pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mail/rspamd mail/rspamd: Fix unprivileged execution in...
details: https://anonhg.NetBSD.org/pkgsrc/rev/05f0c78dfb81
branches: trunk
changeset: 374947:05f0c78dfb81
user: fhajny <fhajny%pkgsrc.org@localhost>
date: Thu Feb 01 09:07:23 2018 +0000
description:
mail/rspamd: Fix unprivileged execution in rc.d and SMF.
diffstat:
mail/rspamd/Makefile | 7 ++-
mail/rspamd/files/rspamd.sh | 4 +-
mail/rspamd/files/smf/manifest.xml | 66 ++++++++++++++-----------------------
3 files changed, 32 insertions(+), 45 deletions(-)
diffs (117 lines):
diff -r 5eef24e6a184 -r 05f0c78dfb81 mail/rspamd/Makefile
--- a/mail/rspamd/Makefile Thu Feb 01 04:11:17 2018 +0000
+++ b/mail/rspamd/Makefile Thu Feb 01 09:07:23 2018 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.32 2017/11/30 16:45:30 adam Exp $
+# $NetBSD: Makefile,v 1.33 2018/02/01 09:07:23 fhajny Exp $
DISTNAME= rspamd-1.6.1
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_GITHUB:=vstakhov/}
@@ -42,6 +42,9 @@
DBDIR= ${VARBASE}/db/rspamd
RUNDIR= ${VARBASE}/run/rspamd
+FILES_SUBST+= RSPAMD_USER=${RSPAMD_USER}
+FILES_SUBST+= RSPAMD_GROUP=${RSPAMD_GROUP}
+
RCD_SCRIPTS= rspamd
CMAKE_ARGS+= -DMANDIR:PATH=${PREFIX}/${PKGMANDIR}
diff -r 5eef24e6a184 -r 05f0c78dfb81 mail/rspamd/files/rspamd.sh
--- a/mail/rspamd/files/rspamd.sh Thu Feb 01 04:11:17 2018 +0000
+++ b/mail/rspamd/files/rspamd.sh Thu Feb 01 09:07:23 2018 +0000
@@ -1,6 +1,6 @@
#!@RCD_SCRIPTS_SHELL@
#
-# $NetBSD: rspamd.sh,v 1.1 2017/03/20 14:15:16 wiz Exp $
+# $NetBSD: rspamd.sh,v 1.2 2018/02/01 09:07:23 fhajny Exp $
#
# PROVIDE: rspamd
# REQUIRE: DAEMON
@@ -14,7 +14,7 @@
rcvar=$name
command="@PREFIX@/bin/rspamd"
pidfile="@VARBASE@/run/rspamd/${name}.pid"
-command_args="-c @PKG_SYSCONFDIR@/rspamd.conf"
+command_args="-u @RSPAMD_USER@ -g @RSPAMD_GROUP@ -c @PKG_SYSCONFDIR@/rspamd.conf"
required_files="@PKG_SYSCONFDIR@/rspamd.conf"
start_precmd="rspamd_precmd"
diff -r 5eef24e6a184 -r 05f0c78dfb81 mail/rspamd/files/smf/manifest.xml
--- a/mail/rspamd/files/smf/manifest.xml Thu Feb 01 04:11:17 2018 +0000
+++ b/mail/rspamd/files/smf/manifest.xml Thu Feb 01 09:07:23 2018 +0000
@@ -1,45 +1,29 @@
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="manifest" name="export">
-
- <service name="@SMF_PREFIX@/@SMF_NAME@" type="service" version="1">
-
- <create_default_instance enabled="false"/>
-
- <single_instance/>
-
- <dependency name="network" grouping="require_all" restart_on="error" type="service">
- <service_fmri value="svc:/milestone/network:default"/>
- </dependency>
-
- <dependency name="filesystem" grouping="require_all" restart_on="error" type="service">
- <service_fmri value="svc:/system/filesystem/local"/>
- </dependency>
-
- <method_context>
- </method_context>
-
- <exec_method type="method" name="start" exec="@PREFIX@/bin/rspamd -i -f -c %{config_file}" timeout_seconds="60"/>
- <exec_method type="method" name="stop" exec=":kill" timeout_seconds="60"/>
-
- <property_group name="startd" type="framework">
- <propval name="duration" type="astring" value="child"/>
- <propval name="ignore_error" type="astring" value="core,signal"/>
- </property_group>
-
- <property_group name="application" type="application">
- <propval name="config_file" type="astring" value="@PKG_SYSCONFDIR@/rspamd.conf"/>
- </property_group>
-
-
- <template>
- <common_name>
- <loctext xml:lang="C">
- Rspamd spam filtering system.
- </loctext>
- </common_name>
- </template>
-
- </service>
-
+ <service name="@SMF_PREFIX@/@SMF_NAME@" type="service" version="1">
+ <create_default_instance enabled="false" />
+ <single_instance />
+ <dependency name="network" grouping="require_all" restart_on="error" type="service">
+ <service_fmri value="svc:/milestone/network:default" />
+ </dependency>
+ <dependency name="filesystem" grouping="require_all" restart_on="error" type="service">
+ <service_fmri value="svc:/system/filesystem/local" />
+ </dependency>
+ <method_context></method_context>
+ <exec_method type="method" name="start" exec="@PREFIX@/bin/rspamd -u @RSPAMD_USER@ -g @RSPAMD_USER@ -c %{config_file}" timeout_seconds="60" />
+ <exec_method type="method" name="stop" exec=":kill" timeout_seconds="60" />
+ <property_group name="startd" type="framework">
+ <propval name="duration" type="astring" value="contract" />
+ <propval name="ignore_error" type="astring" value="core,signal" />
+ </property_group>
+ <property_group name="application" type="application">
+ <propval name="config_file" type="astring" value="@PKG_SYSCONFDIR@/rspamd.conf" />
+ </property_group>
+ <template>
+ <common_name>
+ <loctext xml:lang="C">Rspamd spam filtering system.</loctext>
+ </common_name>
+ </template>
+ </service>
</service_bundle>
Home |
Main Index |
Thread Index |
Old Index