MFH: r551537 r551607

mail/fetchmail: avoid rc.conf overriding daemon interval, many other fixes

Authors: CH = Corey Halpin, MA = Matthias Andree

- fetchmail's rc script now queries the daemon interval from the
  configuration, and falls back to the rc.conf value if given. [CH]
- Similarly, the logging facility will be taken from the configuration [MA]
- Add documentation to the rcfile's header comments. [MA]
- Drop support for fetchmail_home_prefix in rc.conf, and query the
  respective users' home directories with getent instead. [MA]
- In the rc scripts, redirect input from /dev/null so it will not ask
  for passwords. [MA]
- Add support for the typical 12.1 rc.conf ${name}_... keywords. [MA]
- Make script execution easier to follow by simplifying if...else logic. [CH]
- Fix rcscript's exit code to be 1 if one of the per-user calls fails. [CH]
- Add relevant notes to UPDATING. [MA]

PR:		249860
Submitted by:	Corey Halpin (maintainer)
Reported by:	Chris James (on fetchmail-users mailing list)
Approved by:	Corey Halpin (maintainer)

mail/fetchmail: fix rcscript regression from _1 that broke global mode

In a situation where fetchmail is to be started globally with the
configuration in $LOCALBASE/etc, the rc.d file would try to run
fetchmail for the wrong user.

Simplify script more, avoiding recursive call in single-user mode.

Submitted by:	Corey Halpin (maintainer, direct mail to mandree@)
Reported by:	Armin Tüting

Approved by:	Corey Halpin (maintainer on MFH, direct mail to mandree@)
Approved by:	ports-secteam@ (fluffy@)
This commit is contained in:
Matthias Andree 2020-10-19 10:55:08 +00:00
parent fe2ce6d5e3
commit da190b67ab
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/branches/2020Q4/; revision=552730
4 changed files with 112 additions and 53 deletions

View File

@ -5,6 +5,22 @@ they are unavoidable.
You should get into the habit of checking this file for changes each time
you update your ports collection, before attempting any port upgrades.
20201002:
AFFECTS: users of mail/fetchmail beginning with 6.4.12_1
AUTHOR: mandree@FreeBSD.org
Note that if you are using fetchmail in a multi-user setup, i. e. with the
fetchmail_users (mind the -s!) variable set, the $fetchmail_home_prefix +
user second-guess work has been replaced by a real lookup of the user's home
directory. In the majority of configurations, this should not make a
difference, in some setups, it may open up some flexibility.
The fetchmail_home_prefix variable is ignored from 6.4.12_1 onwards.
Also, the rc script redirects its input from /dev/null so that passwords
will not be interactively queried from an rcfile. Put passwords into
the [.]fetchmailrc or into a .netrc file.
20200930:
AFFECTS: users of sysutils/syslog-ng32[789]
AUTHOR: cy@FreeBSD.org

View File

@ -3,6 +3,7 @@
PORTNAME?= fetchmail
DISTVERSION= 6.4.12
PORTREVISION?= 2
CATEGORIES= mail
# The next line is inherited by the fetchmailconf slave port,
# do NOT replace fetchmail by ${PORTNAME}

View File

@ -15,31 +15,47 @@
#
# There are two variants:
#
# Note that there are two variables with only very slightly
# different names, fetchmail_user and fetchmail_users
# (mind the trailing plural-'s').
#
# * Single system-wide fetchmail daemon:
# - This mode applies if the 'fetchmail_users' variable
# is unset or empty.
# - It is run as user `fetchmail_user' (default: fetchmail)
# Note: The directory /var/run/fetchmail must be writable for
# 'fetchmail_user'.
# - All configuration is contained in one global file
# 'fetchmail_config' (default: %%PREFIX%%/etc/fetchmailrc)
# that must be owned by 'fetchmail_user' (mode 700)
# that must be owned by 'fetchmail_user' and access mode
# may not be more than 700.
# - The fetchmail daemon awakes to fetch mail every
# 'fetchmail_polling_interval' seconds (default: 900).
# Note that a "set daemon 123" in the file $fetchmail_config
# takes precedence. The rc.conf value is only a fall-back.
# - The fetchmail logs will go to the syslog by default, but
# you can override it to a file by setting
# 'fetchmail_logging_facility=--logfile=/path/to/logfile'
# in the rcfile or set logfile /path/to/logfile in the $fetchmail_config
# file. The log-file must pre-exist and be writable by the
# 'fetchmail_user'.
#
# * Per-user daemon
# - Users for which a fetchmail daemon is to be started must be
# listed in 'fetchmail_users', e.g. fetchmail_users="user1 user2"
# The 'fetchmail_user' (sic!) variable is ignored in this
# configuration variant.
# - The config files for the individual users must be located at
# ${fetchmail_home_prefix}/${user}/${fetchmail_config_name}. The
# default for 'fetchmail_home_prefix' is "/home", and that for
# 'fetchmail_config_name' is ".fetchmailrc".
# - Note that "${fetchmail_home_prefix}/${user}" must be writable
# for ${user} since it is used to store the per-user PID files!
# - There are user-specific versions of 'fetchmail_config' and
# 'fetchmail_polling_interval' that can be used to override the
# defaults, i.e. for the user 'user1' there are variables
# 'fetchmail_user1_config' and 'fetchmail_user1_polling_interval'
# - The config files for the individual users must be located in
# the fetchmail_user's home directory as ${fetchmail_config_name}. The
# default for 'fetchmail_config_name' is ".fetchmailrc".
# - There are user-specific versions of 'fetchmail_config',
# 'fetchmail_logging_facility' and 'fetchmail_polling_interval' as well as
# the usual rc.subr variables that can be used to override the defaults,
# i.e. for the user 'user1' there are variables 'fetchmail_user1_config'
# and 'fetchmail_user1_polling_interval', or fetchmail_user1_env to
# set user-daemon specific environment variables.
# Note that a "set daemon 123" in the config file (.fetchmailrc
# by default) takes precedence. The rc.conf value is only a fall-back.
# - All commands (e.g. start, stop, awaken (see below)) can be either
# passed to all instances of the daemon (if %%PREFIX%%/etc/rc.d/fetchmail)
# is run as root), or just to the instance belonging to the respective
@ -54,11 +70,17 @@
#
# In any case, you will need a working fetchmailrc file. Please consult
# the man page fetchmail(1), the documentation in %%PREFIX%%/share/doc/fetchmail/
# and/or the material found at <http://www.fetchmail.info/>.
# and/or the material found at <https://www.fetchmail.info/> or
# <https://fetchmail.sourceforge.io/>.
. /etc/rc.subr
# prevent reading passwords from the boot console
exec < /dev/null
name=fetchmail
# note we do not override name for instances, because we want to have a fallback
# to global defaults. Check for PULLVARS below.
rcvar=fetchmail_enable
command=%%PREFIX%%/bin/${name}
@ -71,11 +93,11 @@ fetchmail_script=%%PREFIX%%/etc/rc.d/$name
# read settings, set default values
load_rc_config "$name"
: ${fetchmail_enable="NO"}
: ${fetchmail_flags=""}
: ${fetchmail_user="fetchmail"}
: ${fetchmail_config="%%PREFIX%%/etc/fetchmailrc"}
: ${fetchmail_polling_interval="900"}
: ${fetchmail_logging_facility="--syslog"}
: ${fetchmail_home_prefix="/home"}
: ${fetchmail_config_name=".fetchmailrc"}
# send signal to fetchmail process(es) to check for new mail immediately
@ -91,58 +113,77 @@ fetchmail_awaken()
return
}
if [ -n "$2" ]; then
# perform action for an instance of fetchmail daemon
user="$2"
if [ "x${fetchmail_users}" != "x" -o "x$3" = "xGLOBALCONFIG" ]; then
if [ "x${fetchmail_users}" != "x" ]; then
# multiuser setup: determine user specific config and pid file
eval fetchmail_config="\${fetchmail_${user}_config:-${fetchmail_home_prefix}/${user}}/${fetchmail_config_name}"
eval pidfile="${fetchmail_home_prefix}/${user}/.fetchmail.pid"
eval fetchmail_user=$user
else
eval pidfile=/var/run/fetchmail/fetchmail.pid
fi
required_files=${fetchmail_config}
eval fetchmail_polling_interval="\${fetchmail_${user}_polling_interval:-${fetchmail_polling_interval}}"
fetchmail_flags="-f ${fetchmail_config} \
--pidfile ${pidfile} \
-d ${fetchmail_polling_interval} \
${fetchmail_logging_facility}"
else
echo "$0: extra argument ignored"
fi
else
uid=`id -u`
if [ "x${fetchmail_users}" != "x" -a "x$1" != "x" -a "$uid" = "0" ]; then
# query a value from the fetchmail config file, value specified in first argument
fetchmail_dump_config()
{
su -m ${fetchmail_user} -c sh -c "fetchmail -f ${fetchmail_config} --configdump" | fgrep $1 | cut -d: -f2
}
# arguments:
# ACTION - perform ACTION for the one global daemon
# ACTION USER GLOBALCONFIG - ditto, inside the recursive call
# ACTION USER - perform ACTION for the USER-specific daemon, inside recursive call
# if this is the global or 'umbrella' run
if [ -z "$2" ] ; then
if [ "x${fetchmail_users}" != "x" -a "x$1" != "x" -a "$(id -u)" = "0" ]; then
# root mode: multiple user profiles are handled by recursive
# calls of this script
for user in ${fetchmail_users}; do
echo "===> fetchmail user: ${user}"
$fetchmail_script $1 ${user}
$fetchmail_script "$1" "${user}"
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${user} (${retcode}) ${failed:-}"
else
success="${user} ${success:-}"
fi
done
exit 0
else
if [ "x${fetchmail_users}" = "x" ]; then
# There is only one global configuration file
globalconfig=GLOBALCONFIG
fi
$fetchmail_script $1 `id -u -n` $globalconfig
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${user} (${retcode}) ${failed:-}"
# if we had any failures, exit with an error
if [ -n "${failed}" ] ; then
exit 1
else
success="${user} ${success:-}"
fi
exit 0
# otherwise, exit success
exit 0
fi
else
fetchmail_user="$2"
fi
# perform action for an instance of fetchmail daemon
if [ "x${fetchmail_users}" != "x" ]; then
# multiuser setup: determine user specific config and pid file
fetchmail_home="$(getent passwd ${fetchmail_user} | cut -f6 -d:)"
fetchmail_home="${fetchmail_home%/}"
fetchmail_config="${fetchmail_home}/${fetchmail_config_name}"
pidfile="${fetchmail_home}/.fetchmail.pid"
# PULLVARS - pull user specific variables into scope if existing
# else use global defaults
for i in chdir chroot env env_file fib flags nice \
limits login_class oomprotect program user group groups prepend \
logging_facility polling_interval
do
uvarname=fetchmail_${fetchmail_user}_${i}
eval fetchmail_${i}="\${${uvarname}-\${fetchmail_${i}}}"
done
else
pidfile=/var/run/fetchmail/fetchmail.pid
fi
required_files=${fetchmail_config}
# add early command line arguments
# if logfile set in config file, do not override with rc.conf default (note logfile overrides syslog)
_logfile="$(fetchmail_dump_config logfile)"
if [ _"${_logfile}" != _"None," ] ; then
fetchmail_logging_facility=""
fi
fetchmail_flags="${fetchmail_flags} -f ${fetchmail_config} --pidfile ${pidfile} ${fetchmail_logging_facility}"
# add late command line arguments
# if no polling interval in config file, use value from rc.conf
if [ "$(fetchmail_dump_config poll_interval)" = "0," ] ; then
fetchmail_flags="${fetchmail_flags} -d ${fetchmail_polling_interval}"
fi
# actually execute the fetchmail program

View File

@ -1,6 +1,7 @@
# $FreeBSD$
PORTNAME= fetchmailconf
PORTREVISION= 0
DISTNAME= fetchmail-${DISTVERSIONPREFIX}${DISTVERSION}${DISTVERSIONSUFFIX}
# NOTE: MASTER_SITES in ../fetchmail must NOT use the $PORTNAME variable,
# else _this_ port (fetchmailconf) becomes unfetchable