Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Guillaume Hervier
slapos
Commits
78d86b08
Commit
78d86b08
authored
Sep 02, 2014
by
Marco Mariani
Committed by
Vincent Pelletier
Sep 02, 2014
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
postfix: update to 2.11.1
parent
276fd18f
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
121 additions
and
59 deletions
+121
-59
component/postfix/buildout.cfg
component/postfix/buildout.cfg
+4
-4
component/postfix/noroot.patch
component/postfix/noroot.patch
+110
-41
component/postfix/skip-libdb-check.patch
component/postfix/skip-libdb-check.patch
+7
-14
No files found.
component/postfix/buildout.cfg
View file @
78d86b08
...
...
@@ -12,19 +12,19 @@ recipe = hexagonit.recipe.download
url =${:_profile_base_location_}/${:filename}
filename = ${:_buildout_section_name_}
download-only = true
md5sum =
a476856bb1a4ee2ab03963acac03cd1d
md5sum =
738bcc97b8044c45b58708bdf3a84b8e
[skip-libdb-check.patch]
recipe = hexagonit.recipe.download
url =${:_profile_base_location_}/${:filename}
filename = ${:_buildout_section_name_}
download-only = true
md5sum =
55751726c33d75ab31827bf5e4f4be5d
md5sum =
f7fdbd8787874b535fee548b0139c0d8
[postfix]
recipe = slapos.recipe.cmmi
url = ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.1
0.0
.tar.gz
md5sum =
b2a563b2d5c53462952886e6fc4e4b7b
url = ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.1
1.1
.tar.gz
md5sum =
56ac1f1a79737c4ac1e24535a122a4a6
location = ${buildout:parts-directory}/${:_buildout_section_name_}
patch-options = -p1
patches =
...
...
component/postfix/noroot.patch
View file @
78d86b08
--- a/src/util/set_ugid.c
+++ b/src/util/set_ugid.c
@@ -44,7 +44,7 @@
void set_ugid(uid_t uid, gid_t gid)
{
- int saved_errno = errno;
+/* int saved_errno = errno;
if (geteuid() != 0)
if (seteuid(0) < 0)
@@ -58,4 +58,4 @@
void set_ugid(uid_t uid, gid_t gid)
if (msg_verbose > 1)
msg_info("setugid: uid %ld gid %ld", (long) uid, (long) gid);
errno = saved_errno;
-}
+*/}
--- a/src/postfix/postfix.c
+++ b/src/postfix/postfix.c
@@ -448,12 +448,12 @@
int main(int argc, char **argv)
* privileges for selected operations. That's right - it takes privileges
* to toss privileges.
*/
- if (getuid() != 0) {
+ /*if (getuid() != 0) {
msg_error("to submit mail, use the Postfix sendmail command");
msg_fatal("the postfix command is reserved for the superuser");
}
if (unsafe() != 0)
- msg_fatal("the postfix command must not run as a set-uid process");
+ msg_fatal("the postfix command must not run as a set-uid process");*/
/*
* Parse switches.
diff --git a/src/global/mail_params.c b/src/global/mail_params.c
index 2d91977..0f06298 100644
--- a/src/global/mail_params.c
+++ b/src/global/mail_params.c
@@ -7
09,7 +709
,9 @@
void mail_params_init()
@@ -7
21,7 +721
,9 @@
void mail_params_init()
check_default_privs();
check_mail_owner();
check_sgid_group();
...
...
@@ -44,6 +12,8 @@
#ifdef HAS_DB
dict_db_cache_size = var_db_read_buf;
#endif
diff --git a/src/master/master.c b/src/master/master.c
index a9d5d1b..db88c55 100644
--- a/src/master/master.c
+++ b/src/master/master.c
@@ -315,10 +315,10 @@
int main(int argc, char **argv)
...
...
@@ -52,13 +22,45 @@
*/
- if (getuid() != 0)
+ /*if (getuid() != 0)
msg_fatal("the master command is reserved for the superuser");
msg_fatal("the master command is reserved for the superuser");
if (unsafe() != 0)
-
msg_fatal("the master command must not run as a set-uid process");
+
msg_fatal("the master command must not run as a set-uid process");*/
-
msg_fatal("the master command must not run as a set-uid process");
+
msg_fatal("the master command must not run as a set-uid process");*/
/*
* Process JCL.
@@ -392,8 +392,10 @@
int main(int argc, char **argv)
* all MTA processes cleanly. Give up if we can't separate from our
* parent process. We're not supposed to blow away the parent.
*/
+ /*
if (debug_me == 0 && master_detach != 0 && setsid() == -1 && getsid(0) != getpid())
msg_fatal("unable to set session and process group ID: %m");
+ */
/*
* Make some room for plumbing with file descriptors. XXX This breaks
diff --git a/src/postfix/postfix.c b/src/postfix/postfix.c
index 183c825..007c805 100644
--- a/src/postfix/postfix.c
+++ b/src/postfix/postfix.c
@@ -450,12 +450,12 @@
int main(int argc, char **argv)
* privileges for selected operations. That's right - it takes privileges
* to toss privileges.
*/
- if (getuid() != 0) {
+ /*if (getuid() != 0) {
msg_error("to submit mail, use the Postfix sendmail command");
msg_fatal("the postfix command is reserved for the superuser");
}
if (unsafe() != 0)
- msg_fatal("the postfix command must not run as a set-uid process");
+ msg_fatal("the postfix command must not run as a set-uid process");*/
/*
* Parse switches.
diff --git a/src/postsuper/postsuper.c b/src/postsuper/postsuper.c
index 9dabb5d..e678565 100644
--- a/src/postsuper/postsuper.c
+++ b/src/postsuper/postsuper.c
@@ -1150,10 +1150,10 @@
int main(int argc, char **argv)
...
...
@@ -67,10 +69,77 @@
*/
- if (unsafe() != 0)
+ /*if (unsafe() != 0)
msg_fatal("this postfix command must not run as a set-uid process");
msg_fatal("this postfix command must not run as a set-uid process");
if (getuid())
-
msg_fatal("use of this command is reserved for the superuser");
+
msg_fatal("use of this command is reserved for the superuser");*/
-
msg_fatal("use of this command is reserved for the superuser");
+
msg_fatal("use of this command is reserved for the superuser");*/
/*
* Parse JCL.
diff --git a/src/util/chroot_uid.c b/src/util/chroot_uid.c
index 4a7660f..d5d4e67 100644
--- a/src/util/chroot_uid.c
+++ b/src/util/chroot_uid.c
@@ -55,10 +55,11 @@
void chroot_uid(const char *root_dir, const char *user_name)
msg_fatal("unknown user: %s", user_name);
uid = pwd->pw_uid;
gid = pwd->pw_gid;
+ /*
if (setgid(gid) < 0)
msg_fatal("setgid(%ld): %m", (long) gid);
if (initgroups(user_name, gid) < 0)
- msg_fatal("initgroups: %m");
+ msg_fatal("initgroups: %m");*/
}
/*
@@ -74,9 +75,11 @@
void chroot_uid(const char *root_dir, const char *user_name)
/*
* Drop the user privileges.
*/
+ /*
if (user_name != 0)
if (setuid(uid) < 0)
msg_fatal("setuid(%ld): %m", (long) uid);
+ */
/*
* Give the desperate developer a clue of what is happening.
diff --git a/src/util/set_eugid.c b/src/util/set_eugid.c
index ef35380..ed96a69 100644
--- a/src/util/set_eugid.c
+++ b/src/util/set_eugid.c
@@ -53,7 +53,7 @@
void set_eugid(uid_t euid, gid_t egid)
{
- int saved_errno = errno;
+/* int saved_errno = errno;
if (geteuid() != 0)
if (seteuid(0))
@@ -67,4 +67,4 @@
void set_eugid(uid_t euid, gid_t egid)
if (msg_verbose)
msg_info("set_eugid: euid %ld egid %ld", (long) euid, (long) egid);
errno = saved_errno;
-}
+*/}
diff --git a/src/util/set_ugid.c b/src/util/set_ugid.c
index bbcb901..5a7a48b 100644
--- a/src/util/set_ugid.c
+++ b/src/util/set_ugid.c
@@ -44,7 +44,7 @@
void set_ugid(uid_t uid, gid_t gid)
{
- int saved_errno = errno;
+/* int saved_errno = errno;
if (geteuid() != 0)
if (seteuid(0) < 0)
@@ -58,4 +58,4 @@
void set_ugid(uid_t uid, gid_t gid)
if (msg_verbose > 1)
msg_info("setugid: uid %ld gid %ld", (long) uid, (long) gid);
errno = saved_errno;
-}
+*/}
component/postfix/skip-libdb-check.patch
View file @
78d86b08
makedefs | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/makedefs b/makedefs
index
93b5949..c1377d5
100644
index
dd5f256..e90880e
100644
--- a/makedefs
+++ b/makedefs
@@ -2
84,13 +284
,13 @@
case "$SYSTEM.$RELEASE" in
@@ -2
99,13 +299
,13 @@
case "$SYSTEM.$RELEASE" in
elif [ -f /usr/include/db/db.h ]
then
CCARGS="$CCARGS -I/usr/include/db"
- else
+
#
else
+
#
else
# No, we're not going to try db1 db2 db3 etc.
# On a properly installed system, Postfix builds
# by including <db.h> and by linking with -ldb
...
...
@@ -23,12 +20,12 @@ index 93b5949..c1377d5 100644
fi
SYSLIBS="-ldb"
;;
@@ -3
56,12 +356
,12 @@
EOF
@@ -3
72,12 +372
,12 @@
EOF
elif [ -f /usr/include/db/db.h ]
then
CCARGS="$CCARGS -I/usr/include/db"
- else
+
#
else
+
#
else
# On a properly installed system, Postfix builds
# by including <db.h> and by linking with -ldb
- echo "No <db.h> include file found." 1>&2
...
...
@@ -40,12 +37,12 @@ index 93b5949..c1377d5 100644
fi
SYSLIBS="-ldb"
;;
@@ -
387,12 +387
,12 @@
EOF
@@ -
403,12 +403
,12 @@
EOF
elif [ -f /usr/include/db/db.h ]
then
CCARGS="$CCARGS -I/usr/include/db"
- else
+
#
else
+
#
else
# On a properly installed system, Postfix builds
# by including <db.h> and by linking with -ldb
- echo "No <db.h> include file found." 1>&2
...
...
@@ -57,7 +54,3 @@ index 93b5949..c1377d5 100644
fi
SYSLIBS="-ldb"
;;
--
1.7.11.3
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment