diff options
author | Robby Workman <rworkman@slackbuilds.org> | 2013-12-10 22:25:15 -0600 |
---|---|---|
committer | Robby Workman <rworkman@slackbuilds.org> | 2013-12-10 22:25:15 -0600 |
commit | 40ec3c51deeab6d1c78c7acff6fad6d32b80b161 (patch) | |
tree | 185a8675f5cbfd598d78fbbe19a0a061a06a273a | |
parent | a7078a3c6dfcf405dcdf97df595a0fa2b8c33fd9 (diff) | |
download | slackbuilds-40ec3c51deeab6d1c78c7acff6fad6d32b80b161.tar.gz slackbuilds-40ec3c51deeab6d1c78c7acff6fad6d32b80b161.tar.xz |
network/opensmtpd: Simply user/group usage
Upstream determined that only two privsep users
were actually needed and changed it in future
releases, but for the sake of our uid/gid tables,
we'll go ahead and simplify it now.
Signed-off-by: Robby Workman <rworkman@slackbuilds.org>
-rw-r--r-- | network/opensmtpd/README | 10 | ||||
-rw-r--r-- | network/opensmtpd/opensmtpd.SlackBuild | 23 |
2 files changed, 15 insertions, 18 deletions
diff --git a/network/opensmtpd/README b/network/opensmtpd/README index da5475c9b1..e68a1a22f4 100644 --- a/network/opensmtpd/README +++ b/network/opensmtpd/README @@ -3,12 +3,12 @@ as defined by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol. -You must have smtpd, smtpf, smtpl, and smtpq users on the system +You must have smtpd and smtpq users groups on the system for privilege separation - something like this should suffice: -useradd -u 270 -g 0 -r -s /bin/false -d /var/empty smtpd -useradd -u 271 -g 0 -r -s /bin/false -d /var/empty smtpf -useradd -u 272 -g 0 -r -s /bin/false -d /var/empty smtpl -useradd -u 273 -g 0 -r -s /bin/false -d /var/empty smtpq +groupadd -g 270 smtpd +groupadd -g 271 smtpq +useradd -u 270 -g 270 -r -s /bin/false -d /var/empty smtpd +useradd -u 271 -g 271 -r -s /bin/false -d /var/empty smtpq You will want to add /etc/rc.d/rc.opensmtpd to rc.local so that it will start on boot (or perhaps consider symlinking rc.sendmail to diff --git a/network/opensmtpd/opensmtpd.SlackBuild b/network/opensmtpd/opensmtpd.SlackBuild index aed90a96bc..1682a594a6 100644 --- a/network/opensmtpd/opensmtpd.SlackBuild +++ b/network/opensmtpd/opensmtpd.SlackBuild @@ -55,20 +55,20 @@ else fi bailout() { - printf "\nYou must have smtpd, smtpf, smtpl, and smtpq users on the system \n" + printf "\nYou must have smtpd and smtpq users and groups on the system \n" printf "for privilege separation - something like this should suffice: \n" - printf "\tuseradd -u 270 -g 0 -r -s /bin/false -d /var/empty smtpd \n" - printf "\tuseradd -u 271 -g 0 -r -s /bin/false -d /var/empty smtpf \n" - printf "\tuseradd -u 272 -g 0 -r -s /bin/false -d /var/empty smtpl \n" - printf "\tuseradd -u 273 -g 0 -r -s /bin/false -d /var/empty smtpq \n\n" + printf "\tgroupadd -g 270 smtpd \n" + printf "\tuseradd -u 270 -g 270 -r -s /bin/false -d /var/empty smtpd \n" + printf "\tgroupadd -g 271 smtpq \n" + printf "\tuseradd -u 271 -g 270 -r -s /bin/false -d /var/empty smtpq \n\n" exit 1 } -if ! getent passwd smtpd 1>/dev/null 2>/dev/null ; then +if ! getent group smtpd 1>/dev/null 2>/dev/null ; then bailout -elif ! getent passwd smtpf 1>/dev/null 2>/dev/null ; then +elif ! getent passwd smtpd 1>/dev/null 2>/dev/null ; then bailout -elif ! getent passwd smtpl 1>/dev/null 2>/dev/null ; then +elif ! getent group smtpq 1>/dev/null 2>/dev/null ; then bailout elif ! getent passwd smtpq 1>/dev/null 2>/dev/null ; then bailout @@ -104,14 +104,11 @@ CXXFLAGS="$SLKCFLAGS" \ --docdir=/usr/doc/$PRGNAM-$VERSION \ --with-maildir=/var/spool/mail \ --with-privsep-user=smtpd \ - --with-filter-user=smtpf \ + --with-filter-user=smtpd \ + --with-lookup-user=smtpd \ --with-queue-user=smtpq \ - --with-lookup-user=smtpl \ --build=$ARCH-slackware-linux -# the "smtpl" user won't actually be used until 5.4, but it's harmless -# to go ahead and have it present - I'm less likely to forget later :) - make make install DESTDIR=$PKG |