Date: Thu, 5 Feb 2009 21:16:20 GMT From: William Olson <wolson@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: i386/131434: suid fails Message-ID: <200902052116.n15LGKlK074199@www.freebsd.org> Resent-Message-ID: <200902052120.n15LK4vx076367@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 131434 >Category: i386 >Synopsis: suid fails >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Feb 05 21:20:03 UTC 2009 >Closed-Date: >Last-Modified: >Originator: William Olson >Release: 7.1-STABLE >Organization: Nelson and Wright, Inc. >Environment: FreeBSD mongoose.thebushtelegraph.com.au 7.1-STABLE FreeBSD 7.1-STABLE #0: Mon Jan 19 16:35:53 EST 2009 wolson@mongoose.thebushtelegraph.com.au:/usr/obj/usr/src/sys/GENERIC i386 and FreeBSD freebsd.nw.local 7.1-STABLE FreeBSD 7.1-STABLE #0: Fri Jan 9 20:56:51 EST 2009 wolson@freebsd.nw.local:/usr/obj/usr/src/sys/GENERIC i386 >Description: When installing perl 5.9, there is a known bug listed here: http://www.nntp.perl.org/group/perl.perl5.porters/2008/12/msg142837.html I am having this issue when installing /usr/ports/mail/qmail-scanner1 port with qms-config >How-To-Repeat: If you do not do the perl fix When installing qmail-scanner it will install all dependancies for you. So lets go ahead and install it! # cd /usr/ports/mail/qmail-scanner1/ # make extract Configuring qms-analog This is the second tarball we will need to download to get reporting out of qmail-scanner so lets get started! # cd work # fetch http://freebsdrocks.net/files/qms-analog-0.4.2.tar.gz # tar zxvf qms-analog-0.4.2.tar.gz # cd qms-analog-0.4.2 # gmake all # cp qmail-scanner-1.25-st-qms-YYYYMMDD.patch ../qmail-scanner-1.25 Now we need to change to the qmail-scanner source, patch it and then run the configure scripts: # cd ../qmail-scanner-1.25 # patch -p1 < qmail-scanner-1.25-st-qms-YYYYMMDD.patch You should get a pretty large output. When it is done it will say done at the bottom if it installed the patch correctly. Installing qmail-scanner We now need to change the qms-config to match your settings. Please remember the sections in bold need to be changed to your domain specific settings: # vi qms-config ./configure --domain yourdomain.com \ --admin postmaster \ --local-domains "yourdomain.com,yourotherdomain.com" \ --add-dscr-hdrs yes \ --dscr-hdrs-text "X-Antivirus-MYDOMAIN" \ --ignore-eol-check yes \ --sa-quarantine 0 \ --sa-delete 0 \ --sa-reject no \ --sa-subject ":SPAM:" \ --sa-alt yes \ --sa-debug no \ --notify admin \ --redundant yes \ --qms-monitor no \ "$INSTALL" One of the options is having the headers of your emails display which rules determined the scores. You can do this as an option if you like. If you get a message thats marked spam and it's actually a ham, you can see what rules set it to be spam. This is quite useful when determining problems. Add the following options after the --notify admin but before the "$INSTALL" line in the qms-config script above: --sa-alt yes \ --sa-debug yes \ --sa-report yes\ Now we need to chmod the qms-config and give it a test run: # chmod 755 qms-config # ./qms-config When it asks you: Continue? ([Y]/N) go ahead and hit Y. It will ask you the same thing twice to verfy the installation. You will see the error at the end >Fix: in perl.c in release 5.8.9, line 3727 is if (*suidscript) { should be if (*suidscript != 1) { >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902052116.n15LGKlK074199>