Mercurial > dnsbl
changeset 43:acbe44bbba22
seems to drop root privs ok now
author | carl |
---|---|
date | Mon, 05 Jul 2004 22:24:22 -0700 |
parents | afcf403709ef |
children | 6b79046b18c2 |
files | ChangeLog dnsbl.spec.in sendmail.st src/dnsbl.cpp test.bash |
diffstat | 5 files changed, 51 insertions(+), 25 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Mon Jul 05 13:09:44 2004 -0700 +++ b/ChangeLog Mon Jul 05 22:24:22 2004 -0700 @@ -2,11 +2,16 @@ 3.2 2004-07-05 + Contributions from John Gunkel <jgunkel@palliser.ca>: Add .spec file for building rpms, contributed by John Gunkel - <jgunkel@palliser.ca> + + Changes to file layout to conform to RedHat/LSB standards. - Changes to file layout suggested by John to conform to RedHat/LSB - standards. + Add some html (actually xml) tags used by Apple mac print + subsystem that were tripping the html tag detector. + + Help with changes required to allow dnsbl to drop root + priviledges. Change parser to handle &#xnnn; obfuscated urls with charaters specified in hex.
--- a/dnsbl.spec.in Mon Jul 05 13:09:44 2004 -0700 +++ b/dnsbl.spec.in Mon Jul 05 22:24:22 2004 -0700 @@ -1,20 +1,22 @@ Summary: DNSBL Sendmail Milter Name: dnsbl Version: 3.1 -Release: 1 +Release: 2 Copyright: GPL Group: System Environment/Daemons Source: http://www.five-ten-sg.com/util/dnsbl.tar.gz +Patch0: dnsbl.rc.patch BuildRoot: %{_tmppath}/%{name}-%{version} -BuildRequires: sendmail-devel >= 8.12.1 Requires(pre): /usr/sbin/groupadd Requires(pre): /usr/sbin/useradd Requires(pre): /usr/bin/getent Requires(postun): /usr/sbin/userdel Requires(postun): /usr/sbin/groupdel Requires(post,preun): /sbin/chkconfig -Requires: sendmail +BuildRequires: sendmail-devel >= 8.12.1 +Requires: sendmail >= 8.12.1 +Requires: sendmail-cf %description @@ -25,12 +27,9 @@ The DNSBL milter reads a text configuration file (dnsbl.conf) on startup, and whenever the config file (or any of the referenced include files) is changed. The entire configuration file is case insensitive. %prep -# %setup -q -n Zope-%{zope_version} -# %patch0 -p1 -# %patch1 -p1 %setup - +%patch0 -p1 %build pwd @@ -38,8 +37,6 @@ g++ -o dnsbl dnsbl.o /usr/lib/libresolv.a -lmilter -pthread %install -# hoisted from install.bash -#DST=/var/dnsbl DST=%{buildroot} if [ "%{buildroot}" = "/" -o -z "%{buildroot}" ] ; then echo sorry, you probably do not want me to delete the old buildroot at %{buildroot} @@ -64,12 +61,30 @@ %pre /usr/bin/getent passwd dnsbl || useradd -r -d /etc/dnsbl -M -c "dnsbl pseudo-user" -s /sbin/nologin dnsbl + +#[JOG] Attempt to migrate an existing, non-rpm install. +# WARNING! This may cause blindness, loss of appetite, and a general +# feeling of ill will towards the author of this script. Please refer +# to the Licence file for warranty information... +if [ -f "/var/dnsbl/dnsbl.conf" -a ! -f "/etc/dnsbl/dnsbl.conf" ] ; then + echo Existing installation found at /var/dnsbl/ Migrating configuation... + # create the conf directory so rpm can find it in a minute... + mkdir /etc/dnsbl/ + # and try to copy all of the relavent config files that are below this directory + cd /var/dnsbl/ + grep '^include ' /var/dnsbl/dnsbl.conf | cut -d ' ' -f 2 | grep -v '^/' | xargs cp --target-directory=/etc/dnsbl/ /var/dnsbl/dnsbl.conf +fi + + %post /sbin/chkconfig --add dnsbl /sbin/chkconfig dnsbl on /sbin/service dnsbl start -# [JOG] TODO: spew out a message indicating what should be added to sendmail.mc +echo Remember to edit /etc/dnsbl.conf and add the following line to your sendmail.mc: +echo "INPUT_MAIL_FILTER(\`dnsbl\', \`S=local:/var/run/dnsbl/dnsbl.sock, F=T, T=C:30s;S:2m;R:2m;E:5m\')" +echo + %preun if [ $1 -eq 0 ]; then @@ -90,6 +105,12 @@ %dir %attr(0750,dnsbl,root) /var/run/dnsbl %changelog -Revision 1.1 2004/06/30 10:08:48 jgunkel@palliser.ca -Initial revision of spec file. Need to add a better description, docs and a sendmail.mc message +* Mon Jul 05 2004 John Gunkel <jgunkel@palliser.ca> 1.2 +- Fixed some typos +- removed patch into separate file +- added config migration as suggested by Carl +- Added reminder to edit sendmail.mc +* Wed Jun 30 2004 John Gunkel <jgunkel@palliser.ca> 1.1 +- Initial revision of spec file. Need to add a better description, docs and a sendmail.mc message +
--- a/src/dnsbl.cpp Mon Jul 05 13:09:44 2004 -0700 +++ b/src/dnsbl.cpp Mon Jul 05 22:24:22 2004 -0700 @@ -1289,13 +1289,13 @@ static void setup_socket(char *sock); static void setup_socket(char *sock) { unlink(sock); - sockaddr_un addr; - memset(&addr, '\0', sizeof addr); - addr.sun_family = AF_UNIX; - strncpy(addr.sun_path, sock, sizeof(addr.sun_path)-1); - int s = socket(AF_UNIX, SOCK_STREAM, 0); - bind(s, (sockaddr*)&addr, sizeof(addr)); - close(s); + // sockaddr_un addr; + // memset(&addr, '\0', sizeof addr); + // addr.sun_family = AF_UNIX; + // strncpy(addr.sun_path, sock, sizeof(addr.sun_path)-1); + // int s = socket(AF_UNIX, SOCK_STREAM, 0); + // bind(s, (sockaddr*)&addr, sizeof(addr)); + // close(s); }
--- a/test.bash Mon Jul 05 13:09:44 2004 -0700 +++ b/test.bash Mon Jul 05 22:24:22 2004 -0700 @@ -40,9 +40,9 @@ pid=/var/run/dnsbl.pid echo start the milter mkdir -p /var/run/dnsbl -chmod 700 /var/run/dnsbl +chmod 750 /var/run/dnsbl +chown dnsbl:dnsbl /var/run/dnsbl mv -f $pid $pid.save -rm -f /var/run/dnsbl/dnsbl.sock ./dnsbl -d -p local:/var/run/dnsbl/dnsbl.sock sleep 5 P2=`cat $pid`