ports/142382: [patch] Fix mail/mailscanner 4.79.4
Mike Jakubik
mike.jakubik at intertainservices.com
Wed Jan 6 16:00:18 UTC 2010
>Number: 142382
>Category: ports
>Synopsis: [patch] Fix mail/mailscanner 4.79.4
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jan 06 16:00:13 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Mike Jakubik
>Release: 8.0-STABLE
>Organization:
>Environment:
>Description:
This is a workaround to the continuous taint mode incompatibilities with this code.
Since I have been unsuccessful at reaching the mailscanner community to address these, i created this work around instead.
- This patch introduces a new rc variable called "mailscanner_user". If you changed the "Run As User" variable in MailScanner.conf (which triggers taint mode) you MUST now also set the same value in /etc/rc.conf.
- Removed ulimit bump from startup script, since its now dynamically set at boot time based on system resources.
>How-To-Repeat:
>Fix:
diff -urN mailscanner.orig/Makefile mailscanner/Makefile
--- mailscanner.orig/Makefile 2010-01-04 15:19:40.000000000 -0500
+++ mailscanner/Makefile 2010-01-04 16:00:18.000000000 -0500
@@ -7,6 +7,7 @@
PORTNAME= MailScanner
PORTVERSION= 4.79.4
+PORTREVISION= 1
CATEGORIES= mail
MASTER_SITES= http://www.mailscanner.info/files/4/tar/
DISTNAME= ${PORTNAME}-install-${PORTVERSION}-${PATCHLEVEL}
diff -urN mailscanner.orig/files/mailscanner.in mailscanner/files/mailscanner.in
--- mailscanner.orig/files/mailscanner.in 2010-01-04 15:19:40.000000000 -0500
+++ mailscanner/files/mailscanner.in 2010-01-04 15:57:33.000000000 -0500
@@ -10,6 +10,7 @@
# Set it to "YES" to enable mailscanner
# mailscanner_configfile (path): Set to "%%PREFIX%%/etc/MailScanner/MailScanner.conf" by default.
# mailscanner_pidfile (path): Set to "/var/run/MailScanner.pid" by default.
+# mailscanner_user (str): Set to "root" by default. If you changed the "Run As User" variable in MailScanner.conf you MUST also set the same value here.
#
. %%RC_SUBR%%
@@ -22,22 +23,20 @@
: ${mailscanner_enable="NO"}
: ${mailscanner_configfile="%%PREFIX%%/etc/MailScanner/MailScanner.conf"}
: ${mailscanner_pidfile="/var/run/MailScanner.pid"}
+: ${mailscanner_user="root"}
command="%%PREFIX%%/sbin/mailscanner"
pidfile=${mailscanner_pidfile}
command_args="${mailscanner_configfile}"
+procname="MailScanner"
required_files="${mailscanner_configfile}"
-_ms_start_precmd() {
- # Quietly try to raise the open_files limit
- #
- ulimit -n 2000 >/dev/null 2>&1
-}
-
-start_precmd=_ms_start_precmd
+start_cmd="mailscanner_start"
-procname="MailScanner"
+mailscanner_start() {
+ su -m ${mailscanner_user} -c "exec ${command} ${command_args}"
+}
run_rc_command "$1"
diff -urN mailscanner.orig/files/pkg-message.in mailscanner/files/pkg-message.in
--- mailscanner.orig/files/pkg-message.in 2010-01-04 15:19:40.000000000 -0500
+++ mailscanner/files/pkg-message.in 2010-01-04 15:41:35.000000000 -0500
@@ -38,7 +38,19 @@
Sophos users: Please take a look at the Sophos install
script %%PREFIX%%/share/doc/MailScanner/Sophos.install.freebsd
- Please also always look at the port changelog at
- %%PREFIX%%/share/doc/MailScanner/CHANGES.port
+
+ *****************************************************************
+ A new rc variable called mailscanner_user has been added to the
+ startup script. This is a temporary workaround to address the
+ numerous taint mode problems that are still present in the code.
+
+ If you changed the "Run As User" variable in MailScanner.conf
+ you MUST also set the same value in /etc/rc.conf.
+
+ i.e. mailscanner_user="postfix"
+
+ The new variable uses su to start the master perl script as the
+ specified user, this effectively disables perl's taint mode.
+ *****************************************************************
*************************************************************************
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list