ports/77366: amavisd-new account creation patch

Scott Balmos scott.balmos at utoledo.edu
Thu Feb 10 23:20:18 UTC 2005 

>Number:         77366
>Category:       ports
>Synopsis:       amavisd-new account creation patch
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Feb 10 23:20:17 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Scott Balmos
>Release:        5.3-RELEASE
>Organization:
>Environment:
FreeBSD flyingpig.simunex.com 5.3-RELEASE FreeBSD 5.3-RELEASE #5: Fri Nov 12 16:52:26 EST 2004 sbalmos at flyingpig.simunex.com:/usr/obj/usr/src/sys/FLYINGPIG  i386

>Description:
The port of amavisd-new (security/amavisd-new) creates a user account and group, vscan/vscan, for Amavis to run under. However, the command to pw which creates the account does not specify a UID. Thus, the account is created using the next available normal user uid, not with a uid normally reserved in the "system account" space (uid/gid <1000). This can be annoying to systems set up with user account managers that do not use pw and /etc/master.password, and are shared across multiple servers (e.g. LDAP). vscan on one box could be 1002, on another box could be 1010, etc, depending on how many regular user accounts were created before the amavisd-new port was installed.

It would be better if the vscan user was created using an explicit "system account" uid/gid, such as uid/gid 102 (which doesn't seem to be used by any port that I know of).

>How-To-Repeat:
Load a fresh FreeBSD box. Create a few normal user accounts (e.g. ones that are auto-assigned uid's, incrementing starting from uid 1000).

Install security/amavisd-new somewhere along the line.

pw usershow vscan and pw groupshow vscan. Note they are also given auto-assigned uid's.

>Fix:
Explicitly assign uid/gid 102 to vscan.

--- /usr/ports/security/amavisd-new/files/INSTALL.tmpl  Thu Aug 12 08:44:03 2004
+++ INSTALL.tmpl        Thu Feb 10 18:17:39 2005
@@ -13,7 +13,7 @@
     if /usr/sbin/pw groupshow "${GROUP}" 2>/dev/null; then
        echo "You already have a group \"${GROUP}\", so I will use it."
     else
-       if /usr/sbin/pw groupadd ${GROUP} -h -
+       if /usr/sbin/pw groupadd ${GROUP} -h -g 102 -
        then
            echo "Added group \"${GROUP}\"."
        else
@@ -29,7 +29,8 @@
        if /usr/sbin/pw useradd ${USER} -g ${GROUP} -h - \
           -d ${DIR} \
           -s /bin/sh \
-          -c "Scanning Virus Account"
+          -c "Scanning Virus Account" \
+          -u 102
        then
            echo "Added user \"${USER}\"."
        else

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list