dovecot/dovecot.patch@0ba300bdf30a
dovecot/dovecot.patch
Mon, 20 Apr 2009 19:22:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Mon, 20 Apr 2009 19:22:00 +0200
- changeset 178
- 0ba300bdf30a
- parent 148
- f6edc24e328f
- child 187
- 0cbfb8a2de97
- permissions
- -rw-r--r--
Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.
1 Index: configure.in
2 --- configure.in.orig 2009-03-13 23:06:16 +0100
3 +++ configure.in 2009-03-14 09:11:12 +0100
4 @@ -1962,14 +1962,14 @@
6 if test $want_pgsql != no; then
7 # based on code from PHP
8 - for i in /usr /usr/local /usr/local/pgsql; do
9 - for j in include include/pgsql include/postgres include/postgresql ""; do
10 + for i in @l_prefix@; do
11 + for j in include/postgresql; do
12 if test -r "$i/$j/libpq-fe.h"; then
13 PGSQL_INCLUDE=$i/$j
14 fi
15 done
16 - for lib in lib lib64; do
17 - for j in $lib $lib/pgsql $lib/postgres $lib/postgresql ""; do
18 + for lib in lib; do
19 + for j in $lib; do
20 if test -f "$i/$j/libpq.so" || test -f "$i/$j/libpq.a"; then
21 PGSQL_LIBDIR=$i/$j
22 fi
23 Index: configure
24 --- configure.orig 2009-03-13 23:06:32 +0100
25 +++ configure 2009-03-14 09:11:12 +0100
26 @@ -27966,14 +27966,14 @@
28 if test $want_pgsql != no; then
29 # based on code from PHP
30 - for i in /usr /usr/local /usr/local/pgsql; do
31 - for j in include include/pgsql include/postgres include/postgresql ""; do
32 + for i in @l_prefix@; do
33 + for j in include/postgresql; do
34 if test -r "$i/$j/libpq-fe.h"; then
35 PGSQL_INCLUDE=$i/$j
36 fi
37 done
38 - for lib in lib lib64; do
39 - for j in $lib $lib/pgsql $lib/postgres $lib/postgresql ""; do
40 + for lib in lib; do
41 + for j in $lib; do
42 if test -f "$i/$j/libpq.so" || test -f "$i/$j/libpq.a"; then
43 PGSQL_LIBDIR=$i/$j
44 fi
45 Index: doc/dovecot-sql-example.conf
46 --- doc/dovecot-sql-example.conf.orig 2009-01-05 21:49:58 +0100
47 +++ doc/dovecot-sql-example.conf 2009-03-14 09:11:12 +0100
48 @@ -47,7 +47,8 @@
49 # the default my.cnf location
50 # option_group - Read options from the given group (default: client)
51 #
52 -# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
53 +# You can connect to UNIX sockets by using host:
54 +# host=@l_prefix@/var/mysql/mysql.sock
55 # Note that currently you can't use spaces in parameters.
56 #
57 # MySQL supports multiple host parameters for load balancing / HA.
58 @@ -58,7 +59,7 @@
59 # Examples:
60 # connect = host=192.168.1.1 dbname=users
61 # connect = host=sql.example.com dbname=virtual user=virtual password=blarg
62 -# connect = /etc/dovecot/authdb.sqlite
63 +# connect = @l_prefix@/etc/dovecot/authdb.sqlite
64 #
65 #connect =
67 Index: dovecot-example.conf
68 --- dovecot-example.conf.orig 2009-03-13 22:23:14 +0100
69 +++ dovecot-example.conf 2009-03-14 09:12:40 +0100
70 @@ -11,16 +11,14 @@
72 # Default values are shown for each setting, it's not required to uncomment
73 # any of the lines. Exception to this are paths, they're just examples with
74 -# the real defaults being based on configure options. The paths listed here
75 -# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
76 -# --with-ssldir=/etc/ssl
77 +# the real defaults being based on configure options.
79 # Base directory where to store runtime data.
80 -#base_dir = /var/run/dovecot/
81 +#base_dir = @l_prefix@/var/dovecot/run
83 # Protocols we want to be serving: imap imaps pop3 pop3s
84 # If you only want to use dovecot-auth, you can set this to "none".
85 -#protocols = imap imaps
86 +#protocols = imap
88 # A space separated list of IP or host addresses where to listen in for
89 # connections. "*" listens in all IPv4 interfaces. "[::]" listens in all IPv6
90 @@ -38,7 +36,7 @@
91 # listen = *:10100
92 # ..
93 # }
94 -#listen = *
95 +#listen = 127.0.0.1
97 # Disable LOGIN command and all other plaintext authentications unless
98 # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
99 @@ -82,17 +80,17 @@
100 # IP or host address where to listen in for SSL connections. Remember to also
101 # add imaps and/or pop3s to protocols setting. Defaults to same as "listen"
102 # setting if not specified.
103 -#ssl_listen =
104 +#ssl_listen = 127.0.0.1
106 # Disable SSL/TLS support. <doc/wiki/SSL>
107 -#ssl_disable = no
108 +#ssl_disable = yes
110 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
111 # dropping root privileges, so keep the key file unreadable by anyone but
112 # root. Included doc/mkcert.sh can be used to easily generate self-signed
113 # certificate, just make sure to update the domains in dovecot-openssl.cnf
114 -#ssl_cert_file = /etc/ssl/certs/dovecot.pem
115 -#ssl_key_file = /etc/ssl/private/dovecot.pem
116 +#ssl_cert_file = @l_prefix@/etc/dovecot/ssl/dovecot.crt
117 +#ssl_key_file = @l_prefix@/etc/dovecot/ssl/dovecot.key
119 # If key file is password protected, give the password here. Alternatively
120 # give it when starting dovecot with -p parameter. Since this file is often
121 @@ -135,7 +133,7 @@
122 # which login needs to be able to connect to. The sockets are created when
123 # running as root, so you don't have to worry about permissions. Note that
124 # everything in this directory is deleted when Dovecot is started.
125 -#login_dir = /var/run/dovecot/login
126 +#login_dir = @l_prefix@/var/dovecot/run/login
128 # chroot login process to the login_dir. Only reason not to do this is if you
129 # wish to run the whole Dovecot without roots. <doc/wiki/Rootless.txt>
130 @@ -145,7 +143,7 @@
131 # and don't use it anywhere else. The user must also belong to a group where
132 # only it has access, it's used to control access for authentication process.
133 # Note that this user is NOT used to access mails. <doc/wiki/UserIds.txt>
134 -#login_user = dovecot
135 +#login_user = @l_musr@
137 # Set max. process size in megabytes. If you don't use
138 # login_process_per_connection you might need to grow this.
139 @@ -503,7 +501,7 @@
141 protocol imap {
142 # Login executable location.
143 - #login_executable = /usr/libexec/dovecot/imap-login
144 + #login_executable = @l_prefix@/libexec/dovecot/imap-login
146 # IMAP executable location. Changing this allows you to execute other
147 # binaries before the imap process is executed.
148 @@ -515,7 +513,7 @@
149 # /tmp/gdbhelper.* files:
150 # mail_executable = /usr/libexec/dovecot/gdbhelper /usr/libexec/dovecot/imap
151 #
152 - #mail_executable = /usr/libexec/dovecot/imap
153 + #mail_executable = @l_prefix@/libexec/dovecot/imap
155 # Maximum IMAP command line length in bytes. Some clients generate very long
156 # command lines with huge mailboxes, so you may need to raise this if you get
157 @@ -529,7 +527,7 @@
158 # Support for dynamically loadable plugins. mail_plugins is a space separated
159 # list of plugins to load.
160 #mail_plugins =
161 - #mail_plugin_dir = /usr/lib/dovecot/imap
162 + #mail_plugin_dir = @l_prefix@/lib/dovecot/imap
164 # Send IMAP capabilities in greeting message. This makes it unnecessary for
165 # clients to request it with CAPABILITY command, so it saves one round-trip.
166 @@ -572,11 +570,11 @@
168 protocol pop3 {
169 # Login executable location.
170 - #login_executable = /usr/libexec/dovecot/pop3-login
171 + #login_executable = @l_prefix@/libexec/dovecot/pop3-login
173 # POP3 executable location. See IMAP's mail_executable above for examples
174 # how this could be changed.
175 - #mail_executable = /usr/libexec/dovecot/pop3
176 + #mail_executable = @l_prefix@/libexec/dovecot/pop3
178 # Don't try to set mails non-recent or seen with POP3 sessions. This is
179 # mostly intended to reduce disk I/O. With maildir it doesn't move files
180 @@ -636,7 +634,7 @@
181 # Support for dynamically loadable plugins. mail_plugins is a space separated
182 # list of plugins to load.
183 #mail_plugins =
184 - #mail_plugin_dir = /usr/lib/dovecot/pop3
185 + #mail_plugin_dir = @l_prefix@/lib/dovecot/pop3
187 # Workarounds for various client bugs:
188 # outlook-no-nuls:
189 @@ -664,7 +662,7 @@
190 # Support for dynamically loadable plugins. mail_plugins is a space separated
191 # list of plugins to load.
192 #mail_plugins =
193 - #mail_plugin_dir = /usr/lib/dovecot/lda
194 + #mail_plugin_dir = @l_prefix@/lib/dovecot/lda
196 # If user is over quota, return with temporary failure instead of
197 # bouncing the mail.
198 @@ -678,7 +676,7 @@
199 #deliver_log_format = msgid=%m: %$
201 # Binary to use for sending mails.
202 - #sendmail_path = /usr/lib/sendmail
203 + #sendmail_path = @l_prefix@/sbin/sendmail
205 # Subject: header to use for rejection mails. You can use the same variables
206 # as for rejection_reason below.
207 @@ -689,7 +687,7 @@
208 #rejection_reason = Your message to <%t> was automatically rejected:%n%r
210 # UNIX socket path to master authentication server to find users.
211 - #auth_socket_path = /var/run/dovecot/auth-master
212 + #auth_socket_path = @l_prefix@/var/dovecot/run/auth-master
213 }
215 ##
216 @@ -697,7 +695,7 @@
217 ##
219 # Executable location
220 -#auth_executable = /usr/libexec/dovecot/dovecot-auth
221 +#auth_executable = @l_prefix@/libexec/dovecot/dovecot-auth
223 # Set max. process size in megabytes.
224 #auth_process_size = 256
225 @@ -787,7 +785,7 @@
226 #auth_ntlm_use_winbind = no
228 # Path for Samba's ntlm_auth helper binary.
229 -#auth_winbind_helper_path = /usr/bin/ntlm_auth
230 +#auth_winbind_helper_path = @l_prefix@/bin/ntlm_auth
232 # Number of seconds to delay before replying to failed authentications.
233 #auth_failure_delay = 2
234 @@ -820,7 +818,7 @@
236 #passdb passwd-file {
237 # File contains a list of usernames, one per line
238 - #args = /etc/dovecot.deny
239 + #args = @l_prefix@/etc/dovecot/dovecot.deny
240 #deny = yes
241 #}
243 @@ -903,13 +901,13 @@
244 # SQL database <doc/wiki/AuthDatabase.SQL.txt>
245 #passdb sql {
246 # Path for SQL configuration file, see doc/dovecot-sql-example.conf
247 - #args =
248 + #args = @l_prefix@/etc/dovecot/dovecot-sql.conf
249 #}
251 # LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
252 #passdb ldap {
253 # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
254 - #args =
255 + #args = @l_prefix@/etc/dovecot/dovecot-ldap.conf
256 #}
258 # vpopmail authentication <doc/wiki/AuthDatabase.VPopMail.txt>
259 @@ -974,13 +972,13 @@
260 # SQL database <doc/wiki/AuthDatabase.SQL.txt>
261 #userdb sql {
262 # Path for SQL configuration file, see doc/dovecot-sql-example.conf
263 - #args =
264 + #args = @l_prefix@/etc/dovecot/dovecot-sql.conf
265 #}
267 # LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
268 #userdb ldap {
269 # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
270 - #args =
271 + #args = @l_prefix@/etc/dovecot/dovecot-ldap.conf
272 #}
274 # vpopmail <doc/wiki/AuthDatabase.VPopMail.txt>
275 @@ -1017,7 +1015,7 @@
276 # Master socket provides access to userdb information. It's typically
277 # used to give Dovecot's local delivery agent access to userdb so it
278 # can find mailbox locations.
279 - #path = /var/run/dovecot/auth-master
280 + #path = @l_prefix@/var/dovecot/run/auth-master
281 #mode = 0600
282 # Default user/group is the one who started dovecot-auth (root)
283 #user =
284 @@ -1027,7 +1025,7 @@
285 # The client socket is generally safe to export to everyone. Typical use
286 # is to export it to your SMTP server so it can do SMTP AUTH lookups
287 # using it.
288 - #path = /var/run/dovecot/auth-client
289 + #path = @l_prefix@/var/dovecot/run/auth-client
290 #mode = 0660
291 #}
292 #}
293 @@ -1041,7 +1039,7 @@
294 #auth external {
295 # socket connect {
296 # master {
297 -# path = /var/run/dovecot/auth-master
298 +# path = @l_prefix@/dovecot/run/auth-master
299 # }
300 # }
301 #}
302 @@ -1057,8 +1055,8 @@
303 # referenced using URIs in format "proxy::<name>".
305 dict {
306 - #quota = mysql:/etc/dovecot-dict-quota.conf
307 - #expire = db:/var/lib/dovecot/expire.db
308 + #quota = mysql:@l_prefix@/etc/dovecot/dovecot-dict-quota.conf
309 + #expire = db:@l_prefix@/var/dovecot/lib/expire.db
310 }
312 # Path to Berkeley DB's configuration file. See doc/dovecot-db-example.conf
313 @@ -1109,7 +1107,7 @@
314 # one file for each mailbox, eg. INBOX or sub.mailbox. cache_secs parameter
315 # specifies how many seconds to wait between stat()ing dovecot-acl file
316 # to see if it changed.
317 - #acl = vfile:/etc/dovecot-acls:cache_secs=300
318 + #acl = vfile:@l_prefix@/etc/dovecot/dovecot-acls:cache_secs=300
320 # Convert plugin. If set, specifies the source storage path which is
321 # converted to destination storage (mail_location) when the user logs in.
322 @@ -1128,14 +1126,14 @@
323 # until the message can be saved within quota limits. The configuration file
324 # is a text file where each line is in format: <priority> <mailbox name>
325 # Mails are first deleted in lowest -> highest priority number order
326 - #trash = /etc/dovecot-trash.conf
327 + #trash = @l_prefix@/etc/dovecot/dovecot-trash.conf
329 # Expire plugin. Mails are expunged from mailboxes after being there the
330 # configurable time. The first expiration date for each mailbox is stored in
331 # a dictionary so it can be quickly determined which mailboxes contain
332 # expired mails. The actual expunging is done in a nightly cronjob, which
333 # you must set up:
334 - # dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool
335 + # dovecot --exec-mail ext @l_prefix@/libexec/dovecot/expire-tool
336 #expire = Trash 7 Spam 30
337 #expire_dict = proxy::expire
339 Index: src/deliver/deliver.c
340 --- src/deliver/deliver.c.orig 2009-02-27 00:31:13 +0100
341 +++ src/deliver/deliver.c 2009-03-14 09:11:12 +0100
342 @@ -41,7 +41,7 @@
343 #include <syslog.h>
345 #define DEFAULT_CONFIG_FILE SYSCONFDIR"/dovecot.conf"
346 -#define DEFAULT_SENDMAIL_PATH "/usr/lib/sendmail"
347 +#define DEFAULT_SENDMAIL_PATH "@l_prefix@/sbin/sendmail"
348 #define DEFAULT_ENVELOPE_SENDER "MAILER-DAEMON"
350 /* After buffer grows larger than this, create a temporary file to /tmp
351 Index: src/master/master-settings.c
352 --- src/master/master-settings.c.orig 2009-03-13 20:11:53 +0100
353 +++ src/master/master-settings.c 2009-03-14 09:11:12 +0100
354 @@ -178,14 +178,14 @@
355 MEMBER(syslog_facility) "mail",
357 /* general */
358 - MEMBER(protocols) "imap imaps",
359 - MEMBER(listen) "*",
360 - MEMBER(ssl_listen) "",
361 + MEMBER(protocols) "imap",
362 + MEMBER(listen) "127.0.0.1",
363 + MEMBER(ssl_listen) "127.0.0.1",
365 - MEMBER(ssl_disable) FALSE,
366 + MEMBER(ssl_disable) TRUE,
367 MEMBER(ssl_ca_file) "",
368 - MEMBER(ssl_cert_file) SSLDIR"/certs/dovecot.pem",
369 - MEMBER(ssl_key_file) SSLDIR"/private/dovecot.pem",
370 + MEMBER(ssl_cert_file) "@l_prefix@/etc/dovecot/ssl/dovecot.crt",
371 + MEMBER(ssl_key_file) "@l_prefix@/etc/dovecot/ssl/dovecot.key",
372 MEMBER(ssl_key_password) "",
373 MEMBER(ssl_parameters_regenerate) 168,
374 MEMBER(ssl_cipher_list) "",
375 @@ -200,7 +200,7 @@
376 /* login */
377 MEMBER(login_dir) "login",
378 MEMBER(login_executable) NULL,
379 - MEMBER(login_user) "dovecot",
380 + MEMBER(login_user) "@l_musr@",
381 MEMBER(login_greeting) "Dovecot ready.",
382 MEMBER(login_log_format_elements) "user=<%u> method=%m rip=%r lip=%l %c",
383 MEMBER(login_log_format) "%$: %s",
384 @@ -317,7 +317,7 @@
385 MEMBER(anonymous_username) "anonymous",
386 MEMBER(krb5_keytab) "",
387 MEMBER(gssapi_hostname) "",
388 - MEMBER(winbind_helper_path) "/usr/bin/ntlm_auth",
389 + MEMBER(winbind_helper_path) "@l_prefix@/bin/ntlm_auth",
390 MEMBER(failure_delay) 2,
392 MEMBER(verbose) FALSE,
