ports/57382: [PATCH] security/amavisd-new 20030616.p5
Blaz Zupan
blaz at si.FreeBSD.org
Tue Sep 30 20:40:20 UTC 2003
The following reply was made to PR ports/57382; it has been noted by GNATS.
From: Blaz Zupan <blaz at si.FreeBSD.org>
To: freebsd-gnats-submit at FreeBSD.org
Cc: martin at tradex.sk
Subject: Re: ports/57382: [PATCH] security/amavisd-new 20030616.p5
Date: Tue, 30 Sep 2003 22:36:32 +0200 (CEST)
Thanks for the submission.
I agree with the idea, but I don't agree with the patch as it is. IMHO a
separate log directory is not needed as the default configuration logs to
syslog. The user can manually create the directory if the wants to log to a
file, as he needs to change amavisd.conf anyway to do this.
Also, creating a separate /var/run/amavis directory is IMHO overkill, we
already have a perfectly valid directory for junk like this: /var/amavis. It's
already in the default configuration and owned by the correct user. Poluting
/var/run with yet another directory is not needed in this case.
I have also taken your cleanup of the SED script further, your original patch
has two sed scripts with the second one being a subset of the first one, so I
removed the second one.
The amavis-milter.sh script should only be installed when milter support is
detected in the system (AMAVIS_NOMILTER is not defined), my patch implements
this.
I have also added a pointer to Clam Antivirus to the installation message.
diff -urN amavisd-new.orig/Makefile amavisd-new/Makefile
--- amavisd-new.orig/Makefile Sat Aug 30 11:18:15 2003
+++ amavisd-new/Makefile Tue Sep 30 22:07:59 2003
@@ -8,6 +8,7 @@
PORTNAME= amavisd-new
PORTVERSION= 20030616.p5
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= http://www.ijs.si/software/amavisd/
DISTNAME= ${PORTNAME}-${PORTVERSION:S/.p/-p/}
@@ -35,6 +36,7 @@
${LOCALBASE}/bin/zoo:${PORTSDIR}/archivers/zoo
USE_PERL5_RUN= yes
+USE_RC_SUBR= yes
PKGINSTALL= ${WRKDIR}/INSTALL
PKGDEINSTALL= ${WRKDIR}/DEINSTALL
@@ -63,23 +65,20 @@
BUILD_WRKSRC= ${WRKSRC}/helper-progs
.endif
+SED_SCRIPT= -e 's,%%AMAVISUSER%%,${AMAVISUSER},g' \
+ -e 's,%%AMAVISGROUP%%,${AMAVISGROUP},g' \
+ -e 's,%%AMAVISDIR%%,${AMAVISDIR},g' \
+ -e 's,%%AMAVISQUARANTINE%%,${AMAVISQUARANTINE},g' \
+ -e 's,%%DOCSDIR%%,${DOCSDIR},g' \
+ -e 's,%%PREFIX%%,${PREFIX},g' \
+ -e 's,%%RC_SUBR%%,${RC_SUBR},g'
+
pre-build:
- for file in amavisd.sh INSTALL DEINSTALL MESSAGE; do \
- ${SED} -e 's,%%AMAVISUSER%%,${AMAVISUSER},g' \
- -e 's,%%AMAVISGROUP%%,${AMAVISGROUP},g' \
- -e 's,%%AMAVISDIR%%,${AMAVISDIR},g' \
- -e 's,%%AMAVISQUARANTINE%%,${AMAVISQUARANTINE},g' \
- -e 's,%%DOCSDIR%%,${DOCSDIR},g' \
- -e 's,%%PREFIX%%,${PREFIX},g' \
- < ${FILESDIR}/$${file}.tmpl > ${WRKDIR}/$${file}; \
+ for file in amavisd.sh amavis-milter.sh INSTALL DEINSTALL MESSAGE; do \
+ ${SED} ${SED_SCRIPT} < ${FILESDIR}/$${file}.tmpl > ${WRKDIR}/$${file}; \
done
for file in amavisd.conf amavisd; do \
- ${SED} -e 's,%%AMAVISUSER%%,${AMAVISUSER},g' \
- -e 's,%%AMAVISGROUP%%,${AMAVISGROUP},g' \
- -e 's,%%AMAVISDIR%%,${AMAVISDIR},g' \
- -e 's,%%AMAVISQUARANTINE%%,${AMAVISQUARANTINE},g' \
- -e 's,%%PREFIX%%,${PREFIX},g' \
- < ${WRKSRC}/$${file} > ${WRKDIR}/$${file}; \
+ ${SED} ${SED_SCRIPT} < ${WRKSRC}/$${file} > ${WRKDIR}/$${file}; \
done
pre-install:
@@ -89,6 +88,7 @@
.if !defined(AMAVIS_NOMILTER)
${INSTALL_PROGRAM} ${WRKSRC}/helper-progs/amavis ${PREFIX}/sbin
${INSTALL_PROGRAM} ${WRKSRC}/helper-progs/amavis-milter ${PREFIX}/sbin
+ ${INSTALL_SCRIPT} ${WRKDIR}/amavis-milter.sh ${PREFIX}/etc/rc.d
.endif
${INSTALL_SCRIPT} ${WRKDIR}/amavisd ${PREFIX}/sbin
${INSTALL_SCRIPT} ${WRKDIR}/amavisd.conf ${PREFIX}/etc/amavisd.conf-dist
diff -urN amavisd-new.orig/files/MESSAGE.tmpl amavisd-new/files/MESSAGE.tmpl
--- amavisd-new.orig/files/MESSAGE.tmpl Sat Jan 4 11:07:30 2003
+++ amavisd-new/files/MESSAGE.tmpl Tue Sep 30 22:17:57 2003
@@ -2,10 +2,17 @@
*******************************************************************
To use amavisd-new, you need to install at least one virus scanner.
For example McAfee VirusScan is available as a FreeBSD port
- in /usr/ports/security/vscan. If you want to use the amavis sendmail
- milter interface, you need to type the following command:
+ in /usr/ports/security/vscan and Clam Antivirus is available
+ in /usr/ports/security/clamav.
- touch %%AMAVISDIR%%/use.milter
+ Enable amavisd-new in /etc/rc.conf with the following line:
+
+ amavisd_enable="YES"
+
+ If you want to use the amavis sendmail milter interface,
+ you need the following additional line in /etc/rc.conf
+
+ amavis_milter_enable="YES"
A configuration template is available in %%PREFIX%%/etc
as amavisd.conf-dist. Copy it to amavisd.conf and edit it to
diff -urN amavisd-new.orig/files/amavis-milter.sh.tmpl amavisd-new/files/amavis-milter.sh.tmpl
--- amavisd-new.orig/files/amavis-milter.sh.tmpl Thu Jan 1 01:00:00 1970
+++ amavisd-new/files/amavis-milter.sh.tmpl Tue Sep 30 21:30:21 2003
@@ -0,0 +1,34 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: amavis_milter
+# REQUIRE: amavisd
+# BEFORE: amavisd
+# KEYWORD: FreeBSD shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable amavis-milter:
+#
+#amavis_milter_enable="YES"
+#
+
+. %%RC_SUBR%%
+
+name=amavis_milter
+rcvar=`set_rcvar`
+
+command=%%PREFIX%%/sbin/amavis-milter
+
+amavis_milter_user=%%AMAVISUSER%%
+
+required_files=%%PREFIX%%/etc/amavisd.conf
+
+# set defaults
+
+amavis_milter_enable=${amavis_milter_enable:-"NO"}
+amavis_milter_flags=${amavis_milter_flags:-"-D -p %%AMAVISDIR%%/amavis-milter.sock"}
+
+load_rc_config $name
+run_rc_command "$1"
diff -urN amavisd-new.orig/files/amavisd.sh.tmpl amavisd-new/files/amavisd.sh.tmpl
--- amavisd-new.orig/files/amavisd.sh.tmpl Wed Jun 11 18:45:47 2003
+++ amavisd-new/files/amavisd.sh.tmpl Tue Sep 30 22:09:02 2003
@@ -1,36 +1,42 @@
#!/bin/sh
+#
+# $FreeBSD: ports/security/clamav/files/amavisd.sh,v 1.1 2003/09/28 13:29:28 dinoex Exp $
+#
-if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then
- echo "$0: Cannot determine the PREFIX" >&2
- exit 1
-fi
-
-DIR=%%AMAVISDIR%%
-PIDFILE=$DIR/amavisd.pid
-SOCKFILES=$DIR/amavis*.sock
-MILTERFLAG=$DIR/use.milter
-
-case "$1" in
-start)
- if [ -e ${PREFIX}/etc/amavisd.conf ]; then
- rm -rf ${SOCKFILES}
- if [ -e $MILTERFLAG ]; then
- su %%AMAVISUSER%% -c "${PREFIX}/sbin/amavis-milter -D -p $DIR/amavis-milter.sock"
- fi
- su %%AMAVISUSER%% -c "${PREFIX}/sbin/amavisd > /dev/null 2>&1" && echo -n ' amavisd'
- fi
- ;;
-stop)
- if [ -e $MILTERFLAG ]; then
- killall -u %%AMAVISUSER%% amavis-milter >/dev/null 2>&1
- fi
- if [ -e $PIDFILE ]; then
- su %%AMAVISUSER%% -c "kill `cat $PIDFILE`" && echo -n ' amavisd'
- fi
- ;;
-*)
- echo "Usage: `basename $0` {start|stop}" >&2
- ;;
-esac
+# PROVIDE: amavisd
+# REQUIRE: LOGIN
+# BEFORE: mail
+# KEYWORD: FreeBSD shutdown
-exit 0
+#
+# Add the following lines to /etc/rc.conf to enable amavisd:
+#
+#amavisd_enable="YES"
+#
+
+. %%RC_SUBR%%
+
+name=amavisd
+rcvar=`set_rcvar`
+
+command=%%PREFIX%%/sbin/amavisd > /dev/null 2>&1
+
+amavisd_user=%%AMAVISUSER%%
+
+pidfile=%%AMAVISDIR%%/amavisd.pid
+required_files=%%PREFIX%%/etc/amavisd.conf
+
+stop_postcmd=stop_postcmd
+
+stop_postcmd()
+{
+ rm -f $pidfile
+}
+
+# set defaults
+
+amavisd_enable=${amavisd_enable:-"NO"}
+amavisd_flags=${amavisd_flags:-""}
+
+load_rc_config $name
+run_rc_command "$1"
diff -urN amavisd-new.orig/pkg-plist amavisd-new/pkg-plist
--- amavisd-new.orig/pkg-plist Sat Aug 30 11:18:15 2003
+++ amavisd-new/pkg-plist Tue Sep 30 21:57:33 2003
@@ -19,6 +19,7 @@
%%PORTDOCS%%%%DOCSDIR%%/RELEASE_NOTES
%%PORTDOCS%%@dirrm %%DOCSDIR%%
etc/amavisd.conf-dist
+%%AMAVIS_NOMILTER%%etc/rc.d/amavis-milter.sh
etc/rc.d/amavisd.sh
%%AMAVIS_NOMILTER%%sbin/amavis
%%AMAVIS_NOMILTER%%sbin/amavis-milter
More information about the freebsd-ports-bugs
mailing list