mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 21:55:20 +00:00
Code Issues Releases Wiki Activity

snapshot-20020103

Browse Source
This commit is contained in:
Wietse Venema
2002-01-03 00:00:00 -05:00
committed by Viktor Dukhovni
parent 596f999801
commit fe146a50e3
22 changed files with 444 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
postfix/HISTORY
View File

@@ -5880,7 +5880,7 @@ Apologies for any names omitted.
20020101 20020101
Security: new alternate_config_directory parameter that Security: new alternate_config_directories parameter that
lists directories that a set-gid command will accept as lists directories that a set-gid command will accept as
its configuration directory. The list must be specified in its configuration directory. The list must be specified in
the default main.cf file. File: global/mail_conf.c. the default main.cf file. File: global/mail_conf.c.
@@ -5889,6 +5889,19 @@ Apologies for any names omitted.
connecting to the SMTP port. It is now implemented by connecting to the SMTP port. It is now implemented by
talking to the fast flush service. File: postqueue/postqueue.c. talking to the fast flush service. File: postqueue/postqueue.c.
20020203
Cleanup: all installation information is maintained by the
main.cf file. The install.cf file is used only when upgrading
from an older Postfix release.
Cleanup: INSTALL.sh now takes non-default settings on the
command line, and has a "-upgrade" command line option to
turn on non-interactive installation.
Security: additional run-time checks to discourage sharing
of Postfix user/group ID values with other accounts.
Open problems: Open problems:
Low: don't do user@domain and @domain lookups in Low: don't do user@domain and @domain lookups in

262
postfix/INSTALL.sh
View File

@@ -2,11 +2,31 @@
# Sample Postfix installation script. Run this from the top-level # Sample Postfix installation script. Run this from the top-level
# Postfix source directory. # Postfix source directory.
#
# Usage: sh INSTALL.sh [-upgrade] name=value ...
PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd
umask 022 umask 022
test -t 0 && cat <<EOF # Process command-line settings
for arg
do
case $arg in
*=*) IFS= eval $arg;;
"-upgrade") upgrade=1;;
*) echo Error: usage: $0 [-upgrade] name=value ... 1>&2; exit 1;;
esac
done
# Discourage old habits.
test -z "$upgrade" -a ! -t 0 && {
echo Error: for non-interactive installation, run: \"$0 -upgrade\" 1>&2
exit 1
}
test -z "$upgrade" && cat <<EOF
Warning: this script replaces existing sendmail or Postfix programs. Warning: this script replaces existing sendmail or Postfix programs.
Make backups if you want to be able to recover. Make backups if you want to be able to recover.
@@ -16,47 +36,6 @@ Most definitions will be remembered, so you have to specify them
only once. All definitions have a reasonable default value. only once. All definitions have a reasonable default value.
EOF EOF
install_root_text="the prefix for installed file names. This is
useful only if you are building ready-to-install packages for other
machines."
tempdir_text="directory for scratch files while installing Postfix.
You must must have write permission in this directory."
config_directory_text="the directory with Postfix configuration
files. For security reasons this directory must be owned by the
super-user."
daemon_directory_text="the directory with Postfix daemon programs.
This directory should not be in the command search path of any
users."
command_directory_text="the directory with Postfix administrative
commands. This directory should be in the command search path of
adminstrative users."
queue_directory_text="the directory with Postfix queues."
sendmail_path_text="the full pathname of the Postfix sendmail
command. This is the Sendmail-compatible mail posting interface."
newaliases_path_text="the full pathname of the Postfix newaliases
command. This is the Sendmail-compatible command to build alias
databases."
mailq_path_text="the full pathname of the Postfix mailq command.
This is the Sendmail-compatible mail queue listing command."
mail_owner_text="the owner of the Postfix queue. Specify a user
account with numerical user ID and group ID values that are not
used by any other user accounts."
setgid_text="the group for mail submission and queue management
commands. Specify a group name with a numerical group ID that is
not shared with other accounts, not even with the Postfix account."
manpages_text="where to install the Postfix on-line manual pages."
# By now, shells must have functions. Ultrix users must use sh5 or lose. # By now, shells must have functions. Ultrix users must use sh5 or lose.
# The following shell functions replace files/symlinks while minimizing # The following shell functions replace files/symlinks while minimizing
# the time that a file does not exist, and avoid copying over programs # the time that a file does not exist, and avoid copying over programs
@@ -121,92 +100,130 @@ case `echo -n` in
*) n=; c='\c';; *) n=; c='\c';;
esac esac
# Default settings. Most are clobbered by remembered settings. # Prompts.
install_root_prompt="the prefix for installed file names. This is
useful only if you are building ready-to-install packages for other
machines."
tempdir_prompt="directory for scratch files while installing Postfix.
You must must have write permission in this directory."
config_directory_prompt="the directory with Postfix configuration
files. For security reasons this directory must be owned by the
super-user."
daemon_directory_prompt="the directory with Postfix daemon programs.
This directory should not be in the command search path of any
users."
command_directory_prompt="the directory with Postfix administrative
commands. This directory should be in the command search path of
adminstrative users."
queue_directory_prompt="the directory with Postfix queues."
sendmail_path_prompt="the full pathname of the Postfix sendmail
command. This is the Sendmail-compatible mail posting interface."
newaliases_path_prompt="the full pathname of the Postfix newaliases
command. This is the Sendmail-compatible command to build alias
databases."
mailq_path_prompt="the full pathname of the Postfix mailq command.
This is the Sendmail-compatible mail queue listing command."
mail_owner_prompt="the owner of the Postfix queue. Specify a user
account with numerical user ID and group ID values that are not
used by any other user accounts."
setgid_group_prompt="the group for mail submission and for queue
management commands. Specify a group name with a numerical group
ID that is not shared with other accounts, not even with the Postfix
account."
manpage_path_prompt="where to install the Postfix on-line manual
pages."
# Default settings, just to get started.
: ${install_root=/} : ${install_root=/}
: ${tempdir=`pwd`} : ${tempdir=`pwd`}
: ${config_directory=/etc/postfix} : ${config_directory=`bin/postconf -c conf -h -d config_directory`}
: ${daemon_directory=/usr/libexec/postfix}
: ${command_directory=/usr/sbin}
: ${queue_directory=/var/spool/postfix}
if [ -f /usr/lib/sendmail ]
then : ${sendmail_path=/usr/lib/sendmail}
else : ${sendmail_path=/usr/sbin/sendmail}
fi
: ${newaliases_path=/usr/bin/newaliases}
: ${mailq_path=/usr/bin/mailq}
: ${mail_owner=postfix}
: ${setgid=postdrop}
: ${manpages=/usr/local/man}
# Find out the location of configuration files. # Find out the location of configuration files.
test -t 0 && test -z "$upgrade" && for name in install_root tempdir config_directory
for name in install_root tempdir config_directory
do do
while : while :
do do
echo echo
eval echo Please specify \$${name}_text | fmt eval echo Please specify \$${name}_prompt | fmt
eval echo \$n "$name: [\$$name]\ \$c" eval echo \$n "$name: [\$$name]\ \$c"
read ans read ans
case $ans in case $ans in
"") break;; "") break;;
*) eval $name=\$ans; break;; *) case $ans in
/*) eval $name=\$ans; break;;
*) echo; echo Error: $name should be an absolute path name. 1>&2;;
esac;;
esac esac
done done
done done
# Sanity checks
for path in $tempdir $install_root $config_directory
do
case $path in
/*) ;;
*) echo Error: $path should be an absolute path name. 1>&2; exit 1;;
esac
done
# In case some systems special-case pathnames beginning with //. # In case some systems special-case pathnames beginning with //.
case $install_root in case $install_root in
/) install_root= /) install_root=
esac esac
# Load defaults from existing installation. # Load defaults from existing installation or from template main.cf file.
CONFIG_DIRECTORY=$install_root$config_directory CONFIG_DIRECTORY=$install_root$config_directory
test -f $CONFIG_DIRECTORY/main.cf && { if [ -f $CONFIG_DIRECTORY/main.cf ]
for name in daemon_directory command_directory queue_directory mail_owner then
do conf=$CONFIG_DIRECTORY
eval $name='"`bin/postconf -c $CONFIG_DIRECTORY -h $name`"' || kill $$ else
done conf=conf
} fi
# Do not destroy parameter settings from environment or command line.
for name in daemon_directory command_directory queue_directory mail_owner \
setgid_group sendmail_path newaliases_path mailq_path manpage_path
do
eval : \${$name=\`bin/postconf -c $conf -h $name\`} || kill $$
done
# Grandfathering: if not in main.cf, get defaults from obsolete install.cf file.
grep setgid_group $CONFIG_DIRECTORY/main.cf 2>&1 >/dev/null || {
if [ -f $CONFIG_DIRECTORY/install.cf ] if [ -f $CONFIG_DIRECTORY/install.cf ]
then then
. $CONFIG_DIRECTORY/install.cf . $CONFIG_DIRECTORY/install.cf
setgid_group=${setgid-$setgid_group}
manpage_path=${manpages-$manpage_path}
elif [ ! -t 0 -a -z "$install_root" ] elif [ ! -t 0 -a -z "$install_root" ]
then then
echo Non-interactive install needs the $CONFIG_DIRECTORY/install.cf 1>&2 echo \"make upgrade\" requires the $CONFIG_DIRECTORY/main.cf 1>&2
echo file from a previous Postfix installation. 1>&2 echo file from a sufficiently recent Postfix installation. 1>&2
echo 1>&2 echo 1>&2
echo Use interactive installation instead. 1>&2 echo Use \"make install\" instead. 1>&2
exit 1 exit 1
fi fi
}
# Override default settings. # Override default settings.
test -t 0 && test -z "$upgrade" && for name in daemon_directory command_directory \
for name in daemon_directory command_directory \
queue_directory sendmail_path newaliases_path mailq_path mail_owner \ queue_directory sendmail_path newaliases_path mailq_path mail_owner \
setgid manpages setgid_group manpage_path
do do
while : while :
do do
echo echo
eval echo Please specify \$${name}_text | fmt eval echo Please specify \$${name}_prompt | fmt
eval echo \$n "$name: [\$$name]\ \$c" eval echo \$n "$name: [\$$name]\ \$c"
read ans read ans
case $ans in case $ans in
@@ -218,18 +235,18 @@ done
# Sanity checks # Sanity checks
case $manpages in case $manpage_path in
no) echo Error: manpages no longer accepts "no" values. 1>&2 no) echo Error: manpage_path no longer accepts \"no\" values. 1>&2
echo Error: re-run this script in interactive mode. 1>&2; exit 1;; echo Error: re-run this script with \"make install\". 1>&2; exit 1;;
esac esac
case $setgid in case $setgid_group in
no) echo Error: setgid no longer accepts "no" values. 1>&2 no) echo Error: setgid_group no longer accepts \"no\" values. 1>&2
echo Error: re-run this script in interactive mode. 1>&2; exit 1;; echo Error: re-run this script with \"make install\". 1>&2; exit 1;;
esac esac
for path in $daemon_directory $command_directory \ for path in $daemon_directory $command_directory \
$queue_directory $sendmail_path $newaliases_path $mailq_path $manpages $queue_directory $sendmail_path $newaliases_path $mailq_path $manpage_path
do do
case $path in case $path in
/*) ;; /*) ;;
@@ -256,9 +273,9 @@ chown "$mail_owner" $tempdir/junk >/dev/null 2>&1 || {
exit 1 exit 1
} }
chgrp "$setgid" $tempdir/junk >/dev/null 2>&1 || { chgrp "$setgid_group" $tempdir/junk >/dev/null 2>&1 || {
echo Error: $setgid needs an entry in the group file. 1>&2 echo Error: $setgid_group needs an entry in the group file. 1>&2
echo Remember, $setgid must have a dedicated group id. 1>&2 echo Remember, $setgid_group must have a dedicated group id. 1>&2
exit 1 exit 1
} }
@@ -272,7 +289,7 @@ QUEUE_DIRECTORY=$install_root$queue_directory
SENDMAIL_PATH=$install_root$sendmail_path SENDMAIL_PATH=$install_root$sendmail_path
NEWALIASES_PATH=$install_root$newaliases_path NEWALIASES_PATH=$install_root$newaliases_path
MAILQ_PATH=$install_root$mailq_path MAILQ_PATH=$install_root$mailq_path
MANPAGES=$install_root$manpages MANPAGE_PATH=$install_root$manpage_path
# Create any missing directories. # Create any missing directories.
@@ -324,16 +341,13 @@ bin/postconf -c $CONFIG_DIRECTORY -e \
"command_directory = $command_directory" \ "command_directory = $command_directory" \
"queue_directory = $queue_directory" \ "queue_directory = $queue_directory" \
"mail_owner = $mail_owner" \ "mail_owner = $mail_owner" \
"setgid_group = $setgid_group" \
"sendmail_path = $sendmail_path" \
"mailq_path = $mailq_path" \
"newaliases_path = $newaliases_path" \
"manpage_path = $manpage_path" \
|| exit 1 || exit 1
(echo "# This file was generated by $0"
for name in sendmail_path newaliases_path mailq_path setgid manpages
do
eval echo $name=\$$name
done) >$tempdir/junk || exit 1
compare_or_move a+x,go-w $tempdir/junk $CONFIG_DIRECTORY/install.cf || exit 1
rm -f $tempdir/junk
compare_or_replace a+x,go-w conf/postfix-script $CONFIG_DIRECTORY/postfix-script || compare_or_replace a+x,go-w conf/postfix-script $CONFIG_DIRECTORY/postfix-script ||
exit 1 exit 1
@@ -341,20 +355,29 @@ compare_or_replace a+x,go-w conf/postfix-script $CONFIG_DIRECTORY/postfix-script
(cd man || exit 1 (cd man || exit 1
for dir in man? for dir in man?
do test -d $MANPAGES/$dir || mkdir -p $MANPAGES/$dir || exit 1 do test -d $MANPAGE_PATH/$dir || mkdir -p $MANPAGE_PATH/$dir || exit 1
done done
for file in `censored_ls man?/*` for file in `censored_ls man?/*`
do do
(test -f $MANPAGES/$file && cmp -s $file $MANPAGES/$file && (test -f $MANPAGE_PATH/$file && cmp -s $file $MANPAGE_PATH/$file &&
echo Skipping $MANPAGES/$file...) || { echo Skipping $MANPAGE_PATH/$file...) || {
echo Updating $MANPAGES/$file... echo Updating $MANPAGE_PATH/$file...
rm -f $MANPAGES/$file rm -f $MANPAGE_PATH/$file
cp $file $MANPAGES/$file || exit 1 cp $file $MANPAGE_PATH/$file || exit 1
chmod 644 $MANPAGES/$file || exit 1 chmod 644 $MANPAGE_PATH/$file || exit 1
} }
done) done)
# Use set-gid/group privileges for restricted access. # Tighten access of existing directories.
for directory in pid
do
test -d $QUEUE_DIRECTORY/$directory && {
chown root $QUEUE_DIRECTORY/$directory || exit 1
}
done
# Apply set-gid/group privileges for restricted access.
for directory in maildrop for directory in maildrop
do do
@@ -362,8 +385,8 @@ do
mkdir -p $QUEUE_DIRECTORY/$directory || exit 1 mkdir -p $QUEUE_DIRECTORY/$directory || exit 1
chown $mail_owner $QUEUE_DIRECTORY/$directory || exit 1 chown $mail_owner $QUEUE_DIRECTORY/$directory || exit 1
} }
# Fix group if upgrading from world-writable maildrop. # Fix group and permissions if upgrading from world-writable maildrop.
chgrp $setgid $QUEUE_DIRECTORY/$directory || exit 1 chgrp $setgid_group $QUEUE_DIRECTORY/$directory || exit 1
chmod 730 $QUEUE_DIRECTORY/$directory || exit 1 chmod 730 $QUEUE_DIRECTORY/$directory || exit 1
done done
@@ -373,19 +396,12 @@ do
mkdir -p $QUEUE_DIRECTORY/$directory || exit 1 mkdir -p $QUEUE_DIRECTORY/$directory || exit 1
chown $mail_owner $QUEUE_DIRECTORY/$directory || exit 1 chown $mail_owner $QUEUE_DIRECTORY/$directory || exit 1
} }
# Fix group if upgrading from world-accessible directory. # Fix group and permissions if upgrading from world-accessible directory.
chgrp $setgid $QUEUE_DIRECTORY/$directory || exit 1 chgrp $setgid_group $QUEUE_DIRECTORY/$directory || exit 1
chmod 710 $QUEUE_DIRECTORY/$directory || exit 1 chmod 710 $QUEUE_DIRECTORY/$directory || exit 1
done done
for directory in pid chgrp $setgid_group $COMMAND_DIRECTORY/postdrop $COMMAND_DIRECTORY/postqueue || exit 1
do
test -d $QUEUE_DIRECTORY/$directory && {
chown root $QUEUE_DIRECTORY/$directory || exit 1
}
done
chgrp $setgid $COMMAND_DIRECTORY/postdrop $COMMAND_DIRECTORY/postqueue || exit 1
chmod g+s $COMMAND_DIRECTORY/postdrop $COMMAND_DIRECTORY/postqueue || exit 1 chmod g+s $COMMAND_DIRECTORY/postdrop $COMMAND_DIRECTORY/postqueue || exit 1
grep 'flush.*flush' $CONFIG_DIRECTORY/master.cf >/dev/null || { grep 'flush.*flush' $CONFIG_DIRECTORY/master.cf >/dev/null || {

3
postfix/Makefile
View File

@@ -14,5 +14,8 @@ default: update
update depend printfck clean tidy depend_update: Makefiles update depend printfck clean tidy depend_update: Makefiles
$(MAKE) MAKELEVEL= $@ $(MAKE) MAKELEVEL= $@
install:
@echo Please review the 0README instructions first.
makefiles Makefiles: makefiles Makefiles:
$(MAKE) -f Makefile.in MAKELEVEL= Makefiles $(MAKE) -f Makefile.in MAKELEVEL= Makefiles

2
postfix/Makefile.in
View File

@@ -29,7 +29,7 @@ install: update
sh INSTALL.sh sh INSTALL.sh
upgrade: update upgrade: update
sh INSTALL.sh </dev/null sh INSTALL.sh -upgrade
depend clean: depend clean:
set -e; for i in $(DIRS); do \ set -e; for i in $(DIRS); do \

3
postfix/Makefile.init
View File

@@ -14,5 +14,8 @@ default: update
update depend printfck clean tidy depend_update: Makefiles update depend printfck clean tidy depend_update: Makefiles
$(MAKE) MAKELEVEL= $@ $(MAKE) MAKELEVEL= $@
install:
@echo Please review the 0README instructions first.
makefiles Makefiles: makefiles Makefiles:
$(MAKE) -f Makefile.in MAKELEVEL= Makefiles $(MAKE) -f Makefile.in MAKELEVEL= Makefiles

2
postfix/PCRE_README
View File

@@ -7,7 +7,7 @@ non-space.
One possible use is to add a restriction to main.cf: One possible use is to add a restriction to main.cf:
smtpd_recipient_restrictions = ... pcre:/opt/postfix/etc/smtprecipient ... smtpd_recipient_restrictions = ... pcre:/etc/postfix/smtprecipient ...
The regular expressions are read from the file specified - sample The regular expressions are read from the file specified - sample
regexp patterns are shown in the Postfix pcre_table(5) manual page. regexp patterns are shown in the Postfix pcre_table(5) manual page.

34
postfix/RELEASE_NOTES
View File

@@ -1,19 +1,27 @@
Incompatible changes with snapshot-200201XX Incompatible changes with snapshot-200201XX
=========================================== ===========================================
If you run multiple Postfix instances then you have to specify Postfix will not run if it detects that the postfix user or group
their configuration directories in the default main.cf file as ID are shared with other accounts on the system. The checks aren't
"alternate_config_directory = /dir1 /dir2 ...". Otherwise, some exhaustive (that would be too resource consuming) but should be
Postfix sendmail commands will no longer work (namely, the ones sufficient to encourage packagers and developers to do the right
that are now implemented by set-group ID client programs). thing.
This release modifies the existing master.cf file. The local pickup This release modifies the existing master.cf file. The local pickup
service is now unprivileged, and the cleanup and flush service are service is now unprivileged, and the cleanup and flush service are
now "public". now "public".
Should you have to back out to a previous release, then you have Should you have to back out to a previous release, then you must
to edit the master.cf file, making the pickup service "privileged", 1) edit the master.cf file, make the pickup service "privileged",
and making the cleanup and flush service "private". and make the cleanup and flush services "private"; 2) "chmod 755
/var/spool/postfix/public". To revert to a world-writable mail
submission directory, "chmod 1733 /var/spool/postfix/maildrop".
If you run multiple Postfix instances on the same machine then you
now have to specify their configuration directories in the default
main.cf file as "alternate_config_directories = /dir1 /dir2 ...".
Otherwise, some Postfix commands will no longer work (namely, the
ones that are now implemented by set-group ID client programs).
Major changes with snapshot-200201XX Major changes with snapshot-200201XX
==================================== ====================================
@@ -29,6 +37,16 @@ Simplification of the local Postfix security model.
the queue operations that were implemented by the Postfix sendmail the queue operations that were implemented by the Postfix sendmail
command. command.
Simplification of Postfix installation.
- The install.cf file is gone.
- All installation settings are now kept in the main.cf file, and
better default settings are now generated for sendmail_path etc.
- Non-default settings can be specified on the INSTALL.sh command
line as name=value arguments.
Incompatible changes with snapshot-20011226 Incompatible changes with snapshot-20011226
=========================================== ===========================================

17
postfix/conf/main.cf
View File

@@ -502,4 +502,19 @@ debugger_command =
PATH=/usr/bin:/usr/X11R6/bin PATH=/usr/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5 xxgdb $daemon_directory/$process_name $process_id & sleep 5
# Other configurable parameters. # INSTALL-TIME CONFIGURATION INFORMATION
#
# The following parameters are used when installing a new Postfix version.
#
# sendmail_path: The full pathname of the Postfix sendmail command.
# This is the Sendmail-compatible mail posting interface.
#
# newaliases_path: The full pathname of the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases.
#
# mailq_path: The full pathname of the Postfix mailq command. This
# is the Sendmail-compatible mail queue listing command.
#
# setgid_group: The group for mail submission and queue management
# commands. This must be a group name with a numerical group ID that
# is not shared with other accounts, not even with the Postfix account.

6
postfix/html/postdrop.1.html
View File

@@ -6,7 +6,7 @@ POSTDROP(1) POSTDROP(1)
postdrop - Postfix mail posting utility postdrop - Postfix mail posting utility
<b>SYNOPSIS</b> <b>SYNOPSIS</b>
<b>postdrop</b> [<i>-rv</i>] [<b>-c</b> <i>config_dir</i>] <b>postdrop</b> [<b>-rv</b>] [<b>-c</b> <i>config_dir</i>]
<b>DESCRIPTION</b> <b>DESCRIPTION</b>
The <b>postdrop</b> command creates a file in the <b>maildrop</b> direc- The <b>postdrop</b> command creates a file in the <b>maildrop</b> direc-
@@ -49,8 +49,8 @@ POSTDROP(1) POSTDROP(1)
A non-standard directory is allowed only if the A non-standard directory is allowed only if the
name is listed in the standard <b>main.cf</b> file, in the name is listed in the standard <b>main.cf</b> file, in the
<b>alternate</b><i>_</i><b>config</b><i>_</i><b>directory</b> configuration parameter <b>alternate</b><i>_</i><b>config</b><i>_</i><b>directories</b> configuration parame-
value. ter value.
Only the super-user is allowed to specify arbitrary Only the super-user is allowed to specify arbitrary
directory names. directory names.

4
postfix/html/postqueue.1.html
View File

@@ -66,8 +66,8 @@ POSTQUEUE(1) POSTQUEUE(1)
A non-standard directory is allowed only if the A non-standard directory is allowed only if the
name is listed in the standard <b>main.cf</b> file, in the name is listed in the standard <b>main.cf</b> file, in the
<b>alternate</b><i>_</i><b>config</b><i>_</i><b>directory</b> configuration parameter <b>alternate</b><i>_</i><b>config</b><i>_</i><b>directories</b> configuration parame-
value. ter value.
Only the super-user is allowed to specify arbitrary Only the super-user is allowed to specify arbitrary
directory names. directory names.

4
postfix/man/man1/postdrop.1
View File

@@ -8,7 +8,7 @@ Postfix mail posting utility
.SH SYNOPSIS .SH SYNOPSIS
.na .na
.nf .nf
\fBpostdrop\fR [\fI-rv\fR] [\fB-c \fIconfig_dir\fR] \fBpostdrop\fR [\fB-rv\fR] [\fB-c \fIconfig_dir\fR]
.SH DESCRIPTION .SH DESCRIPTION
.ad .ad
.fi .fi
@@ -53,7 +53,7 @@ of set-group ID privileges, it is not possible to specify arbitrary
directory names. directory names.
A non-standard directory is allowed only if the name is listed in the A non-standard directory is allowed only if the name is listed in the
standard \fBmain.cf\fR file, in the \fBalternate_config_directory\fR standard \fBmain.cf\fR file, in the \fBalternate_config_directories\fR
configuration parameter value. configuration parameter value.
Only the super-user is allowed to specify arbitrary directory names. Only the super-user is allowed to specify arbitrary directory names.

2
postfix/man/man1/postqueue.1
View File

@@ -70,7 +70,7 @@ In order to avoid exploitation of set-group ID privileges, it is not
possible to specify arbitrary directory names. possible to specify arbitrary directory names.
A non-standard directory is allowed only if the name is listed in the A non-standard directory is allowed only if the name is listed in the
standard \fBmain.cf\fR file, in the \fBalternate_config_directory\fR standard \fBmain.cf\fR file, in the \fBalternate_config_directories\fR
configuration parameter value. configuration parameter value.
Only the super-user is allowed to specify arbitrary directory names. Only the super-user is allowed to specify arbitrary directory names.

89
postfix/src/global/mail_params.c
View File

@@ -18,6 +18,8 @@
/* char *var_mail_owner; /* char *var_mail_owner;
/* uid_t var_owner_uid; /* uid_t var_owner_uid;
/* gid_t var_owner_gid; /* gid_t var_owner_gid;
/* char *var_sgid_group;
/* gid_t var_sgid_gid;
/* char *var_default_privs; /* char *var_default_privs;
/* uid_t var_default_uid; /* uid_t var_default_uid;
/* gid_t var_default_gid; /* gid_t var_default_gid;
@@ -104,6 +106,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <pwd.h> #include <pwd.h>
#include <grp.h>
#include <time.h> #include <time.h>
#ifdef STRCASECMP_IN_STRINGS_H #ifdef STRCASECMP_IN_STRINGS_H
@@ -143,6 +146,8 @@ char *var_syslog_name;
char *var_mail_owner; char *var_mail_owner;
uid_t var_owner_uid; uid_t var_owner_uid;
gid_t var_owner_gid; gid_t var_owner_gid;
char *var_sgid_group;
gid_t var_sgid_gid;
char *var_default_privs; char *var_default_privs;
uid_t var_default_uid; uid_t var_default_uid;
gid_t var_default_gid; gid_t var_default_gid;
@@ -199,6 +204,8 @@ char *var_debug_peer_list;
int var_debug_peer_level; int var_debug_peer_level;
int var_fault_inj_code; int var_fault_inj_code;
#define MAIN_CONF_FILE "main.cf"
/* check_myhostname - lookup hostname and validate */ /* check_myhostname - lookup hostname and validate */
static const char *check_myhostname(void) static const char *check_myhostname(void)
@@ -220,8 +227,9 @@ static const char *check_myhostname(void)
name = get_hostname(); name = get_hostname();
if ((dot = strchr(name, '.')) == 0) { if ((dot = strchr(name, '.')) == 0) {
if ((domain = mail_conf_lookup_eval(VAR_MYDOMAIN)) == 0) if ((domain = mail_conf_lookup_eval(VAR_MYDOMAIN)) == 0)
msg_warn("My hostname %s is not a fully qualified name - set %s or %s in %s/main.cf", msg_warn("My hostname %s is not a fully qualified name - set %s or %s in %s/%s",
name, VAR_MYHOSTNAME, VAR_MYDOMAIN, var_config_dir); name, VAR_MYHOSTNAME, VAR_MYDOMAIN,
var_config_dir, MAIN_CONF_FILE);
else else
name = concatenate(name, ".", domain, (char *) 0); name = concatenate(name, ".", domain, (char *) 0);
} }
@@ -250,14 +258,14 @@ static void check_default_privs(void)
struct passwd *pwd; struct passwd *pwd;
if ((pwd = getpwnam(var_default_privs)) == 0) if ((pwd = getpwnam(var_default_privs)) == 0)
msg_fatal("unknown %s configuration parameter value: %s", msg_fatal("%s:%s: unknown user name value: %s",
VAR_DEFAULT_PRIVS, var_default_privs); MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, var_default_privs);
if ((var_default_uid = pwd->pw_uid) == 0) if ((var_default_uid = pwd->pw_uid) == 0)
msg_fatal("%s: %s: privileged user is not allowed", msg_fatal("%s:%s: privileged user is not allowed: %s",
VAR_DEFAULT_PRIVS, var_default_privs); MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, var_default_privs);
if ((var_default_gid = pwd->pw_gid) == 0) if ((var_default_gid = pwd->pw_gid) == 0)
msg_fatal("%s: %s: privileged group is not allowed", msg_fatal("%s:%s: privileged group is not allowed: %s",
VAR_DEFAULT_PRIVS, var_default_privs); MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, var_default_privs);
} }
/* check_mail_owner - lookup owner user attributes and validate */ /* check_mail_owner - lookup owner user attributes and validate */
@@ -267,14 +275,49 @@ static void check_mail_owner(void)
struct passwd *pwd; struct passwd *pwd;
if ((pwd = getpwnam(var_mail_owner)) == 0) if ((pwd = getpwnam(var_mail_owner)) == 0)
msg_fatal("unknown %s configuration parameter value: %s", msg_fatal("%s:%s: unknown user name value: %s",
VAR_MAIL_OWNER, var_mail_owner); MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner);
if ((var_owner_uid = pwd->pw_uid) == 0) if ((var_owner_uid = pwd->pw_uid) == 0)
msg_fatal("%s: %s: privileged user is not allowed", msg_fatal("%s:%s: privileged user is not allowed: %s",
VAR_MAIL_OWNER, var_mail_owner); MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner);
if ((var_owner_gid = pwd->pw_gid) == 0) if ((var_owner_gid = pwd->pw_gid) == 0)
msg_fatal("%s: %s: privileged group is not allowed", msg_fatal("%s:%s: privileged group is not allowed: %s",
VAR_DEFAULT_PRIVS, var_mail_owner); MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner);
/*
* This detects only some forms of sharing. Enumerating the entire
* password file name space could be expensive. The purpose of this code
* is to discourage user ID sharing by developers and package
* maintainers.
*/
if ((pwd = getpwuid(var_owner_uid)) != 0
&& strcmp(pwd->pw_name, var_mail_owner) != 0)
msg_fatal("%s:%s: %s is sharing the user ID with %s",
MAIN_CONF_FILE, VAR_MAIL_OWNER, var_mail_owner, pwd->pw_name);
}
/* check_sgid_group - lookup setgid group attributes and validate */
static void check_sgid_group(void)
{
struct group *grp;
if ((grp = getgrnam(var_sgid_group)) == 0)
msg_fatal("%s:%s: unknown group name: %s",
MAIN_CONF_FILE, VAR_SGID_GROUP, var_sgid_group);
if ((var_sgid_gid = grp->gr_gid) == 0)
msg_fatal("%s:%s: privileged group is not allowed: %s",
MAIN_CONF_FILE, VAR_SGID_GROUP, var_sgid_group);
/*
* This detects only some forms of sharing. Enumerating the entire group
* file name space could be expensive. The purpose of this code is to
* discourage group ID sharing by developers and package maintainers.
*/
if ((grp = getgrgid(var_sgid_gid)) != 0
&& strcmp(grp->gr_name, var_sgid_group) != 0)
msg_fatal("%s:%s: group %s is sharing the group ID with %s",
MAIN_CONF_FILE, VAR_SGID_GROUP, var_sgid_group, grp->gr_name);
} }
/* mail_params_init - configure built-in parameters */ /* mail_params_init - configure built-in parameters */
@@ -294,6 +337,7 @@ void mail_params_init()
VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name, 1, 0, VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name, 1, 0,
VAR_SYSLOG_NAME, DEF_SYSLOG_NAME, &var_syslog_name, 1, 0, VAR_SYSLOG_NAME, DEF_SYSLOG_NAME, &var_syslog_name, 1, 0,
VAR_MAIL_OWNER, DEF_MAIL_OWNER, &var_mail_owner, 1, 0, VAR_MAIL_OWNER, DEF_MAIL_OWNER, &var_mail_owner, 1, 0,
VAR_SGID_GROUP, DEF_SGID_GROUP, &var_sgid_group, 1, 0,
VAR_MYDEST, DEF_MYDEST, &var_mydest, 0, 0, VAR_MYDEST, DEF_MYDEST, &var_mydest, 0, 0,
VAR_MYORIGIN, DEF_MYORIGIN, &var_myorigin, 1, 0, VAR_MYORIGIN, DEF_MYORIGIN, &var_myorigin, 1, 0,
VAR_RELAYHOST, DEF_RELAYHOST, &var_relayhost, 0, 0, VAR_RELAYHOST, DEF_RELAYHOST, &var_relayhost, 0, 0,
@@ -389,6 +433,23 @@ void mail_params_init()
get_mail_conf_time_table(time_defaults); get_mail_conf_time_table(time_defaults);
check_default_privs(); check_default_privs();
check_mail_owner(); check_mail_owner();
check_sgid_group();
/*
* Discourage UID or GID sharing.
*/
if (var_default_uid == var_owner_uid)
msg_fatal("%s: %s and %s must not have the same user ID",
MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER);
if (var_default_gid == var_owner_gid)
msg_fatal("%s: %s and %s must not have the same group ID",
MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER);
if (var_default_gid == var_sgid_gid)
msg_fatal("%s: %s and %s must not have the same group ID",
MAIN_CONF_FILE, VAR_DEFAULT_PRIVS, VAR_SGID_GROUP);
if (var_owner_gid == var_sgid_gid)
msg_fatal("%s: %s and %s must not have the same group ID",
MAIN_CONF_FILE, VAR_MAIL_OWNER, VAR_SGID_GROUP);
/* /*
* Variables whose defaults are determined at runtime, after other * Variables whose defaults are determined at runtime, after other

32
postfix/src/global/mail_params.h
View File

@@ -49,6 +49,11 @@ extern char *var_mail_owner;
extern uid_t var_owner_uid; extern uid_t var_owner_uid;
extern gid_t var_owner_gid; extern gid_t var_owner_gid;
#define VAR_SGID_GROUP "setgid_group"
#define DEF_SGID_GROUP "postdrop"
extern char *var_sgid_group;
extern gid_t var_sgid_gid;
#define VAR_DEFAULT_PRIVS "default_privs" #define VAR_DEFAULT_PRIVS "default_privs"
#define DEF_DEFAULT_PRIVS "nobody" #define DEF_DEFAULT_PRIVS "nobody"
extern char *var_default_privs; extern char *var_default_privs;
@@ -169,13 +174,13 @@ extern char *var_queue_dir;
#define VAR_DAEMON_DIR "daemon_directory" #define VAR_DAEMON_DIR "daemon_directory"
#ifndef DEF_DAEMON_DIR #ifndef DEF_DAEMON_DIR
#define DEF_DAEMON_DIR "$program_directory" #define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
extern char *var_daemon_dir; extern char *var_daemon_dir;
#define VAR_COMMAND_DIR "command_directory" #define VAR_COMMAND_DIR "command_directory"
#ifndef DEF_COMMAND_DIR #ifndef DEF_COMMAND_DIR
#define DEF_COMMAND_DIR "$program_directory" #define DEF_COMMAND_DIR "/usr/sbin"
#endif #endif
extern char *var_command_dir; extern char *var_command_dir;
@@ -202,7 +207,7 @@ extern time_t var_starttime;
#endif #endif
extern char *var_config_dir; extern char *var_config_dir;
#define VAR_CONFIG_DIRS "alternate_config_directory" #define VAR_CONFIG_DIRS "alternate_config_directories"
#define DEF_CONFIG_DIRS "" #define DEF_CONFIG_DIRS ""
extern char *var_config_dirs; extern char *var_config_dirs;
@@ -1373,6 +1378,27 @@ extern char *var_par_dom_match;
#define DEF_FAULT_INJ_CODE 0 #define DEF_FAULT_INJ_CODE 0
extern int var_fault_inj_code; extern int var_fault_inj_code;
/*
* Install/upgrade information.
*/
#define VAR_SENDMAIL_PATH "sendmail_path"
#ifndef DEF_SENDMAIL_PATH
#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
#endif
#define VAR_MAILQ_PATH "mailq_path"
#ifndef DEF_MAILQ_PATH
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#endif
#define VAR_NEWALIAS_PATH "newaliases_path"
#ifndef DEF_NEWALIAS_PATH
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#endif
#define VAR_MANPAGE_PATH "manpage_path"
#define DEF_MANPAGE_PATH "/usr/local/man"
/* LICENSE /* LICENSE
/* .ad /* .ad
/* .fi /* .fi

2
postfix/src/global/mail_version.h
View File

@@ -15,7 +15,7 @@
* Version of this program. * Version of this program.
*/ */
#define VAR_MAIL_VERSION "mail_version" #define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "Snapshot-20020101" #define DEF_MAIL_VERSION "Snapshot-20020103"
extern char *var_mail_version; extern char *var_mail_version;
/* LICENSE /* LICENSE

2
postfix/src/lmtp/lmtp.c
View File

@@ -227,8 +227,6 @@
#include <string.h> #include <string.h>
#include <fcntl.h> #include <fcntl.h>
#include <dict.h> #include <dict.h>
#include <pwd.h>
#include <grp.h>
/* Utility library. */ /* Utility library. */

5
postfix/src/postconf/install_table.h Normal file
View File

@@ -0,0 +1,5 @@
VAR_SENDMAIL_PATH, DEF_SENDMAIL_PATH, &var_sendmail_path, 1, 0,
VAR_MAILQ_PATH, DEF_MAILQ_PATH, &var_mailq_path, 1, 0,
VAR_NEWALIAS_PATH, DEF_NEWALIAS_PATH, &var_newalias_path, 1, 0,
VAR_CONFIG_DIR, DEF_CONFIG_DIR, &var_config_dir, 1, 0,
VAR_MANPAGE_PATH, DEF_MANPAGE_PATH, &var_manpage_path, 1, 0,

5
postfix/src/postconf/install_vars.h Normal file
View File

@@ -0,0 +1,5 @@
char *var_sendmail_path;
char *var_mailq_path;
char *var_newalias_path;
char *var_config_dir;
char *var_manpage_path;

2
postfix/src/postconf/postconf.c
View File

@@ -131,6 +131,7 @@ DICT *text_table;
* Manually extracted. * Manually extracted.
*/ */
#include "smtp_vars.h" #include "smtp_vars.h"
#include "install_vars.h"
/* /*
* Lookup tables generated by scanning actual C source files. * Lookup tables generated by scanning actual C source files.
@@ -153,6 +154,7 @@ static CONFIG_INT_TABLE int_table[] = {
static CONFIG_STR_TABLE str_table[] = { static CONFIG_STR_TABLE str_table[] = {
#include "str_table.h" #include "str_table.h"
#include "smtp_table.h" /* XXX */ #include "smtp_table.h" /* XXX */
#include "install_table.h"
0, 0,
}; };

21
postfix/src/postdrop/postdrop.c
View File

@@ -4,7 +4,7 @@
/* SUMMARY /* SUMMARY
/* Postfix mail posting utility /* Postfix mail posting utility
/* SYNOPSIS /* SYNOPSIS
/* \fBpostdrop\fR [\fI-rv\fR] [\fB-c \fIconfig_dir\fR] /* \fBpostdrop\fR [\fB-rv\fR] [\fB-c \fIconfig_dir\fR]
/* DESCRIPTION /* DESCRIPTION
/* The \fBpostdrop\fR command creates a file in the \fBmaildrop\fR /* The \fBpostdrop\fR command creates a file in the \fBmaildrop\fR
/* directory and copies its standard input to the file. /* directory and copies its standard input to the file.
@@ -41,7 +41,7 @@
/* directory names. /* directory names.
/* /*
/* A non-standard directory is allowed only if the name is listed in the /* A non-standard directory is allowed only if the name is listed in the
/* standard \fBmain.cf\fR file, in the \fBalternate_config_directory\fR /* standard \fBmain.cf\fR file, in the \fBalternate_config_directories\fR
/* configuration parameter value. /* configuration parameter value.
/* /*
/* Only the super-user is allowed to specify arbitrary directory names. /* Only the super-user is allowed to specify arbitrary directory names.
@@ -116,10 +116,14 @@
/* /*
* WARNING WARNING WARNING * WARNING WARNING WARNING
* *
* This software is designed to run set-gid on systems that cannot afford a * This software is designed to run set-gid. In order to avoid exploitation of
* world-writable spool directory. In order to make this restriction work, * privilege, this software should not run any external commands, nor should
* this software should not run any external commands, nor should it take * it take any information from the user unless that information can be
* any configuration information from the user. * properly sanitized. To get an idea of how much information a process can
* inherit from a potentially hostile user, examine all the members of the
* process structure (typically, in /usr/include/sys/proc.h): the current
* directory, open files, timers, signals, environment, command line, umask,
* and so on.
*/ */
/* /*
@@ -206,7 +210,8 @@ int main(int argc, char **argv)
/* /*
* Parse JCL. This program is set-gid and must sanitize all command-line * Parse JCL. This program is set-gid and must sanitize all command-line
* arguments. The configuration directory argument is validated by the * arguments. The configuration directory argument is validated by the
* mail configuration read routine. * mail configuration read routine. Don't do complex things until we have
* completed initializations.
*/ */
while ((c = GETOPT(argc, argv, "c:rv")) > 0) { while ((c = GETOPT(argc, argv, "c:rv")) > 0) {
switch (c) { switch (c) {
@@ -267,6 +272,8 @@ int main(int argc, char **argv)
signal(SIGTERM, postdrop_sig); signal(SIGTERM, postdrop_sig);
msg_cleanup(postdrop_cleanup); msg_cleanup(postdrop_cleanup);
/* End of initializations. */
/* /*
* Create queue file. mail_stream_file() never fails. Send the queue ID * Create queue file. mail_stream_file() never fails. Send the queue ID
* to the caller. Stash away a copy of the queue file name so we can * to the caller. Stash away a copy of the queue file name so we can

61
postfix/src/postqueue/postqueue.c
View File

@@ -58,7 +58,7 @@
/* possible to specify arbitrary directory names. /* possible to specify arbitrary directory names.
/* /*
/* A non-standard directory is allowed only if the name is listed in the /* A non-standard directory is allowed only if the name is listed in the
/* standard \fBmain.cf\fR file, in the \fBalternate_config_directory\fR /* standard \fBmain.cf\fR file, in the \fBalternate_config_directories\fR
/* configuration parameter value. /* configuration parameter value.
/* /*
/* Only the super-user is allowed to specify arbitrary directory names. /* Only the super-user is allowed to specify arbitrary directory names.
@@ -132,6 +132,19 @@
/* Application-specific. */ /* Application-specific. */
/*
* WARNING WARNING WARNING
*
* This software is designed to run set-gid. In order to avoid exploitation of
* privilege, this software should not run any external commands, nor should
* it take any information from the user, unless that information can be
* properly sanitized. To get an idea of how much information a process can
* inherit from a potentially hostile user, examine all the members of the
* process structure (typically, in /usr/include/sys/proc.h): the current
* directory, open files, timers, signals, environment, command line, umask,
* and so on.
*/
/* /*
* Modes of operation. * Modes of operation.
*/ */
@@ -177,7 +190,7 @@ static void show_queue(void)
msg_warn("Mail system is down -- accessing queue directly"); msg_warn("Mail system is down -- accessing queue directly");
argv = argv_alloc(6); argv = argv_alloc(6);
argv_add(argv, MAIL_SERVICE_SHOWQ, "-c", "-u", "-S", (char *) 0); argv_add(argv, MAIL_SERVICE_SHOWQ, "-u", "-S", (char *) 0);
for (n = 0; n < msg_verbose; n++) for (n = 0; n < msg_verbose; n++)
argv_add(argv, "-v", (char *) 0); argv_add(argv, "-v", (char *) 0);
argv_terminate(argv); argv_terminate(argv);
@@ -283,7 +296,8 @@ int main(int argc, char **argv)
/* /*
* Parse JCL. This program is set-gid and must sanitize all command-line * Parse JCL. This program is set-gid and must sanitize all command-line
* parameters. The configuration directory argument is validated by the * parameters. The configuration directory argument is validated by the
* mail configuration read routine. * mail configuration read routine. Don't do complex things until we have
* completed initializations.
*/ */
while ((c = GETOPT(argc, argv, "c:fps:v")) > 0) { while ((c = GETOPT(argc, argv, "c:fps:v")) > 0) {
switch (c) { switch (c) {
@@ -306,25 +320,7 @@ int main(int argc, char **argv)
if (mode != PQ_MODE_DEFAULT) if (mode != PQ_MODE_DEFAULT)
usage(); usage();
mode = PQ_MODE_FLUSH_SITE; mode = PQ_MODE_FLUSH_SITE;
if (*optarg == '[' && *(last = optarg + strlen(optarg) - 1) == ']') {
*last = 0;
if (valid_hostaddr(optarg + 1, DONT_GRIPE))
site_to_flush = optarg; site_to_flush = optarg;
else
site_to_flush = 0;
*last = ']';
} else {
if (valid_hostname(optarg, DONT_GRIPE)
|| valid_hostaddr(optarg, DONT_GRIPE))
site_to_flush = optarg;
else
site_to_flush = 0;
}
if (site_to_flush == 0)
msg_fatal_status(EX_USAGE,
"Cannot flush mail queue - invalid destination: \"%.100s%s\"",
optarg, strlen(optarg) > 100 ? "..." : "");
break; break;
case 'v': case 'v':
msg_verbose++; msg_verbose++;
@@ -351,6 +347,29 @@ int main(int argc, char **argv)
signal(SIGPIPE, SIG_IGN); signal(SIGPIPE, SIG_IGN);
/* End of initializations. */
/*
* Further input validation.
*/
if (site_to_flush != 0) {
if (*site_to_flush == '['
&& *(last = optarg + strlen(site_to_flush) - 1) == ']') {
*last = 0;
if (!valid_hostaddr(optarg + 1, DONT_GRIPE))
site_to_flush = 0;
*last = ']';
} else {
if (!valid_hostname(optarg, DONT_GRIPE)
&& !valid_hostaddr(optarg, DONT_GRIPE))
site_to_flush = 0;
}
if (site_to_flush == 0)
msg_fatal_status(EX_USAGE,
"Cannot flush mail queue - invalid destination: \"%.100s%s\"",
optarg, strlen(optarg) > 100 ? "..." : "");
}
/* /*
* Start processing. * Start processing.
*/ */

53
postfix/src/util/sys_defs.h
View File

@@ -52,6 +52,11 @@
#define STATFS_IN_SYS_MOUNT_H #define STATFS_IN_SYS_MOUNT_H
#define HAS_POSIX_REGEXP #define HAS_POSIX_REGEXP
#define HAS_ST_GEN /* struct stat contains inode generation number */ #define HAS_ST_GEN /* struct stat contains inode generation number */
#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
#if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4)
@@ -94,6 +99,11 @@
#define PRINTFLIKE(x,y) #define PRINTFLIKE(x,y)
#define SCANFLIKE(x,y) #define SCANFLIKE(x,y)
#define HAS_NETINFO #define HAS_NETINFO
#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
/* /*
@@ -142,6 +152,9 @@ extern int h_errno;
#define DUP2_DUPS_CLOSE_ON_EXEC #define DUP2_DUPS_CLOSE_ON_EXEC
#define MISSING_USLEEP #define MISSING_USLEEP
#define NO_HERRNO #define NO_HERRNO
#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
#define DEF_COMMAND_DIR "/usr/etc"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
/* /*
@@ -208,6 +221,11 @@ extern int opterr;
#define STATFS_IN_SYS_VFS_H #define STATFS_IN_SYS_VFS_H
#define memmove(d,s,l) bcopy(s,d,l) #define memmove(d,s,l) bcopy(s,d,l)
#define NO_HERRNO #define NO_HERRNO
#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
#define DEF_MAILQ_PATH "/usr/ucb/mailq"
#define DEF_NEWALIAS_PATH "/usr/ucb/newaliases"
#define DEF_COMMAND_DIR "/usr/etc"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
/* /*
@@ -242,6 +260,11 @@ extern int opterr;
#define LOCAL_CONNECT stream_connect #define LOCAL_CONNECT stream_connect
#define LOCAL_TRIGGER stream_trigger #define LOCAL_TRIGGER stream_trigger
#define HAS_VOLATILE_LOCKS #define HAS_VOLATILE_LOCKS
#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
/* /*
@@ -330,6 +353,11 @@ extern int opterr;
#define USE_STATVFS #define USE_STATVFS
#define STATVFS_IN_SYS_STATVFS_H #define STATVFS_IN_SYS_STATVFS_H
#define STRCASECMP_IN_STRINGS_H #define STRCASECMP_IN_STRINGS_H
#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
#define DEF_MAILQ_PATH "/usr/sbin/mailq"
#define DEF_NEWALIAS_PATH "/usr/sbin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
#ifdef AIX4 #ifdef AIX4
@@ -364,6 +392,11 @@ extern int seteuid(uid_t);
extern int setegid(gid_t); extern int setegid(gid_t);
extern int initgroups(const char *, int); extern int initgroups(const char *, int);
#endif #endif
#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
#define DEF_MAILQ_PATH "/usr/sbin/mailq"
#define DEF_NEWALIAS_PATH "/usr/sbin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
@@ -397,6 +430,7 @@ extern time_t time(time_t *);
extern int seteuid(uid_t); extern int seteuid(uid_t);
extern int setegid(gid_t); extern int setegid(gid_t);
extern int initgroups(const char *, int); extern int initgroups(const char *, int);
#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
#endif #endif
@@ -460,6 +494,11 @@ extern int initgroups(const char *, int);
#define UNIX_DOMAIN_CONNECT_BLOCKS_FOR_ACCEPT #define UNIX_DOMAIN_CONNECT_BLOCKS_FOR_ACCEPT
#define PREPEND_PLUS_TO_OPTSTRING #define PREPEND_PLUS_TO_OPTSTRING
#define HAS_POSIX_REGEXP #define HAS_POSIX_REGEXP
#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
/* /*
@@ -493,6 +532,11 @@ extern int h_errno; /* <netdb.h> imports too much stuff */
#define USE_STATFS #define USE_STATFS
#define STATFS_IN_SYS_VFS_H #define STATFS_IN_SYS_VFS_H
#define HAS_POSIX_REGEXP #define HAS_POSIX_REGEXP
#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
#ifdef HPUX10 #ifdef HPUX10
@@ -523,6 +567,11 @@ extern int h_errno; /* <netdb.h> imports too much stuff */
#define USE_STATFS #define USE_STATFS
#define STATFS_IN_SYS_VFS_H #define STATFS_IN_SYS_VFS_H
#define HAS_POSIX_REGEXP #define HAS_POSIX_REGEXP
#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#define DEF_COMMAND_DIR "/usr/sbin"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
#ifdef HPUX9 #ifdef HPUX9
@@ -555,6 +604,10 @@ extern int h_errno;
#define USE_STATFS #define USE_STATFS
#define STATFS_IN_SYS_VFS_H #define STATFS_IN_SYS_VFS_H
#define HAS_POSIX_REGEXP #define HAS_POSIX_REGEXP
#define DEF_SENDMAIL_PATH "/usr/bin/sendmail"
#define DEF_MAILQ_PATH "/usr/bin/mailq"
#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
#define DEF_DAEMON_DIR "/usr/libexec/postfix"
#endif #endif
/* /*