summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorJohn Denker <jsd@av8n.com>2012-07-22 14:43:07 -0700
committerJohn Denker <jsd@av8n.com>2012-07-29 15:32:35 -0700
commitabb71cf6b1145588827d04de4da3bb48ecb06965 (patch)
tree1f409a70481aaf980cc917d4a45551e1725beb7d /tools
parent8ce08aca2410c795dfc46f37dc27402ff6de5dd1 (diff)
set program gid (not just egid) the way mailman likes it
Diffstat (limited to 'tools')
-rw-r--r--tools/makefile22
-rw-r--r--tools/wripper.c53
2 files changed, 69 insertions, 6 deletions
diff --git a/tools/makefile b/tools/makefile
index 9059a2f..43418ce 100644
--- a/tools/makefile
+++ b/tools/makefile
@@ -10,18 +10,24 @@ CC= /usr/bin/g++ -Wall -g -I $(HOME)/lib/include
.SECONDARY : # do not remove any intermediate files
-progs = pido hi-q skrewt hi-test mail-scan greylist
+qprogs = pido hi-q skrewt hi-test mail-scan greylist wripper
-all: $(progs)
+all: $(qprogs) wripper
-greylist: greylist.c
+greylist: greylist.o
$(CC) $< -lboost_filesystem-mt -o $@
+wripper: wripper.o
+ $(CC) $< -o $@
+ chgrp daemon $@
+ chmod g+s $@
+
mail-scan: mail-scan.o
$(CC) $< -lboost_regex -o $@
install:
- install $(progs) /var/qmail/bin/
+ install $(qprogs) /var/qmail/bin/
+ install -gdaemon -m2755 wripper /usr/lib/mailman/mail/
cp filters.conf aufilters.conf /var/qmail/control/
install -m700 -d /var/qmail/rbin
chown qmaild /var/qmail/rbin
@@ -43,14 +49,18 @@ install:
logmark:
logger -t jsd -p mail.info =========================
-todo:
+# Command to let everybody out of the penalty box:
+parole:
+ greylist -scan |grep penalty | while read addr rest ; do TCPREMOTEIP=$addr greylist -p 1 -v ; done
+
+todo:
echo \
pass message-ID to greylist program \
... also provide a way for certain recipients to bypass some checks \
... both will require major restructuring, "cat" process \
... IPv6 reverse-DNS recors \
... "clean up bad DNS reports nnnn --> () ==> ()" \
- .....
+ .....
ALWAYS:
@echo ...
diff --git a/tools/wripper.c b/tools/wripper.c
new file mode 100644
index 0000000..2a19c8b
--- /dev/null
+++ b/tools/wripper.c
@@ -0,0 +1,53 @@
+//////////////
+
+using namespace std;
+#include <iostream>
+#include <string>
+#include <unistd.h>
+#include <sys/types.h>
+#include <stdio.h> /* for perror() */
+
+string dirname(const string path){
+ size_t where = path.rfind("/");
+ if (where == string::npos) return ".";
+ return path.substr(0, where);
+}
+
+int main(int argc, char** argv){
+ int uid=getuid();
+ int euid=geteuid();
+ int gid=getgid();
+ int egid=getegid();
+ int sts;
+ int verbosity(0);
+
+ if (verbosity) cout << "uid: " << uid
+ << " euid: " << euid
+ << " gid: " << gid
+ << " egid: " << egid
+ << endl;
+
+ sts = setreuid(euid, euid);
+ if (sts){
+ cerr << "wripper: setreuid failed: ";
+ perror(0);
+ }
+
+ sts = setregid(egid, egid);
+ if (sts){
+ cerr << "wripper: setregid failed: ";
+ perror(0);
+ }
+
+ if (verbosity) cout << "uid: " << getuid()
+ << " euid: " << geteuid()
+ << " gid: " << getgid()
+ << " egid: " << getegid()
+ << endl;
+
+ string path = dirname(*argv) + "/mailman";
+ *argv = (char*) path.c_str();
+ execv(*argv, argv);
+ cerr << "wripper: exec failed for '" << *argv << "' : ";
+ perror(0);
+}