certificate bundle from the Mozilla Project
+
+LICENSE=	MPL20
+LICENSE_FILE=	${WRKSRC}/COPYING
+
+USES=		perl5 ssl:build
+USE_PERL5=	build
+
+NO_ARCH=	yes
+WRKSRC_SUBDIR=	nss
+
+OPTIONS_DEFINE=		ETCSYMLINK
+OPTIONS_DEFAULT=	ETCSYMLINK
+OPTIONS_EXCLUDE_FreeBSD_15=	ETCSYMLINK
+OPTIONS_EXCLUDE_FreeBSD_16=	ETCSYMLINK
+
+OPTIONS_SUB=		yes
+
+ETCSYMLINK_DESC=	Add symlinks to default bundle locations
+ETCSYMLINK_CONFLICTS_INSTALL=	ca-roots-[0-9]*
+
+CERTDIR?=	share/certs
+PLIST_SUB+=	CERTDIR=${CERTDIR}
+
+VERSION_NSS=	3.115
+CERTDATA_TXT_PATH=	lib/ckfw/builtins/certdata.txt
+BUNDLE_PROCESSOR=	MAca-bundle.pl
+
+CERTCTL_CMD?=	/usr/sbin/certctl
+
+SUB_FILES=	MAca-bundle.pl pkg-deinstall pkg-install pkg-message
+SUB_LIST=	CERTCTL_CMD=${CERTCTL_CMD} VERSION_NSS=${VERSION_NSS}
+
+do-build:
+	@${SETENV} PATH=${LOCALBASE}/bin:$${PATH} \
+		${PERL} ${WRKDIR}/${BUNDLE_PROCESSOR} \
+	    < ${WRKSRC}/${CERTDATA_TXT_PATH} > \
+	    ${WRKDIR}/ca-root-nss.crt
+
+do-install:
+	${MKDIR} ${STAGEDIR}${PREFIX}/${CERTDIR}
+	${INSTALL_DATA} ${WRKDIR}/ca-root-nss.crt ${STAGEDIR}${PREFIX}/${CERTDIR}
+	${MKDIR} ${STAGEDIR}${PREFIX}/etc/ssl
+	${LN} -sf ../../${CERTDIR}/ca-root-nss.crt ${STAGEDIR}${PREFIX}/etc/ssl/cert.pem.sample
+
+do-install-ETCSYMLINK-on:
+	${MKDIR} ${STAGEDIR}${PREFIX}/openssl
+	${LN} -sf ../etc/ssl/cert.pem ${STAGEDIR}${PREFIX}/openssl/cert.pem
+	${MKDIR} ${STAGEDIR}/etc/ssl
+	${LN} -sf ../..${PREFIX}/etc/ssl/cert.pem ${STAGEDIR}/etc/ssl/cert.pem
+
+.include <bsd.port.mk>

security/ca_root_nss/distinfo

@@ -0,0 +1,3 @@
+TIMESTAMP = 1755292668
+SHA256 (nss-3.115.tar.gz) = ac2a47fb33bd79320159144e01c0d4af9a937a2d928c7c77ff06f5d9507861ab
+SIZE (nss-3.115.tar.gz) = 76656357

security/ca_root_nss/files/MAca-bundle.pl.in

@@ -0,0 +1,250 @@
+##
+##  MAca-bundle.pl -- Regenerate ca-root-nss.crt from the Mozilla certdata.txt
+##
+##  Rewritten in September 2011 by Matthias Andree to heed untrust
+##
+
+##  Copyright (c) 2011, 2013 Matthias Andree <mandree@FreeBSD.org>
+##  All rights reserved.
+##
+##  Redistribution and use in source and binary forms, with or without
+##  modification, are permitted provided that the following conditions are
+##  met:
+##
+##  * Redistributions of source code must retain the above copyright
+##  notice, this list of conditions and the following disclaimer.
+##
+##  * Redistributions in binary form must reproduce the above copyright
+##  notice, this list of conditions and the following disclaimer in the
+##  documentation and/or other materials provided with the distribution.
+##
+##  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+##  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+##  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+##  FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+##  COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+##  INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+##  BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+##  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+##  CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+##  LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+##  ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+##  POSSIBILITY OF SUCH DAMAGE.
+
+use strict;
+use Carp;
+use MIME::Base64;
+
+#   configuration
+print <<EOH;
+##
+##  ca-root-nss.crt -- Bundle of CA Root Certificates
+##
+##  This is a bundle of X.509 certificates of public Certificate
+##  Authorities (CA). These were automatically extracted from Mozilla's
+##  root CA list (the file `certdata.txt').
+##
+##  It contains certificates trusted for server authentication.
+##
+##  Extracted from nss-%%VERSION_NSS%%
+##
+EOH
+my $debug = 0;
+$debug++
+    if defined $ENV{'WITH_DEBUG'}
+	and $ENV{'WITH_DEBUG'} !~ m/(?i)^(no|0|false|)$/;
+
+my %certs;
+my %trusts;
+
+# returns a string like YYMMDDhhmmssZ of current time in GMT zone
+sub timenow()
+{
+	my ($sec,$min,$hour,$mday,$mon,$year,undef,undef,undef) = gmtime(time);
+	return sprintf "%02d%02d%02d%02d%02d%02dZ", $year-100, $mon+1, $mday, $hour, $min, $sec;
+}
+
+sub printcert_plain($$)
+{
+    my ($label, $certdata) = @_;
+    print "=== $label ===\n" if $label;
+    print
+	"-----BEGIN CERTIFICATE-----\n",
+	MIME::Base64::encode_base64($certdata),
+	"-----END CERTIFICATE-----\n\n";
+}
+
+sub printcert_info($$)
+{
+    my (undef, $certdata) = @_;
+    return unless $certdata;
+    open(OUT, "|openssl x509 -text -inform DER -fingerprint")
+            || die "could not pipe to openssl x509";
+    print OUT $certdata;
+    close(OUT) or die "openssl x509 failed with exit code $?";
+}
+
+sub printcert($$) {
+    my ($a, $b) = @_;
+    printcert_info($a, $b);
+}
+
+# converts a datastream that is to be \177-style octal constants
+# from <> to a (binary) string and returns it
+sub graboct()
+{
+    my $data;
+
+    while (<>) {
+	last if /^END/;
+	my (undef,@oct) = split /\\/;
+	my @bin = map(chr(oct), @oct);
+	$data .= join('', @bin);
+    }
+
+    return $data;
+}
+
+sub grabcert()
+{
+    my $certdata;
+    my $cka_label = '';
+    my $serial = 0;
+    my $distrust = 0;
+
+    while (<>) {
+	chomp;
+	last if ($_ eq '');
+
+	if (/^CKA_LABEL UTF8 "([^"]+)"/) {
+	    $cka_label = $1;
+	}
+
+	if (/^CKA_VALUE MULTILINE_OCTAL/) {
+	    $certdata = graboct();
+	}
+
+	if (/^CKA_SERIAL_NUMBER MULTILINE_OCTAL/) {
+	    $serial = graboct();
+	}
+
+	if (/^CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL/)
+	{
+	    my $distrust_after = graboct();
+	    my $time_now = timenow();
+	    if ($time_now >= $distrust_after) { $distrust = 1; }
+	    if ($debug) {
+		printf STDERR "line $.: $cka_label ser #%d: distrust after %s, now: %s -> distrust $distrust\n", $serial, $distrust_after, timenow();
+	    }
+	    if ($distrust) {
+		return undef;
+	    }
+	}
+    }
+    return ($serial, $cka_label, $certdata);
+}
+
+sub grabtrust() {
+    my $cka_label;
+    my $serial;
+    my $maytrust = 0;
+    my $distrust = 0;
+
+    while (<>) {
+	chomp;
+	last if ($_ eq '');
+
+	if (/^CKA_LABEL UTF8 "([^"]+)"/) {
+	    $cka_label = $1;
+	}
+
+	if (/^CKA_SERIAL_NUMBER MULTILINE_OCTAL/) {
+	    $serial = graboct();
+	}
+
+	if (/^CKA_TRUST_SERVER_AUTH CK_TRUST (\S+)$/)
+	{
+	    if ($1 eq      'CKT_NSS_NOT_TRUSTED') {
+		$distrust = 1;
+	    } elsif ($1 eq 'CKT_NSS_TRUSTED_DELEGATOR') {
+		$maytrust = 1;
+	    } elsif ($1 ne 'CKT_NSS_MUST_VERIFY_TRUST') {
+		confess "Unknown trust setting on line $.:\n"
+		. "$_\n"
+		. "Script must be updated:";
+	    }
+	}
+    }
+
+    if (!$maytrust && !$distrust && $debug) {
+	print STDERR "line $.: no explicit trust/distrust found for $cka_label\n";
+    }
+
+    my $trust = ($maytrust and not $distrust);
+    return ($serial, $cka_label, $trust);
+}
+
+my $untrusted = 0;
+
+while (<>) {
+    if (/^CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE/) {
+	my ($serial, $label, $certdata) = grabcert();
+	if (defined $certs{$label."\0".$serial}) {
+	    warn "Certificate $label duplicated!\n";
+	}
+	if (defined $certdata) {
+	    $certs{$label."\0".$serial} = $certdata;
+	} else { # $certdata undefined? distrust_after in effect
+	    $untrusted ++;
+	}
+    } elsif (/^CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST/) {
+	my ($serial, $label, $trust) = grabtrust();
+	if (defined $trusts{$label."\0".$serial}) {
+	    warn "Trust for $label duplicated!\n";
+	}
+	$trusts{$label."\0".$serial} = $trust;
+    } elsif (/^CVS_ID.*Revision: ([^ ]*).*/) {
+        print "##  Source: \"certdata.txt\" CVS revision $1\n##\n\n";
+    }
+}
+
+sub printlabel(@) {
+    my @res = @_;
+    map { s/\0.*//; s/[^[:print:]]/_/g; "\"$_\""; } @res;
+    return wantarray ? @res : $res[0];
+}
+
+# weed out untrusted certificates
+foreach my $it (keys %trusts) {
+    if (!$trusts{$it}) {
+	if (!exists($certs{$it})) {
+	    warn "Found trust for nonexistent certificate ".printlabel($it)."\n" if $debug;
+	} else {
+	    delete $certs{$it};
+	    warn "Skipping untrusted ".printlabel($it)."\n" if $debug;
+	    $untrusted++;
+	}
+    }
+}
+
+print		"##  Untrusted certificates omitted from this bundle: $untrusted\n\n";
+print STDERR	"##  Untrusted certificates omitted from this bundle: $untrusted\n";
+
+my $certcount = 0;
+foreach my $it (sort {uc($a) cmp uc($b)} keys %certs) {
+    if (!exists($trusts{$it})) {
+	die "Found certificate without trust block,\naborting";
+    }
+    printcert("", $certs{$it});
+    print "\n\n\n";
+    $certcount++;
+    print STDERR "Trusting $certcount: ".printlabel($it)."\n" if $debug;
+}
+
+if ($certcount < 25) {
+    die "Certificate count of $certcount is implausibly low.\nAbort";
+}
+
+print		"##  Number of certificates: $certcount\n";
+print STDERR	"##  Number of certificates: $certcount\n";
+print "##  End of file.\n";

security/ca_root_nss/files/pkg-deinstall.in

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+if [ "$2" = POST-DEINSTALL ]; then
+	CERTCTL_ARGS="-D ${PKG_ROOTDIR}"
+	%%CERTCTL_CMD%% ${CERTCTL_ARGS} rehash
+fi

security/ca_root_nss/files/pkg-install.in

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+if [ "$2" = POST-INSTALL ]; then
+	CERTCTL_ARGS="-D ${PKG_ROOTDIR}"
+	if [ -n "${PKG_METALOG}" ]; then
+		CERTCTL_ARGS="${CERTCTL_ARGS} -U -M ${PKG_METALOG}"
+	fi
+	%%CERTCTL_CMD%%  ${CERTCTL_ARGS} rehash
+
+	[ ! -e %%LOCALBASE%%/bin/cert-sync ] || \
+	    %%LOCALBASE%%/bin/cert-sync --quiet %%PREFIX%%/share/certs/ca-root-nss.crt
+fi

security/ca_root_nss/files/pkg-message.in

@@ -0,0 +1,23 @@
+[
+{ type: install
+  message: <<EOM
+FreeBSD does not, and can not warrant that the certification authorities
+whose certificates are included in this package have in any way been
+audited for trustworthiness or RFC 3647 compliance.
+
+Assessment and verification of trust is the complete responsibility of
+the system administrator.
+
+This package installs symlinks to support root certificate discovery
+for software that either uses other cryptographic libraries than
+OpenSSL, or use OpenSSL but do not follow recommended practice.
+
+If you prefer to do this manually, replace the following symlinks with
+either an empty file or your site-local certificate bundle.
+
+  * /etc/ssl/cert.pem
+  * %%PREFIX%%/etc/ssl/cert.pem
+  * %%PREFIX%%/openssl/cert.pem
+EOM
+}
+]

security/ca_root_nss/pkg-descr

@@ -0,0 +1,4 @@
+Root certificates from certificate authorities included in the Mozilla
+NSS library and thus in Firefox and Thunderbird.
+
+This port directly tracks the version of NSS in the security/nss port.

security/ca_root_nss/pkg-plist

@@ -0,0 +1,4 @@
+%%CERTDIR%%/ca-root-nss.crt
+@sample etc/ssl/cert.pem.sample
+%%ETCSYMLINK%%openssl/cert.pem
+%%ETCSYMLINK%%/etc/ssl/cert.pem

t/PKGBase.md

@@ -0,0 +1,163 @@
+# Upgrade FreeBSD von 13.2 zu 14.1 oder 13.3 mit pkgbase
+Quellen:
+https://wiki.freebsd.org/PkgBase
+https://vermaden.wordpress.com/2023/12/09/personal-freebsd-pkgbase-update-server/
+
+## PKGBase Mirror Server erstellen
+In unserem Fall auf fippuder01.cc.bka
+```
+cd /usr/src
+#git clone https://github.com/freebsd/freebsd-src.git .
+#git fetch --all
+#git reset --hard origin/main #wirft alle Änderungen weg
+git pull
+git checkout releng/14.1 --force
+make -j48 buildworld && make -j48 buildkernel && make -j48 packages
+```
+Branches: https://github.com/freebsd/freebsd-src/branches
+Über den `git checkout releng/13.3` kann über den Branch zwischen Versionen gewechselt werden.
+Der Make Befehl erstellt die Pakete und legt sie unter `/usr/obj/usr/src/repo/FreeBSD:14:amd64/14.1p2` ab (je nach Version).
+
+### ccache
+/etc/make.conf
+```
+CCACHE_DIR=/var/cache/ccache
+WITH_CCACHE_BUILD=yes
+```
+### nginx config
+In der NGINX Config wird der Pfad mit den Paketen dann freigegeben
+`vim /usr/local/etc/nginx/nginx.conf`
+```
+ location /FreeBSD:14:amd64 {
+   alias /usr/obj/usr/src/repo/FreeBSD:14:amd64/;
+   autoindex on;
+ }
+```
+
+```
+service nginx reload
+```
+Bzw. für 13.3 jeweils checkout releng/13.3 und location/repo FreeBSD:13:amd64
+
+### Neue Version erstellen:
+Analog zu oben in den gewünschten Branch wechseln und build starten.
+Ggf. muss für neue Versionen (wie 15.0) die NGINX Config angepasst werden.
+## Auf den Clients
+### Upgrade auf 14.1
+Sofern das Verzeichnis noch nicht existiert:
+`mkdir -p /usr/local/etc/pkg/repos`
+Erstellen eines upgrade Repos für pkg:
+`vim /usr/local/etc/pkg/repos/upgrade.conf`
+
+```
+freebsd-upgrade: {
+	url         = http://pkg.freebsd.org/FreeBSD:14:amd64/14.1p6
+	enabled     = yes
+}
+```
+Zum Update muss die ABI der neuen Version als Umgebungsvariable mitgegeben werden.
+```
+env ABI=freebsd:14:amd64 pkg-static update -r FreeBSD-base-14.1
+env ABI=freebsd:14:amd64 IGNORE_OSVERSION=yes pkg-static install -r freebsd-upgrade -g 'FreeBSD-*'
+```
+Wenn der Fehler `pkg: Fail to rename /usr/include/c++/v1/.pkgtemp.__string.YaGYjRyeEZcE -> /usr/include/c++/v1/__string:Not a directory` auftritt kann `/usr/include` gelöscht, und die Installation erneut versucht werden.
+```
+rm -rf /usr/include
+env ABI=freebsd:14:amd64 IGNORE_OSVERSION=yes pkg install -r FreeBSD-base-14.1 -g 'FreeBSD-*'
+```
+Durch das Update werden alle Konfigurationsdateien in `/etc` mit den Originaldateien überschrieben. Die bearbeiteten Versionen werden in .pkgsave gespeichert.
+Wird an dieser Stelle ein Neustart ausgeführt gibt es keine User und Passwörter mehr und die sshd_config ist wie bei einem frischen System.
+Daher werden die wichtigsten pkgsave Dateien zurück kopiert.
+```
+cp /etc/ssh/sshd_config.pkgsave /etc/ssh/sshd_config
+cp /etc/master.passwd.pkgsave /etc/master.passwd
+cp /etc/group.pkgsave /etc/group
+cp /etc/sysctl.conf.pkgsave /etc/sysctl.conf
+```
+Passwort Datenbank neu aufbauen:
+```
+pwd_mkdb -p /etc/master.passwd
+```
+Alle anderen .pkgsave Dateien können mit folgendem Befehl gelöscht werden, ggf. ist hier zu prüfen welche Dateien sich noch geändert haben.
+```
+find /etc -name \*.pkgsave -delete
+rm /boot/kernel/linker.hints
+```
+Alternativ können auch alle .pkgsave dateien gegen die originale ausgetauscht werden um die Konfiguration vor dem Update wiederherzustellen.
+```
+bash
+cd /etc
+for file in $(ls *.pkgsave); do echo cp $file ${file/.pkgsave/};done
+etcupdate
+find /etc -name \*.pkgsave -delete
+```
+Damit kann ggf. allerdings neue Konfigurationsoptionen in der neuen Version nicht mitgenommen werden, besser wäre ein Diff jeder .pkgsave Datei mit dem Original um etwaige Änderungen zusammen zu führen.
+
+Dann kann der Neustart des Clients durchgeführt werden. Mit `freebsd-version -kru`lassen sich die Versionsstände anzeigen. Runtime wird erst durch einen Neustart auf die neue Version gehoben.
+```
+reboot
+```
+Nach dem Upgrade muss pkg neu initialisiert und alle Pakete geupdatet werden. An dieser Stelle kann auch das Repository in der upgrade.conf auf `enabled = no` gesetzt werden.
+`vim /usr/local/etc/pkg/repos/upgrade.conf`
+```
+upgrade: {
+	url         = http://fippuder01.cc.bka/FreeBSD:14:amd64/14.1p2
+	enabled     = no
+}
+```
+
+```
+pkg bootstrap -f
+pkg update
+pkg upgrade -y
+```
+
+### Update auf 13.3
+Analog zu 14.1, nur einfacher:
+`vim /usr/local/etc/pkg/repos/upgrade.conf`
+```
+upgrade {
+	url         = http://fippuder01.i.cc.bka/FreeBSD:13:amd64/13.3p4
+	enabled     = yes
+}
+```
+
+```
+pkg-static update -r upgrade
+rm -rf /usr/include
+pkg-static install -r upgrade -g 'FreeBSD-*'
+```
+Auch hier gilt, Konfigurationsdateien zurück kopieren, siehe Upgrade auf 14.1
+```
+cp /etc/ssh/sshd_config.pkgsave /etc/ssh/sshd_config
+cp /etc/master.passwd.pkgsave /etc/master.passwd
+cp /etc/group.pkgsave /etc/group
+pwd_mkdb -p /etc/master.passwd
+service sshd restart
+cp /etc/sysctl.conf.pkgsave /etc/sysctl.conf
+find / -name \*.pkgsave -delete
+rm /boot/kernel/linker.hints
+reboot
+pkg bootstrap -f
+pkg update
+pkg upgrade -y
+```
+
+## Upgrade von 14.1p6 auf 14.2
+upgrade.conf bearbeiten
+```
+vim /usr/local/etc/pkg/repos/upgrade.conf
+```
+
+```
+FreeBSD-base-14.2: {
+    url         = http://pkg.freebsd.org/FreeBSD:14:amd64/14.2
+    enabled     = yes
+}
+```
+
+```
+pkg update
+pkg upgrade
+shutdown -r now
+```

t/Upgrade_FreeBSD_via_Boot_Environment.md

@@ -0,0 +1,108 @@
+getestet auf fatnetbox01 (vm) und fapelastic30-34
+
+Boot Environment erstellen und in /mnt einhängen
+```
+bectl create 141
+mkdir /mnt/141
+bectl mount 141 /mnt/141
+```
+Heruntergeladene 14.1-RELEASE base und kernel txz auf Host kopieren und in eingehangenes Boot Environment entpacken
+
+```
+tar -xf base.txz -C /mnt/141 --unlink #wirft einige Fehler (not a directory), das ist okay
+tar -xf kernel.txz -C /mnt/141 --unlink
+```
+
+Dateien kopieren anhand von https://git.cc.bka/projektecc15/projekte_ansible/systemkonfiguration/klara-postgres-cluster/-/blob/main/ansible/files/syncbe.conf?ref_type=heads
+Zum Starten reicht hier meist
+- `passwd`
+- `master.passwd`
+- `group`
+- `*.db`
+- `sshd_config`
+Bestenfalls mit diff vergleichen
+```
+cd /mnt/141
+git diff /etc/ssh/sshd_config /mnt/141/etc/ssh/sshd_config
+cp /etc/ssh/sshd_config /mnt/141/etc/ssh/sshd_config
+git diff /etc/passwd /mnt/141/etc/passwd
+cp /etc/passwd /mnt/141/etc/passwd
+git diff /etc/group /mnt/141/etc/group
+cp /etc/group /mnt/141/etc/group
+cp /etc/*.db /mnt/141/etc/
+git diff /etc/master.passwd /mnt/141/etc/master.passwd
+cp /etc/master.passwd /mnt/141/etc/master.passwd
+```
+Eventuell müssen die master.passwd Änderungen noch angewendet werden:
+```
+chroot /mnt/141 #boot env als chroot betreten
+pwd_mkdb /etc/master.passwd
+exit #aus boot env chroot raus
+```
+
+ggf. noch weitere (siehe Link) wie Zeitzone, resolv.conf etc. siehe unten.
+
+Testen:
+```
+bectl activate -t 141
+reboot
+```
+
+FreeBSD Version kontrollieren:
+```
+freebs-version -kru
+```
+
+Wenn alles klappt permanent Boot Environment verwenden
+```
+bectl activate 141
+```
+
+Danach muss pkg neu installiert werden
+```
+pkg bootstrap -f
+pkg update
+```
+
+Weiter für Patches in [PKGBase](PKGBase.md) 
+
+Weitere Dateien nach Upgrade prüfen:
+im besten Fall via DIFF vergleichen falls Neuerungen in dem Update dazu kamen.
+```
+/etc/resolv.conf
+/etc/ssh/moduli
+/etc/ssh/host-keys
+/etc/rc.conf
+/etc/services (checkmk)
+/etc/inetd.conf (checkmk)
+/etc/rc.conf.d/inetd
+/etc/rc.conf.d/jail
+/etc/rc.conf.d/ntpd
+/etc/ssh-banner
+/etc/localtime
+/etc/passwd
+/etc/master.passwd
+/etc/group
+/etc/*.db
+/etc/jail.conf.d/*.conf
+/etc/ntp.conf
+/etc/fstab
+/etc/crontab/periodic
+boot/loader.conf
+```
+
+
+# ZFS Image für Boot Environment erstellen
+*Doku siehe klara-mariadb-cluster/doc/upgrades*
+Login auf fippuder02
+Neues Poudriere Jail erstellen:
+```
+poudriere jail -c -j 141BEbuilderamd64 -v 14.1-RELEASE -K GENERIC
+```
+
+Dann das Image erstellen:
+```
+poudriere image -t zfs+send+be -j 141BEbuilderamd64 -s 4G -h '' -o /usr/local/poudriere/images -n 141BE  
+```
+
+Dieses landet dann in /usr/local/poudriere/images

t/poudriere_image_bauen.md

@@ -0,0 +1,107 @@
+*nicht getestet*
+# Image in poudriere bauen
+jail erstellen
+```
+poudriere jail -c -j 14amd64image -v 14.1-RELEASE -K GENERIC
+```
+
+```
+poudriere image -t firmware -j 14amd64image -s 4g -h 14amd64image-hostname -n 14amd64image
+```
+-t image type
+-j jail
+-s size
+-p portstree aus dem die images genommen werden
+landet in `/usr/local/poudriere/data/images/14amd64image.img`
+types siehe `man poudriere-image`
+
+image temporär mounten
+```
+mdconfig -a -t vnode -f /usr/local/poudriere/data/images/14amd64image.img
+gpart show -l md0
+mount /dev/md0p3 /mnt/
+```
+
+eigenes Repo für ports anlegen
+```
+poudriere ports -c -p 14amd64imageports
+```
+Ports Liste anlegen
+`/usr/local/etc/poudriere.d/14amd64imageports.list`
+```
+lang/python311
+```
+portstre bauen
+```
+poudriere bulk -j 14amd64 -p 14amd64imageports -f /usr/local/etc/poudriere.d/14amd64imageports.list
+```
+image erstellen
+```
+poudriere image -t firmware -j 14amd64 -s 4g -p 14amd64imageports -h 14amd64image-hostname -n 14amd64image -c /tmp/image -f 14amd64imageports.list
+```
+mit -c kann ein pfad angegeben werden, dessen Inhalt ins Jail gemountet wird.
+-A würde ein shell Skript einfügen was am Ende ausgeführt wird
+In diesem Fall wurde in /tmp/image ein Ordner root/.ssh/ mit authorized_keys erstellt um den SSH Key ins Image zu bekommen.
+
+# Eigenes Installer ISO bauen
+
+Jail erstellen
+```
+poudriere jail -c -j 142imageamd64 -v 14.2-RELEASE -K GENERIC
+```
+
+Paket Liste erstellen
+```
+vim /usr/local/etc/poudriere.d/142imageamd64.list
+```
+mit Inhalt (und ggf. weiteren Paketen)
+```
+lang/python
+```
+pakete bauen
+```
+poudriere bulk -j 142imageamd64 -f /usr/local/etc/poudriere.d/142imageamd64.list
+```
+
+in Image zu integrierende Dateien anlegen in `/usr/local/poudriere/images/overlay`
+```
+root@fippuder02:/usr/local/poudriere/images/overlay # tree -a
+.
+├── etc
+│   ├── rc.local
+│   └── ssh
+│       └── sshd_config
+├── root
+│   └── .ssh
+│       └── authorized_keys
+└── usr
+    ├── freebsd-dist
+    │   ├── MANIFEST
+    │   ├── base.txz
+    │   └── kernel.txz
+    └── local
+        └── etc
+            └── pkg
+                └── repos
+                    ├── FreeBSD.conf
+                    └── poudriere.conf
+```
+
+Installer braucht /etc.rc.local um direkt beim Starten aufgerufen zu werden. Diese wurde aus einem offiziellen Installationsimage kopiert.
+/usr/freebsd-dist enthält Installationsdateien für Installer.
+Angepasste base.txz erzeugen:
+```
+poudriere image -t tar -j 142imageamd64 -f /usr/local/etc/poudriere.d/142imageamd64.list -s 4G -h '' -o /usr/local/poudriere/images/ -c /usr/local/poudriere/images/overlay/ -n base
+```
+und aus /usr/local/poudriere/images in overlay/usr/freebsd-dist verschieben
+
+kernel.txz und Manifest von https://download.freebsd.org/ftp/releases/amd64/14.2-RELEASE/ herunterladen und in Ordner kopieren. Manifest anpassen (sha256sum von base.txz und zusätzliche Einträge außer base und kernel entfernen).
+pkg repo config anlegen und authorized_keys in root/.ssh anlegen.
+
+Image bauen
+```
+poudriere image -t hybridiso -j 142imageamd64 -f /usr/local/etc/poudriere.d/142imageamd64.list -s 4G -h '' -o /usr/local/poudriere/images/ -c /usr/local/poudriere/images/overlay/ -n 142imageamd64
+```
+
+Nach der Installation muss dann noch mit `rm /etc/rc.local` die rc.local entfernt werden damit beim booten nicht der Installer startet.
+Zudem muss die sshd_config angepasst werden, damit PermitRootLogin aktiviert ist.