Date: Wed, 22 May 2002 18:56:29 -0500 (CDT) From: "Scot W. Hetzel" <hetzels@westbend.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/38434: security/cyrus-sasl: Don't set a shell for the cyrus user Message-ID: <200205222356.g4MNuT4u098865@wbiW009.westbend.net>
next in thread | raw e-mail | index | archive | help
>Number: 38434 >Category: ports >Synopsis: security/cyrus-sasl: Don't set a shell for the cyrus user >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Wed May 22 17:00:06 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Scot W. Hetzel >Release: FreeBSD 4.5-STABLE i386 >Organization: West Bend Internet >Environment: System: FreeBSD wbiW009.westbend.net 4.5-STABLE FreeBSD 4.5-STABLE #7: Wed Apr 24 10:46:07 CDT 2002 root@wbiW009.westbend.net:/usr/obj/usr/src/sys/GENERIC-SMP i386 >Description: In PR 38363, pkg-install was changed to specify a shell (/sbin/csh) for the cyrus user. The need for assigning the shell was due to the cyrus-imapd ports require the cyrus user to have a shell in order to use the cyrus-imapd utilites that work on the imapd spool. This has caused concern from the other users of the cyrus-sasl port, who don't want/need a shell assigned to this user. >How-To-Repeat: Install Postfix w/SASL support, a shell is now given to the cyrus user. >Fix: The attached patch reverts cyrus-sasl to the previous behavior. Two PRs for the mail/cyrus & mail/cyrus-imapd ports will be submitted shortly. Changed Files: pkg-deinstall pkg-install Index: pkg-deinstall =================================================================== RCS file: /home/ncvs/ports/security/cyrus-sasl/pkg-deinstall,v retrieving revision 1.4 diff -u -r1.4 pkg-deinstall --- pkg-deinstall 21 May 2002 15:08:58 -0000 1.4 +++ pkg-deinstall 22 May 2002 23:15:14 -0000 @@ -28,6 +28,9 @@ if pw usershow cyrus 2>/dev/null 1>&2; then echo "To delete Cyrus user permanently, use 'pw userdel cyrus'" fi + if pw groupshow cyrus 2>/dev/null 1>&2; then + echo "To delete Cyrus group permanently, use 'pw groupdel cyrus'" + fi } Index: pkg-install =================================================================== RCS file: /home/ncvs/ports/security/cyrus-sasl/pkg-install,v retrieving revision 1.7 diff -u -r1.7 pkg-install --- pkg-install 21 May 2002 15:08:58 -0000 1.7 +++ pkg-install 22 May 2002 19:58:09 -0000 @@ -18,51 +18,57 @@ # create_user() { - if [ ! -x /usr/sbin/pw ]; then - echo "*** Please add a user and a group named \`cyrus' before installing this package." - exit 69 - fi + USER=cyrus + GROUP=cyrus + PW=/usr/sbin/pw + + if [ -x /sbin/nologin ]; then + shell=/sbin/nologin + else + shell=/nonexistent + fi + uhome="/nonexistent" - if ! pw show group cyrus -q >/dev/null; then + if ! ${PW} show group ${GROUP} -q >/dev/null; then gid=60 - while pw show group -g ${gid} -q >/dev/null; do + while ${PW} show group -g ${gid} -q >/dev/null; do gid=`expr ${gid} + 1` done - if ! pw add group cyrus -g ${gid}; then + if ! ${PW} add group ${GROUP} -g ${gid}; then e=$? - echo "*** Failed to add group \`cyrus'. Please add it manually." + echo "*** Failed to add group \`${GROUP}'. Please add it manually." exit ${e} fi - echo "*** Added group \`cyrus' (id ${gid})" + echo "*** Added group \`${GROUP}' (id ${gid})" else - gid=`pw show group cyrus 2>/dev/null | cut -d: -f3` + gid=`${PW} show group ${GROUP} 2>/dev/null | cut -d: -f3` fi - if ! pw show user cyrus -q >/dev/null; then + if ! ${PW} show user ${USER} -q >/dev/null; then uid=60 - while pw show user -u ${uid} -q >/dev/null; do + while ${PW} show user -u ${uid} -q >/dev/null; do uid=`expr ${uid} + 1` done - if ! pw add user cyrus -u ${uid} -g ${gid} -d "${PKG_PREFIX}/cyrus" \ - -c "the cyrus mail server" -s "/bin/csh" -p "*" \ + if ! ${PW} add user ${USER} -u ${uid} -g ${gid} -d "${uhome}" \ + -c "the cyrus mail server" -s "${shell}" -p "*" \ ; then e=$? - echo "*** Failed to add user \`cyrus'. Please add it manually." + echo "*** Failed to add user \`${USER}'. Please add it manually." exit ${e} fi - echo "*** Added user \`cyrus' (id ${uid})" + echo "*** Added user \`${USER}' (id ${uid})" else - if ! pw mod user cyrus -g ${gid} -d "${PKG_PREFIX}/cyrus" \ - -c "the cyrus mail server" -s "/bin/csh" -p "*" \ + if ! ${PW} mod user ${USER} -g ${gid} -d "${uhome}" \ + -c "the cyrus mail server" -s "${shell}" -p "*" \ ; then e=$? - echo "*** Failed to update user \`cyrus'." + echo "*** Failed to update user \`${USER}'." exit ${e} fi - echo "*** Updated user \`cyrus'." + echo "*** Updated user \`${USER}'." fi - if ! pw group mod cyrus -m daemon; then - echo "*** can't add user \`daemon' to group \`cyrus'" + if ! ${PW} group mod ${USER} -m daemon; then + echo "*** can't add user \`${USER}' to group \`${GROUP}'" fi } >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205222356.g4MNuT4u098865>