OpenPKG Specs: dovecot/dovecot.patch@0ba300bdf30a (annotated)

dovecot/dovecot.patch@0ba300bdf30a (annotated)

dovecot/dovecot.patch

Mon, 20 Apr 2009 19:22:00 +0200

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Mon, 20 Apr 2009 19:22:00 +0200
changeset 178: 0ba300bdf30a
parent 148: f6edc24e328f
child 187: 0cbfb8a2de97
permissions: -rw-r--r--

Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.

 Index: configure.in
 --- configure.in.orig	2009-03-13 23:06:16 +0100
 +++ configure.in	2009-03-14 09:11:12 +0100
@@ -1962,14 +1962,14 @@
  if test $want_pgsql != no; then
  	# based on code from PHP
 -	for i in /usr /usr/local /usr/local/pgsql; do
 -		for j in include include/pgsql include/postgres include/postgresql ""; do
 +	for i in @l_prefix@; do
 +		for j in include/postgresql; do
  			if test -r "$i/$j/libpq-fe.h"; then
  				PGSQL_INCLUDE=$i/$j
  			fi
  		done
 -		for lib in lib lib64; do
 -		  for j in $lib $lib/pgsql $lib/postgres $lib/postgresql ""; do
 +		for lib in lib; do
 +		  for j in $lib; do
  			if test -f "$i/$j/libpq.so" || test -f "$i/$j/libpq.a"; then
  				PGSQL_LIBDIR=$i/$j
  			fi
 Index: configure
 --- configure.orig	2009-03-13 23:06:32 +0100
 +++ configure	2009-03-14 09:11:12 +0100
@@ -27966,14 +27966,14 @@
  if test $want_pgsql != no; then
  	# based on code from PHP
 -	for i in /usr /usr/local /usr/local/pgsql; do
 -		for j in include include/pgsql include/postgres include/postgresql ""; do
 +	for i in  @l_prefix@; do
 +		for j in include/postgresql; do
  			if test -r "$i/$j/libpq-fe.h"; then
  				PGSQL_INCLUDE=$i/$j
  			fi
  		done
 -		for lib in lib lib64; do
 -		  for j in $lib $lib/pgsql $lib/postgres $lib/postgresql ""; do
 +		for lib in lib; do
 +		  for j in $lib; do
  			if test -f "$i/$j/libpq.so" || test -f "$i/$j/libpq.a"; then
  				PGSQL_LIBDIR=$i/$j
  			fi
 Index: doc/dovecot-sql-example.conf
 --- doc/dovecot-sql-example.conf.orig	2009-01-05 21:49:58 +0100
 +++ doc/dovecot-sql-example.conf	2009-03-14 09:11:12 +0100
@@ -47,7 +47,8 @@
  #                           the default my.cnf location
  #     option_group        - Read options from the given group (default: client)
  #
 -#   You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
 +#   You can connect to UNIX sockets by using host:
 +#   host=@l_prefix@/var/mysql/mysql.sock
  #   Note that currently you can't use spaces in parameters.
  #
  #   MySQL supports multiple host parameters for load balancing / HA.
@@ -58,7 +59,7 @@
  # Examples:
  #   connect = host=192.168.1.1 dbname=users
  #   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
 -#   connect = /etc/dovecot/authdb.sqlite
 +#   connect = @l_prefix@/etc/dovecot/authdb.sqlite
  #
  #connect =
 Index: dovecot-example.conf
 --- dovecot-example.conf.orig	2009-03-13 22:23:14 +0100
 +++ dovecot-example.conf	2009-03-14 09:12:40 +0100
@@ -11,16 +11,14 @@
  # Default values are shown for each setting, it's not required to uncomment
  # any of the lines. Exception to this are paths, they're just examples with
 -# the real defaults being based on configure options. The paths listed here
 -# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
 -# --with-ssldir=/etc/ssl
 +# the real defaults being based on configure options.
  # Base directory where to store runtime data.
 -#base_dir = /var/run/dovecot/
 +#base_dir = @l_prefix@/var/dovecot/run
  # Protocols we want to be serving: imap imaps pop3 pop3s
  # If you only want to use dovecot-auth, you can set this to "none".
 -#protocols = imap imaps
 +#protocols = imap
  # A space separated list of IP or host addresses where to listen in for
  # connections. "*" listens in all IPv4 interfaces. "[::]" listens in all IPv6
@@ -38,7 +36,7 @@
  #     listen = *:10100
  #     ..
  #   }
 -#listen = *
 +#listen = 127.0.0.1
  # Disable LOGIN command and all other plaintext authentications unless
  # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
@@ -82,17 +80,17 @@
  # IP or host address where to listen in for SSL connections. Remember to also
  # add imaps and/or pop3s to protocols setting. Defaults to same as "listen"
  # setting if not specified.
 -#ssl_listen =
 +#ssl_listen = 127.0.0.1
  # Disable SSL/TLS support. <doc/wiki/SSL>
 -#ssl_disable = no
 +#ssl_disable = yes
  # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
  # dropping root privileges, so keep the key file unreadable by anyone but
  # root. Included doc/mkcert.sh can be used to easily generate self-signed
  # certificate, just make sure to update the domains in dovecot-openssl.cnf
 -#ssl_cert_file = /etc/ssl/certs/dovecot.pem
 -#ssl_key_file = /etc/ssl/private/dovecot.pem
 +#ssl_cert_file = @l_prefix@/etc/dovecot/ssl/dovecot.crt
 +#ssl_key_file = @l_prefix@/etc/dovecot/ssl/dovecot.key
  # If key file is password protected, give the password here. Alternatively
  # give it when starting dovecot with -p parameter. Since this file is often
@@ -135,7 +133,7 @@
  # which login needs to be able to connect to. The sockets are created when
  # running as root, so you don't have to worry about permissions. Note that
  # everything in this directory is deleted when Dovecot is started.
 -#login_dir = /var/run/dovecot/login
 +#login_dir = @l_prefix@/var/dovecot/run/login
  # chroot login process to the login_dir. Only reason not to do this is if you
  # wish to run the whole Dovecot without roots. <doc/wiki/Rootless.txt>
@@ -145,7 +143,7 @@
  # and don't use it anywhere else. The user must also belong to a group where
  # only it has access, it's used to control access for authentication process.
  # Note that this user is NOT used to access mails. <doc/wiki/UserIds.txt>
 -#login_user = dovecot
 +#login_user = @l_musr@
  # Set max. process size in megabytes. If you don't use
  # login_process_per_connection you might need to grow this.
@@ -503,7 +501,7 @@
  protocol imap {
    # Login executable location.
 -  #login_executable = /usr/libexec/dovecot/imap-login
 +  #login_executable = @l_prefix@/libexec/dovecot/imap-login
    # IMAP executable location. Changing this allows you to execute other
    # binaries before the imap process is executed.
@@ -515,7 +513,7 @@
    # /tmp/gdbhelper.* files:
    #   mail_executable = /usr/libexec/dovecot/gdbhelper /usr/libexec/dovecot/imap
    #
 -  #mail_executable = /usr/libexec/dovecot/imap
 +  #mail_executable = @l_prefix@/libexec/dovecot/imap
    # Maximum IMAP command line length in bytes. Some clients generate very long
    # command lines with huge mailboxes, so you may need to raise this if you get
@@ -529,7 +527,7 @@
    # Support for dynamically loadable plugins. mail_plugins is a space separated
    # list of plugins to load.
    #mail_plugins =
 -  #mail_plugin_dir = /usr/lib/dovecot/imap
 +  #mail_plugin_dir = @l_prefix@/lib/dovecot/imap
    # Send IMAP capabilities in greeting message. This makes it unnecessary for
    # clients to request it with CAPABILITY command, so it saves one round-trip.
@@ -572,11 +570,11 @@
  protocol pop3 {
    # Login executable location.
 -  #login_executable = /usr/libexec/dovecot/pop3-login
 +  #login_executable = @l_prefix@/libexec/dovecot/pop3-login
    # POP3 executable location. See IMAP's mail_executable above for examples
    # how this could be changed.
 -  #mail_executable = /usr/libexec/dovecot/pop3
 +  #mail_executable = @l_prefix@/libexec/dovecot/pop3
    # Don't try to set mails non-recent or seen with POP3 sessions. This is
    # mostly intended to reduce disk I/O. With maildir it doesn't move files
@@ -636,7 +634,7 @@
    # Support for dynamically loadable plugins. mail_plugins is a space separated
    # list of plugins to load.
    #mail_plugins =
 -  #mail_plugin_dir = /usr/lib/dovecot/pop3
 +  #mail_plugin_dir = @l_prefix@/lib/dovecot/pop3
    # Workarounds for various client bugs:
    #   outlook-no-nuls:
@@ -664,7 +662,7 @@
    # Support for dynamically loadable plugins. mail_plugins is a space separated
    # list of plugins to load.
    #mail_plugins =
 -  #mail_plugin_dir = /usr/lib/dovecot/lda
 +  #mail_plugin_dir = @l_prefix@/lib/dovecot/lda
    # If user is over quota, return with temporary failure instead of
    # bouncing the mail.
@@ -678,7 +676,7 @@
    #deliver_log_format = msgid=%m: %$
    # Binary to use for sending mails.
 -  #sendmail_path = /usr/lib/sendmail
 +  #sendmail_path = @l_prefix@/sbin/sendmail
    # Subject: header to use for rejection mails. You can use the same variables
    # as for rejection_reason below.
@@ -689,7 +687,7 @@
    #rejection_reason = Your message to <%t> was automatically rejected:%n%r
    # UNIX socket path to master authentication server to find users.
 -  #auth_socket_path = /var/run/dovecot/auth-master
 +  #auth_socket_path = @l_prefix@/var/dovecot/run/auth-master
  }
  ##
@@ -697,7 +695,7 @@
  ##
  # Executable location
 -#auth_executable = /usr/libexec/dovecot/dovecot-auth
 +#auth_executable = @l_prefix@/libexec/dovecot/dovecot-auth
  # Set max. process size in megabytes.
  #auth_process_size = 256
@@ -787,7 +785,7 @@
  #auth_ntlm_use_winbind = no
  # Path for Samba's ntlm_auth helper binary.
 -#auth_winbind_helper_path = /usr/bin/ntlm_auth
 +#auth_winbind_helper_path = @l_prefix@/bin/ntlm_auth
  # Number of seconds to delay before replying to failed authentications.
  #auth_failure_delay = 2
@@ -820,7 +818,7 @@
    #passdb passwd-file {
      # File contains a list of usernames, one per line
 -    #args = /etc/dovecot.deny
 +    #args = @l_prefix@/etc/dovecot/dovecot.deny
      #deny = yes
    #}
@@ -903,13 +901,13 @@
    # SQL database <doc/wiki/AuthDatabase.SQL.txt>
    #passdb sql {
      # Path for SQL configuration file, see doc/dovecot-sql-example.conf
 -    #args =
 +    #args = @l_prefix@/etc/dovecot/dovecot-sql.conf
    #}
    # LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
    #passdb ldap {
      # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
 -    #args =
 +    #args = @l_prefix@/etc/dovecot/dovecot-ldap.conf
    #}
    # vpopmail authentication <doc/wiki/AuthDatabase.VPopMail.txt>
@@ -974,13 +972,13 @@
    # SQL database <doc/wiki/AuthDatabase.SQL.txt>
    #userdb sql {
      # Path for SQL configuration file, see doc/dovecot-sql-example.conf
 -    #args =
 +    #args = @l_prefix@/etc/dovecot/dovecot-sql.conf
    #}
    # LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
    #userdb ldap {
      # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
 -    #args =
 +    #args = @l_prefix@/etc/dovecot/dovecot-ldap.conf
    #}
    # vpopmail <doc/wiki/AuthDatabase.VPopMail.txt>
@@ -1017,7 +1015,7 @@
        # Master socket provides access to userdb information. It's typically
        # used to give Dovecot's local delivery agent access to userdb so it
        # can find mailbox locations.
 -      #path = /var/run/dovecot/auth-master
 +      #path = @l_prefix@/var/dovecot/run/auth-master
        #mode = 0600
        # Default user/group is the one who started dovecot-auth (root)
        #user =
@@ -1027,7 +1025,7 @@
        # The client socket is generally safe to export to everyone. Typical use
        # is to export it to your SMTP server so it can do SMTP AUTH lookups
        # using it.
 -      #path = /var/run/dovecot/auth-client
 +      #path = @l_prefix@/var/dovecot/run/auth-client
        #mode = 0660
      #}
    #}
@@ -1041,7 +1039,7 @@
  #auth external {
  #  socket connect {
  #    master {
 -#      path = /var/run/dovecot/auth-master
 +#      path = @l_prefix@/dovecot/run/auth-master
  #    }
  #  }
  #}
@@ -1057,8 +1055,8 @@
  # referenced using URIs in format "proxy::<name>".
  dict {
 -  #quota = mysql:/etc/dovecot-dict-quota.conf
 -  #expire = db:/var/lib/dovecot/expire.db
 +  #quota = mysql:@l_prefix@/etc/dovecot/dovecot-dict-quota.conf
 +  #expire = db:@l_prefix@/var/dovecot/lib/expire.db
  }
  # Path to Berkeley DB's configuration file. See doc/dovecot-db-example.conf
@@ -1109,7 +1107,7 @@
    # one file for each mailbox, eg. INBOX or sub.mailbox. cache_secs parameter
    # specifies how many seconds to wait between stat()ing dovecot-acl file
    # to see if it changed.
 -  #acl = vfile:/etc/dovecot-acls:cache_secs=300
 +  #acl = vfile:@l_prefix@/etc/dovecot/dovecot-acls:cache_secs=300
    # Convert plugin. If set, specifies the source storage path which is
    # converted to destination storage (mail_location) when the user logs in.
@@ -1128,14 +1126,14 @@
    # until the message can be saved within quota limits. The configuration file
    # is a text file where each line is in format: <priority> <mailbox name>
    # Mails are first deleted in lowest -> highest priority number order
 -  #trash = /etc/dovecot-trash.conf
 +  #trash = @l_prefix@/etc/dovecot/dovecot-trash.conf
    # Expire plugin. Mails are expunged from mailboxes after being there the
    # configurable time. The first expiration date for each mailbox is stored in
    # a dictionary so it can be quickly determined which mailboxes contain
    # expired mails. The actual expunging is done in a nightly cronjob, which
    # you must set up:
 -  #   dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool
 +  #   dovecot --exec-mail ext @l_prefix@/libexec/dovecot/expire-tool
    #expire = Trash 7 Spam 30
    #expire_dict = proxy::expire
 Index: src/deliver/deliver.c
 --- src/deliver/deliver.c.orig	2009-02-27 00:31:13 +0100
 +++ src/deliver/deliver.c	2009-03-14 09:11:12 +0100
@@ -41,7 +41,7 @@
  #include <syslog.h>
  #define DEFAULT_CONFIG_FILE SYSCONFDIR"/dovecot.conf"
 -#define DEFAULT_SENDMAIL_PATH "/usr/lib/sendmail"
 +#define DEFAULT_SENDMAIL_PATH "@l_prefix@/sbin/sendmail"
  #define DEFAULT_ENVELOPE_SENDER "MAILER-DAEMON"
  /* After buffer grows larger than this, create a temporary file to /tmp
 Index: src/master/master-settings.c
 --- src/master/master-settings.c.orig	2009-03-13 20:11:53 +0100
 +++ src/master/master-settings.c	2009-03-14 09:11:12 +0100
@@ -178,14 +178,14 @@
  	MEMBER(syslog_facility) "mail",
  	/* general */
 -	MEMBER(protocols) "imap imaps",
 -	MEMBER(listen) "*",
 -	MEMBER(ssl_listen) "",
 +	MEMBER(protocols) "imap",
 +	MEMBER(listen) "127.0.0.1",
 +	MEMBER(ssl_listen) "127.0.0.1",
 -	MEMBER(ssl_disable) FALSE,
 +	MEMBER(ssl_disable) TRUE,
  	MEMBER(ssl_ca_file) "",
 -	MEMBER(ssl_cert_file) SSLDIR"/certs/dovecot.pem",
 -	MEMBER(ssl_key_file) SSLDIR"/private/dovecot.pem",
 +	MEMBER(ssl_cert_file) "@l_prefix@/etc/dovecot/ssl/dovecot.crt",
 +	MEMBER(ssl_key_file) "@l_prefix@/etc/dovecot/ssl/dovecot.key",
  	MEMBER(ssl_key_password) "",
  	MEMBER(ssl_parameters_regenerate) 168,
  	MEMBER(ssl_cipher_list) "",
@@ -200,7 +200,7 @@
  	/* login */
  	MEMBER(login_dir) "login",
  	MEMBER(login_executable) NULL,
 -	MEMBER(login_user) "dovecot",
 +	MEMBER(login_user) "@l_musr@",
  	MEMBER(login_greeting) "Dovecot ready.",
  	MEMBER(login_log_format_elements) "user=<%u> method=%m rip=%r lip=%l %c",
  	MEMBER(login_log_format) "%$: %s",
@@ -317,7 +317,7 @@
  	MEMBER(anonymous_username) "anonymous",
  	MEMBER(krb5_keytab) "",
  	MEMBER(gssapi_hostname) "",
 -	MEMBER(winbind_helper_path) "/usr/bin/ntlm_auth",
 +	MEMBER(winbind_helper_path) "@l_prefix@/bin/ntlm_auth",
  	MEMBER(failure_delay) 2,
  	MEMBER(verbose) FALSE,

OpenPKG Specs / annotate

dovecot/dovecot.patch@0ba300bdf30a (annotated)

dovecot/dovecot.patch