Attachment #2963 for bug #4437

View | Details | Raw Unified | Return to bug 4437
Collapse All | Expand All




  'username|u=s'             => \$opt{'username'},
  'version|V'                => \$opt{'version'},
  'virtual-config-dir=s'     => \$opt{'virtual-config-dir'},
  'virtual-setuid-separator=s' => \$opt{'virtual-setuid-separator'},
  'v'                        => \$opt{'vpopmail'},
  'vpopmail!'                => \$opt{'vpopmail'},


	$opt{'username'} ||
	$> != 0 ||
	$opt{'vpopmail'} ||
	(!$opt{'user-config'} && !($opt{'setuid-with-sql'}||$opt{'setuid-with-ldap'}||($opt{'virtual-config-dir'}&&$opt{'virtual-setuid-separator'})))
	) ? 0 : 1;

# always copy the config, later code may disable

sub handle_virtual_config_dir {
  my ($username) = @_;

  if ($opt{'virtual-setuid-separator'} and $username =~ s/^([\x20-\xff]+?)\Q$opt{'virtual-setuid-separator'}\E//) {
    my $userid = $1;
    my ( $name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc ) =
      getpwnam($userid);

    if ( !$spamtest->{'paranoid'} && !defined($uid) ) {

      #if we are given a username, but can't look it up,
      #Maybe NIS is down? lets break out here to allow
      #them to get 'defaults' when we are not running paranoid.
      logmsg("handle_user: unable to find user '$userid'!");
      return 0;
    }

    if ($setuid_to_user) {
      $) = "$gid $gid";                 # change eGID
      $> = $uid;                        # change eUID
      if ( !defined($uid) || ( $> != $uid and $> != ( $uid - 2**32 ) ) ) {
        logmsg("fatal: setuid to $uid:$gid failed");
        die;                            # make it fatal to avoid security breaches
      }
      else {
        logmsg("info: setuid to $uid:$gid succeeded");
      }
    }
  }

  my $dir = $opt{'virtual-config-dir'};
  my $userdir;
  my $prefsfile;

    my $localpart = '';
    my $domain    = '';
    if ( $safename =~ /^(.*)\@(.*)$/ ) { $localpart = $1; $domain = $2; }
    my $homedir = (getpwuid($>))[7];

    $dir =~ s/\%u/${safename}/g;
    $dir =~ s/\%l/${localpart}/g;
    $dir =~ s/\%d/${domain}/g;
    $dir =~ s/\%h/${homedir}/g;
    $dir =~ s/\%\%/\%/g;

    $userdir   = $dir;

                                    enables use of -H)
 --virtual-config-dir=dir           Enable pattern based Virtual configs
                                    (needs -x)
 --virtual-config-separator=chars   Allows setuid operation of virtual configs
                                    by prefixing email with setuid username
 -r pidfile, --pidfile              Write the process id to pidfile
 -s facility, --syslog=facility     Specify the syslog facility
 --syslog-socket=type               How to connect to syslogd

words, if the username is an email address, this is the part after the C<@>
sign.

=item %h -- replaced with the home directory of the current user.  This is
particularly useful when using the B<--virtual-setuid-separator> option).

=item %% -- replaced with a single percent sign (%).

=back

The pattern B<must> expand to an absolute directory when spamd is running
daemonized (B<-d>).

=item B<--virtual-setuid-separator>=I<string>

Interprets a setuid username from spamc followed by the value followed by the
real virtual username.  For example, if set to C<::>, spamc could send a
virtual username of C<example::jm@example.com> which would instruct spamd to
setuid() to the C<example> user before continuing.

This setting has no effect without B<--virtual-config-dir>.

=item B<-r> I<pidfile>, B<--pidfile>=I<pidfile>

Write the process ID of the spamd parent to the file specified by I<pidfile>.

Return to bug 4437

Lines 200-205 Link Here

(-)spamassassin.orig/spamd/spamd.raw (-1 / +45 lines)
200	'username\|u=s' => \$opt{'username'},	200	'username\|u=s' => \$opt{'username'},
201	'version\|V' => \$opt{'version'},	201	'version\|V' => \$opt{'version'},
202	'virtual-config-dir=s' => \$opt{'virtual-config-dir'},	202	'virtual-config-dir=s' => \$opt{'virtual-config-dir'},
		203	'virtual-setuid-separator=s' => \$opt{'virtual-setuid-separator'},
203	'v' => \$opt{'vpopmail'},	204	'v' => \$opt{'vpopmail'},
204	'vpopmail!' => \$opt{'vpopmail'},	205	'vpopmail!' => \$opt{'vpopmail'},
205		206
Lines 413-419 Link Here
413	$opt{'username'} \|\|	414	$opt{'username'} \|\|
414	$> != 0 \|\|	415	$> != 0 \|\|
415	$opt{'vpopmail'} \|\|	416	$opt{'vpopmail'} \|\|
416	(!$opt{'user-config'} && !($opt{'setuid-with-sql'}\|\|$opt{'setuid-with-ldap'}))	417	(!$opt{'user-config'} && !($opt{'setuid-with-sql'}\|\|$opt{'setuid-with-ldap'}\|\|($opt{'virtual-config-dir'}&&$opt{'virtual-setuid-separator'})))
417	) ? 0 : 1;	418	) ? 0 : 1;
418		419
419	# always copy the config, later code may disable	420	# always copy the config, later code may disable
Lines 1768-1773 Link Here
1768	sub handle_virtual_config_dir {	1769	sub handle_virtual_config_dir {
1769	my ($username) = @_;	1770	my ($username) = @_;
1770		1771
		1772	if ($opt{'virtual-setuid-separator'} and $username =~ s/^([\x20-\xff]+?)\Q$opt{'virtual-setuid-separator'}\E//) {
		1773	my $userid = $1;
		1774	my ( $name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc ) =
		1775	getpwnam($userid);
		1776
		1777	if ( !$spamtest->{'paranoid'} && !defined($uid) ) {
		1778
		1779	#if we are given a username, but can't look it up,
		1780	#Maybe NIS is down? lets break out here to allow
		1781	#them to get 'defaults' when we are not running paranoid.
		1782	logmsg("handle_user: unable to find user '$userid'!");
		1783	return 0;
		1784	}
		1785
		1786	if ($setuid_to_user) {
		1787	$) = "$gid $gid"; # change eGID
		1788	$> = $uid; # change eUID
		1789	if ( !defined($uid) \|\| ( $> != $uid and $> != ( $uid - 2**32 ) ) ) {
		1790	logmsg("fatal: setuid to $uid:$gid failed");
		1791	die; # make it fatal to avoid security breaches
		1792	}
		1793	else {
		1794	logmsg("info: setuid to $uid:$gid succeeded");
		1795	}
		1796	}
		1797	}
		1798
1771	my $dir = $opt{'virtual-config-dir'};	1799	my $dir = $opt{'virtual-config-dir'};
1772	my $userdir;	1800	my $userdir;
1773	my $prefsfile;	1801	my $prefsfile;
Lines 1778-1787 Link Here
1778	my $localpart = '';	1806	my $localpart = '';
1779	my $domain = '';	1807	my $domain = '';
1780	if ( $safename =~ /^(.)\@(.)$/ ) { $localpart = $1; $domain = $2; }	1808	if ( $safename =~ /^(.)\@(.)$/ ) { $localpart = $1; $domain = $2; }
		1809	my $homedir = (getpwuid($>))[7];
1781		1810
1782	$dir =~ s/\%u/${safename}/g;	1811	$dir =~ s/\%u/${safename}/g;
1783	$dir =~ s/\%l/${localpart}/g;	1812	$dir =~ s/\%l/${localpart}/g;
1784	$dir =~ s/\%d/${domain}/g;	1813	$dir =~ s/\%d/${domain}/g;
		1814	$dir =~ s/\%h/${homedir}/g;
1785	$dir =~ s/\%\%/\%/g;	1815	$dir =~ s/\%\%/\%/g;
1786		1816
1787	$userdir = $dir;	1817	$userdir = $dir;
Lines 2162-2167 Link Here
2162	enables use of -H)	2192	enables use of -H)
2163	--virtual-config-dir=dir Enable pattern based Virtual configs	2193	--virtual-config-dir=dir Enable pattern based Virtual configs
2164	(needs -x)	2194	(needs -x)
		2195	--virtual-config-separator=chars Allows setuid operation of virtual configs
		2196	by prefixing email with setuid username
2165	-r pidfile, --pidfile Write the process id to pidfile	2197	-r pidfile, --pidfile Write the process id to pidfile
2166	-s facility, --syslog=facility Specify the syslog facility	2198	-s facility, --syslog=facility Specify the syslog facility
2167	--syslog-socket=type How to connect to syslogd	2199	--syslog-socket=type How to connect to syslogd
Lines 2293-2298 Link Here
2293	words, if the username is an email address, this is the part after the C<@>	2325	words, if the username is an email address, this is the part after the C<@>
2294	sign.	2326	sign.
2295		2327
		2328	=item %h -- replaced with the home directory of the current user. This is
		2329	particularly useful when using the B<--virtual-setuid-separator> option).
		2330
2296	=item %% -- replaced with a single percent sign (%).	2331	=item %% -- replaced with a single percent sign (%).
2297		2332
2298	=back	2333	=back
Lines 2319-2324 Link Here
2319	The pattern B<must> expand to an absolute directory when spamd is running	2354	The pattern B<must> expand to an absolute directory when spamd is running
2320	daemonized (B<-d>).	2355	daemonized (B<-d>).
2321		2356
		2357	=item B<--virtual-setuid-separator>=I<string>
		2358
		2359	Interprets a setuid username from spamc followed by the value followed by the
		2360	real virtual username. For example, if set to C<::>, spamc could send a
		2361	virtual username of C<example::jm@example.com> which would instruct spamd to
		2362	setuid() to the C<example> user before continuing.
		2363
		2364	This setting has no effect without B<--virtual-config-dir>.
		2365
2322	=item B<-r> I<pidfile>, B<--pidfile>=I<pidfile>	2366	=item B<-r> I<pidfile>, B<--pidfile>=I<pidfile>
2323		2367
2324	Write the process ID of the spamd parent to the file specified by I<pidfile>.	2368	Write the process ID of the spamd parent to the file specified by I<pidfile>.