Add wrapper permissions dialog(1) to make it easier for users to have

their majordomo wrapper program executed from their MDA. Remove old instructions for how this could be done manually. This also fixes the new majordomo/mailnull issue. Correct typo in post-install-notes (spotted by Dan Pelleg). PR: 30170
svn path=/head/; revision=54331
2002-02-08 01:56:26 +00:00 · 2002-02-08 01:56:26 +00:00 · 7ee4337606 · 2021-03-31 03:12:20 +00:00
commit 7ee4337606
parent 2da0affcd4
4 changed files with 71 additions and 22 deletions
--- a/mail/majordomo/Makefile
+++ b/mail/majordomo/Makefile
@ -13,7 +13,7 @@ MASTER_SITES=	ftp://ftp.greatcircle.com/pub/majordomo/1.94.5/ \
 		ftp://ftp.sgi.com/other/majordomo/1.94.5/
 EXTRACT_SUFX=   .tgz

-MAINTAINER=	anders@fix.no
+MAINTAINER=	anders@FreeBSD.org

 .if defined(WITH_SHA1_COOKIES)
 RUN_DEPENDS=	${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH}/Digest/SHA1.pm:${PORTSDIR}/security/p5-Digest-SHA1
@ -93,6 +93,7 @@ post-install:
 		@ ${CHMOD} 755 ${PREFIX}/majordomo/lists/test-l-digest.archive
 		@ ${CHMOD} 660 ${PREFIX}/majordomo/lists/*.passwd
 .if !defined(BATCH)
+		@ ${SH} ${SCRIPTDIR}/adaptwrapper ${PREFIX}
 		@ /usr/bin/more -e ${FILESDIR}/post-install-notes
 .endif

--- a/mail/majordomo/files/post-install-notes
+++ b/mail/majordomo/files/post-install-notes
@ -26,23 +26,11 @@ manually:

 	  or a line similar to the following to your m4 macros file :

-	  define(`ALIAS_FILE',/etc/aliases,/usr/local/majordomo/aliases.majordomo')
+	  define(`ALIAS_FILE',`/etc/aliases,/usr/local/majordomo/aliases.majordomo')

 	- consider using ports/mail/tlb to process your deliveries if you
 	  want to hide your outgoing aliases.  This way you can prevent people
 	  from evading restrictions for posting to your lists.

-	- the user executing the commands of your local aliases must be added
-	  to your majordom group to be able to execute the setuid wrapper
-	  script. Sendmail does this as daemon by default, which is already
-	  added. The postfix port uses nobody by default, which should be
-	  changed to another user if your users can execute commands as user
-	  nobody (Apache/CGI comes to mind). Postfix does not do initgroups()
-	  properly, so you need to chgrp the wrapper script to the group of
-	  the default_privs user (this may apply for other MTAs as well) for
-	  it to work. It is important that you do this and not just make
-	  wrapper executable for all; you are increasing the chances of it
-	  getting exploited if you do.
-
 Enjoy Majordomo!

--- a/mail/majordomo/scripts/adaptwrapper
+++ b/mail/majordomo/scripts/adaptwrapper
@ -0,0 +1,68 @@
+#! /bin/sh
+# anders@FreeBSD.org, 2002-02-08
+
+if [ -z "$1" ]
+then
+	prefix=/usr/local/majordomo
+else
+	prefix=$1/majordomo
+fi
+tempfile=`/usr/bin/mktemp -t radiolist`
+
+/usr/bin/dialog --title "Making the majordomo wrapper run" --clear --radiolist "We need to make the majordomo wrapper program executable by your Mail\nDelivery Agent, but do not want it executable for all users due\nto security reasons.\n\n(This script can be re-executed from\n/usr/ports/mail/majordomo/scripts/adaptwrapper.)\n\nAdapt to the MDA of:" -1 -1 5 \
+Sendmail	"(add users daemon/mailnull to the majordom group)" ON \
+Postfix		"(change group ownership of wrapper to nobody)" OFF \
+2>$tempfile
+
+if [ "$?" = "1" ]
+then
+	echo "Cancel pressed. You will need to make wrapper executable yourself."
+fi
+
+choice=`cat $tempfile`
+rm -f $tempfile
+if [ -z "$choice" ]
+then
+	echo "Empty selection."
+	exit 1
+fi
+
+addmember() {
+# $1: group $2: user
+	if !(pw groupmod $1 -m $2 >/dev/null 2>&1)
+	then
+		echo "Error: Could not add user $2 to group $1."
+		exit 1
+	fi
+}
+
+changegroup() {
+# $1: group
+	mywrapper=$prefix/wrapper
+	if !(chgrp $1 $mywrapper >/dev/null 2>&1)
+	then
+		echo "Error: Could not change group ownership of"
+		echo "$mywrapper"
+		echo "to group $1."
+		exit 1
+	fi
+}
+
+case $choice in
+'Sendmail')
+	addmember majordom daemon
+	if (pw usershow mailnull >/dev/null 2>&1)
+	then
+		addmember majordom mailnull
+	fi
+	;;
+'Postfix')
+	changegroup nobody
+	;;
+'None')
+	echo "Fine. I see you want to make wrapper executable yourself."
+	;;
+*)
+	echo "Unknown MTA specified."
+	;;
+esac
--- a/mail/majordomo/scripts/createuser
+++ b/mail/majordomo/scripts/createuser
@ -59,11 +59,3 @@ if( $result ) {
 	print "Failed to add/modify user majordom!\n";
 	exit 1;
 }
-
-## Add daemon to majordom group, to allow sendmail to call wrapper
-## via direct pipes in /etc/mail/aliases
-$result = system( "pw groupmod majordom -m daemon" );
-if( $result ) {
-	print "Failed to add/modify user majordom!\n";
-	exit 1;
-}