Date: Wed, 15 Aug 2001 16:50:02 -0700 (PDT) From: Peter Wemm <peter@wemm.org> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/29699: Setting NO_MAILWRAPPER results in a system without working MTA Message-ID: <200108152350.f7FNo2o26457@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/29699; it has been noted by GNATS.
From: Peter Wemm <peter@wemm.org>
To: Ruslan Ermilov <ru@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: conf/29699: Setting NO_MAILWRAPPER results in a system without working MTA
Date: Wed, 15 Aug 2001 16:46:52 -0700
Ruslan Ermilov wrote:
> On Tue, Aug 14, 2001 at 01:00:03PM -0700, Peter Wemm wrote:
> > Andre Albsmeier wrote:
> > > When setting NO_MAILWRAPPER to /etc/make.conf sendmail still gets install
ed
> > > into /usr/libexec/sendmail/sendmail. In case mailwrapper has been used be
fore,
> > > an old /usr/sbin/mailwrapper is lying around and usually the link from
> > > /usr/sbin/sendmail is set. When you remove mailwrapper from /usr/sbin
> > > the link is stale and no /usr/sbin/sendmail is available anymore.
> >
> > This was intentional. NO_MAILWRAPPER was added specifically to leave
> > /usr/sbin/sendmail *alone* so that people that clobbered it to install
> > their own MTA rather than using mailer.conf didn't get it overwritten.
> >
> > The problem with the attached patches (and the followups) is that they leav
e
> > /usr/libexec/sendmail/sendmail behind. If somebody really wants to change
> > this, then set a symlink from /usr/sbin/sendmail ->
> > /usr/libexec/sendmail/sendmail so that we dont have (potentially dangerous)
> > old setuid binaries left behind that are no longer getting updated.
> >
> They are broken even more, because /usr/bin/newaliases and /usr/bin/mailq
> do not get updated in the -DNO_MAILWRAPPER case. This is because the
> creation of these (sym)links belongs to sendmail/Makefile rather than to
> mailwrapper/Makefile, as it is now.
No, newaliases, mailq etc belong to mailwrapper, otherwise how is it
going to "wrap" them?
> The attached patch fixes this and the "old (potentially dangerous) setuid
> binary" problem, but in a different way. With NO_MAILWRAPPER, we should
> install sendmail(8) and friends into its canonical paths.
This is even worse. If you have NO_SENDMAIL, then /usr/bin/newalises
is not installed at all.
If you are going to persist in this line, then you can allow the sendmail
makefile to *also* install symlinks if NO_MAILWRAPPER is set.
usr.sbin/sendmail/Makefile belongs to gshapiro now anyway.
> Also, Peter, why did you drop the support for /usr/bin/hoststat and
> /usr/sbin/purgestat in sendmail/Makefile 1.14 -> mailwrapper/Makefile 1.1
> change?
Because they weren't generally useful and we dont install .cf files with it
active. Dont forget, purgestat and hoststat are aliases for
sendmail -bh (hoststat) and sendmail -bH (purgestat).
Anyway, I'd prefer something like this:
Index: Makefile
===================================================================
RCS file: /home/ncvs/src/usr.sbin/mailwrapper/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- Makefile 2001/07/20 06:19:59 1.8
+++ Makefile 2001/08/15 23:43:50
@@ -1,19 +1,27 @@
# $FreeBSD: src/usr.sbin/mailwrapper/Makefile,v 1.8 2001/07/20 06:19:59 obrien Exp $
+.if !defined(NO_MAILWRAPPER)
PROG= mailwrapper
MAN= mailwrapper.8
DPADD= ${LIBUTIL}
LDADD= -lutil
+.endif
SYMLINKS= ${BINDIR}/mailwrapper /usr/sbin/sendmail \
${BINDIR}/mailwrapper /usr/bin/newaliases \
${BINDIR}/mailwrapper /usr/bin/mailq
+.if defined(NO_MAILWRAPPER) && !defined(NO_SENDMAIL)
+SYMLINKS+= /usr/libexec/sendmail/sendmail ${BINDIR}/mailwrapper
+.endif
+
afterinstall:
+.if !defined(NO_MAILWRAPPER)
.if !exists(${DESTDIR}/etc/mail/mailer.conf)
${INSTALL} ${COPY} -o ${BINOWN} -g ${BINGRP} -m 644 \
${.CURDIR}/../../etc/mail/mailer.conf ${DESTDIR}/etc/mail
+.endif
.endif
.include <bsd.prog.mk>
peter@daintree[4:43pm]~src/usr.sbin/mailwrapper-145> make -i install NO_MAILWRAPPER=yes
/usr/sbin/sendmail -> /usr/sbin/mailwrapper
/usr/bin/newaliases -> /usr/sbin/mailwrapper
/usr/bin/mailq -> /usr/sbin/mailwrapper
/usr/sbin/mailwrapper -> /usr/libexec/sendmail/sendmail
And of course the corresponding change to usr.sbin/Makefile.
Cheers,
-Peter
--
Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au
"All of this is for nothing if we don't go to the stars" - JMS/B5
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108152350.f7FNo2o26457>