From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Jul 27 01:50:16 2006 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E6D8D16A4DF for ; Thu, 27 Jul 2006 01:50:16 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9BC0843D53 for ; Thu, 27 Jul 2006 01:50:15 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k6R1oF80067160 for ; Thu, 27 Jul 2006 01:50:15 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k6R1oF93067159; Thu, 27 Jul 2006 01:50:15 GMT (envelope-from gnats) Resent-Date: Thu, 27 Jul 2006 01:50:15 GMT Resent-Message-Id: <200607270150.k6R1oF93067159@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, andrew@arda.homeunix.net Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CD78416A4DD for ; Thu, 27 Jul 2006 01:42:43 +0000 (UTC) (envelope-from astjean@lorien.arda.homeunix.net) Received: from tomts10-srv.bellnexxia.net (tomts10.bellnexxia.net [209.226.175.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F20343D46 for ; Thu, 27 Jul 2006 01:42:43 +0000 (GMT) (envelope-from astjean@lorien.arda.homeunix.net) Received: from arda.homeunix.net ([64.230.65.22]) by tomts10-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20060727014241.MOVH13241.tomts10-srv.bellnexxia.net@arda.homeunix.net> for ; Wed, 26 Jul 2006 21:42:41 -0400 Received: (qmail 87010 invoked by uid 1001); 27 Jul 2006 01:42:40 -0000 Message-Id: <20060727014240.87009.qmail@arda.homeunix.net> Date: 27 Jul 2006 01:42:40 -0000 From: andrew@arda.homeunix.net To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/100900: New port: security/courieruserinfo A utility for retrieving user account information. X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: andrew@arda.homeunix.net List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2006 01:50:17 -0000 >Number: 100900 >Category: ports >Synopsis: New port: security/courieruserinfo A utility for retrieving user account information. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Jul 27 01:50:14 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Andrew St. Jean >Release: FreeBSD 5.4-RELEASE i386 >Organization: >Environment: System: FreeBSD lorien.arda.homeunix.net 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Thu Mar 2 22:54:06 EST 2006 root@lorien.arda.homeunix.net:/usr/src/sys/i386/compile/LORIEN540 i386 >Description: courieruserinfo is a utility for retrieving user account information. Account information is accessed through the courier-authlib authentication library. WWW: http://www.arda.homeunix.net/store/ >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # /usr/ports/security/courieruserinfo/ # /usr/ports/security/courieruserinfo/Makefile # /usr/ports/security/courieruserinfo/pkg-plist # /usr/ports/security/courieruserinfo/pkg-message # /usr/ports/security/courieruserinfo/pkg-descr # /usr/ports/security/courieruserinfo/distinfo # echo c - /usr/ports/security/courieruserinfo/ mkdir -p /usr/ports/security/courieruserinfo/ > /dev/null 2>&1 echo x - /usr/ports/security/courieruserinfo/Makefile sed 's/^X//' >/usr/ports/security/courieruserinfo/Makefile << 'END-of-/usr/ports/security/courieruserinfo/Makefile' XPORTNAME= courieruserinfo XPORTVERSION= 1.1.2 XCATEGORIES= security mail XMASTER_SITES= http://www.arda.homeunix.net/store/ X XMAINTAINER= andrew@arda.homeunix.net XCOMMENT= User account information retrieval utility X XBUILD_DEPENDS= courierauthconfig:${PORTSDIR}/security/courier-authlib-base XRUN_DEPENDS= courierauthconfig:${PORTSDIR}/security/courier-authlib-base X XGNU_CONFIGURE= yes XUSE_GMAKE= yes XCPPFLAGS+= -I${LOCALBASE}/include XLDFLAGS+= -L${LOCALBASE}/lib XCONFIGURE_ENV= CPPFLAGS='${CPPFLAGS}' LDFLAGS='${LDFLAGS}' X XCONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL} X XMAN8= courieruserinfo.8 X Xpost-install: X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/AUTHORS ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/ChangeLog ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/COPYING ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/INSTALL ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/NEWS ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR} X.endif X @${CAT} ${PKGMESSAGE} X X.include END-of-/usr/ports/security/courieruserinfo/Makefile echo x - /usr/ports/security/courieruserinfo/pkg-plist sed 's/^X//' >/usr/ports/security/courieruserinfo/pkg-plist << 'END-of-/usr/ports/security/courieruserinfo/pkg-plist' Xsbin/courieruserinfo X%%PORTDOCS%%%%DOCSDIR%%/AUTHORS X%%PORTDOCS%%%%DOCSDIR%%/ChangeLog X%%PORTDOCS%%%%DOCSDIR%%/COPYING X%%PORTDOCS%%%%DOCSDIR%%/INSTALL X%%PORTDOCS%%%%DOCSDIR%%/NEWS X%%PORTDOCS%%%%DOCSDIR%%/README X%%PORTDOCS%%@dirrm %%DOCSDIR%% END-of-/usr/ports/security/courieruserinfo/pkg-plist echo x - /usr/ports/security/courieruserinfo/pkg-message sed 's/^X//' >/usr/ports/security/courieruserinfo/pkg-message << 'END-of-/usr/ports/security/courieruserinfo/pkg-message' X X######################################################################### XNOTES FOR RUNNING COURIERUSERINFO X XIn order to use courieruserinfo, it must be able to access the Xauthdaemon domain socket, named 'socket'. When courieruserinfo runs as Xroot, this presents no problem. However, if you need to run courieruserinfo Xas a non-root user, you have three options, all of which require some Xmanual work. X XOption 1: Add the user courieruserinfo will run as to the group that Xowns the authdaemon socket directory in /etc/group. More than one user Xcan be added to the group vector in this way. This arrangement works Xwell if courieruserinfo will be run by only a small number of users. XIf the authdaemon socket directory is owned by courier:courier and you Xrun courieruserinfo as user vmail, your /etc/group file will have a line Xsomething like this: X X courier:x:465:vmail X XOption 2: Some programs, such as tcpserver, allow you to separately set Xthe uid and gid of programs they call but don't honour the group vector Xfound in /etc/group. If you invoke courieruserinfo from such a program, Xset the gid to the group ownership of the authdaemon socket directory. X XOption 3: Change the permissions on courieruserinfo to set gid to the Xgroup ownership of the socket directory. Again, if the socket directory Xis owned by courier:courier, change the ownership and permissions Xof courieruserinfo like so: X X chgrp courier courieruserinfo X chmod g+s courieruserinfo X XBe aware that this will allow any user on the system to access user Xaccount information through courieruserinfo. X XTo mitigate possible security risks posed by running courieruserinfo Xsetgid, courieruserinfo cannot retrieve passwords. X XThe location of the authdaemon domain socket is listed in the Xauthdaemonrc configuration file as the parameter authdaemonvar. X X######################################################################### X END-of-/usr/ports/security/courieruserinfo/pkg-message echo x - /usr/ports/security/courieruserinfo/pkg-descr sed 's/^X//' >/usr/ports/security/courieruserinfo/pkg-descr << 'END-of-/usr/ports/security/courieruserinfo/pkg-descr' Xcourieruserinfo is a utility for retrieving user account information. XAccount information is accessed through the courier-authlib authentication Xlibrary. X XWWW: http://www.arda.homeunix.net/store/ END-of-/usr/ports/security/courieruserinfo/pkg-descr echo x - /usr/ports/security/courieruserinfo/distinfo sed 's/^X//' >/usr/ports/security/courieruserinfo/distinfo << 'END-of-/usr/ports/security/courieruserinfo/distinfo' XMD5 (courieruserinfo-1.1.2.tar.gz) = 38efe36ba1cd6a85985b21cde23a7a03 XSHA256 (courieruserinfo-1.1.2.tar.gz) = 8a3667fc90241ee40af7eb92552ca7d38f38a926beb3124c9e1ea8b7d00d0037 XSIZE (courieruserinfo-1.1.2.tar.gz) = 283493 END-of-/usr/ports/security/courieruserinfo/distinfo exit >Release-Note: >Audit-Trail: >Unformatted: