ports/151689: dns/rbldnsd does not use preassigned UID/GIDs

Panagiotis Christias p.christias at noc.ntua.gr
Sun Oct 24 17:20:07 UTC 2010 

>Number:         151689
>Category:       ports
>Synopsis:       dns/rbldnsd does not use preassigned UID/GIDs
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct 24 17:20:07 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Panagiotis Christias
>Release:        7.3-RELEASE-p3 amd64
>Organization:
NTUA NOC
>Environment:
FreeBSD rbldnsd.noc.ntua.gr 7.3-RELEASE-p3 FreeBSD 7.3-RELEASE-p3 #0: Wed Sep 22 15:55:56 EEST 2010     root at agamemnon.noc.ntua.gr:/usr/obj/usr/src/sys/NTUA  amd64
>Description:
dns/rbldns port does not use the preassigned UID/GIDs as defined in /usr/ports/UIDs and /usr/ports/GIDs.


>How-To-Repeat:
cd /usr/ports/dns/rbldnsd
make install
egrep rbldns /etc/passwd /etc/group

>Fix:
Make use of USERS and GROUPS variables in Makefile. Drop the extra code in pkg-install. Add some code in files/pkg-deinstall.in to notify user about the remaining user/group upon deinstallation. See attached shar for an updated version of the port.


Patch attached with submission follows:

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	rbldnsd
#	rbldnsd/Makefile
#	rbldnsd/distinfo
#	rbldnsd/pkg-descr
#	rbldnsd/pkg-plist
#	rbldnsd/files
#	rbldnsd/files/example
#	rbldnsd/files/pkg-message.in
#	rbldnsd/files/rbldnsd.in
#	rbldnsd/files/pkg-deinstall.in
#
echo c - rbldnsd
mkdir -p rbldnsd > /dev/null 2>&1
echo x - rbldnsd/Makefile
sed 's/^X//' >rbldnsd/Makefile << '751464da36006c8608da01b81c0ff09d'
X# New ports collection makefile for:	rbldnsd
X# Date created:				Fri Jun 13 05:30:12 EDT 2003
X# Whom:					Paul Chvostek <paul at it.ca>
X#
X# $FreeBSD: ports/dns/rbldnsd/Makefile,v 1.15 2010/02/10 02:58:33 pgollucci Exp $
X#
X
XPORTNAME=	rbldnsd
XPORTVERSION=	0.996b
XPORTREVISION=	2
XCATEGORIES=	dns
XMASTER_SITES=	http://www.corpit.ru/mjt/rbldnsd/:0 \
X		http://www.it.ca/~paul/src/:0
XDISTFILES=	${PORTNAME}_${PORTVERSION}${EXTRACT_SUFX}:0
X
XMAINTAINER=	alexey at renatasystems.org
XCOMMENT=	Small and fast DNS daemon especially for DNSBL zones
X
X.if !defined(NOPORTDOCS)
XEXTRACT_ONLY+=	${PORTNAME}_${PORTVERSION}${EXTRACT_SUFX}
XMASTER_SITES+=	http://www.corpit.ru/mjt/:1 \
X		http://www.it.ca/~paul/src/:1
XDISTFILES+=	rbldnsd.html:1
XIGNOREFILES+=	rbldnsd.html
X.endif
X
XUSERS=		rbldns
XGROUPS=		rbldns
X
XRBLDNSUSER=	${USERS}
XRBLDNSGROUP=	${GROUPS}
XROOTDIR=	${PREFIX}/etc/rbldnsd/
X
XMAN8=		rbldnsd.8
X
XHAS_CONFIGURE=	yes
XUSE_RC_SUBR=	rbldnsd
XPKGMESSAGE=	${WRKDIR}/pkg-message
XSUB_FILES=	pkg-message pkg-deinstall
XSUB_LIST+=	RBLDNSUSER=${RBLDNSUSER} \
X		RBLDNSGROUP=${RBLDNSGROUP}
X
X.include <bsd.port.pre.mk>
X
Xdo-install:
X		@if [ ! -d ${ROOTDIR} ]; then \
X			${MKDIR} ${ROOTDIR}; \
X			${CHMOD} 710 ${ROOTDIR}; \
X			${CHOWN} ${RBLDNSUSER}:${RBLDNSGROUP} ${ROOTDIR}; \
X		fi
X		@${INSTALL_DATA} -o ${RBLDNSUSER} -g ${RBLDNSGROUP} -m 640 \
X			${FILESDIR}/example ${PREFIX}/etc/rbldnsd/
X		@${INSTALL_PROGRAM} ${WRKSRC}/rbldnsd ${PREFIX}/sbin/
X		@${INSTALL_MAN} ${WRKSRC}/rbldnsd.8 ${PREFIX}/man/man8/
X.if !defined(NOPORTDOCS)
X		@${MKDIR} ${DOCSDIR}/
X		@${INSTALL_DATA} ${WRKSRC}/CHANGES-0.81 ${DOCSDIR}
X		@${INSTALL_DATA} ${WRKSRC}/TODO ${DOCSDIR}
X		@${INSTALL_DATA} ${WRKSRC}/NEWS ${DOCSDIR}
X		@${INSTALL_DATA} ${WRKSRC}/debian/changelog ${DOCSDIR}
X		@${INSTALL_DATA} ${WRKSRC}/debian/copyright ${DOCSDIR}
X		@${INSTALL_DATA} ${WRKSRC}/debian/rbldnsd.default ${DOCSDIR}
X		@${INSTALL_DATA} ${WRKSRC}/debian/rbldnsd.init ${DOCSDIR}
X		@${INSTALL_DATA} ${WRKSRC}/rbldnsd.spec ${DOCSDIR}
X		@${INSTALL_DATA} ${DISTDIR}/rbldnsd.html ${DOCSDIR}
X.endif
X
X.include <bsd.port.post.mk>
751464da36006c8608da01b81c0ff09d
echo x - rbldnsd/distinfo
sed 's/^X//' >rbldnsd/distinfo << 'a5a190368fc10237e786cee26cb06f52'
XMD5 (rbldnsd_0.996b.tar.gz) = 9a0f26f3b33764c325a96bd4c61b26fa
XSHA256 (rbldnsd_0.996b.tar.gz) = 475afe5be8729a76b7c23e2f3d5ce1c773775140406a58bfb7477fac5a528342
XSIZE (rbldnsd_0.996b.tar.gz) = 113128
XMD5 (rbldnsd.html) = IGNORE
XSHA256 (rbldnsd.html) = IGNORE
a5a190368fc10237e786cee26cb06f52
echo x - rbldnsd/pkg-descr
sed 's/^X//' >rbldnsd/pkg-descr << '26664981cc815465c775d90a44613cc3'
Xrbldnsd is a small and fast DNS daemon, made especially to serve DNSBL
Xzones.  It was inspired by Dan J. Bernstein's rbldns program, found in
X/usr/ports/net/djbdns, but is significantly faster.
X
Xrbldnsd was written by Michael Tokarev.
X
XWWW: http://www.corpit.ru/mjt/rbldnsd.html
26664981cc815465c775d90a44613cc3
echo x - rbldnsd/pkg-plist
sed 's/^X//' >rbldnsd/pkg-plist << 'c9ca5022f4b2670ebd497445de7b059e'
Xsbin/rbldnsd
Xetc/rbldnsd/example
X%%PORTDOCS%%%%DOCSDIR%%/CHANGES-0.81
X%%PORTDOCS%%%%DOCSDIR%%/NEWS
X%%PORTDOCS%%%%DOCSDIR%%/TODO
X%%PORTDOCS%%%%DOCSDIR%%/changelog
X%%PORTDOCS%%%%DOCSDIR%%/copyright
X%%PORTDOCS%%%%DOCSDIR%%/rbldnsd.default
X%%PORTDOCS%%%%DOCSDIR%%/rbldnsd.init
X%%PORTDOCS%%%%DOCSDIR%%/rbldnsd.spec
X%%PORTDOCS%%%%DOCSDIR%%/rbldnsd.html
X%%PORTDOCS%%@dirrm %%DOCSDIR%%
X at dirrmtry etc/rbldnsd/
c9ca5022f4b2670ebd497445de7b059e
echo c - rbldnsd/files
mkdir -p rbldnsd/files > /dev/null 2>&1
echo x - rbldnsd/files/example
sed 's/^X//' >rbldnsd/files/example << 'f05079a38585df44b6802185444102e0'
X# Below is a default or implicit value which is used when no value given
X# for an entry.  The `$' characters will be replaced by an IP address in
X# question.
X:127.0.0.2:Open relay, see http://relays.example.com/lookup?$
X#
X# A simplest case: single IP address, with default value.
X127.0.0.2
X#
X# And some example data...
X172.31 Hurray, your installation worked!
X#
X# Netblock - 256 IP addresses with it's own A and TXT records
X10.8.60.0/24 :127.0.0.3:Address $ is from private IP range
X#
X# Another netblock, with default A and explitit TXT values.
X224/4        Reserved multicast address
X#
X# IP numbers may be abbreviated, the above is the same as 192.168.0.0/16
X192.168 Dialup pool, see http://dialups.example.com/lookup?$ for explanations
X#
X# A value may be abbreviated as well - :5: is the same as :127.0.0.5:.
X10.10    :5:This network blocked due to massive spam issues
X#
X# repeat last octet: 10.10.5.0..10.10.129.255 inclusive
X10.10.5-129:5:Those hosts are nasty
X#
X# exclusion entry
X!10.10.1.2
X#
X# The following examples are for name-based zones.
X#
X#example.com   :2:This domain has no working postmaster@ address
X#*.example.com :2:All subdomains of example.com lacks working abuse@ address
X# Simple and wildcarded entry, both will return 127.0.0.2 A record
X#
X# Some specials...
X#
X# Start of authority record (TTL 3000), with serial (0) computed as
X# a timestamp of data file
X$SOA 3000 ns1.example.com admin.example.com 0 600 300 86400 300
X#
X# Two nameservers
X$NS 3000 ns1.example.com ns2.example.com
f05079a38585df44b6802185444102e0
echo x - rbldnsd/files/pkg-message.in
sed 's/^X//' >rbldnsd/files/pkg-message.in << 'b5acb6488cca4b713d3c245a9f1877dc'
X========================================================================
X   NOTICE    NOTICE    NOTICE    NOTICE    NOTICE    NOTICE    NOTICE
X========================================================================
X
XThe rbldnsd port has been installed with an example zone file, located
Xin %%PREFIX%%/etc/rbldnsd/.
X
XAfter starting the daemon with this example data, you should be able to
Xtest the success of your install with the command:
X
X	% host -a 1.1.31.172.bl.example.com. localhost
Xor
X	% dig @localhost 1.1.31.172.bl.example.com. any
Xor
X	% nslookup -query=any 1.1.31.172.bl.example.com. localhost
X
XIf you see a response that mentions 127.0.0.2, the install worked!
X
X========================================================================
b5acb6488cca4b713d3c245a9f1877dc
echo x - rbldnsd/files/rbldnsd.in
sed 's/^X//' >rbldnsd/files/rbldnsd.in << '1db581f68d070a5e5c8b3afd5c932353'
X#!/bin/sh
X#
X# $Id$
X#
X
X# PROVIDE: rbldnsd
X# REQUIRE: DAEMON
X# BEFORE: LOGIN
X# KEYWORD: shutdown
X#
X# Add the following lines to /etc/rc.conf to enable rbldnsd:
X#
X#   rbldnsd_enable="YES"
X#
X# See rbldnsd(8) for flags.
X#
X
X. /etc/rc.subr
X
Xname=rbldnsd
Xrcvar=`set_rcvar`
X
Xcommand=%%PREFIX%%/sbin/rbldnsd
Xpidfile=/var/run/rbldnsd.pid
X
Xload_rc_config $name
Xextra_commands="reload"
X
Xstop_postcmd=stop_postcmd
X
Xstop_postcmd()
X{
X  rm -f $pidfile
X}
X
X# set defaults, enforce pidfile by making it last option before db
X
Xrbldnsd_enable=${rbldnsd_enable:-"NO"}
Xrbldnsd_flags=${rbldnsd_flags:-"-r /usr/local/etc/rbldnsd -b 127.0.0.1 bl.example.com:ip4set:example"}
Xrbldnsd_flags="-p $pidfile ${rbldnsd_flags}"
X
Xrun_rc_command "$1"
X
1db581f68d070a5e5c8b3afd5c932353
echo x - rbldnsd/files/pkg-deinstall.in
sed 's/^X//' >rbldnsd/files/pkg-deinstall.in << 'f3e5ad74d0fb2c72da65912e6b5291f4'
X#!/bin/sh
X
XPATH=/bin:/usr/bin:/usr/sbin
X
X# Note how to delete UID/GID
XUSER=%%RBLDNSUSER%%
XGROUP=%%RBLDNSGROUP%%
X
Xcase "$2" in
X"DEINSTALL")
X        if pw usershow "${USER}" 2>/dev/null 1>&2; then
X            echo "To delete rbldnsd user permanently, use 'pw userdel ${USER}'"
X            echo "To delete rbldnsd group permanently, use 'pw groupdel ${GROUP}'"
X        fi
X        ;;
Xesac
f3e5ad74d0fb2c72da65912e6b5291f4
exit



>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list