Skip site navigation (1)Skip section navigation (2)
Date:      27 Jul 2006 01:48:32 -0000
From:      andrew@arda.homeunix.net
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/100901: [maintainer update] Update port: security/courierpasswd User authentication and password changing utility
Message-ID:  <20060727014832.87127.qmail@arda.homeunix.net>
Resent-Message-ID: <200607270150.k6R1oFTL067205@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         100901
>Category:       ports
>Synopsis:       [maintainer update] Update port: security/courierpasswd User authentication and password changing utility
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jul 27 01:50:15 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Andrew St. Jean
>Release:        FreeBSD 5.4-RELEASE i386
>Organization:
>Environment:
System: FreeBSD lorien.arda.homeunix.net 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Thu Mar 2 22:54:06 EST 2006 root@lorien.arda.homeunix.net:/usr/src/sys/i386/compile/LORIEN540 i386

>Description:
Update to release 1.1.2

Port now installs some extra documentation into ${DOCSDIR}.

Added pkg-message and pkg-plist to port.

>How-To-Repeat:
>Fix:

diff -ruN /usr/ports/security/courierpasswd/Makefile /usr/ports/security/courierpasswd.new/Makefile
--- /usr/ports/security/courierpasswd/Makefile	Sat Jun 17 11:42:01 2006
+++ /usr/ports/security/courierpasswd.new/Makefile	Wed Jul 26 21:26:54 2006
@@ -5,7 +5,7 @@
 # $FreeBSD: ports/security/courierpasswd/Makefile,v 1.2 2006/06/17 15:42:01 stefan Exp $
 
 PORTNAME=	courierpasswd
-PORTVERSION=	1.1.1
+PORTVERSION=	1.1.2
 CATEGORIES=	security mail
 MASTER_SITES=	http://www.arda.homeunix.net/store/
 
@@ -18,7 +18,7 @@
 GNU_CONFIGURE=	yes
 USE_GMAKE=	yes
 CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib -lintl
+LDFLAGS+=	-L${LOCALBASE}/lib
 CONFIGURE_ENV=	CPPFLAGS='${CPPFLAGS}' LDFLAGS='${LDFLAGS}'
 
 MINUID?=	100
@@ -26,7 +26,6 @@
 CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
 CONFIGURE_ARGS+=	--with-minuid=${MINUID}
 
-PLIST_FILES=	sbin/courierpasswd
 MAN8=		courierpasswd.8
 
 pre-fetch:
@@ -41,5 +40,17 @@
 	@${ECHO} ""
 	@${ECHO} "#############################################################"
 	@${ECHO} ""
+
+post-install:
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/AUTHORS ${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/ChangeLog ${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/COPYING ${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/INSTALL ${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/NEWS ${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR}
+.endif
+	@${CAT} ${PKGMESSAGE}
 
 .include <bsd.port.mk>
diff -ruN /usr/ports/security/courierpasswd/distinfo /usr/ports/security/courierpasswd.new/distinfo
--- /usr/ports/security/courierpasswd/distinfo	Tue Jun 13 00:54:50 2006
+++ /usr/ports/security/courierpasswd.new/distinfo	Wed Jul 26 21:30:09 2006
@@ -1,3 +1,3 @@
-MD5 (courierpasswd-1.1.1.tar.gz) = b4ada51affabdf74cef1a028b9ffea5f
-SHA256 (courierpasswd-1.1.1.tar.gz) = f7ba0da967ddf82cf6083604666b42dfe4dd15ccf634674e103cbf6ff3a24f15
-SIZE (courierpasswd-1.1.1.tar.gz) = 288765
+MD5 (courierpasswd-1.1.2.tar.gz) = f05b31baf5975e4e9f54296f676ff080
+SHA256 (courierpasswd-1.1.2.tar.gz) = 5b78f98be3321a99d33db1f69e59c7b561860448518dba04ade4323942d5c736
+SIZE (courierpasswd-1.1.2.tar.gz) = 287200
diff -ruN /usr/ports/security/courierpasswd/pkg-message /usr/ports/security/courierpasswd.new/pkg-message
--- /usr/ports/security/courierpasswd/pkg-message	Wed Dec 31 19:00:00 1969
+++ /usr/ports/security/courierpasswd.new/pkg-message	Wed Jul 26 20:21:21 2006
@@ -0,0 +1,52 @@
+
+#########################################################################
+NOTES FOR RUNNING COURIERPASSWD
+
+In order to use courierpasswd, it must be able to access the
+authdaemon domain socket, named 'socket'. When courierpasswd runs as
+root, this presents no problem. However, if you need to run courierpasswd
+as a non-root user, you have three options, all of which require some
+manual work.
+
+Option 1: Add the user courierpasswd will run as to the group that
+owns the authdaemon socket directory in /etc/group. More than one user
+can be added to the group vector in this way. This arrangement works
+well if courierpasswd will be run by only a small number of users.
+If the authdaemon socket directory is owned by courier:courier and you
+run courierpasswd as user vmail, your /etc/group file will have a line
+something like this:
+
+    courier:x:465:vmail
+
+Option 2: Some programs, such as tcpserver, allow you to separately set
+the uid and gid of programs they call but don't honour the group vector
+found in /etc/group. If you invoke courierpasswd from such a program,
+set the gid to the group ownership of the authdaemon socket directory.
+For tcpserver, you could do something like this:
+
+    #!/bin/sh
+
+    QMAILUID=`/usr/bin/id -u qmaild`
+    COURIERGID=`/usr/bin/id -g courier`
+
+    exec /usr/local/bin/tcpserver -u "$QMAILUID" -g "$COURIERGID" \
+    0 smtp /var/qmail/bin/qmail-smtpd /usr/local/sbin/courierpasswd -- \
+    /usr/bin/true 2>&1
+
+Option 3: Change the permissions on courierpasswd to set gid to the
+group ownership of the socket directory. Again, if the socket directory
+is owned by courier:courier, change the ownership and permissions
+of courierpasswd like so:
+
+    chgrp courier courierpasswd
+    chmod g+s courierpasswd
+
+Be aware that courierpasswd does not provide any max-failed-retry
+functionality so it is possible for local users to perform dictionary
+attacks against account passwords if courierpasswd is set up this way.
+
+The location of the authdaemon domain socket is listed in the
+authdaemonrc configuration file as the parameter authdaemonvar.
+
+#########################################################################
+
diff -ruN /usr/ports/security/courierpasswd/pkg-plist /usr/ports/security/courierpasswd.new/pkg-plist
--- /usr/ports/security/courierpasswd/pkg-plist	Wed Dec 31 19:00:00 1969
+++ /usr/ports/security/courierpasswd.new/pkg-plist	Tue Jul 25 23:20:54 2006
@@ -0,0 +1,8 @@
+sbin/courierpasswd
+%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
+%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
+%%PORTDOCS%%%%DOCSDIR%%/COPYING
+%%PORTDOCS%%%%DOCSDIR%%/INSTALL
+%%PORTDOCS%%%%DOCSDIR%%/NEWS
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060727014832.87127.qmail>