Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 10 Jan 2003 23:23:19 +0100 (CET)
From:      Philip Paeps <philip@paeps.cx>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        nbm@FreeBSD.org
Subject:   ports/46960: mail/courier-imap makes 'unrequested' changes in /etc/pam.d
Message-ID:  <20030110222319.C9CC010CF@prosperina.home.paeps.cx>

next in thread | raw e-mail | index | archive | help

>Number:         46960
>Category:       ports
>Synopsis:       mail/courier-imap makes 'unrequested' changes in /etc/pam.d
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 10 14:30:00 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     Philip Paeps
>Release:        FreeBSD 5.0-CURRENT alpha
>Organization:
>Environment:
System: FreeBSD prosperina.home.paeps.cx 5.0-CURRENT FreeBSD 5.0-CURRENT #2: 
Wed Jan 8 03:19:17 CET 2003 philip@prosperina.home.paeps.cx:/usr/obj/usr/src/sys/PROSPERINA alpha

>Description:
	
	The mail/courier-imap port will install non-working 'default' pam
	configuration files for imap and pop3 to /etc/pam.d.  This is only
	relevant on -CURRENT systems, as -STABLE systems don't have a /etc/pam.d.

	After installing mail/courier-imap, imap logins will no longer be
	accepted, and produce an error like:

	Jan 10 22:26:54 prosperina authdaemond.plain: in openpam_load_module(): no /lib/security/pam_pwdb.so found 

	Likewise, pop3 logins will be denied with a similar error, even if pop3 is
	served by another, non-courier, pam-supporting daemon.

	I marked this PR as being 'serious' and of 'high' priority, as there
	should be no reason for a port to be overwriting configuration files in
	the base system.  Especially not if they're going to be breaking critical
	things like pam.

>How-To-Repeat:
	
	Install mail/courier-imap on a -CURRENT system.

>Fix:

	Placing this patch in the mail/courier-imap/files will cause the port not
	to fiddle about with pam configurations.  I assume the mail/courier port
	causes similar issues, fixable with a similar patch.  I haven't checked
	that.

--- Makefile.in.old	Fri Jan 10 22:41:53 2003
+++ Makefile.in	Fri Jan 10 22:42:11 2003
@@ -867,18 +867,7 @@
 install-exec-hook:
 	chmod 444 $(DESTDIR)$(sysconfdir)/quotawarnmsg.example
 
-# If authlib built authpam, install the PAM configuration file
-
 install-data-local: install-man
-	for f in `cat authlib/modulelist ; . authlib/authdaemonrc ; echo $$authmodulelist ` ; do \
-		test "$$f" = "authpam" || continue ; \
-		test -d $(DESTDIR)/etc/pam.d || continue ; \
-		test -w $(DESTDIR)/etc/pam.d || continue ; \
-		$(INSTALL_DATA) $(srcdir)/imap/imapd.pam \
-			$(DESTDIR)/etc/pam.d/imap || exit 1 ;\
-		$(INSTALL_DATA) $(srcdir)/imap/pop3d.pam \
-			$(DESTDIR)/etc/pam.d/pop3 || exit 1 ;\
-	done
 	rm -f $(DESTDIR)$(man8dir)/pw2userdb.8
 	rm -f $(DESTDIR)$(man8dir)/vchkpw2userdb.8
 	$(LN_S) makeuserdb.8 $(DESTDIR)$(man8dir)/pw2userdb.8
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030110222319.C9CC010CF>