Do not ever apply password aging rules to root
When STIG mode is enabled we enforce password aging rules,
among other things, an expired account will fail internal
pam_acct_mgmt calls (even through unix authentication).
Password aging rules are a separate account control mechanism
from disabling a password (* in the shadow file) and should
not be applied ever to the root account. The proper STIG
mode configuration should be having password disabled for
root, but never allowing the account to age out. The reason
for this is that there are various local processes that
use the root account, and require pam_acct_mgmt to succeed:
for example, cronjobs will login() as root to perform tasks.
This commit ensures that the root account will never have
password aging rules applied.
databases/redis84: New port
This is the redis 8.4.X branch of redis copied from databases/redis in
preparation for upgrading redis to redis 8.6.X branch.
pkgdb: skip WAL journal mode on read-only databases
PRAGMA journal_mode = WAL requires write access to create the -wal and
-shm sidecar files. When pkg-static runs as an unprivileged user (e.g.
nobody during poudriere's package phase), the local database is opened
read-only and the WAL pragma fails with "attempt to write a readonly
database".
This caused actual-package-depends to fail silently, producing packages
with missing dependencies. For example, gmake was packaged without its
gettext-runtime dependency, leading to "libintl.so.8 not found" errors
when gmake was later installed as a build dependency.
Use sqlite3_db_readonly() to check the connection mode before attempting
to enable WAL, consistent with other read-only guards in pkgdb.c.
Fixes: a7ccf3c03e92 ("pkgdb: enable WAL journal mode for local databases")
Reported-by: https://github.com/freebsd/pkg/issues/2605
pkgdb: open read-only databases in immutable mode to fix WAL access
When pkg enables WAL journal mode on the local database (during a
write-access session), the mode is persisted in the database header.
Subsequent read-only opens (e.g. as nobody during poudriere's package
phase) fail because WAL requires -shm/-wal sidecar files which cannot
be created without write access, causing all queries to fail — including
read-only ones like PRAGMA user_version.
This caused actual-package-depends to fail silently, producing packages
with missing dependencies. For example, gmake was packaged without its
gettext-runtime dependency, leading to "libintl.so.8 not found" errors.
Fix by opening the database with sqlite3_open_v2() and immutable=1 URI
parameter when write access is not available. Immutable mode tells
SQLite to bypass WAL/SHM entirely and read directly from the main
database file, which contains all committed data after the last
writer's checkpoint.