Openldap

Overview

This is an OpenLDAP jail that can be started with pot but it can also be deployed via nomad.

It is running openldap24-server and not openldap25-server! The various slap* binaries exist in openldap24-server only.

The jail exposes parameters that can either be set via the environment or by setting the cookparameters (the latter either via nomad, see example below, or by editing the downloaded jails pot.conf file):

For more details about nomad images, see about potluck.

Setup

Prerequisites

If you wish to import an existing openldap database, run the following on your existing openldap server to export the config and schema:
slapcat -n 0 -l config.ldif

Then edit config.ldif so that:

olcDbDirectory: /var/db/openldap-data

becomes

olcDbDirectory: /mnt/openldap-data

Then run the following to export your data entries

slapcat -n 1 -l data.ldif

Then copy these files in on pot startup as outlined below. They aren’t automatically imported to openldap, you need to do this manually ONLY ONCE to import data to the persistent storage you’ve mounted in.

Thereafter these files will load automatically, along with any updates, from persistent storage.

Installation

  • Create a ZFS data set on the parent system beforehand
    zfs create -o mountpoint=/mnt/openldap-data zroot/openldap-data
  • Create your local jail from the image or the flavour files.
  • Clone the local jail
  • Mount in the ZFS data set you created
    pot mount-in -p <jailname> -m /mnt -d /mnt/openldap-data
  • Optional: Copy in YOUR config.ldif file if importing config:
    pot copy-in -p <jailname> -s /path/to/config.ldif -d /root/config.ldif
  • Optional: Copy in YOUR data.ldif file if importing existing data:
    pot copy-in -p <jailname> -s /path/to/data.ldif -d /root/data.ldif
  • Adjust to your environment:
    sudo pot set-env -p <jailname> -E DOMAIN=<domain name> -E MYCREDS=<openldap root pass> \
    -E IP=<IP address> -E HOSTNAME=<hostname> \
    [ -E REMOTEIP=<IP address second instance> -E SERVERID=<001 or 002> ]
    [ -E REMOTELOG=<IP of syslog-ng server> ]
    

The DOMAIN parameter is the domain name to use for openldap configuration.

The MYCREDS parameter is the administrator password for openldap.

The IP parameter is the IP address of this image.

The HOSTNAME is the hostname to be used.

The optional REMOTEIP parameter is the IP address of a second openldap pot server if running a multi-master cluster. If set, a cluster setup will be initiated.

The optional SERVERID parameter is one of 001 or 002 for first or second server if running a multi-master cluster.

The optional REMOTELOG parameter is for a remote syslog service, such as via the loki or beast-of-argh images on potluck site.

Usage

Importing old data

Once started, a basic openldap configuration will be setup with data structures configured in /mnt/openldap-data.

You can import your copied-in backup config.ldif files as follows for the configuration, database 0:

/root/importldapconfig.sh

This is the same as running:

/usr/local/sbin/slapadd -c -n 0 -F /usr/local/etc/openldap/slapd.d/ -l /root/config.ldif

You can import your copied-in data.ldif files as follows, for database 2:

/root/importldapdata.sh

This is the same as running:

/usr/local/sbin/slapadd -c -n 1 -F /usr/local/etc/openldap/slapd.d/ -l /root/data.ldif

There may be errors on import, but the -c flag continues regardless of errors.

Check the resulting import for any missing data. It’s possible you may have to add missing entries.

Important: ldapmodify and ldapadd don’t work for import, where slapadd works with some errors in most cases.

Two server setup - multi-master cluster

When running with two servers, you must first setup one and import existing data with the included scripts.

Then start a second server on a different host (both will use /mnt/openldap-data so keep on different servers) with a different SERVERID and setting REMOTEIP to the IP address of the first server.

Check entries in your openldap database by running an anonymous search (no auth):

ldapsearch -x -b "dc=your-domain,dc=net"

LAM web frontend

Open http://yourhost to access the LAM openldap web frontend.

Getting Started

How To Use The Ready-Made Image

FreeBSD 13.0:
pot import -p openldap-amd64-13_0 -t 1.2.5 -U https://potluck.honeyguide.net/openldap

FreeBSD 12.3:
pot import -p openldap-amd64-12_3 -t 1.2.5 -U https://potluck.honeyguide.net/openldap

If you don’t want to use the default pot bridged network configuration but instead need an individual network setup (e.g. assign a host IP address), after importing it you can simply clone the jail like that (em0 is the host network adapter in this example):
pot clone -P openldap-amd64-13_0 -p my-cloned-jail -N alias -i "em0|10.10.10.10"

Note: Some images might require specific network configuration, double check the Overview-chapter at the top.

Alternatively: Create a Jail With This Flavour Yourself

1. Create Flavour Files

Save all files and directories from https://github.com/hny-gd/potluck/tree/master/openldap to /usr/local/etc/pot/flavours/

2. Create Jail From Flavour

Run
pot create -b <FreeBSD Version> -p <jailname> -t single -N public-bridge -f fbsd-update

with your FreeBSD version (e.g. 12.1) and the name your jail should get.

Note: Some images might require specific network configuration, double check the Overview-chapter at the top.

Version History

1.2.5

  • Added syslog-ng and remote logging

1.2.4

  • Capitilising header section in README for consistency

1.2.3

  • Adding header and tags to README

1.2.2

  • Fixing markdown in README

1.2.1

  • Version bump

1.2

  • Rebuild for FreeBSD 12_3 and 13 & pot 13

1.1

  • Updated OpenLDAP image with mount-in persistent storage, multi-master server option

1.0.1

  • First bash at OpenLDAP image

1.0.0

  • Initial commit These images were built on Tue Apr 12 20:50:18 UTC 2022

Manual Image Download Links

openldap-amd64-13_0_1.2.5.xz ( 531.088 MB )
openldap-amd64-13_0_1.2.5.xz.skein ( 0.250977 KB ) openldap-amd64-13_0_1.2.5.xz.meta ( 0.00195312 KB )

openldap-amd64-12_3_1.2.5.xz ( 575.923 MB )
openldap-amd64-12_3_1.2.5.xz.skein ( 0.250977 KB ) openldap-amd64-12_3_1.2.5.xz.meta ( 0.00195312 KB )

Jenkins Pot Creation Logs

openldap-amd64-13_0_1.2.5:


openldap/openldap:
copy-in -s /usr/local/etc/pot/flavours/openldap.d/slapd.conf -d /root/slapd.conf
copy-in -s /usr/local/etc/pot/flavours/openldap.d/syslog-ng.conf.in -d /root/syslog-ng.conf.in
openldap/openldap.sh:
#!/bin/sh

# Based on POTLUCK TEMPLATE v3.0
# Altered by Michael Gmelin
#
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - true or false
# 2. If RUNS_IN_NOMAD is false, can delete the <flavour>+4 file, else
#    make sure pot create command doesn't include it
# 3. Create a matching <flavour> file with this <flavour>.sh file that
#    contains the copy-in commands for the config files from <flavour>.d/
#    Remember that the package directories don't exist yet, so likely copy
#    to /root
# 4. Adjust package installation between BEGIN & END PACKAGE SETUP
# 5. Adjust jail configuration script generation between BEGIN & END COOK
#    Configure the config files that have been copied in where necessary

# Set this to true if this jail flavour is to be created as a nomad (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script is installed
# appropriately at the end of this script
RUNS_IN_NOMAD=false

# set the cook log path/filename
COOKLOG=/var/log/cook.log

# check if cooklog exists, create it if not
if [ ! -e $COOKLOG ]
then
    echo "Creating $COOKLOG" | tee -a $COOKLOG
else
    echo "WARNING $COOKLOG already exists"  | tee -a $COOKLOG
fi
date >> $COOKLOG

# -------------------- COMMON ---------------

STEPCOUNT=0
step() {
  STEPCOUNT=$(expr "$STEPCOUNT" + 1)
  STEP="$@"
  echo "Step $STEPCOUNT: $STEP" | tee -a $COOKLOG
}

exit_ok() {
  trap - EXIT
  exit 0
}

FAILED=" failed"
exit_error() {
  STEP="$@"
  FAILED=""
  exit 1
}

set -e
trap 'echo ERROR: $STEP$FAILED | (>&2 tee -a $COOKLOG)' EXIT

# -------------- BEGIN PACKAGE SETUP -------------

step "Bootstrap package repo"
mkdir -p /usr/local/etc/pkg/repos
# shellcheck disable=SC2016
test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \
  echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly" }' \
    >/usr/local/etc/pkg/repos/FreeBSD.conf
ASSUME_ALWAYS_YES=yes pkg bootstrap

step "Touch /etc/rc.conf"
touch /etc/rc.conf

# this is important, otherwise running /etc/rc from cook will
# overwrite the IP address set in tinirc
step "Remove ifconfig_epair0b from config"
# shellcheck disable=SC2015
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true

step "Disable sendmail"
service sendmail onedisable

# optionally disable ssh access
#step "Disable sshd"
#service sshd onedisable || true

step "Create /usr/local/etc/rc.d"
mkdir -p /usr/local/etc/rc.d

step "Install package sudo"
pkg install -y sudo

step "Install package openssl"
pkg install -y openssl

step "Install package jq"
pkg install -y jq

step "Install package jo"
pkg install -y jo

step "Install package curl"
pkg install -y curl

step "Install package syslog-ng"
pkg install -y syslog-ng

# openldap25 has missing slap* binaries and other files
step "Install package openldap24-server"
pkg install -y openldap24-server

# should be installed with above
step "Install package openldap24-client"
pkg install -y openldap24-client

step "Install package ldap-account-manager"
pkg install -y ldap-account-manager

step "Install package apache24"
pkg install -y apache24

step "Enable apache24 in /etc/rc.conf"
#sysrc apache24_enable="yes"
service apache24 enable

step "Install package php74"
pkg install -y mod_php74

step "Clean package installation"
pkg clean -y

step "Create necessary directories if they don't exist"
# create some necessary directories
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
mkdir -p /mnt/openldap-data
mkdir -p /var/db/run/
mkdir -p /usr/local/etc/openldap/slapd.d

step "Set ldap owner on /mnt/openldap-data"
chown -R ldap:ldap /mnt/openldap-data

step "Set 700 permissions on /mnt/openldap-data"
chmod 700 /mnt/openldap-data

step "Set ldap owner on /usr/local/etc/openldap/slapd.d"
chown -R ldap:ldap /usr/local/etc/openldap/slapd.d

# -------------- END PACKAGE SETUP -------------

#
# Create configurations
#

#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#

# clear any old cook runtime file
step "Clean cook artifacts"
rm -rf /usr/local/bin/cook

# this runs when image boots
# ----------------- BEGIN COOK ------------------

step "Create cook script"
echo "#!/bin/sh
RUNS_IN_NOMAD=$RUNS_IN_NOMAD
# declare this again for the pot image, might work carrying variable through like
# with above
COOKLOG=/var/log/cook.log

# No need to change this, just ensures configuration is done only once
if [ -e /usr/local/etc/pot-is-seasoned ]
then
    # If this pot flavour is blocking (i.e. it should not return),
    # we block indefinitely
    if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
    then
        /bin/sh /etc/rc
        tail -f /dev/null
    fi
    exit 0
fi

# ADJUST THIS: STOP SERVICES AS NEEDED BEFORE CONFIGURATION
#

# stop openldap, shouldn't be running
# will give an error because /usr/local/etc/openldap/slapd.d/cn=config doesn't exist
# grep: /usr/local/etc/openldap/slapd.d/cn=config/olcDatabase=*: No such file or directory
# slapd not running? (check /var/run/openldap/slapd.pid).
#
#/usr/local/etc/rc.d/slapd onestop  || true
service slapd onestop || true

# stop apache, shouldn't be running
#
#/usr/local/etc/rc.d/apache24 onestop  || true
service apache24 onestop || true

# No need to adjust this:
# If this pot flavour is not blocking, we need to read the environment first from /tmp/environment.sh
# where pot is storing it in this case
if [ -e /tmp/environment.sh ]
then
    . /tmp/environment.sh
fi
#
# ADJUST THIS BY CHECKING FOR ALL VARIABLES YOUR FLAVOUR NEEDS:
# Check config variables are set
#
if [ -z \${DOMAIN+x} ]; then
    echo 'DOMAIN is unset - see documentation how to pass in a domain name as a parameter'
    exit 1
fi
if [ -z \${MYCREDS+x} ]; then
    echo 'MYCREDS is unset - see documentation for how to pass in openldap admin password as a parameter'
    exit 1
fi
if [ -z \${HOSTNAME+x} ]; then
    echo 'HOSTNAME is unset - please set a hostname for apache - see documentation for how to pass in the hostname as a parameter'
    exit 1
fi
if [ -z \${IP+x} ]; then
    echo 'IP is unset - please include the IP address - see documentation for how to pass in the IP address as a parameter'
    exit 1
fi
if [ -z \${SERVERID+x} ]; then
    echo 'SERVERID is unset - please include the server id of 001 or 002 - see documentation for how to pass in the server id as a parameter'
    exit 1
fi
if [ -z \${REMOTEIP+x} ]; then
    echo 'REMOTEIP is unset - please include the Remote IP address if this is a multi-master setup - see documentation for how to pass in the remote IP address as a parameter'
fi
# Remotelog is a remote syslog server, need to pass in IP
if [ -z \${REMOTELOG+x} ]; then
    echo 'REMOTELOG is unset - see documentation how to configure this flavour'
    REMOTELOG=0
fi

#
# ADJUST THIS BELOW: NOW ALL THE CONFIGURATION FILES NEED TO BE CREATED:
# Don't forget to double(!)-escape quotes and dollar signs in the config files
#
# Important there MUST be empty lines between the config sections
#


# check that /mnt/openldap-data exists
if [ -d /mnt/openldap-data ]; then
    echo \"INFO: /mnt/openldap-data exists. All good.\"
else
    echo \"ERROR: /mnt/openldap-data does not exist. Where is the persistent storage?\"
    exit 1
fi

# double check permissions on directories
chown -R ldap:ldap /mnt/openldap-data
chmod 700 /mnt/openldap-data
chown -R ldap:ldap /usr/local/etc/openldap/slapd.d

# start certificates config
# setup self-signed certificates before openldap

# openssl self-generated certs
echo \"Creating directory for openldap ssl certificates\"
mkdir -p /usr/local/etc/openldap/private/

echo \"Setting up openldap ssl certificates\"
cd /usr/local/etc/openldap/private/
/usr/bin/openssl req -new -x509 -days 3650 -nodes -keyout ca.key -out /usr/local/etc/openldap/ca.crt -subj \"/C=CC/ST=Province/L=City/O=None/CN=\${DOMAIN}\"
/usr/bin/openssl req -new -nodes  -keyout server.key -out /usr/local/etc/openldap/server.csr -subj \"/C=CC/ST=Province/L=City/O=None/CN=\${DOMAIN}\"
/usr/bin/openssl x509 -req -days 3650 -in /usr/local/etc/openldap/server.csr -out /usr/local/etc/openldap/server.crt -CA /usr/local/etc/openldap/ca.crt -CAkey ca.key -CAcreateserial
/usr/bin/openssl req -nodes -new -keyout client.key -out client.csr -subj \"/C=CC/ST=Province/L=City/O=None/CN=\${DOMAIN}\"
/usr/bin/openssl x509 -req -days 3650 -in client.csr -out /usr/local/etc/openldap/client.crt -CA /usr/local/etc/openldap/ca.crt -CAkey ca.key
cd ~

# end certificates config

# start ldap config

# create local syslog dir
echo \"Creating custom syslog parameters for slapd\"
touch /var/log/slapd.log
mkdir -p /usr/local/etc/syslog.d/
echo \"# openldap pot image additions
!slapd
*.*                                                           /var/log/slapd.log\" > /usr/local/etc/syslog.d/slapd.conf
# restart syslog and sleep
service syslogd restart
sleep 5

# split domain into parts
MYSUFFIX=\$(echo \${DOMAIN} | awk -F '.' 'NF>=2 {print \$(NF-1)}')
MYTLD=\$(echo \${DOMAIN} | awk -F '.' 'NF>=2 {print \$(NF)}')
echo \"From DOMAIN of \${DOMAIN} we get MYSUFFIX of \${MYSUFFIX} and MYTLD of \${MYTLD}\"

# multi-master setup for slapd.conf
# if we have a value for remoteip and a value for server id, set a server id and append the multimaster setup
# to slapd.conf
if [ ! -z \${REMOTEIP+x} ]; then
    # set server id
    /usr/bin/sed -i .orig \"s|# serverID SETSERVERID|serverID \${SERVERID}|g\" /root/slapd.conf
    # set root dn
    /usr/bin/sed -i .orig \"s|dc=MYSUFFIX,dc=MYTLD|dc=\${MYSUFFIX},dc=\${MYTLD}|g\" /root/slapd.conf

    # append multimaster config to slapd.conf
    echo \"syncrepl rid=000
 provider=ldap://\${REMOTEIP}
 type=refreshAndPersist
 retry=\\\"5 5 300 +\\\"
 searchbase=\\\"dc=\${MYSUFFIX},dc=\${MYTLD}\\\"
 attrs=\\\"*,+\\\"
 bindmethod=simple
 binddn=\\\"cn=Manager,dc=\${MYSUFFIX},dc=\${MYTLD}\\\"
 credentials=ofcsecret

# Indices to maintain
index default pres,eq
index uid,memberUid,gidNumber

# Create indexes for attribute cn (commonname) and givenName
# EQUALITY, SUBSTR searches and provides optimization
# for sc=a* type searches
index cn,givenName eq,sub,subinitial

# Create indexes for sn (surname) on EQUALITY and SUBSTR searches
index sn eq,sub

# Creates indexes for attribute mail on presence, EQUALITY and SUBSTR
index mail pres,eq,sub

# Optimises searches of form objectclass=person
# index objectclass eq
# already added

# Syncprov indexes
index entryCSN eq
index entryUUID eq
# Mirror mode essential to allow writes and must appear after all syncrepl directives
mirrormode TRUE

# Define the provider to use the syncprov overlay (last directives in database section)
overlay syncprov

# contextCSN saved to database every 100 updates or 10 mins.
syncprov-checkpoint 100 10
syncprov-sessionlog 100\" >> /root/slapd.conf

    echo \"Copying in custom slapd.conf with back_mdb enabled and multiserver setup\"
    cp -f /root/slapd.conf /usr/local/etc/openldap/slapd.conf
else
    # copy over slapd.conf without cluster config
    echo \"No variables set for REMOTEIP \${REMOTEIP} and SERVERID \${SERVERID}, single server setup only\"
    # set root dn
    /usr/bin/sed -i .orig \"s|dc=MYSUFFIX,dc=MYTLD|dc=\${MYSUFFIX},dc=\${MYTLD}|g\" /root/slapd.conf
    echo \"Copying in custom slapd.conf with back_mdb enabled for single server setup\"
    cp -f /root/slapd.conf /usr/local/etc/openldap/slapd.conf
fi

# set owner ldap:ldap on /usr/local/etc/openldap/slapd.conf
echo \"Setting ldap owner on /usr/local/etc/openldap/slapd.conf\"
chown ldap:ldap /usr/local/etc/openldap/slapd.conf

# make sure not world-readable
echo \"Removing world-readable settings on /usr/local/etc/openldap/slapd.conf\"
chmod o-rwx /usr/local/etc/openldap/slapd.conf

# create password
if [ -x /usr/local/sbin/slappasswd ]; then
    SETSLAPPASS=\$(/usr/local/sbin/slappasswd -s \${MYCREDS})
    echo \"Generated slappassword output is \${SETSLAPPASS}\"
fi

# Setup default slapd.ldif
echo \"Generating /usr/local/etc/openldap/slapd.ldif\"

echo \"# This file should NOT be world readable.
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/db/run/slapd.args
olcPidFile: /var/db/run/slapd.pid
#olcSecurity: ssf=1 update_ssf=112 simple_bind=64
# enable 128 bit TLS
olcSecurity: ssf=128
olcTLSCACertificatePath: /usr/local/etc/openldap/
olcTLSCertificateFile: /usr/local/etc/openldap/server.crt
olcTLSCertificateKeyFile: /usr/local/etc/openldap/private/server.key
olcTLSCACertificateFile: /usr/local/etc/openldap/ca.crt
olcTLSCipherSuite: HIGH:MEDIUM:+SSLv3
olcTLSProtocolMin: 3.1
olcTLSVerifyClient: never
structuralObjectClass: olcGlobal

dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema

include: file:///usr/local/etc/openldap/schema/core.ldif
include: file:///usr/local/etc/openldap/schema/cosine.ldif
include: file:///usr/local/etc/openldap/schema/inetorgperson.ldif
include: file:///usr/local/etc/openldap/schema/nis.ldif

dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/local/libexec/openldap
olcModuleload: back_mdb.la

dn: olcDatabase=frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: frontend
olcAccess: to * by * read

dn: olcDatabase=config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: config
olcRootDN: cn=Manager,cn=config
# generate a password by running slappasswd
# sample pass is password, set a new password with slappasswd
# and replace text here
olcRootPW: \${SETSLAPPASS}
olcMonitoring: FALSE
olcAccess: to * by * none

# LMDB database definitions
dn: olcDatabase=mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: mdb
olcSuffix: dc=\${MYSUFFIX},dc=\${MYTLD}
olcRootDN: cn=Manager,dc=\${MYSUFFIX},dc=\${MYTLD}
# generate a password by running slappasswd
# sample pass is password, set a new password with slappasswd
# and replace text here
olcRootPW: \${SETSLAPPASS}
olcDbDirectory: /mnt/openldap-data
olcDbIndex: objectClass eq
\" > /usr/local/etc/openldap/slapd.ldif

# set owner ldap
echo \"Setting ldap owner on /usr/local/etc/openldap/slapd.ldif\"
chown ldap:ldap /usr/local/etc/openldap/slapd.ldif
#

# make sure not world-readable
#
echo \"Removing world-readable settings on /usr/local/etc/openldap/slapd.ldif\"
chmod o-rwx /usr/local/etc/openldap/slapd.ldif
#

echo \"Generating /usr/local/etc/openldap/ldap.conf\"
echo \"
#BASE    dc=domain,dc=com
#URI     ldap:// ldaps://
BASE    dc=\${MYSUFFIX},dc=\${MYTLD}
URI     ldap://\${IP} ldaps://\${IP}
SIZELIMIT       0
TIMELIMIT       15
DEREF          never
TLS_CACERT /usr/local/etc/openldap/ca.crt
TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3\" >> /usr/local/etc/openldap/ldap.conf

# set perms
chown ldap:ldap /usr/local/etc/openldap/ldap.conf
chmod 644 /usr/local/etc/openldap/ldap.conf

# remove any old config
#
echo \"Removing old openldap config data in /usr/local/etc/openldap/slapd.d/\"
rm -r /usr/local/etc/openldap/slapd.d/*
#

# set permissions so that ldap user owns /usr/local/etc/openldap/slapd.d/
# this is critical to making the below work
#
echo \"Setting ldap owner on /usr/local/etc/openldap/slapd.d/\"
chown -R ldap:ldap /usr/local/etc/openldap/slapd.d/
#

# build a basic config from the included slapd.CONF file (capitalised for emphasis)
# -f read from config file, -F write to config dir
# slapcat -b cn=config -f /usr/local/etc/openldap/slapd.conf -F /usr/local/etc/openldap/slapd.d/
#
echo \"Building simple configuration file\"
/usr/local/sbin/slapcat -n 0 -f /usr/local/etc/openldap/slapd.conf -F /usr/local/etc/openldap/slapd.d/
#

#
# import configuration ldif file, uses -c to continue on error, database 0
echo \"Importing configuration ldif\"
/usr/local/sbin/slapadd -c -n 0 -F /usr/local/etc/openldap/slapd.d/ -l /usr/local/etc/openldap/slapd.ldif
#

# create import scripts
echo \"Creating config import script: /root/importldapconfig.sh\"
echo \"#!/bin/sh
if [ -f /root/config.ldif ]; then
    /usr/local/sbin/slapadd -c -n 0 -F /usr/local/etc/openldap/slapd.d/ -l /root/config.ldif
fi\" > /root/importldapconfig.sh

# setting execute perms
chmod +x /root/importldapconfig.sh

# create import data script
echo \"Creating data import script: /root/importldapdata.sh\"
echo \"#!/bin/sh
if [ -f /root/data.ldif ]; then
    /usr/local/sbin/slapadd -c -n 1 -F /usr/local/etc/openldap/slapd.d/ -l /root/data.ldif
fi\" > /root/importldapdata.sh

# setting execute perms
chmod +x /root/importldapdata.sh

# enable openldap and set config options
#
echo \"Enabling slapd service\"
service slapd enable
# sysrc doesn't seem to add this correctly so echo in
echo \"slapd_flags='-4 -h \\\"ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://\${IP}/ ldaps://\${IP}/\\\"'\" >> /etc/rc.conf
# set cn=config directory config settings
sysrc slapd_cn_config=\"YES\"
sysrc slapd_sockets=\"/var/run/openldap/ldapi\"
# makes root stuff work, currently unset
# sysrc slapd_owner=\"DEFAULT\"

# to-do
# set backup to /mnt/openldap-settings
# add a script to crontab which runs slapcat
# and outputs to a second mount in persistent storage

# end openldap config

# start apache24 config

# Adjust document root to /usr/local/www/lam in /usr/local/etc/apache24/httpd.conf
# /usr/local/www/apache24/data appears twice only, so simple sed replace of both should suffice
#
if [ -f /usr/local/etc/apache24/httpd.conf ]; then
    echo \"Changing document root for apache to openldap lam\"
    /usr/bin/sed -i .orig 's|/usr/local/www/apache24/data|/usr/local/www/lam|g' /usr/local/etc/apache24/httpd.conf

    echo \"Setting Listen to \${IP}:80\"
    /usr/bin/sed -i .orig \"s|Listen 80|Listen \${IP}:80|g\" /usr/local/etc/apache24/httpd.conf

    echo \"Setting ServerName to \${HOSTNAME}:80\"
    /usr/bin/sed -i .orig \"s|#ServerName www.example.com:80|ServerName \${HOSTNAME}:80|g\" /usr/local/etc/apache24/httpd.conf

    # adjust /usr/local/etc/apache24/httpd.conf and replace <IfModule dir_module> with the following content:
    # note: we can simply append to the httpd.conf file and it will overwrite prior values
    #
    echo \"Making other changes to httpd.conf\"
    echo \"
<IfModule dir_module>
    DirectoryIndex index.php index.html
    <FilesMatch \\\"\.php$\\\">
        SetHandler application/x-httpd-php
     </FilesMatch>
    <FilesMatch \\\"\.phps$\\\">
        SetHandler application/x-httpd-php-source
    </FilesMatch>
</IfModule>\" >> /usr/local/etc/apache24/httpd.conf
fi
#
# end apache24 config #

## remote syslogs
if [ \"\${REMOTELOG}\" != \"0\" ]; then
    config_version=\$(/usr/local/sbin/syslog-ng --version | grep '^Config version:' | awk -F: '{ print \$2 }' | xargs)

    # read in template conf file, update remote log IP address, and
    # write to correct destination
    < /root/syslog-ng.conf.in \
      sed \"s|%%config_version%%|\$config_version|g\" | \
      sed \"s|%%remotelogip%%|\$REMOTELOG|g\" > /usr/local/etc/syslog-ng.conf

    # stop and disable syslogd
    service syslogd onestop || true
    service syslogd disable

    # enable and start syslog-ng
    service syslog-ng enable
    sysrc syslog_ng_flags=\"-R /tmp/syslog-ng.persist\"
    service syslog-ng start
fi

# ADJUST THIS: START THE SERVICES AGAIN AFTER CONFIGURATION
echo \"Starting openldap and apache\"
service slapd start
service apache24 restart

#
# Do not touch this:
touch /usr/local/etc/pot-is-seasoned

# If this pot flavour is blocking (i.e. it should not return), there is no /tmp/environment.sh
# created by pot and we now after configuration block indefinitely
if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
then
    /bin/sh /etc/rc
    tail -f /dev/null
fi
" > /usr/local/bin/cook

# ----------------- END COOK ------------------


# ---------- NO NEED TO EDIT BELOW ------------

step "Make cook script executable"
if [ -e /usr/local/bin/cook ]
then
    echo "setting executable bit on /usr/local/bin/cook" | tee -a $COOKLOG
    chmod u+x /usr/local/bin/cook
else
    exit_error "there is no /usr/local/bin/cook to make executable"
fi

#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#

# Create rc.d script for "normal" mode:
step "Create rc.d script to start cook"
echo "creating rc.d script to start cook" | tee -a $COOKLOG

echo "#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name=\"cook\"
rcvar=\"cook_enable\"
load_rc_config \$name
: \${cook_enable:=\"NO\"}
: \${cook_env:=\"\"}
command=\"/usr/local/bin/cook\"
command_args=\"\"
run_rc_command \"\$1\"
" > /usr/local/etc/rc.d/cook

step "Make rc.d script to start cook executable"
if [ -e /usr/local/etc/rc.d/cook ]
then
  echo "Setting executable bit on cook rc file" | tee -a $COOKLOG
  chmod u+x /usr/local/etc/rc.d/cook
else
  exit_error "/usr/local/etc/rc.d/cook does not exist"
fi

if [ "$RUNS_IN_NOMAD" != "true" ]
then
  step "Enable cook service"
  # This is a non-nomad (non-blocking) jail, so we need to make sure the script
  # gets started when the jail is started:
  # Otherwise, /usr/local/bin/cook will be set as start script by the pot flavour
  echo "enabling cook" | tee -a $COOKLOG
  service cook enable
fi

# -------------------- DONE ---------------
exit_ok

openldap/openldap+1:
openldap/openldap+1.sh:

openldap/openldap+2:
openldap/openldap+2.sh:

openldap/openldap+3:
openldap/openldap+3.sh:

openldap/openldap+4:
set-cmd -c "/usr/local/bin/cook"
openldap/openldap+4.sh:
Password:===>  Creating a new pot
===>  pot name     : openldap-amd64-13_0
===>  type         : single
===>  base         : 13.0
===>  pot_base     : 
===>  level        : 0
===>  network-type : public-bridge
===>  network-stack: ipv4
===>  ip           : 10.192.0.5
===>  bridge       : 
===>  dns          : inherit
===>  flavours     : fbsd-update openldap openldap+1 openldap+2 openldap+3 openldap+4
===>  Fetching FreeBSD 13.0
===>  Extract the tarball
=====>  Flavour: fbsd-update
=====>  Starting openldap-amd64-13_0 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
defaultrouter: NO -> 10.192.0.1
===>  Starting the pot openldap-amd64-13_0
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:4b:f8:d3:fb:0b
	inet 10.192.0.5 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating /var/run/os-release done.
Creating and/or trimming log files.
Clearing /tmp (X related).
Updating motd:.
Starting syslogd.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Starting cron.

Tue Apr 12 20:31:49 UTC 2022
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp/fbsd-update.sh
=====>  Executing fbsd-update script on openldap-amd64-13_0
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching public key from update1.freebsd.org... done.
Fetching metadata signature for 13.0-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 194 patches.....10....20....30....40....50....60....70....80....90....100....110....120....130....140....150....160....170....180....190.. done.
Applying patches... done.
Fetching 15 files... ....10.. done.
The following files will be removed as part of updating to
13.0-RELEASE-p11:
/etc/ssl/certs/080911ac.0
/etc/ssl/certs/0b7c536a.0
/etc/ssl/certs/0c4c9b6c.0
/etc/ssl/certs/116bf586.0
/etc/ssl/certs/1320b215.0
/etc/ssl/certs/26312675.0
/etc/ssl/certs/349f2832.0
/etc/ssl/certs/442adcac.0
/etc/ssl/certs/5a4d6896.0
/etc/ssl/certs/9c2e7d30.0
/etc/ssl/certs/a8dee976.0
/etc/ssl/certs/b1b8a7f3.0
/etc/ssl/certs/c01cdfa2.0
/etc/ssl/certs/c47d9980.0
/etc/ssl/certs/cb59f961.0
/etc/ssl/certs/d853d49e.0
/etc/ssl/certs/dc45b0bd.0
/etc/ssl/certs/ee1365c0.0
/etc/ssl/certs/f90208f7.0
/usr/share/certs/trusted/Camerfirma_Chambers_of_Commerce_Root.pem
/usr/share/certs/trusted/Camerfirma_Global_Chambersign_Root.pem
/usr/share/certs/trusted/Certum_Root_CA.pem
/usr/share/certs/trusted/Chambers_of_Commerce_Root_-_2008.pem
/usr/share/certs/trusted/D-TRUST_Root_CA_3_2013.pem
/usr/share/certs/trusted/EC-ACC.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem
/usr/share/certs/trusted/Global_Chambersign_Root_-_2008.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GA_CA.pem
/usr/share/certs/trusted/QuoVadis_Root_CA.pem
/usr/share/certs/trusted/Sonera_Class_2_Root_CA.pem
/usr/share/certs/trusted/Staat_der_Nederlanden_Root_CA_-_G3.pem
/usr/share/certs/trusted/SwissSign_Platinum_CA_-_G2.pem
/usr/share/certs/trusted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/trusted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/trusted/Trustis_FPS_Root_CA.pem
/usr/share/certs/trusted/VeriSign_Universal_Root_Certification_Authority.pem
/usr/share/certs/trusted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
The following files will be added as part of updating to
13.0-RELEASE-p11:
/etc/ssl/blacklisted/080911ac.0
/etc/ssl/blacklisted/0b7c536a.0
/etc/ssl/blacklisted/0c4c9b6c.0
/etc/ssl/blacklisted/116bf586.0
/etc/ssl/blacklisted/1320b215.0
/etc/ssl/blacklisted/26312675.0
/etc/ssl/blacklisted/349f2832.0
/etc/ssl/blacklisted/442adcac.0
/etc/ssl/blacklisted/5a4d6896.0
/etc/ssl/blacklisted/9c2e7d30.0
/etc/ssl/blacklisted/a8dee976.0
/etc/ssl/blacklisted/b1b8a7f3.0
/etc/ssl/blacklisted/c01cdfa2.0
/etc/ssl/blacklisted/c47d9980.0
/etc/ssl/blacklisted/cb59f961.0
/etc/ssl/blacklisted/d853d49e.0
/etc/ssl/blacklisted/dc45b0bd.0
/etc/ssl/blacklisted/ee1365c0.0
/etc/ssl/blacklisted/f90208f7.0
/etc/ssl/certs/002c0b4f.0
/etc/ssl/certs/9482e63a.0
/etc/ssl/certs/b433981b.0
/etc/ssl/certs/b81b93f0.0
/etc/ssl/certs/e35234b1.0
/etc/ssl/certs/fa5da96b.0
/etc/ssl/certs/feffd413.0
/usr/include/c++/v1/barrier
/usr/include/c++/v1/concepts
/usr/include/c++/v1/execution
/usr/include/c++/v1/latch
/usr/include/c++/v1/numbers
/usr/include/c++/v1/semaphore
/usr/include/c++/v1/tr1/barrier
/usr/include/c++/v1/tr1/concepts
/usr/include/c++/v1/tr1/execution
/usr/include/c++/v1/tr1/latch
/usr/include/c++/v1/tr1/numbers
/usr/include/c++/v1/tr1/semaphore
/usr/share/certs/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem
/usr/share/certs/blacklisted/Camerfirma_Global_Chambersign_Root.pem
/usr/share/certs/blacklisted/Certum_Root_CA.pem
/usr/share/certs/blacklisted/Chambers_of_Commerce_Root_-_2008.pem
/usr/share/certs/blacklisted/D-TRUST_Root_CA_3_2013.pem
/usr/share/certs/blacklisted/EC-ACC.pem
/usr/share/certs/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem
/usr/share/certs/blacklisted/Global_Chambersign_Root_-_2008.pem
/usr/share/certs/blacklisted/OISTE_WISeKey_Global_Root_GA_CA.pem
/usr/share/certs/blacklisted/QuoVadis_Root_CA.pem
/usr/share/certs/blacklisted/Sonera_Class_2_Root_CA.pem
/usr/share/certs/blacklisted/Staat_der_Nederlanden_Root_CA_-_G3.pem
/usr/share/certs/blacklisted/SwissSign_Platinum_CA_-_G2.pem
/usr/share/certs/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/blacklisted/Trustis_FPS_Root_CA.pem
/usr/share/certs/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem
/usr/share/certs/blacklisted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/blacklisted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
/usr/share/certs/trusted/ANF_Secure_Server_Root_CA.pem
/usr/share/certs/trusted/Certum_EC-384_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Root_CA.pem
/usr/share/certs/trusted/GLOBALTRUST_2020.pem
/usr/share/certs/trusted/GlobalSign_Root_E46.pem
/usr/share/certs/trusted/GlobalSign_Root_R46.pem
/usr/share/zoneinfo/Pacific/Kanton
The following files will be updated as part of updating to
13.0-RELEASE-p11:
/bin/freebsd-version
/lib/libalias.so.7
/lib/libcasper.so.1
/lib/libcrypto.so.111
/lib/libz.so.6
/lib/libzpool.so.2
/rescue/[
/rescue/bectl
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chgrp
/rescue/chio
/rescue/chmod
/rescue/chown
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/geom
/rescue/getfacl
/rescue/glabel
/rescue/gpart
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/head
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/iscsictl
/rescue/iscsid
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/less
/rescue/link
/rescue/ln
/rescue/ls
/rescue/lzcat
/rescue/lzma
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/more
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mt
/rescue/mv
/rescue/nc
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pgrep
/rescue/ping
/rescue/ping6
/rescue/pkill
/rescue/poweroff
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sed
/rescue/setfacl
/rescue/sh
/rescue/shutdown
/rescue/sleep
/rescue/spppcontrol
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tail
/rescue/tar
/rescue/tcsh
/rescue/tee
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/unlzma
/rescue/unxz
/rescue/unzstd
/rescue/vi
/rescue/whoami
/rescue/xz
/rescue/xzcat
/rescue/zcat
/rescue/zdb
/rescue/zfs
/rescue/zpool
/rescue/zstd
/rescue/zstdcat
/rescue/zstdmt
/sbin/fsck_4.2bsd
/sbin/fsck_ffs
/sbin/fsck_ufs
/sbin/fsdb
/sbin/ggatec
/usr/bin/bc
/usr/bin/dc
/usr/bin/openssl
/usr/bin/tail
/usr/include/net80211/ieee80211_input.h
/usr/include/openssl/opensslv.h
/usr/include/private/event1/event.h
/usr/lib/libalias.a
/usr/lib/libalias_p.a
/usr/lib/libcrypto.a
/usr/lib/libcrypto_p.a
/usr/lib/libfetch.a
/usr/lib/libfetch.so.6
/usr/lib/libfetch_p.a
/usr/lib/libprivateevent1.a
/usr/lib/libprivateevent1.so.1
/usr/lib/libprivateevent1_p.a
/usr/lib/libradius.a
/usr/lib/libradius.so.4
/usr/lib/libradius_p.a
/usr/lib/libssl.a
/usr/lib/libssl.so.111
/usr/lib/libssl_p.a
/usr/lib/libz.a
/usr/lib/libz_p.a
/usr/lib/libzpool.a
/usr/sbin/bhyve
/usr/sbin/ftp-proxy
/usr/sbin/hostapd
/usr/sbin/ntp-keygen
/usr/sbin/wpa_cli
/usr/sbin/wpa_supplicant
/usr/sbin/ypldap
/usr/sbin/zdb
/usr/share/certs/trusted/ACCVRAIZ1.pem
/usr/share/certs/trusted/AC_RAIZ_FNMT-RCM.pem
/usr/share/certs/trusted/Actalis_Authentication_Root_CA.pem
/usr/share/certs/trusted/AffirmTrust_Commercial.pem
/usr/share/certs/trusted/AffirmTrust_Networking.pem
/usr/share/certs/trusted/AffirmTrust_Premium.pem
/usr/share/certs/trusted/AffirmTrust_Premium_ECC.pem
/usr/share/certs/trusted/Amazon_Root_CA_1.pem
/usr/share/certs/trusted/Amazon_Root_CA_2.pem
/usr/share/certs/trusted/Amazon_Root_CA_3.pem
/usr/share/certs/trusted/Amazon_Root_CA_4.pem
/usr/share/certs/trusted/Atos_TrustedRoot_2011.pem
/usr/share/certs/trusted/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
/usr/share/certs/trusted/Baltimore_CyberTrust_Root.pem
/usr/share/certs/trusted/Buypass_Class_2_Root_CA.pem
/usr/share/certs/trusted/Buypass_Class_3_Root_CA.pem
/usr/share/certs/trusted/CA_Disig_Root_R2.pem
/usr/share/certs/trusted/CFCA_EV_ROOT.pem
/usr/share/certs/trusted/COMODO_Certification_Authority.pem
/usr/share/certs/trusted/COMODO_ECC_Certification_Authority.pem
/usr/share/certs/trusted/COMODO_RSA_Certification_Authority.pem
/usr/share/certs/trusted/Certigna.pem
/usr/share/certs/trusted/Certigna_Root_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Network_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Network_CA_2.pem
/usr/share/certs/trusted/Comodo_AAA_Services_root.pem
/usr/share/certs/trusted/Cybertrust_Global_Root.pem
/usr/share/certs/trusted/D-TRUST_Root_Class_3_CA_2_2009.pem
/usr/share/certs/trusted/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
/usr/share/certs/trusted/DST_Root_CA_X3.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_G2.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_G3.pem
/usr/share/certs/trusted/DigiCert_Global_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Global_Root_G2.pem
/usr/share/certs/trusted/DigiCert_Global_Root_G3.pem
/usr/share/certs/trusted/DigiCert_High_Assurance_EV_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Trusted_Root_G4.pem
/usr/share/certs/trusted/E-Tugra_Certification_Authority.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_EC1.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_G2.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_G4.pem
/usr/share/certs/trusted/Entrust_net_Premium_2048_Secure_Server_CA.pem
/usr/share/certs/trusted/GDCA_TrustAUTH_R5_ROOT.pem
/usr/share/certs/trusted/GTS_Root_R1.pem
/usr/share/certs/trusted/GTS_Root_R2.pem
/usr/share/certs/trusted/GTS_Root_R3.pem
/usr/share/certs/trusted/GTS_Root_R4.pem
/usr/share/certs/trusted/GlobalSign_ECC_Root_CA_-_R4.pem
/usr/share/certs/trusted/GlobalSign_ECC_Root_CA_-_R5.pem
/usr/share/certs/trusted/GlobalSign_Root_CA.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R2.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R3.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R6.pem
/usr/share/certs/trusted/Go_Daddy_Class_2_CA.pem
/usr/share/certs/trusted/Go_Daddy_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
/usr/share/certs/trusted/Hongkong_Post_Root_CA_1.pem
/usr/share/certs/trusted/Hongkong_Post_Root_CA_3.pem
/usr/share/certs/trusted/ISRG_Root_X1.pem
/usr/share/certs/trusted/IdenTrust_Commercial_Root_CA_1.pem
/usr/share/certs/trusted/IdenTrust_Public_Sector_Root_CA_1.pem
/usr/share/certs/trusted/Izenpe_com.pem
/usr/share/certs/trusted/Microsec_e-Szigno_Root_CA_2009.pem
/usr/share/certs/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem
/usr/share/certs/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem
/usr/share/certs/trusted/NAVER_Global_Root_Certification_Authority.pem
/usr/share/certs/trusted/NetLock_Arany__Class_Gold__F__tan__s__tv__ny.pem
/usr/share/certs/trusted/Network_Solutions_Certificate_Authority.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GB_CA.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GC_CA.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_1_G3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_2.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_2_G3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_3_G3.pem
/usr/share/certs/trusted/SSL_com_EV_Root_Certification_Authority_ECC.pem
/usr/share/certs/trusted/SSL_com_EV_Root_Certification_Authority_RSA_R2.pem
/usr/share/certs/trusted/SSL_com_Root_Certification_Authority_ECC.pem
/usr/share/certs/trusted/SSL_com_Root_Certification_Authority_RSA.pem
/usr/share/certs/trusted/SZAFIR_ROOT_CA2.pem
/usr/share/certs/trusted/SecureSign_RootCA11.pem
/usr/share/certs/trusted/SecureTrust_CA.pem
/usr/share/certs/trusted/Secure_Global_CA.pem
/usr/share/certs/trusted/Security_Communication_RootCA2.pem
/usr/share/certs/trusted/Security_Communication_Root_CA.pem
/usr/share/certs/trusted/Staat_der_Nederlanden_EV_Root_CA.pem
/usr/share/certs/trusted/Starfield_Class_2_CA.pem
/usr/share/certs/trusted/Starfield_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/Starfield_Services_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/SwissSign_Gold_CA_-_G2.pem
/usr/share/certs/trusted/SwissSign_Silver_CA_-_G2.pem
/usr/share/certs/trusted/T-TeleSec_GlobalRoot_Class_2.pem
/usr/share/certs/trusted/T-TeleSec_GlobalRoot_Class_3.pem
/usr/share/certs/trusted/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
/usr/share/certs/trusted/TWCA_Global_Root_CA.pem
/usr/share/certs/trusted/TWCA_Root_Certification_Authority.pem
/usr/share/certs/trusted/TeliaSonera_Root_CA_v1.pem
/usr/share/certs/trusted/TrustCor_ECA-1.pem
/usr/share/certs/trusted/TrustCor_RootCert_CA-1.pem
/usr/share/certs/trusted/TrustCor_RootCert_CA-2.pem
/usr/share/certs/trusted/Trustwave_Global_Certification_Authority.pem
/usr/share/certs/trusted/Trustwave_Global_ECC_P256_Certification_Authority.pem
/usr/share/certs/trusted/Trustwave_Global_ECC_P384_Certification_Authority.pem
/usr/share/certs/trusted/UCA_Extended_Validation_Root.pem
/usr/share/certs/trusted/UCA_Global_G2_Root.pem
/usr/share/certs/trusted/USERTrust_ECC_Certification_Authority.pem
/usr/share/certs/trusted/USERTrust_RSA_Certification_Authority.pem
/usr/share/certs/trusted/XRamp_Global_CA_Root.pem
/usr/share/certs/trusted/certSIGN_ROOT_CA.pem
/usr/share/certs/trusted/certSIGN_Root_CA_G2.pem
/usr/share/certs/trusted/e-Szigno_Root_CA_2017.pem
/usr/share/certs/trusted/ePKI_Root_Certification_Authority.pem
/usr/share/certs/trusted/emSign_ECC_Root_CA_-_C3.pem
/usr/share/certs/trusted/emSign_ECC_Root_CA_-_G3.pem
/usr/share/certs/trusted/emSign_Root_CA_-_C1.pem
/usr/share/certs/trusted/emSign_Root_CA_-_G1.pem
/usr/share/zoneinfo/Africa/Accra
/usr/share/zoneinfo/America/Anguilla
/usr/share/zoneinfo/America/Antigua
/usr/share/zoneinfo/America/Aruba
/usr/share/zoneinfo/America/Atikokan
/usr/share/zoneinfo/America/Barbados
/usr/share/zoneinfo/America/Blanc-Sablon
/usr/share/zoneinfo/America/Coral_Harbour
/usr/share/zoneinfo/America/Creston
/usr/share/zoneinfo/America/Curacao
/usr/share/zoneinfo/America/Dominica
/usr/share/zoneinfo/America/Grenada
/usr/share/zoneinfo/America/Guadeloupe
/usr/share/zoneinfo/America/Guyana
/usr/share/zoneinfo/America/Kralendijk
/usr/share/zoneinfo/America/Lower_Princes
/usr/share/zoneinfo/America/Marigot
/usr/share/zoneinfo/America/Montserrat
/usr/share/zoneinfo/America/Nassau
/usr/share/zoneinfo/America/Port_of_Spain
/usr/share/zoneinfo/America/Punta_Arenas
/usr/share/zoneinfo/America/Santiago
/usr/share/zoneinfo/America/St_Barthelemy
/usr/share/zoneinfo/America/St_Kitts
/usr/share/zoneinfo/America/St_Lucia
/usr/share/zoneinfo/America/St_Thomas
/usr/share/zoneinfo/America/St_Vincent
/usr/share/zoneinfo/America/Tortola
/usr/share/zoneinfo/America/Virgin
/usr/share/zoneinfo/Antarctica/DumontDUrville
/usr/share/zoneinfo/Antarctica/Syowa
/usr/share/zoneinfo/Asia/Amman
/usr/share/zoneinfo/Asia/Gaza
/usr/share/zoneinfo/Asia/Hebron
/usr/share/zoneinfo/Atlantic/Azores
/usr/share/zoneinfo/Atlantic/Madeira
/usr/share/zoneinfo/Chile/Continental
/usr/share/zoneinfo/Europe/Kiev
/usr/share/zoneinfo/Europe/Lisbon
/usr/share/zoneinfo/Europe/Simferopol
/usr/share/zoneinfo/Europe/Uzhgorod
/usr/share/zoneinfo/Europe/Zaporozhye
/usr/share/zoneinfo/Pacific/Apia
/usr/share/zoneinfo/Pacific/Enderbury
/usr/share/zoneinfo/Pacific/Fiji
/usr/share/zoneinfo/Pacific/Niue
/usr/share/zoneinfo/Pacific/Rarotonga
/usr/share/zoneinfo/Pacific/Tongatapu
/usr/share/zoneinfo/Portugal
/usr/share/zoneinfo/zone.tab
/usr/share/zoneinfo/zone1970.tab
Installing updates...Scanning //usr/share/certs/blacklisted for certificates...
Scanning //usr/share/certs/trusted for certificates...
 done.
=====>  Stop the pot openldap-amd64-13_0
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-13_0/m/dev
=====>  Flavour: openldap
=====>  Executing openldap pot commands on openldap-amd64-13_0
=====>  mount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
=====>  Source /usr/local/etc/pot/flavours/openldap.d/slapd.conf copied in the pot openldap-amd64-13_0
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
=====>  /mnt/srv/pot/jails/openldap-amd64-13_0/m/dev is already unmounted
=====>  mount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
=====>  Source /usr/local/etc/pot/flavours/openldap.d/syslog-ng.conf.in copied in the pot openldap-amd64-13_0
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
=====>  /mnt/srv/pot/jails/openldap-amd64-13_0/m/dev is already unmounted
=====>  Starting openldap-amd64-13_0 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===>  Starting the pot openldap-amd64-13_0
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:fe:bf:cf:c4:0b
	inet 10.192.0.5 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating /var/run/os-release done.
Creating and/or trimming log files.
Clearing /tmp (X related).
Updating motd:.
Starting syslogd.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Starting cron.

Tue Apr 12 20:32:48 UTC 2022
/usr/local/etc/pot/flavours/openldap.sh -> /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp/openldap.sh
=====>  Executing openldap script on openldap-amd64-13_0
Creating /var/log/cook.log
Step 1: Bootstrap package repo
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Installing pkg-1.17.5_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Extracting pkg-1.17.5_1: .......... done
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/quarterly, please wait...
Step 2: Touch /etc/rc.conf
Step 3: Remove ifconfig_epair0b from config
Step 4: Disable sendmail
sendmail disabled in /etc/rc.conf
sendmail_submit disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Step 5: Create /usr/local/etc/rc.d
Step 6: Install package sudo
Updating FreeBSD repository catalogue...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Fetching meta.conf: . done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Fetching packagesite.pkg: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 31147 packages processed.
All repositories are up to date.
Updating database digests format: . done
The following 3 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	gettext-runtime: 0.21
	indexinfo: 0.3.1
	sudo: 1.9.10

Number of packages to be installed: 3

The process will require 8 MiB more space.
2 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/3] Fetching sudo-1.9.10.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/3] Fetching gettext-runtime-0.21.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/3] Fetching indexinfo-0.3.1.pkg: . done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/3] Installing indexinfo-0.3.1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/3] Extracting indexinfo-0.3.1: .... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/3] Installing gettext-runtime-0.21...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/3] Extracting gettext-runtime-0.21: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/3] Installing sudo-1.9.10...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/3] Extracting sudo-1.9.10: .......... done
Step 7: Install package openssl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	openssl: 1.1.1n,1

Number of packages to be installed: 1

The process will require 14 MiB more space.
4 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching openssl-1.1.1n,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing openssl-1.1.1n,1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting openssl-1.1.1n,1: .......... done
Step 8: Install package jq
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jq: 1.6
	oniguruma: 6.9.7.1

Number of packages to be installed: 2

The process will require 2 MiB more space.
500 KiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching jq-1.6.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching oniguruma-6.9.7.1.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Installing oniguruma-6.9.7.1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting oniguruma-6.9.7.1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Installing jq-1.6...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting jq-1.6: .......... done
Step 9: Install package jo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jo: 1.6

Number of packages to be installed: 1

20 KiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching jo-1.6.pkg: ... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing jo-1.6...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting jo-1.6: ....... done
Step 10: Install package curl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	ca_root_nss: 3.76
	curl: 7.82.0
	libnghttp2: 1.46.0
	libssh2: 1.10.0,3

Number of packages to be installed: 4

The process will require 6 MiB more space.
2 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/4] Fetching curl-7.82.0.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/4] Fetching libnghttp2-1.46.0.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/4] Fetching libssh2-1.10.0,3.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/4] Fetching ca_root_nss-3.76.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/4] Installing libnghttp2-1.46.0...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/4] Extracting libnghttp2-1.46.0: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/4] Installing libssh2-1.10.0,3...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/4] Extracting libssh2-1.10.0,3: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/4] Installing ca_root_nss-3.76...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/4] Extracting ca_root_nss-3.76: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/4] Installing curl-7.82.0...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/4] Extracting curl-7.82.0: .......... done
=====
Message from ca_root_nss-3.76:

--
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.


This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem
Step 11: Install package syslog-ng
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 12 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	e2fsprogs-libuuid: 1.46.5
	glib: 2.70.4_2,2
	icu: 70.1_1,1
	json-c: 0.15_1
	libffi: 3.3_1
	libiconv: 1.16
	libxml2: 2.9.13
	mpdecimal: 2.5.1
	pcre: 8.45_1
	python38: 3.8.13
	readline: 8.1.2
	syslog-ng: 3.36.1

Number of packages to be installed: 12

The process will require 230 MiB more space.
42 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/12] Fetching syslog-ng-3.36.1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/12] Fetching e2fsprogs-libuuid-1.46.5.pkg: ..... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/12] Fetching pcre-8.45_1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/12] Fetching json-c-0.15_1.pkg: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/12] Fetching glib-2.70.4_2,2.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/12] Fetching libxml2-2.9.13.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/12] Fetching readline-8.1.2.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/12] Fetching icu-70.1_1,1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/12] Fetching python38-3.8.13.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [10/12] Fetching mpdecimal-2.5.1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [11/12] Fetching libffi-3.3_1.pkg: ..... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [12/12] Fetching libiconv-1.16.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/12] Installing readline-8.1.2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/12] Extracting readline-8.1.2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/12] Installing icu-70.1_1,1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/12] Extracting icu-70.1_1,1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/12] Installing mpdecimal-2.5.1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/12] Extracting mpdecimal-2.5.1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/12] Installing libffi-3.3_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/12] Extracting libffi-3.3_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/12] Installing pcre-8.45_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/12] Extracting pcre-8.45_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/12] Installing libxml2-2.9.13...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/12] Extracting libxml2-2.9.13: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/12] Installing python38-3.8.13...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/12] Extracting python38-3.8.13: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/12] Installing libiconv-1.16...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/12] Extracting libiconv-1.16: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/12] Installing e2fsprogs-libuuid-1.46.5...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/12] Extracting e2fsprogs-libuuid-1.46.5: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [10/12] Installing json-c-0.15_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [10/12] Extracting json-c-0.15_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [11/12] Installing glib-2.70.4_2,2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [11/12] Extracting glib-2.70.4_2,2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [12/12] Installing syslog-ng-3.36.1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [12/12] Extracting syslog-ng-3.36.1: .......... done
Compiling glib schemas
No schema files found: doing nothing.
=====
Message from python38-3.8.13:

--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

py38-gdbm       databases/py-gdbm@py38
py38-sqlite3    databases/py-sqlite3@py38
py38-tkinter    x11-toolkits/py-tkinter@py38
=====
Message from syslog-ng-3.36.1:

--
syslog-ng is now installed!  To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:

1. Create a configuration file named /usr/local/etc/syslog-ng.conf
   (a sample named syslog-ng.conf.sample has been included in
   /usr/local/etc). Note that this is a change in 2.0.2
   version, previous ones put the config file in
   /usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
   move that file in the right place

2. Configure syslog-ng to start automatically by adding the following
   to /etc/rc.conf:

        syslog_ng_enable="YES"

3. Prevent the standard FreeBSD syslogd from starting automatically by
   adding a line to the end of your /etc/rc.conf file that reads:

        syslogd_enable="NO"

4. Shut down the standard FreeBSD syslogd:

     kill `cat /var/run/syslog.pid`

5. Start syslog-ng:

     /usr/local/etc/rc.d/syslog-ng start
Step 12: Install package openldap24-server
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	cyrus-sasl: 2.1.28
	libltdl: 2.4.6
	openldap24-client: 2.4.59_4
	openldap24-server: 2.4.59_8
	unixODBC: 2.3.9

Number of packages to be installed: 5

The process will require 19 MiB more space.
4 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Fetching openldap24-server-2.4.59_8.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Fetching cyrus-sasl-2.1.28.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Fetching openldap24-client-2.4.59_4.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Fetching libltdl-2.4.6.pkg: ..... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Fetching unixODBC-2.3.9.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Installing cyrus-sasl-2.1.28...
*** Added group `cyrus' (id 60)
*** Added user `cyrus' (id 60)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Extracting cyrus-sasl-2.1.28: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Installing openldap24-client-2.4.59_4...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Extracting openldap24-client-2.4.59_4: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Installing libltdl-2.4.6...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Extracting libltdl-2.4.6: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Installing unixODBC-2.3.9...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Extracting unixODBC-2.3.9: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Installing openldap24-server-2.4.59_8...
===> Creating groups.
Creating group 'ldap' with gid '389'.
===> Creating users
Creating user 'ldap' with uid '389'.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Extracting openldap24-server-2.4.59_8: .......... done
=====
Message from cyrus-sasl-2.1.28:

--
You can use sasldb2 for authentication, to add users use:

	saslpasswd2 -c username

If you want to enable SMTP AUTH with the system Sendmail, read
Sendmail.README

NOTE: This port has been compiled with a default pwcheck_method of
      auxprop.  If you want to authenticate your user by /etc/passwd,
      PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and
      set sasl_pwcheck_method to saslauthd after installing the
      Cyrus-IMAPd 2.X port.  You should also check the
      /usr/local/lib/sasl2/*.conf files for the correct
      pwcheck_method.
      If you want to use GSSAPI mechanism, install
      ports/security/cyrus-sasl2-gssapi.
      If you want to use SRP mechanism, install
      ports/security/cyrus-sasl2-srp.
      If you want to use LDAP auxprop plugin, install
      ports/security/cyrus-sasl2-ldapdb.
=====
Message from openldap24-client-2.4.59_4:

--
The OpenLDAP client package has been successfully installed.

Edit
  /usr/local/etc/openldap/ldap.conf
to change the system-wide client defaults.

Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
  http://www.OpenLDAP.org/faq/index.cgi?file=3
for more information.
=====
Message from openldap24-server-2.4.59_8:

--
The OpenLDAP server package has been successfully installed.

In order to run the LDAP server, you need to edit
  /usr/local/etc/openldap/slapd.conf
to suit your needs and add the following lines to /etc/rc.conf:
  slapd_enable="YES"
  slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
  slapd_sockets="/var/run/openldap/ldapi"

Then start the server with
  /usr/local/etc/rc.d/slapd start
or reboot.

Try `man slapd' and the online manual at
  http://www.OpenLDAP.org/doc/
for more information.

slapd runs under a non-privileged user id (by default `ldap'),
see /usr/local/etc/rc.d/slapd for more information.

PLEASE NOTE:

As of openldap24-server 2.4.58_2, the server is now modularized and
all overlays are built as dynamic modules instead of being statically linked.
Previously, statically linked modules do not need an explicit
moduleload (in slapd.conf(5)) or olcModuleLoad (when using slapd-config(5))
and you might need to make configuration change accordingly as part of the
upgrade.
Step 13: Install package openldap24-client
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 14: Install package ldap-account-manager
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 50 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	expat: 2.4.8
	fontconfig: 2.13.94_2,1
	freetype2: 2.11.1
	giflib: 5.2.1
	gmp: 6.2.1
	jbigkit: 2.1_1
	jpeg-turbo: 2.1.3
	ldap-account-manager: 7.9
	libargon2: 20190702
	libgd: 2.3.3,1
	libzip: 1.7.3
	p5-Authen-SASL: 2.16_1
	p5-Convert-ASN1: 0.33
	p5-Digest-HMAC: 1.04
	p5-GSSAPI: 0.28_2
	p5-IO-Socket-INET6: 2.72_1
	p5-IO-Socket-SSL: 2.074
	p5-Mozilla-CA: 20211001
	p5-Net-SSLeay: 1.90
	p5-Quota: 1.8.2
	p5-Socket6: 0.29
	p5-Text-Soundex: 3.05
	p5-URI: 5.10
	p5-XML-Filter-BufferText: 1.01_1
	p5-XML-NamespaceSupport: 1.12
	p5-XML-SAX: 1.02
	p5-XML-SAX-Base: 1.09
	p5-XML-SAX-Writer: 0.57
	p5-perl-ldap: 0.6800
	pcre2: 10.39_1
	perl5: 5.32.1_1
	php80: 8.0.17_2
	php80-curl: 8.0.17_2
	php80-dom: 8.0.17_1
	php80-filter: 8.0.17_2
	php80-gd: 8.0.17_2
	php80-gettext: 8.0.17_2
	php80-gmp: 8.0.17_2
	php80-iconv: 8.0.17_2
	php80-ldap: 8.0.17_2
	php80-mbstring: 8.0.17_2
	php80-session: 8.0.17_2
	php80-simplexml: 8.0.17_1
	php80-xml: 8.0.17_1
	php80-xmlreader: 8.0.17_1
	php80-xmlwriter: 8.0.17_1
	php80-zip: 8.0.17_2
	png: 1.6.37_1
	tiff: 4.3.0
	webp: 1.2.2

Number of packages to be installed: 50

The process will require 199 MiB more space.
49 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/50] Fetching ldap-account-manager-7.9.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/50] Fetching php80-session-8.0.17_2.pkg: ..... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/50] Fetching php80-8.0.17_2.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/50] Fetching libargon2-20190702.pkg: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/50] Fetching pcre2-10.39_1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/50] Fetching php80-xmlwriter-8.0.17_1.pkg: .. done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/50] Fetching php80-xmlreader-8.0.17_1.pkg: .. done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/50] Fetching php80-dom-8.0.17_1.pkg: ....... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/50] Fetching php80-xml-8.0.17_1.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [10/50] Fetching php80-simplexml-8.0.17_1.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [11/50] Fetching p5-Quota-1.8.2.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [12/50] Fetching perl5-5.32.1_1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [13/50] Fetching php80-filter-8.0.17_2.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [14/50] Fetching php80-ldap-8.0.17_2.pkg: .... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [15/50] Fetching p5-perl-ldap-0.6800.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [16/50] Fetching p5-XML-SAX-Writer-0.57.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [17/50] Fetching p5-XML-SAX-Base-1.09.pkg: .... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [18/50] Fetching p5-XML-NamespaceSupport-1.12.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [19/50] Fetching p5-XML-Filter-BufferText-1.01_1.pkg: . done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [20/50] Fetching p5-XML-SAX-1.02.pkg: ...... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [21/50] Fetching p5-Text-Soundex-3.05.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [22/50] Fetching p5-IO-Socket-SSL-2.074.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [23/50] Fetching p5-Mozilla-CA-20211001.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [24/50] Fetching p5-Net-SSLeay-1.90.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [25/50] Fetching p5-IO-Socket-INET6-2.72_1.pkg: .. done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [26/50] Fetching p5-Socket6-0.29.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [27/50] Fetching p5-Authen-SASL-2.16_1.pkg: ...... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [28/50] Fetching p5-GSSAPI-0.28_2.pkg: ..... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [29/50] Fetching p5-Digest-HMAC-1.04.pkg: .. done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [30/50] Fetching p5-URI-5.10.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [31/50] Fetching p5-Convert-ASN1-0.33.pkg: ..... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [32/50] Fetching php80-gmp-8.0.17_2.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [33/50] Fetching gmp-6.2.1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [34/50] Fetching php80-gd-8.0.17_2.pkg: .... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [35/50] Fetching freetype2-2.11.1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [36/50] Fetching png-1.6.37_1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [37/50] Fetching jpeg-turbo-2.1.3.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [38/50] Fetching libgd-2.3.3,1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [39/50] Fetching fontconfig-2.13.94_2,1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [40/50] Fetching expat-2.4.8.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [41/50] Fetching webp-1.2.2.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [42/50] Fetching tiff-4.3.0.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [43/50] Fetching jbigkit-2.1_1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [44/50] Fetching giflib-5.2.1.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [45/50] Fetching php80-curl-8.0.17_2.pkg: ..... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [46/50] Fetching php80-gettext-8.0.17_2.pkg: . done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [47/50] Fetching php80-mbstring-8.0.17_2.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [48/50] Fetching php80-iconv-8.0.17_2.pkg: ... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [49/50] Fetching php80-zip-8.0.17_2.pkg: .... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [50/50] Fetching libzip-1.7.3.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/50] Installing perl5-5.32.1_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/50] Extracting perl5-5.32.1_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/50] Installing p5-XML-SAX-Base-1.09...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/50] Extracting p5-XML-SAX-Base-1.09: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/50] Installing p5-XML-NamespaceSupport-1.12...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/50] Extracting p5-XML-NamespaceSupport-1.12: ....... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/50] Installing png-1.6.37_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/50] Extracting png-1.6.37_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/50] Installing jpeg-turbo-2.1.3...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/50] Extracting jpeg-turbo-2.1.3: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/50] Installing jbigkit-2.1_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/50] Extracting jbigkit-2.1_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/50] Installing libargon2-20190702...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/50] Extracting libargon2-20190702: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/50] Installing pcre2-10.39_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/50] Extracting pcre2-10.39_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/50] Installing p5-XML-SAX-1.02...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/50] Extracting p5-XML-SAX-1.02: .......... done
could not find ParserDetails.ini in /usr/local/lib/perl5/site_perl/XML/SAX
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [10/50] Installing p5-Socket6-0.29...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [10/50] Extracting p5-Socket6-0.29: ....... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [11/50] Installing freetype2-2.11.1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [11/50] Extracting freetype2-2.11.1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [12/50] Installing expat-2.4.8...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [12/50] Extracting expat-2.4.8: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [13/50] Installing tiff-4.3.0...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [13/50] Extracting tiff-4.3.0: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [14/50] Installing giflib-5.2.1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [14/50] Extracting giflib-5.2.1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [15/50] Installing php80-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [15/50] Extracting php80-8.0.17_2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [16/50] Installing p5-XML-Filter-BufferText-1.01_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [16/50] Extracting p5-XML-Filter-BufferText-1.01_1: ....... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [17/50] Installing p5-Mozilla-CA-20211001...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [17/50] Extracting p5-Mozilla-CA-20211001: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [18/50] Installing p5-Net-SSLeay-1.90...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [18/50] Extracting p5-Net-SSLeay-1.90: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [19/50] Installing p5-IO-Socket-INET6-2.72_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [19/50] Extracting p5-IO-Socket-INET6-2.72_1: ....... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [20/50] Installing p5-GSSAPI-0.28_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [20/50] Extracting p5-GSSAPI-0.28_2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [21/50] Installing p5-Digest-HMAC-1.04...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [21/50] Extracting p5-Digest-HMAC-1.04: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [22/50] Installing fontconfig-2.13.94_2,1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [22/50] Extracting fontconfig-2.13.94_2,1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [23/50] Installing webp-1.2.2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [23/50] Extracting webp-1.2.2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [24/50] Installing php80-dom-8.0.17_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [24/50] Extracting php80-dom-8.0.17_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [25/50] Installing p5-XML-SAX-Writer-0.57...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [25/50] Extracting p5-XML-SAX-Writer-0.57: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [26/50] Installing p5-Text-Soundex-3.05...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [26/50] Extracting p5-Text-Soundex-3.05: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [27/50] Installing p5-IO-Socket-SSL-2.074...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [27/50] Extracting p5-IO-Socket-SSL-2.074: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [28/50] Installing p5-Authen-SASL-2.16_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [28/50] Extracting p5-Authen-SASL-2.16_1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [29/50] Installing p5-URI-5.10...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [29/50] Extracting p5-URI-5.10: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [30/50] Installing p5-Convert-ASN1-0.33...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [30/50] Extracting p5-Convert-ASN1-0.33: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [31/50] Installing gmp-6.2.1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [31/50] Extracting gmp-6.2.1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [32/50] Installing libgd-2.3.3,1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [32/50] Extracting libgd-2.3.3,1: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [33/50] Installing libzip-1.7.3...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [33/50] Extracting libzip-1.7.3: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [34/50] Installing php80-session-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [34/50] Extracting php80-session-8.0.17_2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [35/50] Installing php80-xmlwriter-8.0.17_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [35/50] Extracting php80-xmlwriter-8.0.17_1: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [36/50] Installing php80-xmlreader-8.0.17_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [36/50] Extracting php80-xmlreader-8.0.17_1: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [37/50] Installing php80-xml-8.0.17_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [37/50] Extracting php80-xml-8.0.17_1: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [38/50] Installing php80-simplexml-8.0.17_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [38/50] Extracting php80-simplexml-8.0.17_1: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [39/50] Installing p5-Quota-1.8.2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [39/50] Extracting p5-Quota-1.8.2: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [40/50] Installing php80-filter-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [40/50] Extracting php80-filter-8.0.17_2: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [41/50] Installing php80-ldap-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [41/50] Extracting php80-ldap-8.0.17_2: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [42/50] Installing p5-perl-ldap-0.6800...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [42/50] Extracting p5-perl-ldap-0.6800: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [43/50] Installing php80-gmp-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [43/50] Extracting php80-gmp-8.0.17_2: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [44/50] Installing php80-gd-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [44/50] Extracting php80-gd-8.0.17_2: ......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [45/50] Installing php80-curl-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [45/50] Extracting php80-curl-8.0.17_2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [46/50] Installing php80-gettext-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [46/50] Extracting php80-gettext-8.0.17_2: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [47/50] Installing php80-mbstring-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [47/50] Extracting php80-mbstring-8.0.17_2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [48/50] Installing php80-iconv-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [48/50] Extracting php80-iconv-8.0.17_2: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [49/50] Installing php80-zip-8.0.17_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [49/50] Extracting php80-zip-8.0.17_2: ........ done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [50/50] Installing ldap-account-manager-7.9...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [50/50] Extracting ldap-account-manager-7.9: ......... done
Running fc-cache to build fontconfig cache...
=====
Message from freetype2-2.11.1:

--
The 2.7.x series now uses the new subpixel hinting mode (V40 port's option) as
the default, emulating a modern version of ClearType. This change inevitably
leads to different rendering results, and you might change port's options to
adapt it to your taste (or use the new "FREETYPE_PROPERTIES" environment
variable).

The environment variable "FREETYPE_PROPERTIES" can be used to control the
driver properties. Example:

FREETYPE_PROPERTIES=truetype:interpreter-version=35 \
	cff:no-stem-darkening=1 \
	autofitter:warping=1

This allows to select, say, the subpixel hinting mode at runtime for a given
application.

If LONG_PCF_NAMES port's option was enabled, the PCF family names may include
the foundry and information whether they contain wide characters. For example,
"Sony Fixed" or "Misc Fixed Wide", instead of "Fixed". This can be disabled at
run time with using pcf:no-long-family-names property, if needed. Example:

FREETYPE_PROPERTIES=pcf:no-long-family-names=1

How to recreate fontconfig cache with using such environment variable,
if needed:
# env FREETYPE_PROPERTIES=pcf:no-long-family-names=1 fc-cache -fsv

The controllable properties are listed in the section "Controlling FreeType
Modules" in the reference's table of contents
(/usr/local/share/doc/freetype2/reference/index.html, if documentation was installed).
=====
Message from php80-dom-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-dom.ini
=====
Message from php80-session-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-18-session.ini
=====
Message from php80-xmlwriter-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-xmlwriter.ini
=====
Message from php80-xmlreader-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-30-xmlreader.ini
=====
Message from php80-xml-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-xml.ini
=====
Message from php80-simplexml-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-simplexml.ini
=====
Message from php80-filter-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-filter.ini
=====
Message from php80-ldap-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-ldap.ini
=====
Message from php80-gmp-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gmp.ini
=====
Message from php80-gd-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gd.ini
=====
Message from php80-curl-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-curl.ini
=====
Message from php80-gettext-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gettext.ini
=====
Message from php80-mbstring-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-mbstring.ini
=====
Message from php80-iconv-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-iconv.ini
=====
Message from php80-zip-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-zip.ini
=====
Message from ldap-account-manager-7.9:

--
******************************************************************************

You should add the following to your Apache configuration file:

Alias /lam /usr/local/www/lam

<Directory /usr/local/www/lam>
  Options +FollowSymLinks
  AllowOverride All
  Require all granted
  DirectoryIndex index.html
</Directory>

******************************************************************************
Step 15: Install package apache24
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	apache24: 2.4.53
	apr: 1.7.0.1.6.1_2
	db5: 5.3.28_8
	gdbm: 1.23
	jansson: 2.14

Number of packages to be installed: 5

The process will require 80 MiB more space.
18 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Fetching apache24-2.4.53.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Fetching jansson-2.14.pkg: ...... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Fetching apr-1.7.0.1.6.1_2.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Fetching gdbm-1.23.pkg: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Fetching db5-5.3.28_8.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Installing gdbm-1.23...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Extracting gdbm-1.23: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Installing db5-5.3.28_8...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Extracting db5-5.3.28_8: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Installing jansson-2.14...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Extracting jansson-2.14: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Installing apr-1.7.0.1.6.1_2...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Extracting apr-1.7.0.1.6.1_2: .......... done
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Installing apache24-2.4.53...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Extracting apache24-2.4.53: .......... done
=====
Message from db5-5.3.28_8:

--
===>   NOTICE:

The db5 port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://docs.freebsd.org/en/articles/contributing/#ports-contributing
--
===>   NOTICE:

This port is deprecated; you may wish to reconsider installing it:

EOLd, potential security issues, maybe use db18 instead.

It is scheduled to be removed on or after 2022-06-30.
=====
Message from apr-1.7.0.1.6.1_2:

--
The Apache Portable Runtime project removed support for FreeTDS with
version 1.6. Users requiring MS-SQL connectivity must migrate
configurations to use the added ODBC driver and FreeTDS' ODBC features.
=====
Message from apache24-2.4.53:

--
To run apache www server from startup, add apache24_enable="yes"
in your /etc/rc.conf. Extra options can be found in startup script.

Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch.conf typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.


- apache24 default build changed from static MPM to modular MPM
- more modules are now enabled per default in the port
- icons and error pages moved from WWWDIR to DATADIR

   If build with modular MPM and no MPM is activated in
   httpd.conf, then mpm_prefork will be activated as default
   MPM in etc/apache24/modules.d to keep compatibility with
   existing php/perl/python modules!

Please compare the existing httpd.conf with httpd.conf.sample
and merge missing modules/instructions into httpd.conf!
Step 16: Enable apache24 in /etc/rc.conf
apache24 enabled in /etc/rc.conf
Step 17: Install package php74
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	mod_php74: 7.4.28_1

Number of packages to be installed: 1

The process will require 6 MiB more space.
1 MiB to be downloaded.
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching mod_php74-7.4.28_1.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing mod_php74-7.4.28_1...
[openldap-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting mod_php74-7.4.28_1: .... done
[activating module `php7' in /usr/local/etc/apache24/httpd.conf]
=====
Message from mod_php74-7.4.28_1:

--
******************************************************************************

Make sure index.php is part of your DirectoryIndex.

You should add the following to your Apache configuration file:

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

******************************************************************************

If you are building PHP-based ports in poudriere(8) or Synth with ZTS enabled,
add WITH_MPM=event to /etc/make.conf to prevent build failures.

******************************************************************************
--
===>   NOTICE:

This port is deprecated; you may wish to reconsider installing it:

Upstream Security Support ends on 2022-11-28.

It is scheduled to be removed on or after 2022-11-29.
Step 18: Clean package installation
Nothing to do.
Step 19: Create necessary directories if they don't exist
Step 20: Set ldap owner on /mnt/openldap-data
Step 21: Set 700 permissions on /mnt/openldap-data
Step 22: Set ldap owner on /usr/local/etc/openldap/slapd.d
Step 23: Clean cook artifacts
Step 24: Create cook script
Step 25: Make cook script executable
setting executable bit on /usr/local/bin/cook
Step 26: Create rc.d script to start cook
creating rc.d script to start cook
Step 27: Make rc.d script to start cook executable
Setting executable bit on cook rc file
Step 28: Enable cook service
enabling cook
cook enabled in /etc/rc.conf
=====>  Stop the pot openldap-amd64-13_0
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-13_0/m/tmp
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-13_0/m/dev
=====>  Flavour: openldap+1
=====>  Executing openldap+1 pot commands on openldap-amd64-13_0
=====>  No shell script available for the flavour openldap+1
=====>  Flavour: openldap+2
=====>  Executing openldap+2 pot commands on openldap-amd64-13_0
=====>  No shell script available for the flavour openldap+2
=====>  Flavour: openldap+3
=====>  Executing openldap+3 pot commands on openldap-amd64-13_0
=====>  No shell script available for the flavour openldap+3
=====>  Flavour: openldap+4
=====>  Executing openldap+4 pot commands on openldap-amd64-13_0
=====>  No shell script available for the flavour openldap+4

openldap-amd64-12_3_1.2.5:


openldap/openldap:
copy-in -s /usr/local/etc/pot/flavours/openldap.d/slapd.conf -d /root/slapd.conf
copy-in -s /usr/local/etc/pot/flavours/openldap.d/syslog-ng.conf.in -d /root/syslog-ng.conf.in
openldap/openldap.sh:
#!/bin/sh

# Based on POTLUCK TEMPLATE v3.0
# Altered by Michael Gmelin
#
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - true or false
# 2. If RUNS_IN_NOMAD is false, can delete the <flavour>+4 file, else
#    make sure pot create command doesn't include it
# 3. Create a matching <flavour> file with this <flavour>.sh file that
#    contains the copy-in commands for the config files from <flavour>.d/
#    Remember that the package directories don't exist yet, so likely copy
#    to /root
# 4. Adjust package installation between BEGIN & END PACKAGE SETUP
# 5. Adjust jail configuration script generation between BEGIN & END COOK
#    Configure the config files that have been copied in where necessary

# Set this to true if this jail flavour is to be created as a nomad (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script is installed
# appropriately at the end of this script
RUNS_IN_NOMAD=false

# set the cook log path/filename
COOKLOG=/var/log/cook.log

# check if cooklog exists, create it if not
if [ ! -e $COOKLOG ]
then
    echo "Creating $COOKLOG" | tee -a $COOKLOG
else
    echo "WARNING $COOKLOG already exists"  | tee -a $COOKLOG
fi
date >> $COOKLOG

# -------------------- COMMON ---------------

STEPCOUNT=0
step() {
  STEPCOUNT=$(expr "$STEPCOUNT" + 1)
  STEP="$@"
  echo "Step $STEPCOUNT: $STEP" | tee -a $COOKLOG
}

exit_ok() {
  trap - EXIT
  exit 0
}

FAILED=" failed"
exit_error() {
  STEP="$@"
  FAILED=""
  exit 1
}

set -e
trap 'echo ERROR: $STEP$FAILED | (>&2 tee -a $COOKLOG)' EXIT

# -------------- BEGIN PACKAGE SETUP -------------

step "Bootstrap package repo"
mkdir -p /usr/local/etc/pkg/repos
# shellcheck disable=SC2016
test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \
  echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly" }' \
    >/usr/local/etc/pkg/repos/FreeBSD.conf
ASSUME_ALWAYS_YES=yes pkg bootstrap

step "Touch /etc/rc.conf"
touch /etc/rc.conf

# this is important, otherwise running /etc/rc from cook will
# overwrite the IP address set in tinirc
step "Remove ifconfig_epair0b from config"
# shellcheck disable=SC2015
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true

step "Disable sendmail"
service sendmail onedisable

# optionally disable ssh access
#step "Disable sshd"
#service sshd onedisable || true

step "Create /usr/local/etc/rc.d"
mkdir -p /usr/local/etc/rc.d

step "Install package sudo"
pkg install -y sudo

step "Install package openssl"
pkg install -y openssl

step "Install package jq"
pkg install -y jq

step "Install package jo"
pkg install -y jo

step "Install package curl"
pkg install -y curl

step "Install package syslog-ng"
pkg install -y syslog-ng

# openldap25 has missing slap* binaries and other files
step "Install package openldap24-server"
pkg install -y openldap24-server

# should be installed with above
step "Install package openldap24-client"
pkg install -y openldap24-client

step "Install package ldap-account-manager"
pkg install -y ldap-account-manager

step "Install package apache24"
pkg install -y apache24

step "Enable apache24 in /etc/rc.conf"
#sysrc apache24_enable="yes"
service apache24 enable

step "Install package php74"
pkg install -y mod_php74

step "Clean package installation"
pkg clean -y

step "Create necessary directories if they don't exist"
# create some necessary directories
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
mkdir -p /mnt/openldap-data
mkdir -p /var/db/run/
mkdir -p /usr/local/etc/openldap/slapd.d

step "Set ldap owner on /mnt/openldap-data"
chown -R ldap:ldap /mnt/openldap-data

step "Set 700 permissions on /mnt/openldap-data"
chmod 700 /mnt/openldap-data

step "Set ldap owner on /usr/local/etc/openldap/slapd.d"
chown -R ldap:ldap /usr/local/etc/openldap/slapd.d

# -------------- END PACKAGE SETUP -------------

#
# Create configurations
#

#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#

# clear any old cook runtime file
step "Clean cook artifacts"
rm -rf /usr/local/bin/cook

# this runs when image boots
# ----------------- BEGIN COOK ------------------

step "Create cook script"
echo "#!/bin/sh
RUNS_IN_NOMAD=$RUNS_IN_NOMAD
# declare this again for the pot image, might work carrying variable through like
# with above
COOKLOG=/var/log/cook.log

# No need to change this, just ensures configuration is done only once
if [ -e /usr/local/etc/pot-is-seasoned ]
then
    # If this pot flavour is blocking (i.e. it should not return),
    # we block indefinitely
    if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
    then
        /bin/sh /etc/rc
        tail -f /dev/null
    fi
    exit 0
fi

# ADJUST THIS: STOP SERVICES AS NEEDED BEFORE CONFIGURATION
#

# stop openldap, shouldn't be running
# will give an error because /usr/local/etc/openldap/slapd.d/cn=config doesn't exist
# grep: /usr/local/etc/openldap/slapd.d/cn=config/olcDatabase=*: No such file or directory
# slapd not running? (check /var/run/openldap/slapd.pid).
#
#/usr/local/etc/rc.d/slapd onestop  || true
service slapd onestop || true

# stop apache, shouldn't be running
#
#/usr/local/etc/rc.d/apache24 onestop  || true
service apache24 onestop || true

# No need to adjust this:
# If this pot flavour is not blocking, we need to read the environment first from /tmp/environment.sh
# where pot is storing it in this case
if [ -e /tmp/environment.sh ]
then
    . /tmp/environment.sh
fi
#
# ADJUST THIS BY CHECKING FOR ALL VARIABLES YOUR FLAVOUR NEEDS:
# Check config variables are set
#
if [ -z \${DOMAIN+x} ]; then
    echo 'DOMAIN is unset - see documentation how to pass in a domain name as a parameter'
    exit 1
fi
if [ -z \${MYCREDS+x} ]; then
    echo 'MYCREDS is unset - see documentation for how to pass in openldap admin password as a parameter'
    exit 1
fi
if [ -z \${HOSTNAME+x} ]; then
    echo 'HOSTNAME is unset - please set a hostname for apache - see documentation for how to pass in the hostname as a parameter'
    exit 1
fi
if [ -z \${IP+x} ]; then
    echo 'IP is unset - please include the IP address - see documentation for how to pass in the IP address as a parameter'
    exit 1
fi
if [ -z \${SERVERID+x} ]; then
    echo 'SERVERID is unset - please include the server id of 001 or 002 - see documentation for how to pass in the server id as a parameter'
    exit 1
fi
if [ -z \${REMOTEIP+x} ]; then
    echo 'REMOTEIP is unset - please include the Remote IP address if this is a multi-master setup - see documentation for how to pass in the remote IP address as a parameter'
fi
# Remotelog is a remote syslog server, need to pass in IP
if [ -z \${REMOTELOG+x} ]; then
    echo 'REMOTELOG is unset - see documentation how to configure this flavour'
    REMOTELOG=0
fi

#
# ADJUST THIS BELOW: NOW ALL THE CONFIGURATION FILES NEED TO BE CREATED:
# Don't forget to double(!)-escape quotes and dollar signs in the config files
#
# Important there MUST be empty lines between the config sections
#


# check that /mnt/openldap-data exists
if [ -d /mnt/openldap-data ]; then
    echo \"INFO: /mnt/openldap-data exists. All good.\"
else
    echo \"ERROR: /mnt/openldap-data does not exist. Where is the persistent storage?\"
    exit 1
fi

# double check permissions on directories
chown -R ldap:ldap /mnt/openldap-data
chmod 700 /mnt/openldap-data
chown -R ldap:ldap /usr/local/etc/openldap/slapd.d

# start certificates config
# setup self-signed certificates before openldap

# openssl self-generated certs
echo \"Creating directory for openldap ssl certificates\"
mkdir -p /usr/local/etc/openldap/private/

echo \"Setting up openldap ssl certificates\"
cd /usr/local/etc/openldap/private/
/usr/bin/openssl req -new -x509 -days 3650 -nodes -keyout ca.key -out /usr/local/etc/openldap/ca.crt -subj \"/C=CC/ST=Province/L=City/O=None/CN=\${DOMAIN}\"
/usr/bin/openssl req -new -nodes  -keyout server.key -out /usr/local/etc/openldap/server.csr -subj \"/C=CC/ST=Province/L=City/O=None/CN=\${DOMAIN}\"
/usr/bin/openssl x509 -req -days 3650 -in /usr/local/etc/openldap/server.csr -out /usr/local/etc/openldap/server.crt -CA /usr/local/etc/openldap/ca.crt -CAkey ca.key -CAcreateserial
/usr/bin/openssl req -nodes -new -keyout client.key -out client.csr -subj \"/C=CC/ST=Province/L=City/O=None/CN=\${DOMAIN}\"
/usr/bin/openssl x509 -req -days 3650 -in client.csr -out /usr/local/etc/openldap/client.crt -CA /usr/local/etc/openldap/ca.crt -CAkey ca.key
cd ~

# end certificates config

# start ldap config

# create local syslog dir
echo \"Creating custom syslog parameters for slapd\"
touch /var/log/slapd.log
mkdir -p /usr/local/etc/syslog.d/
echo \"# openldap pot image additions
!slapd
*.*                                                           /var/log/slapd.log\" > /usr/local/etc/syslog.d/slapd.conf
# restart syslog and sleep
service syslogd restart
sleep 5

# split domain into parts
MYSUFFIX=\$(echo \${DOMAIN} | awk -F '.' 'NF>=2 {print \$(NF-1)}')
MYTLD=\$(echo \${DOMAIN} | awk -F '.' 'NF>=2 {print \$(NF)}')
echo \"From DOMAIN of \${DOMAIN} we get MYSUFFIX of \${MYSUFFIX} and MYTLD of \${MYTLD}\"

# multi-master setup for slapd.conf
# if we have a value for remoteip and a value for server id, set a server id and append the multimaster setup
# to slapd.conf
if [ ! -z \${REMOTEIP+x} ]; then
    # set server id
    /usr/bin/sed -i .orig \"s|# serverID SETSERVERID|serverID \${SERVERID}|g\" /root/slapd.conf
    # set root dn
    /usr/bin/sed -i .orig \"s|dc=MYSUFFIX,dc=MYTLD|dc=\${MYSUFFIX},dc=\${MYTLD}|g\" /root/slapd.conf

    # append multimaster config to slapd.conf
    echo \"syncrepl rid=000
 provider=ldap://\${REMOTEIP}
 type=refreshAndPersist
 retry=\\\"5 5 300 +\\\"
 searchbase=\\\"dc=\${MYSUFFIX},dc=\${MYTLD}\\\"
 attrs=\\\"*,+\\\"
 bindmethod=simple
 binddn=\\\"cn=Manager,dc=\${MYSUFFIX},dc=\${MYTLD}\\\"
 credentials=ofcsecret

# Indices to maintain
index default pres,eq
index uid,memberUid,gidNumber

# Create indexes for attribute cn (commonname) and givenName
# EQUALITY, SUBSTR searches and provides optimization
# for sc=a* type searches
index cn,givenName eq,sub,subinitial

# Create indexes for sn (surname) on EQUALITY and SUBSTR searches
index sn eq,sub

# Creates indexes for attribute mail on presence, EQUALITY and SUBSTR
index mail pres,eq,sub

# Optimises searches of form objectclass=person
# index objectclass eq
# already added

# Syncprov indexes
index entryCSN eq
index entryUUID eq
# Mirror mode essential to allow writes and must appear after all syncrepl directives
mirrormode TRUE

# Define the provider to use the syncprov overlay (last directives in database section)
overlay syncprov

# contextCSN saved to database every 100 updates or 10 mins.
syncprov-checkpoint 100 10
syncprov-sessionlog 100\" >> /root/slapd.conf

    echo \"Copying in custom slapd.conf with back_mdb enabled and multiserver setup\"
    cp -f /root/slapd.conf /usr/local/etc/openldap/slapd.conf
else
    # copy over slapd.conf without cluster config
    echo \"No variables set for REMOTEIP \${REMOTEIP} and SERVERID \${SERVERID}, single server setup only\"
    # set root dn
    /usr/bin/sed -i .orig \"s|dc=MYSUFFIX,dc=MYTLD|dc=\${MYSUFFIX},dc=\${MYTLD}|g\" /root/slapd.conf
    echo \"Copying in custom slapd.conf with back_mdb enabled for single server setup\"
    cp -f /root/slapd.conf /usr/local/etc/openldap/slapd.conf
fi

# set owner ldap:ldap on /usr/local/etc/openldap/slapd.conf
echo \"Setting ldap owner on /usr/local/etc/openldap/slapd.conf\"
chown ldap:ldap /usr/local/etc/openldap/slapd.conf

# make sure not world-readable
echo \"Removing world-readable settings on /usr/local/etc/openldap/slapd.conf\"
chmod o-rwx /usr/local/etc/openldap/slapd.conf

# create password
if [ -x /usr/local/sbin/slappasswd ]; then
    SETSLAPPASS=\$(/usr/local/sbin/slappasswd -s \${MYCREDS})
    echo \"Generated slappassword output is \${SETSLAPPASS}\"
fi

# Setup default slapd.ldif
echo \"Generating /usr/local/etc/openldap/slapd.ldif\"

echo \"# This file should NOT be world readable.
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/db/run/slapd.args
olcPidFile: /var/db/run/slapd.pid
#olcSecurity: ssf=1 update_ssf=112 simple_bind=64
# enable 128 bit TLS
olcSecurity: ssf=128
olcTLSCACertificatePath: /usr/local/etc/openldap/
olcTLSCertificateFile: /usr/local/etc/openldap/server.crt
olcTLSCertificateKeyFile: /usr/local/etc/openldap/private/server.key
olcTLSCACertificateFile: /usr/local/etc/openldap/ca.crt
olcTLSCipherSuite: HIGH:MEDIUM:+SSLv3
olcTLSProtocolMin: 3.1
olcTLSVerifyClient: never
structuralObjectClass: olcGlobal

dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema

include: file:///usr/local/etc/openldap/schema/core.ldif
include: file:///usr/local/etc/openldap/schema/cosine.ldif
include: file:///usr/local/etc/openldap/schema/inetorgperson.ldif
include: file:///usr/local/etc/openldap/schema/nis.ldif

dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/local/libexec/openldap
olcModuleload: back_mdb.la

dn: olcDatabase=frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: frontend
olcAccess: to * by * read

dn: olcDatabase=config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: config
olcRootDN: cn=Manager,cn=config
# generate a password by running slappasswd
# sample pass is password, set a new password with slappasswd
# and replace text here
olcRootPW: \${SETSLAPPASS}
olcMonitoring: FALSE
olcAccess: to * by * none

# LMDB database definitions
dn: olcDatabase=mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: mdb
olcSuffix: dc=\${MYSUFFIX},dc=\${MYTLD}
olcRootDN: cn=Manager,dc=\${MYSUFFIX},dc=\${MYTLD}
# generate a password by running slappasswd
# sample pass is password, set a new password with slappasswd
# and replace text here
olcRootPW: \${SETSLAPPASS}
olcDbDirectory: /mnt/openldap-data
olcDbIndex: objectClass eq
\" > /usr/local/etc/openldap/slapd.ldif

# set owner ldap
echo \"Setting ldap owner on /usr/local/etc/openldap/slapd.ldif\"
chown ldap:ldap /usr/local/etc/openldap/slapd.ldif
#

# make sure not world-readable
#
echo \"Removing world-readable settings on /usr/local/etc/openldap/slapd.ldif\"
chmod o-rwx /usr/local/etc/openldap/slapd.ldif
#

echo \"Generating /usr/local/etc/openldap/ldap.conf\"
echo \"
#BASE    dc=domain,dc=com
#URI     ldap:// ldaps://
BASE    dc=\${MYSUFFIX},dc=\${MYTLD}
URI     ldap://\${IP} ldaps://\${IP}
SIZELIMIT       0
TIMELIMIT       15
DEREF          never
TLS_CACERT /usr/local/etc/openldap/ca.crt
TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3\" >> /usr/local/etc/openldap/ldap.conf

# set perms
chown ldap:ldap /usr/local/etc/openldap/ldap.conf
chmod 644 /usr/local/etc/openldap/ldap.conf

# remove any old config
#
echo \"Removing old openldap config data in /usr/local/etc/openldap/slapd.d/\"
rm -r /usr/local/etc/openldap/slapd.d/*
#

# set permissions so that ldap user owns /usr/local/etc/openldap/slapd.d/
# this is critical to making the below work
#
echo \"Setting ldap owner on /usr/local/etc/openldap/slapd.d/\"
chown -R ldap:ldap /usr/local/etc/openldap/slapd.d/
#

# build a basic config from the included slapd.CONF file (capitalised for emphasis)
# -f read from config file, -F write to config dir
# slapcat -b cn=config -f /usr/local/etc/openldap/slapd.conf -F /usr/local/etc/openldap/slapd.d/
#
echo \"Building simple configuration file\"
/usr/local/sbin/slapcat -n 0 -f /usr/local/etc/openldap/slapd.conf -F /usr/local/etc/openldap/slapd.d/
#

#
# import configuration ldif file, uses -c to continue on error, database 0
echo \"Importing configuration ldif\"
/usr/local/sbin/slapadd -c -n 0 -F /usr/local/etc/openldap/slapd.d/ -l /usr/local/etc/openldap/slapd.ldif
#

# create import scripts
echo \"Creating config import script: /root/importldapconfig.sh\"
echo \"#!/bin/sh
if [ -f /root/config.ldif ]; then
    /usr/local/sbin/slapadd -c -n 0 -F /usr/local/etc/openldap/slapd.d/ -l /root/config.ldif
fi\" > /root/importldapconfig.sh

# setting execute perms
chmod +x /root/importldapconfig.sh

# create import data script
echo \"Creating data import script: /root/importldapdata.sh\"
echo \"#!/bin/sh
if [ -f /root/data.ldif ]; then
    /usr/local/sbin/slapadd -c -n 1 -F /usr/local/etc/openldap/slapd.d/ -l /root/data.ldif
fi\" > /root/importldapdata.sh

# setting execute perms
chmod +x /root/importldapdata.sh

# enable openldap and set config options
#
echo \"Enabling slapd service\"
service slapd enable
# sysrc doesn't seem to add this correctly so echo in
echo \"slapd_flags='-4 -h \\\"ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://\${IP}/ ldaps://\${IP}/\\\"'\" >> /etc/rc.conf
# set cn=config directory config settings
sysrc slapd_cn_config=\"YES\"
sysrc slapd_sockets=\"/var/run/openldap/ldapi\"
# makes root stuff work, currently unset
# sysrc slapd_owner=\"DEFAULT\"

# to-do
# set backup to /mnt/openldap-settings
# add a script to crontab which runs slapcat
# and outputs to a second mount in persistent storage

# end openldap config

# start apache24 config

# Adjust document root to /usr/local/www/lam in /usr/local/etc/apache24/httpd.conf
# /usr/local/www/apache24/data appears twice only, so simple sed replace of both should suffice
#
if [ -f /usr/local/etc/apache24/httpd.conf ]; then
    echo \"Changing document root for apache to openldap lam\"
    /usr/bin/sed -i .orig 's|/usr/local/www/apache24/data|/usr/local/www/lam|g' /usr/local/etc/apache24/httpd.conf

    echo \"Setting Listen to \${IP}:80\"
    /usr/bin/sed -i .orig \"s|Listen 80|Listen \${IP}:80|g\" /usr/local/etc/apache24/httpd.conf

    echo \"Setting ServerName to \${HOSTNAME}:80\"
    /usr/bin/sed -i .orig \"s|#ServerName www.example.com:80|ServerName \${HOSTNAME}:80|g\" /usr/local/etc/apache24/httpd.conf

    # adjust /usr/local/etc/apache24/httpd.conf and replace <IfModule dir_module> with the following content:
    # note: we can simply append to the httpd.conf file and it will overwrite prior values
    #
    echo \"Making other changes to httpd.conf\"
    echo \"
<IfModule dir_module>
    DirectoryIndex index.php index.html
    <FilesMatch \\\"\.php$\\\">
        SetHandler application/x-httpd-php
     </FilesMatch>
    <FilesMatch \\\"\.phps$\\\">
        SetHandler application/x-httpd-php-source
    </FilesMatch>
</IfModule>\" >> /usr/local/etc/apache24/httpd.conf
fi
#
# end apache24 config #

## remote syslogs
if [ \"\${REMOTELOG}\" != \"0\" ]; then
    config_version=\$(/usr/local/sbin/syslog-ng --version | grep '^Config version:' | awk -F: '{ print \$2 }' | xargs)

    # read in template conf file, update remote log IP address, and
    # write to correct destination
    < /root/syslog-ng.conf.in \
      sed \"s|%%config_version%%|\$config_version|g\" | \
      sed \"s|%%remotelogip%%|\$REMOTELOG|g\" > /usr/local/etc/syslog-ng.conf

    # stop and disable syslogd
    service syslogd onestop || true
    service syslogd disable

    # enable and start syslog-ng
    service syslog-ng enable
    sysrc syslog_ng_flags=\"-R /tmp/syslog-ng.persist\"
    service syslog-ng start
fi

# ADJUST THIS: START THE SERVICES AGAIN AFTER CONFIGURATION
echo \"Starting openldap and apache\"
service slapd start
service apache24 restart

#
# Do not touch this:
touch /usr/local/etc/pot-is-seasoned

# If this pot flavour is blocking (i.e. it should not return), there is no /tmp/environment.sh
# created by pot and we now after configuration block indefinitely
if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
then
    /bin/sh /etc/rc
    tail -f /dev/null
fi
" > /usr/local/bin/cook

# ----------------- END COOK ------------------


# ---------- NO NEED TO EDIT BELOW ------------

step "Make cook script executable"
if [ -e /usr/local/bin/cook ]
then
    echo "setting executable bit on /usr/local/bin/cook" | tee -a $COOKLOG
    chmod u+x /usr/local/bin/cook
else
    exit_error "there is no /usr/local/bin/cook to make executable"
fi

#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#

# Create rc.d script for "normal" mode:
step "Create rc.d script to start cook"
echo "creating rc.d script to start cook" | tee -a $COOKLOG

echo "#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name=\"cook\"
rcvar=\"cook_enable\"
load_rc_config \$name
: \${cook_enable:=\"NO\"}
: \${cook_env:=\"\"}
command=\"/usr/local/bin/cook\"
command_args=\"\"
run_rc_command \"\$1\"
" > /usr/local/etc/rc.d/cook

step "Make rc.d script to start cook executable"
if [ -e /usr/local/etc/rc.d/cook ]
then
  echo "Setting executable bit on cook rc file" | tee -a $COOKLOG
  chmod u+x /usr/local/etc/rc.d/cook
else
  exit_error "/usr/local/etc/rc.d/cook does not exist"
fi

if [ "$RUNS_IN_NOMAD" != "true" ]
then
  step "Enable cook service"
  # This is a non-nomad (non-blocking) jail, so we need to make sure the script
  # gets started when the jail is started:
  # Otherwise, /usr/local/bin/cook will be set as start script by the pot flavour
  echo "enabling cook" | tee -a $COOKLOG
  service cook enable
fi

# -------------------- DONE ---------------
exit_ok

openldap/openldap+1:
openldap/openldap+1.sh:

openldap/openldap+2:
openldap/openldap+2.sh:

openldap/openldap+3:
openldap/openldap+3.sh:

openldap/openldap+4:
set-cmd -c "/usr/local/bin/cook"
openldap/openldap+4.sh:
Password:===>  Creating a new pot
===>  pot name     : openldap-amd64-12_3
===>  type         : single
===>  base         : 12.3
===>  pot_base     : 
===>  level        : 0
===>  network-type : public-bridge
===>  network-stack: ipv4
===>  ip           : 10.192.0.6
===>  bridge       : 
===>  dns          : inherit
===>  flavours     : fbsd-update openldap openldap+1 openldap+2 openldap+3 openldap+4
===>  Fetching FreeBSD 12.3
===>  Extract the tarball
=====>  Flavour: fbsd-update
=====>  Starting openldap-amd64-12_3 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
defaultrouter: NO -> 10.192.0.1
===>  Starting the pot openldap-amd64-12_3
Generating host.conf.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:1d:7c:b9:0d:0b
	inet 10.192.0.6 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Creating and/or trimming log files.
Updating motd:.
Updating /var/run/os-release done.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.

Tue Apr 12 20:40:17 UTC 2022
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp/fbsd-update.sh
=====>  Executing fbsd-update script on openldap-amd64-12_3
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching public key from update1.freebsd.org... done.
Fetching metadata signature for 12.3-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 44 patches.....10....20....30....40.. done.
Applying patches... done.
The following files will be added as part of updating to
12.3-RELEASE-p5:
/usr/share/zoneinfo/Pacific/Kanton
The following files will be updated as part of updating to
12.3-RELEASE-p5:
/bin/freebsd-version
/lib/libalias.so.7
/lib/libcrypto.so.111
/lib/libz.so.6
/rescue/[
/rescue/bectl
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chgrp
/rescue/chio
/rescue/chmod
/rescue/chown
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/geom
/rescue/getfacl
/rescue/glabel
/rescue/gpart
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/head
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/iscsictl
/rescue/iscsid
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/less
/rescue/link
/rescue/ln
/rescue/ls
/rescue/lzcat
/rescue/lzma
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/more
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mt
/rescue/mv
/rescue/nc
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pgrep
/rescue/ping
/rescue/ping6
/rescue/pkill
/rescue/poweroff
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sed
/rescue/setfacl
/rescue/sh
/rescue/shutdown
/rescue/sleep
/rescue/spppcontrol
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tail
/rescue/tar
/rescue/tcsh
/rescue/tee
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/unlzma
/rescue/unxz
/rescue/unzstd
/rescue/vi
/rescue/whoami
/rescue/xz
/rescue/xzcat
/rescue/zcat
/rescue/zdb
/rescue/zfs
/rescue/zpool
/rescue/zstd
/rescue/zstdcat
/rescue/zstdmt
/usr/bin/c++
/usr/bin/cc
/usr/bin/clang
/usr/bin/clang++
/usr/bin/clang-cpp
/usr/bin/cpp
/usr/bin/ld.lld
/usr/include/net80211/ieee80211_input.h
/usr/lib/libalias.a
/usr/lib/libalias_p.a
/usr/lib/libcrypto.a
/usr/lib/libcrypto_p.a
/usr/lib/libz.a
/usr/lib/libz_p.a
/usr/sbin/bhyve
/usr/sbin/freebsd-update
/usr/share/zoneinfo/Africa/Accra
/usr/share/zoneinfo/America/Anguilla
/usr/share/zoneinfo/America/Antigua
/usr/share/zoneinfo/America/Aruba
/usr/share/zoneinfo/America/Atikokan
/usr/share/zoneinfo/America/Barbados
/usr/share/zoneinfo/America/Blanc-Sablon
/usr/share/zoneinfo/America/Coral_Harbour
/usr/share/zoneinfo/America/Creston
/usr/share/zoneinfo/America/Curacao
/usr/share/zoneinfo/America/Dominica
/usr/share/zoneinfo/America/Grenada
/usr/share/zoneinfo/America/Guadeloupe
/usr/share/zoneinfo/America/Guyana
/usr/share/zoneinfo/America/Kralendijk
/usr/share/zoneinfo/America/Lower_Princes
/usr/share/zoneinfo/America/Marigot
/usr/share/zoneinfo/America/Montserrat
/usr/share/zoneinfo/America/Nassau
/usr/share/zoneinfo/America/Port_of_Spain
/usr/share/zoneinfo/America/Punta_Arenas
/usr/share/zoneinfo/America/Santiago
/usr/share/zoneinfo/America/St_Barthelemy
/usr/share/zoneinfo/America/St_Kitts
/usr/share/zoneinfo/America/St_Lucia
/usr/share/zoneinfo/America/St_Thomas
/usr/share/zoneinfo/America/St_Vincent
/usr/share/zoneinfo/America/Tortola
/usr/share/zoneinfo/America/Virgin
/usr/share/zoneinfo/Antarctica/DumontDUrville
/usr/share/zoneinfo/Antarctica/Syowa
/usr/share/zoneinfo/Asia/Gaza
/usr/share/zoneinfo/Asia/Hebron
/usr/share/zoneinfo/Atlantic/Azores
/usr/share/zoneinfo/Atlantic/Madeira
/usr/share/zoneinfo/Chile/Continental
/usr/share/zoneinfo/Europe/Kiev
/usr/share/zoneinfo/Europe/Lisbon
/usr/share/zoneinfo/Europe/Simferopol
/usr/share/zoneinfo/Europe/Uzhgorod
/usr/share/zoneinfo/Europe/Zaporozhye
/usr/share/zoneinfo/Pacific/Enderbury
/usr/share/zoneinfo/Pacific/Niue
/usr/share/zoneinfo/Pacific/Rarotonga
/usr/share/zoneinfo/Pacific/Tongatapu
/usr/share/zoneinfo/Portugal
/usr/share/zoneinfo/zone.tab
/usr/share/zoneinfo/zone1970.tab
Installing updates...Scanning //usr/share/certs/blacklisted for certificates...
Scanning //usr/share/certs/trusted for certificates...
 done.
=====>  Stop the pot openldap-amd64-12_3
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-12_3/m/dev
=====>  Flavour: openldap
=====>  Executing openldap pot commands on openldap-amd64-12_3
=====>  mount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
=====>  Source /usr/local/etc/pot/flavours/openldap.d/slapd.conf copied in the pot openldap-amd64-12_3
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
=====>  /mnt/srv/pot/jails/openldap-amd64-12_3/m/dev is already unmounted
=====>  mount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
=====>  Source /usr/local/etc/pot/flavours/openldap.d/syslog-ng.conf.in copied in the pot openldap-amd64-12_3
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
=====>  /mnt/srv/pot/jails/openldap-amd64-12_3/m/dev is already unmounted
=====>  Starting openldap-amd64-12_3 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===>  Starting the pot openldap-amd64-12_3
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:72:16:0c:c0:0b
	inet 10.192.0.6 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Creating and/or trimming log files.
Updating motd:.
Updating /var/run/os-release done.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.

Tue Apr 12 20:41:20 UTC 2022
/usr/local/etc/pot/flavours/openldap.sh -> /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp/openldap.sh
=====>  Executing openldap script on openldap-amd64-12_3
Creating /var/log/cook.log
Step 1: Bootstrap package repo
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Installing pkg-1.17.5_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Extracting pkg-1.17.5_1: .......... done
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly, please wait...
Step 2: Touch /etc/rc.conf
Step 3: Remove ifconfig_epair0b from config
Step 4: Disable sendmail
sendmail disabled in /etc/rc.conf
sendmail_submit disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Step 5: Create /usr/local/etc/rc.d
Step 6: Install package sudo
Updating FreeBSD repository catalogue...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Fetching meta.conf: . done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Fetching packagesite.pkg: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 31217 packages processed.
All repositories are up to date.
Updating database digests format: . done
The following 3 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	gettext-runtime: 0.21
	indexinfo: 0.3.1
	sudo: 1.9.10

Number of packages to be installed: 3

The process will require 8 MiB more space.
2 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Fetching sudo-1.9.10.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Fetching gettext-runtime-0.21.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Fetching indexinfo-0.3.1.pkg: . done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Installing indexinfo-0.3.1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Extracting indexinfo-0.3.1: .... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Installing gettext-runtime-0.21...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Extracting gettext-runtime-0.21: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Installing sudo-1.9.10...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Extracting sudo-1.9.10: .......... done
Step 7: Install package openssl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	openssl: 1.1.1n,1

Number of packages to be installed: 1

The process will require 14 MiB more space.
4 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching openssl-1.1.1n,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing openssl-1.1.1n,1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting openssl-1.1.1n,1: .......... done
Step 8: Install package jq
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jq: 1.6
	oniguruma: 6.9.7.1

Number of packages to be installed: 2

The process will require 2 MiB more space.
497 KiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching jq-1.6.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching oniguruma-6.9.7.1.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Installing oniguruma-6.9.7.1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting oniguruma-6.9.7.1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Installing jq-1.6...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting jq-1.6: .......... done
Step 9: Install package jo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jo: 1.6

Number of packages to be installed: 1

20 KiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching jo-1.6.pkg: ... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing jo-1.6...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting jo-1.6: ....... done
Step 10: Install package curl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	ca_root_nss: 3.76
	curl: 7.82.0
	libnghttp2: 1.46.0
	libssh2: 1.10.0,3

Number of packages to be installed: 4

The process will require 6 MiB more space.
2 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/4] Fetching curl-7.82.0.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/4] Fetching libnghttp2-1.46.0.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/4] Fetching libssh2-1.10.0,3.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/4] Fetching ca_root_nss-3.76.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/4] Installing libnghttp2-1.46.0...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/4] Extracting libnghttp2-1.46.0: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/4] Installing libssh2-1.10.0,3...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/4] Extracting libssh2-1.10.0,3: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/4] Installing ca_root_nss-3.76...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/4] Extracting ca_root_nss-3.76: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/4] Installing curl-7.82.0...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/4] Extracting curl-7.82.0: .......... done
=====
Message from ca_root_nss-3.76:

--
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.


This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem
Step 11: Install package syslog-ng
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 12 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	e2fsprogs-libuuid: 1.46.5
	glib: 2.70.4_2,2
	icu: 70.1_1,1
	json-c: 0.15_1
	libffi: 3.3_1
	libiconv: 1.16
	libxml2: 2.9.13
	mpdecimal: 2.5.1
	pcre: 8.45_1
	python38: 3.8.13
	readline: 8.1.2
	syslog-ng: 3.36.1

Number of packages to be installed: 12

The process will require 230 MiB more space.
42 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/12] Fetching syslog-ng-3.36.1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/12] Fetching e2fsprogs-libuuid-1.46.5.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/12] Fetching pcre-8.45_1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/12] Fetching json-c-0.15_1.pkg: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/12] Fetching glib-2.70.4_2,2.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/12] Fetching libxml2-2.9.13.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/12] Fetching readline-8.1.2.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/12] Fetching icu-70.1_1,1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/12] Fetching python38-3.8.13.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/12] Fetching mpdecimal-2.5.1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/12] Fetching libffi-3.3_1.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [12/12] Fetching libiconv-1.16.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/12] Installing readline-8.1.2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/12] Extracting readline-8.1.2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/12] Installing icu-70.1_1,1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/12] Extracting icu-70.1_1,1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/12] Installing mpdecimal-2.5.1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/12] Extracting mpdecimal-2.5.1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/12] Installing libffi-3.3_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/12] Extracting libffi-3.3_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/12] Installing pcre-8.45_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/12] Extracting pcre-8.45_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/12] Installing libxml2-2.9.13...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/12] Extracting libxml2-2.9.13: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/12] Installing python38-3.8.13...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/12] Extracting python38-3.8.13: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/12] Installing libiconv-1.16...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/12] Extracting libiconv-1.16: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/12] Installing e2fsprogs-libuuid-1.46.5...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/12] Extracting e2fsprogs-libuuid-1.46.5: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/12] Installing json-c-0.15_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/12] Extracting json-c-0.15_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/12] Installing glib-2.70.4_2,2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/12] Extracting glib-2.70.4_2,2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [12/12] Installing syslog-ng-3.36.1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [12/12] Extracting syslog-ng-3.36.1: .......... done
Compiling glib schemas
No schema files found: doing nothing.
=====
Message from python38-3.8.13:

--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

py38-gdbm       databases/py-gdbm@py38
py38-sqlite3    databases/py-sqlite3@py38
py38-tkinter    x11-toolkits/py-tkinter@py38
=====
Message from syslog-ng-3.36.1:

--
syslog-ng is now installed!  To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:

1. Create a configuration file named /usr/local/etc/syslog-ng.conf
   (a sample named syslog-ng.conf.sample has been included in
   /usr/local/etc). Note that this is a change in 2.0.2
   version, previous ones put the config file in
   /usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
   move that file in the right place

2. Configure syslog-ng to start automatically by adding the following
   to /etc/rc.conf:

        syslog_ng_enable="YES"

3. Prevent the standard FreeBSD syslogd from starting automatically by
   adding a line to the end of your /etc/rc.conf file that reads:

        syslogd_enable="NO"

4. Shut down the standard FreeBSD syslogd:

     kill `cat /var/run/syslog.pid`

5. Start syslog-ng:

     /usr/local/etc/rc.d/syslog-ng start
Step 12: Install package openldap24-server
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	cyrus-sasl: 2.1.28
	libltdl: 2.4.6
	openldap24-client: 2.4.59_4
	openldap24-server: 2.4.59_8
	unixODBC: 2.3.9

Number of packages to be installed: 5

The process will require 19 MiB more space.
4 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Fetching openldap24-server-2.4.59_8.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Fetching cyrus-sasl-2.1.28.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Fetching openldap24-client-2.4.59_4.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Fetching libltdl-2.4.6.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Fetching unixODBC-2.3.9.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Installing cyrus-sasl-2.1.28...
*** Added group `cyrus' (id 60)
*** Added user `cyrus' (id 60)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Extracting cyrus-sasl-2.1.28: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Installing openldap24-client-2.4.59_4...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Extracting openldap24-client-2.4.59_4: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Installing libltdl-2.4.6...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Extracting libltdl-2.4.6: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Installing unixODBC-2.3.9...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Extracting unixODBC-2.3.9: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Installing openldap24-server-2.4.59_8...
===> Creating groups.
Creating group 'ldap' with gid '389'.
===> Creating users
Creating user 'ldap' with uid '389'.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Extracting openldap24-server-2.4.59_8: .......... done
=====
Message from cyrus-sasl-2.1.28:

--
You can use sasldb2 for authentication, to add users use:

	saslpasswd2 -c username

If you want to enable SMTP AUTH with the system Sendmail, read
Sendmail.README

NOTE: This port has been compiled with a default pwcheck_method of
      auxprop.  If you want to authenticate your user by /etc/passwd,
      PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and
      set sasl_pwcheck_method to saslauthd after installing the
      Cyrus-IMAPd 2.X port.  You should also check the
      /usr/local/lib/sasl2/*.conf files for the correct
      pwcheck_method.
      If you want to use GSSAPI mechanism, install
      ports/security/cyrus-sasl2-gssapi.
      If you want to use SRP mechanism, install
      ports/security/cyrus-sasl2-srp.
      If you want to use LDAP auxprop plugin, install
      ports/security/cyrus-sasl2-ldapdb.
=====
Message from openldap24-client-2.4.59_4:

--
The OpenLDAP client package has been successfully installed.

Edit
  /usr/local/etc/openldap/ldap.conf
to change the system-wide client defaults.

Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
  http://www.OpenLDAP.org/faq/index.cgi?file=3
for more information.
=====
Message from openldap24-server-2.4.59_8:

--
The OpenLDAP server package has been successfully installed.

In order to run the LDAP server, you need to edit
  /usr/local/etc/openldap/slapd.conf
to suit your needs and add the following lines to /etc/rc.conf:
  slapd_enable="YES"
  slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
  slapd_sockets="/var/run/openldap/ldapi"

Then start the server with
  /usr/local/etc/rc.d/slapd start
or reboot.

Try `man slapd' and the online manual at
  http://www.OpenLDAP.org/doc/
for more information.

slapd runs under a non-privileged user id (by default `ldap'),
see /usr/local/etc/rc.d/slapd for more information.

PLEASE NOTE:

As of openldap24-server 2.4.58_2, the server is now modularized and
all overlays are built as dynamic modules instead of being statically linked.
Previously, statically linked modules do not need an explicit
moduleload (in slapd.conf(5)) or olcModuleLoad (when using slapd-config(5))
and you might need to make configuration change accordingly as part of the
upgrade.
Step 13: Install package openldap24-client
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 14: Install package ldap-account-manager
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 50 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	expat: 2.4.7
	fontconfig: 2.13.94_2,1
	freetype2: 2.11.1
	giflib: 5.2.1
	gmp: 6.2.1
	jbigkit: 2.1_1
	jpeg-turbo: 2.1.3
	ldap-account-manager: 7.9
	libargon2: 20190702
	libgd: 2.3.3,1
	libzip: 1.7.3
	p5-Authen-SASL: 2.16_1
	p5-Convert-ASN1: 0.33
	p5-Digest-HMAC: 1.04
	p5-GSSAPI: 0.28_2
	p5-IO-Socket-INET6: 2.72_1
	p5-IO-Socket-SSL: 2.074
	p5-Mozilla-CA: 20211001
	p5-Net-SSLeay: 1.90
	p5-Quota: 1.8.2
	p5-Socket6: 0.29
	p5-Text-Soundex: 3.05
	p5-URI: 5.10
	p5-XML-Filter-BufferText: 1.01_1
	p5-XML-NamespaceSupport: 1.12
	p5-XML-SAX: 1.02
	p5-XML-SAX-Base: 1.09
	p5-XML-SAX-Writer: 0.57
	p5-perl-ldap: 0.6800
	pcre2: 10.39_1
	perl5: 5.32.1_1
	php80: 8.0.17_2
	php80-curl: 8.0.17_2
	php80-dom: 8.0.17_1
	php80-filter: 8.0.17_2
	php80-gd: 8.0.17_2
	php80-gettext: 8.0.17_2
	php80-gmp: 8.0.17_2
	php80-iconv: 8.0.17_2
	php80-ldap: 8.0.17_2
	php80-mbstring: 8.0.17_2
	php80-session: 8.0.17_2
	php80-simplexml: 8.0.17_1
	php80-xml: 8.0.17_1
	php80-xmlreader: 8.0.17_1
	php80-xmlwriter: 8.0.17_1
	php80-zip: 8.0.17_2
	png: 1.6.37_1
	tiff: 4.3.0
	webp: 1.2.2

Number of packages to be installed: 50

The process will require 199 MiB more space.
49 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/50] Fetching ldap-account-manager-7.9.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/50] Fetching php80-session-8.0.17_2.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/50] Fetching php80-8.0.17_2.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/50] Fetching libargon2-20190702.pkg: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/50] Fetching pcre2-10.39_1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/50] Fetching php80-xmlwriter-8.0.17_1.pkg: .. done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/50] Fetching php80-xmlreader-8.0.17_1.pkg: .. done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/50] Fetching php80-dom-8.0.17_1.pkg: ....... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/50] Fetching php80-xml-8.0.17_1.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/50] Fetching php80-simplexml-8.0.17_1.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/50] Fetching p5-Quota-1.8.2.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [12/50] Fetching perl5-5.32.1_1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [13/50] Fetching php80-filter-8.0.17_2.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [14/50] Fetching php80-ldap-8.0.17_2.pkg: .... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [15/50] Fetching p5-perl-ldap-0.6800.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [16/50] Fetching p5-XML-SAX-Writer-0.57.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [17/50] Fetching p5-XML-SAX-Base-1.09.pkg: .... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [18/50] Fetching p5-XML-NamespaceSupport-1.12.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [19/50] Fetching p5-XML-Filter-BufferText-1.01_1.pkg: . done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [20/50] Fetching p5-XML-SAX-1.02.pkg: ...... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [21/50] Fetching p5-Text-Soundex-3.05.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [22/50] Fetching p5-IO-Socket-SSL-2.074.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [23/50] Fetching p5-Mozilla-CA-20211001.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [24/50] Fetching p5-Net-SSLeay-1.90.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [25/50] Fetching p5-IO-Socket-INET6-2.72_1.pkg: .. done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [26/50] Fetching p5-Socket6-0.29.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [27/50] Fetching p5-Authen-SASL-2.16_1.pkg: ...... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [28/50] Fetching p5-GSSAPI-0.28_2.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [29/50] Fetching p5-Digest-HMAC-1.04.pkg: .. done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [30/50] Fetching p5-URI-5.10.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [31/50] Fetching p5-Convert-ASN1-0.33.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [32/50] Fetching php80-gmp-8.0.17_2.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [33/50] Fetching gmp-6.2.1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [34/50] Fetching php80-gd-8.0.17_2.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [35/50] Fetching freetype2-2.11.1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [36/50] Fetching png-1.6.37_1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [37/50] Fetching jpeg-turbo-2.1.3.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [38/50] Fetching libgd-2.3.3,1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [39/50] Fetching fontconfig-2.13.94_2,1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [40/50] Fetching expat-2.4.7.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [41/50] Fetching webp-1.2.2.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [42/50] Fetching tiff-4.3.0.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [43/50] Fetching jbigkit-2.1_1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [44/50] Fetching giflib-5.2.1.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [45/50] Fetching php80-curl-8.0.17_2.pkg: ..... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [46/50] Fetching php80-gettext-8.0.17_2.pkg: . done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [47/50] Fetching php80-mbstring-8.0.17_2.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [48/50] Fetching php80-iconv-8.0.17_2.pkg: ... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [49/50] Fetching php80-zip-8.0.17_2.pkg: .... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [50/50] Fetching libzip-1.7.3.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/50] Installing perl5-5.32.1_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/50] Extracting perl5-5.32.1_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/50] Installing p5-XML-SAX-Base-1.09...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/50] Extracting p5-XML-SAX-Base-1.09: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/50] Installing p5-XML-NamespaceSupport-1.12...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/50] Extracting p5-XML-NamespaceSupport-1.12: ....... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/50] Installing png-1.6.37_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/50] Extracting png-1.6.37_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/50] Installing jpeg-turbo-2.1.3...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/50] Extracting jpeg-turbo-2.1.3: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/50] Installing jbigkit-2.1_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/50] Extracting jbigkit-2.1_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/50] Installing libargon2-20190702...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/50] Extracting libargon2-20190702: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/50] Installing pcre2-10.39_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/50] Extracting pcre2-10.39_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/50] Installing p5-XML-SAX-1.02...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/50] Extracting p5-XML-SAX-1.02: .......... done
could not find ParserDetails.ini in /usr/local/lib/perl5/site_perl/XML/SAX
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/50] Installing p5-Socket6-0.29...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/50] Extracting p5-Socket6-0.29: ....... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/50] Installing freetype2-2.11.1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/50] Extracting freetype2-2.11.1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [12/50] Installing expat-2.4.7...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [12/50] Extracting expat-2.4.7: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [13/50] Installing tiff-4.3.0...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [13/50] Extracting tiff-4.3.0: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [14/50] Installing giflib-5.2.1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [14/50] Extracting giflib-5.2.1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [15/50] Installing php80-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [15/50] Extracting php80-8.0.17_2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [16/50] Installing p5-XML-Filter-BufferText-1.01_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [16/50] Extracting p5-XML-Filter-BufferText-1.01_1: ....... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [17/50] Installing p5-Mozilla-CA-20211001...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [17/50] Extracting p5-Mozilla-CA-20211001: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [18/50] Installing p5-Net-SSLeay-1.90...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [18/50] Extracting p5-Net-SSLeay-1.90: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [19/50] Installing p5-IO-Socket-INET6-2.72_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [19/50] Extracting p5-IO-Socket-INET6-2.72_1: ....... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [20/50] Installing p5-GSSAPI-0.28_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [20/50] Extracting p5-GSSAPI-0.28_2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [21/50] Installing p5-Digest-HMAC-1.04...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [21/50] Extracting p5-Digest-HMAC-1.04: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [22/50] Installing fontconfig-2.13.94_2,1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [22/50] Extracting fontconfig-2.13.94_2,1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [23/50] Installing webp-1.2.2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [23/50] Extracting webp-1.2.2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [24/50] Installing php80-dom-8.0.17_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [24/50] Extracting php80-dom-8.0.17_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [25/50] Installing p5-XML-SAX-Writer-0.57...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [25/50] Extracting p5-XML-SAX-Writer-0.57: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [26/50] Installing p5-Text-Soundex-3.05...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [26/50] Extracting p5-Text-Soundex-3.05: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [27/50] Installing p5-IO-Socket-SSL-2.074...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [27/50] Extracting p5-IO-Socket-SSL-2.074: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [28/50] Installing p5-Authen-SASL-2.16_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [28/50] Extracting p5-Authen-SASL-2.16_1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [29/50] Installing p5-URI-5.10...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [29/50] Extracting p5-URI-5.10: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [30/50] Installing p5-Convert-ASN1-0.33...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [30/50] Extracting p5-Convert-ASN1-0.33: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [31/50] Installing gmp-6.2.1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [31/50] Extracting gmp-6.2.1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [32/50] Installing libgd-2.3.3,1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [32/50] Extracting libgd-2.3.3,1: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [33/50] Installing libzip-1.7.3...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [33/50] Extracting libzip-1.7.3: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [34/50] Installing php80-session-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [34/50] Extracting php80-session-8.0.17_2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [35/50] Installing php80-xmlwriter-8.0.17_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [35/50] Extracting php80-xmlwriter-8.0.17_1: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [36/50] Installing php80-xmlreader-8.0.17_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [36/50] Extracting php80-xmlreader-8.0.17_1: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [37/50] Installing php80-xml-8.0.17_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [37/50] Extracting php80-xml-8.0.17_1: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [38/50] Installing php80-simplexml-8.0.17_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [38/50] Extracting php80-simplexml-8.0.17_1: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [39/50] Installing p5-Quota-1.8.2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [39/50] Extracting p5-Quota-1.8.2: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [40/50] Installing php80-filter-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [40/50] Extracting php80-filter-8.0.17_2: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [41/50] Installing php80-ldap-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [41/50] Extracting php80-ldap-8.0.17_2: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [42/50] Installing p5-perl-ldap-0.6800...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [42/50] Extracting p5-perl-ldap-0.6800: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [43/50] Installing php80-gmp-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [43/50] Extracting php80-gmp-8.0.17_2: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [44/50] Installing php80-gd-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [44/50] Extracting php80-gd-8.0.17_2: ......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [45/50] Installing php80-curl-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [45/50] Extracting php80-curl-8.0.17_2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [46/50] Installing php80-gettext-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [46/50] Extracting php80-gettext-8.0.17_2: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [47/50] Installing php80-mbstring-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [47/50] Extracting php80-mbstring-8.0.17_2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [48/50] Installing php80-iconv-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [48/50] Extracting php80-iconv-8.0.17_2: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [49/50] Installing php80-zip-8.0.17_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [49/50] Extracting php80-zip-8.0.17_2: ........ done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [50/50] Installing ldap-account-manager-7.9...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [50/50] Extracting ldap-account-manager-7.9: ......... done
Running fc-cache to build fontconfig cache...
=====
Message from freetype2-2.11.1:

--
The 2.7.x series now uses the new subpixel hinting mode (V40 port's option) as
the default, emulating a modern version of ClearType. This change inevitably
leads to different rendering results, and you might change port's options to
adapt it to your taste (or use the new "FREETYPE_PROPERTIES" environment
variable).

The environment variable "FREETYPE_PROPERTIES" can be used to control the
driver properties. Example:

FREETYPE_PROPERTIES=truetype:interpreter-version=35 \
	cff:no-stem-darkening=1 \
	autofitter:warping=1

This allows to select, say, the subpixel hinting mode at runtime for a given
application.

If LONG_PCF_NAMES port's option was enabled, the PCF family names may include
the foundry and information whether they contain wide characters. For example,
"Sony Fixed" or "Misc Fixed Wide", instead of "Fixed". This can be disabled at
run time with using pcf:no-long-family-names property, if needed. Example:

FREETYPE_PROPERTIES=pcf:no-long-family-names=1

How to recreate fontconfig cache with using such environment variable,
if needed:
# env FREETYPE_PROPERTIES=pcf:no-long-family-names=1 fc-cache -fsv

The controllable properties are listed in the section "Controlling FreeType
Modules" in the reference's table of contents
(/usr/local/share/doc/freetype2/reference/index.html, if documentation was installed).
=====
Message from php80-dom-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-dom.ini
=====
Message from php80-session-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-18-session.ini
=====
Message from php80-xmlwriter-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-xmlwriter.ini
=====
Message from php80-xmlreader-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-30-xmlreader.ini
=====
Message from php80-xml-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-xml.ini
=====
Message from php80-simplexml-8.0.17_1:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-simplexml.ini
=====
Message from php80-filter-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-filter.ini
=====
Message from php80-ldap-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-ldap.ini
=====
Message from php80-gmp-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gmp.ini
=====
Message from php80-gd-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gd.ini
=====
Message from php80-curl-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-curl.ini
=====
Message from php80-gettext-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gettext.ini
=====
Message from php80-mbstring-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-mbstring.ini
=====
Message from php80-iconv-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-iconv.ini
=====
Message from php80-zip-8.0.17_2:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-zip.ini
=====
Message from ldap-account-manager-7.9:

--
******************************************************************************

You should add the following to your Apache configuration file:

Alias /lam /usr/local/www/lam

<Directory /usr/local/www/lam>
  Options +FollowSymLinks
  AllowOverride All
  Require all granted
  DirectoryIndex index.html
</Directory>

******************************************************************************
Step 15: Install package apache24
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	apache24: 2.4.53
	apr: 1.7.0.1.6.1_2
	db5: 5.3.28_8
	gdbm: 1.23
	jansson: 2.14

Number of packages to be installed: 5

The process will require 80 MiB more space.
18 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Fetching apache24-2.4.53.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Fetching jansson-2.14.pkg: ...... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Fetching apr-1.7.0.1.6.1_2.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Fetching gdbm-1.23.pkg: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Fetching db5-5.3.28_8.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Installing gdbm-1.23...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Extracting gdbm-1.23: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Installing db5-5.3.28_8...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Extracting db5-5.3.28_8: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Installing jansson-2.14...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Extracting jansson-2.14: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Installing apr-1.7.0.1.6.1_2...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Extracting apr-1.7.0.1.6.1_2: .......... done
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Installing apache24-2.4.53...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Extracting apache24-2.4.53: .......... done
=====
Message from db5-5.3.28_8:

--
===>   NOTICE:

The db5 port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://docs.freebsd.org/en/articles/contributing/#ports-contributing
--
===>   NOTICE:

This port is deprecated; you may wish to reconsider installing it:

EOLd, potential security issues, maybe use db18 instead.

It is scheduled to be removed on or after 2022-06-30.
=====
Message from apr-1.7.0.1.6.1_2:

--
The Apache Portable Runtime project removed support for FreeTDS with
version 1.6. Users requiring MS-SQL connectivity must migrate
configurations to use the added ODBC driver and FreeTDS' ODBC features.
=====
Message from apache24-2.4.53:

--
To run apache www server from startup, add apache24_enable="yes"
in your /etc/rc.conf. Extra options can be found in startup script.

Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch.conf typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.


- apache24 default build changed from static MPM to modular MPM
- more modules are now enabled per default in the port
- icons and error pages moved from WWWDIR to DATADIR

   If build with modular MPM and no MPM is activated in
   httpd.conf, then mpm_prefork will be activated as default
   MPM in etc/apache24/modules.d to keep compatibility with
   existing php/perl/python modules!

Please compare the existing httpd.conf with httpd.conf.sample
and merge missing modules/instructions into httpd.conf!
Step 16: Enable apache24 in /etc/rc.conf
apache24 enabled in /etc/rc.conf
Step 17: Install package php74
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	mod_php74: 7.4.28_1

Number of packages to be installed: 1

The process will require 6 MiB more space.
1 MiB to be downloaded.
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching mod_php74-7.4.28_1.pkg: .......... done
Checking integrity... done (0 conflicting)
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing mod_php74-7.4.28_1...
[openldap-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting mod_php74-7.4.28_1: .... done
[activating module `php7' in /usr/local/etc/apache24/httpd.conf]
=====
Message from mod_php74-7.4.28_1:

--
******************************************************************************

Make sure index.php is part of your DirectoryIndex.

You should add the following to your Apache configuration file:

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

******************************************************************************

If you are building PHP-based ports in poudriere(8) or Synth with ZTS enabled,
add WITH_MPM=event to /etc/make.conf to prevent build failures.

******************************************************************************
--
===>   NOTICE:

This port is deprecated; you may wish to reconsider installing it:

Upstream Security Support ends on 2022-11-28.

It is scheduled to be removed on or after 2022-11-29.
Step 18: Clean package installation
Nothing to do.
Step 19: Create necessary directories if they don't exist
Step 20: Set ldap owner on /mnt/openldap-data
Step 21: Set 700 permissions on /mnt/openldap-data
Step 22: Set ldap owner on /usr/local/etc/openldap/slapd.d
Step 23: Clean cook artifacts
Step 24: Create cook script
Step 25: Make cook script executable
setting executable bit on /usr/local/bin/cook
Step 26: Create rc.d script to start cook
creating rc.d script to start cook
Step 27: Make rc.d script to start cook executable
Setting executable bit on cook rc file
Step 28: Enable cook service
enabling cook
cook enabled in /etc/rc.conf
=====>  Stop the pot openldap-amd64-12_3
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-12_3/m/tmp
=====>  unmount /mnt/srv/pot/jails/openldap-amd64-12_3/m/dev
=====>  Flavour: openldap+1
=====>  Executing openldap+1 pot commands on openldap-amd64-12_3
=====>  No shell script available for the flavour openldap+1
=====>  Flavour: openldap+2
=====>  Executing openldap+2 pot commands on openldap-amd64-12_3
=====>  No shell script available for the flavour openldap+2
=====>  Flavour: openldap+3
=====>  Executing openldap+3 pot commands on openldap-amd64-12_3
=====>  No shell script available for the flavour openldap+3
=====>  Flavour: openldap+4
=====>  Executing openldap+4 pot commands on openldap-amd64-12_3
=====>  No shell script available for the flavour openldap+4

This site © Honeyguide Group (Pty) Ltd, all the hosted software their respective license owners 2020 - 2021 - Disclaimer