Date: Tue, 27 Jan 2015 20:03:59 -0600 (CST) From: Karl Dunn <kdunn@acm.org> To: freebsd-stable@freebsd.org Subject: Rebuilding 9.3 RELEASE base sendmail causes security gripe Message-ID: <alpine.LRH.2.03.1501271906460.24167@acm.org>
next in thread | raw e-mail | index | archive | help
Newbie question:
Recently, I rebuilt base sendmail from the base source. I followed the
procedure in 9.3's handbook section 28.9 to do it, so I could include
SASLv2. The system's uname shows:
--------------------------------------------
# uname -a
FreeBSD hfhmc-server 9.3-RELEASE-p5 FreeBSD
9.3-RELEASE-p5 #0: Mon Nov 3 22:02:57 UTC 2014
root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
--------------------------------------------
This system is an upgrade (via freebsd-update) from 9.1 RELEASE. The most
recent portsnap/upgrade was right before the rebuild. The Makefile of the
/usr/ports/mail/sendmail shows:
--------------------------------------------
# $FreeBSD: head/mail/sendmail/Makefile 374459 2014-12-10 14:24:17Z dinoex $
PORTNAME= sendmail
PORTVERSION= 8.15.1
--------------------------------------------
The result of the rebuild:
--------------------------------------------
# sendmail -d0.1
Version 8.14.9
Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SASLv2
SCANF STARTTLS TCPWRAPPERS USERDB XDEBUG
--------------------------------------------
Since the rebuild of sendmail, nightly security mail says:
--------------------------------------------
Date: Mon, 26 Jan 2015 21:28:48 -0600 (CST)
Subject: hfhmc-server security updates
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for 9.3-RELEASE from update6.freebsd.org...done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.
The following files will be updated as part of updating to 9.3-RELEASE-p8:
/usr/libexec/sendmail/sendmail
--------------------------------------------
Why the nightly gripe? Does it have to do with the port sendmail being
newer than the base sendmail? Also why does uname show -p5? (I did the
upgrade from 9.1R to 9.3R on 2014-Dec-28, IIRC.) I am guessing that the
gripe is coming from freebsd-update cron in root's crontab.
I expect that if I tell freebsd-update to install, I will have to rebuild
sendmail again, and the gripes will resume. If I replace sendmail with
the one from ports, will that fix this? If so, how do I do that?
There is a nearly identical backup system, upgraded 9.1R -> 9.3R a few
days before the 9.1->9.3 upgrade of the hfhmc-server, for which I have
not done a portsnap or freebsd-upgrade since. No gripes from it.
I can provide whatever other info you want. If it's big, I can post it in
whatever form you like on my website.
Karl Dunn
kdunn@acm.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.LRH.2.03.1501271906460.24167>