snapshot-20020104

postfix/HISTORY

@@ -5881,9 +5881,9 @@ Apologies for any names omitted.
 20020101
 
 	Security: new alternate_config_directories parameter that
-	lists directories that a set-gid command will accept as
-	its configuration directory. The list must be specified in
-	the default main.cf file. File: global/mail_conf.c.
+	specifies what directories a set-gid command will accept
+	as its configuration directory. The list must be specified
+	in the default main.cf file. File: global/mail_conf.c.
 
 	Cleanup: "sendmail -qRsite" is no longer implemented by
 	connecting to the SMTP port. It is now implemented by
@@ -5891,13 +5891,13 @@ Apologies for any names omitted.
 
 20020203
 
-	Cleanup: all installation information is maintained by the
-	main.cf file. The install.cf file is used only when upgrading
-	from an older Postfix release.
+	Cleanup: INSTALL.sh now records all installation information
+	in the main.cf file. The now obsolete install.cf file is
+	used only when upgrading from an older Postfix release.
 
-	Cleanup: INSTALL.sh now takes non-default settings on the
-	command line, and has a "-upgrade" command line option to
-	turn on non-interactive installation.
+	Cleanup: INSTALL.sh now takes name=value settings on the
+	command line, and has a new "-upgrade" command line option
+	to turn on non-interactive installation.
 
 	Security: additional run-time checks to discourage sharing
 	of Postfix user/group ID values with other accounts.

postfix/INSTALL

@@ -218,19 +218,18 @@ In order to install or upgrade Postfix:
   NB: this group was optional with older Postfix releases; it is
   now required.
 
-- Run the INSTALL.sh script as the super-user:
+- Run one of the following commands as the super-user:
 
     # make install       (interactive version, first time install)
     # make upgrade       (non-interactive version, for upgrades)
 
-  The non-interactive version needs the /etc/postfix/install.cf
-  file from a previous installation. If the file does not exist,
-  use interactive installation instead.
+  The non-interactive version needs the /etc/postfix/main.cf file
+  from a previous installation. If the file does not exist, use
+  interactive installation instead.
 
-  The INSTALL.sh script offers suggestions for pathnames that you
-  can override, either by editing INSTALL.sh or by specifying your
-  preferences interactively. INSTALL.sh stores your preferences in
-  /etc/postfix/install.cf in order to ease future installs.
+  The interactive version offers suggestions for pathnames that
+  you can override interactively, and stores your preferences in
+  /etc/postfix/main.cf for convenient future upgrades.
 
 - Proceed to the section on how you wish to run Postfix on your
   particular machine:

postfix/INSTALL.sh

@@ -1,9 +1,11 @@
 #!/bin/sh
 
-# Sample Postfix installation script. Run this from the top-level
-# Postfix source directory.
+# Postfix installation script. Run from the top-level Postfix source directory.
 #
-# Usage: sh INSTALL.sh [-upgrade] name=value ...
+# Usage: sh INSTALL.sh [-non-interactive] name=value ...
+#
+# Non-interective mode uses settings from /etc/postfix/main.cf (or
+# from /etc/postfix/install.cf when upgrading from a < 2002 release).
 
 PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd
 umask 022
@@ -13,20 +15,21 @@ umask 022
 for arg
 do
     case $arg in
-       *=*) IFS= eval $arg;;
-"-upgrade") upgrade=1;;
-         *) echo Error: usage: $0 [-upgrade] name=value ... 1>&2; exit 1;;
+             *=*) IFS= eval $arg;;
+-non-interactive) non_interactive=1;;
+               *) echo Error: usage: $0 [-non-interactive] name=value ... 1>&2
+		  exit 1;;
     esac
 done
 
 # Discourage old habits.
 
-test -z "$upgrade" -a ! -t 0 && {
-    echo Error: for non-interactive installation, run: \"$0 -upgrade\" 1>&2
+test -z "$non_interactive" -a ! -t 0 && {
+    echo Error: for non-interactive installation, run: \"$0 -non-interactive\" 1>&2
     exit 1
 }
 
-test -z "$upgrade" && cat <<EOF
+test -z "$non_interactive" && cat <<EOF
 
 Warning: this script replaces existing sendmail or Postfix programs.
 Make backups if you want to be able to recover.
@@ -153,7 +156,7 @@ pages."
 
 # Find out the location of configuration files.
 
-test -z "$upgrade" && for name in install_root tempdir config_directory
+test -z "$non_interactive" && for name in install_root tempdir config_directory
 do
     while :
     do
@@ -183,9 +186,9 @@ CONFIG_DIRECTORY=$install_root$config_directory
 
 if [ -f $CONFIG_DIRECTORY/main.cf ]
 then
-    conf=$CONFIG_DIRECTORY
+    conf="-c $CONFIG_DIRECTORY"
 else
-    conf=conf
+    conf="-d"
 fi
 
 # Do not destroy parameter settings from environment or command line.
@@ -193,20 +196,20 @@ fi
 for name in daemon_directory command_directory queue_directory mail_owner \
     setgid_group sendmail_path newaliases_path mailq_path manpage_path
 do
-    eval : \${$name=\`bin/postconf -c $conf -h $name\`} || kill $$
+    eval : \${$name=\`bin/postconf $conf -h $name\`} || kill $$
 done
 
 # Grandfathering: if not in main.cf, get defaults from obsolete install.cf file.
 
-grep setgid_group $CONFIG_DIRECTORY/main.cf 2>&1 >/dev/null || {
+grep setgid_group $CONFIG_DIRECTORY/main.cf >/dev/null 2>&1 || {
     if [ -f $CONFIG_DIRECTORY/install.cf ]
     then
 	. $CONFIG_DIRECTORY/install.cf
 	setgid_group=${setgid-$setgid_group}
 	manpage_path=${manpages-$manpage_path}
-    elif [ ! -t 0 -a -z "$install_root" ]
+    elif [ -n "$non_interactive" ]
     then
-	echo \"make upgrade\" requires the $CONFIG_DIRECTORY/main.cf 1>&2
+	echo Error: \"make upgrade\" requires the $CONFIG_DIRECTORY/main.cf 1>&2
 	echo file from a sufficiently recent Postfix installation. 1>&2
 	echo 1>&2
 	echo Use \"make install\" instead. 1>&2
@@ -216,7 +219,7 @@ grep setgid_group $CONFIG_DIRECTORY/main.cf 2>&1 >/dev/null || {
 
 # Override default settings.
 
-test -z "$upgrade" && for name in daemon_directory command_directory \
+test -z "$non_interactive" && for name in daemon_directory command_directory \
     queue_directory sendmail_path newaliases_path mailq_path mail_owner \
     setgid_group manpage_path
 do
@@ -328,9 +331,10 @@ then
 	compare_or_replace a+r,go-w conf/$file $CONFIG_DIRECTORY/$file || exit 1
     done
 else
-    cp `censored_ls conf/*` $CONFIG_DIRECTORY || exit 1
-    chmod a+r,go-w $CONFIG_DIRECTORY/* || exit 1
-
+    for file in `cd conf; censored_ls * | grep -v postfix-script`
+    do
+	compare_or_replace a+r,go-w conf/$file $CONFIG_DIRECTORY/$file || exit 1
+    done
     test -z "$install_root" && need_config=1
 fi
 

postfix/Makefile

@@ -15,7 +15,7 @@ update depend printfck clean tidy depend_update: Makefiles
 	$(MAKE) MAKELEVEL= $@
 
 install:
-	@echo Please review the 0README instructions first.
+	@echo Please review the INSTALL instructions first.
 
 makefiles Makefiles:
 	$(MAKE) -f Makefile.in MAKELEVEL= Makefiles

postfix/Makefile.in

@@ -29,7 +29,7 @@ install: update
 	sh INSTALL.sh
 
 upgrade: update
-	sh INSTALL.sh -upgrade
+	sh INSTALL.sh -non-interactive
 
 depend clean:
 	set -e; for i in $(DIRS); do \

postfix/Makefile.init

@@ -15,7 +15,7 @@ update depend printfck clean tidy depend_update: Makefiles
 	$(MAKE) MAKELEVEL= $@
 
 install:
-	@echo Please review the 0README instructions first.
+	@echo Please review the INSTALL instructions first.
 
 makefiles Makefiles:
 	$(MAKE) -f Makefile.in MAKELEVEL= Makefiles

postfix/VERP_README

@@ -27,13 +27,13 @@ delimiter characters Postfix uses when VERP style delivery is
 requested but no explicit delimiters are specified.
 
 - verp_delimiter_filter (default: -+=) controls what characters
-Postfix accepts as VERP delimiter characters. Many characters can
-not be used as VERP delimiter characters, either because they
-already have a special meaning in email addresses (such as the @
-or the %), because they appear as part of a username or domain name
-(such as alphanumerics), or because they are non-ASCII or control
-characters. And who knows, some characters may tickle bugs in
-vulnerable software.
+Postfix accepts as VERP delimiter characters on the sendmail command
+line and in SMTP commands. Many characters must not be used as VERP
+delimiter characters, either because they already have a special
+meaning in email addresses (such as the @ or the %), because they
+are used as part of a username or domain name (such as alphanumerics),
+or because they are non-ASCII or control characters.  And who knows,
+some characters may tickle bugs in vulnerable software.
 
 Using VERP with majordomo etc. mailing lists
 ============================================
@@ -125,8 +125,7 @@ VERP support in the Postfix QMQP server
 When the Postfix QMQP server receives mail with an envelope sender
 address of the form:
 
-    prefix-@origin-@[]
+    listname-@your.domain-@[]
 
-Postfix generates VERP sender addresses using prefix@domain as the
-original sender address, and using "-=" as the VERP delimiters,
-because qmail/ezmlm expect this.
+Postfix generates sender addresses listname-user=domain@your.domain,
+using "-=" as the VERP delimiters because qmail/ezmlm expect this.

postfix/conf/main.cf

@@ -509,12 +509,24 @@ debugger_command =
 # sendmail_path: The full pathname of the Postfix sendmail command.
 # This is the Sendmail-compatible mail posting interface.
 # 
+sendmail_path =
+
 # newaliases_path: The full pathname of the Postfix newaliases command.
 # This is the Sendmail-compatible command to build alias databases.
 #
+newaliases_path =
+
 # mailq_path: The full pathname of the Postfix mailq command.  This
 # is the Sendmail-compatible mail queue listing command.
 # 
+mailq_path =
+
 # setgid_group: The group for mail submission and queue management
 # commands.  This must be a group name with a numerical group ID that
 # is not shared with other accounts, not even with the Postfix account.
+#
+setgid_group =
+
+# manpage_path: The location of the Postfix on-line manual pages.
+#
+manpage_path =

postfix/src/global/mail_params.c

@@ -228,8 +228,8 @@ static const char *check_myhostname(void)
     if ((dot = strchr(name, '.')) == 0) {
 	if ((domain = mail_conf_lookup_eval(VAR_MYDOMAIN)) == 0)
 	    msg_warn("My hostname %s is not a fully qualified name - set %s or %s in %s/%s",
-		     name, VAR_MYHOSTNAME, VAR_MYDOMAIN, 
-		var_config_dir, MAIN_CONF_FILE);
+		     name, VAR_MYHOSTNAME, VAR_MYDOMAIN,
+		     var_config_dir, MAIN_CONF_FILE);
 	else
 	    name = concatenate(name, ".", domain, (char *) 0);
     }
@@ -258,14 +258,17 @@ static void check_default_privs(void)
     struct passwd *pwd;
 
     if ((pwd = getpwnam(var_default_privs)) == 0)
-	msg_fatal("%s:%s: unknown user name value: %s",
-		  MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, var_default_privs);
+	msg_fatal("file %s/%s: parameter %s: unknown user name value: %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_DEFAULT_PRIVS, var_default_privs);
     if ((var_default_uid = pwd->pw_uid) == 0)
-	msg_fatal("%s:%s: privileged user is not allowed: %s",
-		  MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, var_default_privs);
+	msg_fatal("file %s/%s: parameter %s: user %s has privileged user ID",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_DEFAULT_PRIVS, var_default_privs);
     if ((var_default_gid = pwd->pw_gid) == 0)
-	msg_fatal("%s:%s: privileged group is not allowed: %s",
-		  MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, var_default_privs);
+	msg_fatal("file %s/%s: parameter %s: user %s has privileged group ID",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_DEFAULT_PRIVS, var_default_privs);
 }
 
 /* check_mail_owner - lookup owner user attributes and validate */
@@ -275,14 +278,17 @@ static void check_mail_owner(void)
     struct passwd *pwd;
 
     if ((pwd = getpwnam(var_mail_owner)) == 0)
-	msg_fatal("%s:%s: unknown user name value: %s",
-		  MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner);
+	msg_fatal("file %s/%s: parameter %s: unknown user name value: %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_MAIL_OWNER, var_mail_owner);
     if ((var_owner_uid = pwd->pw_uid) == 0)
-	msg_fatal("%s:%s: privileged user is not allowed: %s",
-		  MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner);
+	msg_fatal("file %s/%s: parameter %s: user %s has privileged user ID",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_MAIL_OWNER, var_mail_owner);
     if ((var_owner_gid = pwd->pw_gid) == 0)
-	msg_fatal("%s:%s: privileged group is not allowed: %s",
-		  MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner);
+	msg_fatal("file %s/%s: parameter %s: user %s has privileged group ID",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_MAIL_OWNER, var_mail_owner);
 
     /*
      * This detects only some forms of sharing. Enumerating the entire
@@ -292,8 +298,9 @@ static void check_mail_owner(void)
      */
     if ((pwd = getpwuid(var_owner_uid)) != 0
 	&& strcmp(pwd->pw_name, var_mail_owner) != 0)
-	msg_fatal("%s:%s: %s is sharing the user ID with %s",
-		  MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner, pwd->pw_name);
+	msg_fatal("file %s/%s: parameter %s: user %s has same user ID as %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_MAIL_OWNER, var_mail_owner, pwd->pw_name);
 }
 
 /* check_sgid_group - lookup setgid group attributes and validate */
@@ -303,11 +310,13 @@ static void check_sgid_group(void)
     struct group *grp;
 
     if ((grp = getgrnam(var_sgid_group)) == 0)
-	msg_fatal("%s:%s: unknown group name: %s",
-		  MAIN_CONF_FILE, VAR_SGID_GROUP, var_sgid_group);
+	msg_fatal("file %s/%s: parameter %s: unknown group name: %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_SGID_GROUP, var_sgid_group);
     if ((var_sgid_gid = grp->gr_gid) == 0)
-	msg_fatal("%s:%s: privileged group is not allowed: %s",
-		  MAIN_CONF_FILE, VAR_SGID_GROUP, var_sgid_group);
+	msg_fatal("file %s/%s: parameter %s: group %s has privileged group ID",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_SGID_GROUP, var_sgid_group);
 
     /*
      * This detects only some forms of sharing. Enumerating the entire group
@@ -316,8 +325,44 @@ static void check_sgid_group(void)
      */
     if ((grp = getgrgid(var_sgid_gid)) != 0
 	&& strcmp(grp->gr_name, var_sgid_group) != 0)
-	msg_fatal("%s:%s: group %s is sharing the group ID with %s",
-		  MAIN_CONF_FILE, VAR_SGID_GROUP, var_sgid_group, grp->gr_name);
+	msg_fatal("file %s/%s: parameter %s: group %s has same group ID as %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_SGID_GROUP, var_sgid_group, grp->gr_name);
+}
+
+/* check_overlap - disallow UID or GID sharing */
+
+static void check_overlap(void)
+{
+    if (strcmp(var_default_privs, var_mail_owner) == 0)
+	msg_fatal("file %s/%s: parameters %s and %s specify the same user %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER,
+		  var_default_privs);
+    if (var_default_uid == var_owner_uid)
+	msg_fatal("file %s/%s: parameters %s and %s: users %s and %s have the same user ID: %ld",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER,
+		  var_default_privs, var_mail_owner,
+		  (long) var_owner_uid);
+    if (var_default_gid == var_owner_gid)
+	msg_fatal("file %s/%s: parameters %s and %s: users %s and %s have the same group ID: %ld",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER,
+		  var_default_privs, var_mail_owner,
+		  (long) var_owner_gid);
+    if (var_default_gid == var_sgid_gid)
+	msg_fatal("file %s/%s: parameters %s and %s: user %s and group %s have the same group ID: %ld",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_DEFAULT_PRIVS, VAR_SGID_GROUP,
+		  var_default_privs, var_sgid_group,
+		  (long) var_sgid_gid);
+    if (var_owner_gid == var_sgid_gid)
+	msg_fatal("file %s/%s: parameters %s and %s: user %s and group %s have the same group ID: %ld",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_MAIL_OWNER, VAR_SGID_GROUP,
+		  var_mail_owner, var_sgid_group,
+		  (long) var_sgid_gid);
 }
 
 /* mail_params_init - configure built-in parameters */
@@ -410,7 +455,8 @@ void    mail_params_init()
     get_mail_conf_str_table(first_str_defaults);
 
     if (!msg_syslog_facility(var_syslog_facility))
-	msg_fatal("unknown %s configuration parameter value: %s",
+	msg_fatal("file %s/%s: parameter %s: unrecognized value: %s",
+		  var_config_dir, MAIN_CONF_FILE,
 		  VAR_SYSLOG_FACILITY, var_syslog_facility);
 
     /*
@@ -419,10 +465,14 @@ void    mail_params_init()
      * the domain.
      */
     get_mail_conf_str_fn_table(function_str_defaults);
-    if (!valid_hostname(var_myhostname, DO_GRIPE)
-	|| !valid_hostname(var_mydomain, DO_GRIPE))
-	msg_fatal("main.cf configuration error: bad %s or %s parameter value",
-		  VAR_MYHOSTNAME, VAR_MYDOMAIN);
+    if (!valid_hostname(var_myhostname, DO_GRIPE))
+	msg_fatal("file %s/%s: parameter %s: bad parameter value: %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_MYHOSTNAME, var_myhostname);
+    if (!valid_hostname(var_mydomain, DO_GRIPE))
+	msg_fatal("file %s/%s: parameter %s: bad parameter value: %s",
+		  var_config_dir, MAIN_CONF_FILE,
+		  VAR_MYDOMAIN, var_mydomain);
 
     /*
      * Variables that are needed by almost every program.
@@ -434,22 +484,7 @@ void    mail_params_init()
     check_default_privs();
     check_mail_owner();
     check_sgid_group();
-
-    /*
-     * Discourage UID or GID sharing.
-     */
-    if (var_default_uid == var_owner_uid)
-	msg_fatal("%s: %s and %s must not have the same user ID",
-		  MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER);
-    if (var_default_gid == var_owner_gid)
-	msg_fatal("%s: %s and %s must not have the same group ID",
-		  MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER);
-    if (var_default_gid == var_sgid_gid)
-	msg_fatal("%s: %s and %s must not have the same group ID",
-		  MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, VAR_SGID_GROUP);
-    if (var_owner_gid == var_sgid_gid)
-	msg_fatal("%s: %s and %s must not have the same group ID",
-		  MAIN_CONF_FILE, VAR_MAIL_OWNER, VAR_SGID_GROUP);
+    check_overlap();
 
     /*
      * Variables whose defaults are determined at runtime, after other
@@ -488,6 +523,7 @@ void    mail_params_init()
      * One more sanity check.
      */
     if ((cp = verp_delims_verify(var_verp_delims)) != 0)
-	msg_fatal("%s or %s configuration problem: %s",
+	msg_fatal("file %s/%s: parameters %s and %s: %s",
+		  var_config_dir, MAIN_CONF_FILE,
 		  VAR_VERP_DELIMS, VAR_VERP_FILTER, cp);
 }

postfix/src/global/mail_version.h

@@ -15,7 +15,7 @@
   * Version of this program.
   */
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"Snapshot-20020103"
+#define DEF_MAIL_VERSION	"Snapshot-20020104"
 extern char *var_mail_version;
 
 /* LICENSE