rpms/sendmail
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- new version 8.14.3

Browse Source
This commit is contained in:
Thomas Woerner 2008-07-22 13:02:10 +00:00
parent 2efad7aefa
commit 3499507a41
4 changed files with 47 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -9,3 +9,4 @@ sendmail.8.13.8.tar.gz
sendmail.8.14.0.tar.gz sendmail.8.14.0.tar.gz
sendmail.8.14.1.tar.gz sendmail.8.14.1.tar.gz
sendmail.8.14.2.tar.gz sendmail.8.14.2.tar.gz
sendmail.8.14.3.tar.gz

75
sendmail-8.13.2-smrsh-paths.patch → sendmail-8.14.3-smrsh_paths.patch
View File

@ -1,6 +1,7 @@
--- sendmail-8.13.2/smrsh/README.smrsh_paths 2003-05-26 06:30:58.000000000 +0200 diff -up sendmail-8.14.3/smrsh/README.smrsh_paths sendmail-8.14.3/smrsh/README
+++ sendmail-8.13.2/smrsh/README 2004-12-17 15:41:48.673691404 +0100 --- sendmail-8.14.3/smrsh/README.smrsh_paths 2008-02-12 17:40:06.000000000 +0100
@@ -6,7 +6,7 @@ +++ sendmail-8.14.3/smrsh/README 2008-07-15 14:40:36.000000000 +0200
@@ -6,7 +6,7 @@ Software Engineering Institute, Carnegie
intended as a supplement to the CERT advisory CA-93:16.sendmail.vulnerability, intended as a supplement to the CERT advisory CA-93:16.sendmail.vulnerability,
and to the software, smrsh.c, written by Eric Allman. and to the software, smrsh.c, written by Eric Allman.
@ -9,14 +10,14 @@
The smrsh(8) program is intended as a replacement for /bin/sh in the The smrsh(8) program is intended as a replacement for /bin/sh in the
program mailer definition of sendmail(8). This README file describes program mailer definition of sendmail(8). This README file describes
@@ -56,15 +56,15 @@ @@ -56,15 +56,15 @@ These can be added to the devtools/Site/
global M4 macro confENVDEF or the smrsh specific M4 macro global M4 macro confENVDEF or the smrsh specific M4 macro
conf_smrsh_ENVDEF. conf_smrsh_ENVDEF.
-As root, install smrsh in /usr/libexec. Using the Build script: -As root, install smrsh in /usr/libexec. Using the Build script:
+As root, install smrsh in /usr/sbin. Using the Build script: +As root, install smrsh in /usr/sbin. Using the Build script:
host.domain# sh Build install host.domain# sh ./Build install
-For manual installation: install smrsh in the /usr/libexec -For manual installation: install smrsh in the /usr/libexec
+For manual installation: install smrsh in the /usr/sbin +For manual installation: install smrsh in the /usr/sbin
@ -29,7 +30,7 @@
@@ -86,7 +86,7 @@ @@ -86,7 +86,7 @@ perl(1), uudecode(1) or the stream edito
acceptable commands. acceptable commands.
If your platform doesn't have a default SMRSH_CMDDIR setting, you will If your platform doesn't have a default SMRSH_CMDDIR setting, you will
@ -38,7 +39,7 @@
it with the programs that your site feels are allowable for sendmail it with the programs that your site feels are allowable for sendmail
to execute. This directory is explicitly specified in the source to execute. This directory is explicitly specified in the source
code for smrsh, so changing this directory must be accompanied with code for smrsh, so changing this directory must be accompanied with
@@ -95,22 +95,22 @@ @@ -95,22 +95,22 @@ a change in smrsh.c.
You will have to be root to make these modifications. You will have to be root to make these modifications.
@ -66,7 +67,7 @@
sendmail to use the restricted shell. Save the current sendmail.cf sendmail to use the restricted shell. Save the current sendmail.cf
file prior to modifying it, as a prudent precaution. file prior to modifying it, as a prudent precaution.
@@ -125,7 +125,7 @@ @@ -125,7 +125,7 @@ help to locate it.
In order to configure sendmail to use smrsh, you must modify the Mprog In order to configure sendmail to use smrsh, you must modify the Mprog
definition in the sendmail.cf file, by replacing the /bin/sh specification definition in the sendmail.cf file, by replacing the /bin/sh specification
@ -75,7 +76,7 @@
As an example: As an example:
@@ -133,14 +133,14 @@ @@ -133,14 +133,14 @@ In most Sun Microsystems' sendmail.cf fi
Mprog, P=/bin/sh, F=lsDFMeuP, S=10, R=20, A=sh -c $u Mprog, P=/bin/sh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
which should be changed to: which should be changed to:
@ -93,7 +94,7 @@
After modifying the Mprog definition in the sendmail.cf file, if a frozen After modifying the Mprog definition in the sendmail.cf file, if a frozen
@@ -151,7 +151,7 @@ @@ -151,7 +151,7 @@ or /etc/mail directories. The specific
a search of the strings(1) output of the sendmail binary. a search of the strings(1) output of the sendmail binary.
In order to create a new frozen configuration, if it is required: In order to create a new frozen configuration, if it is required:
@ -102,29 +103,10 @@
Now re-start the sendmail process. An example of how to do this on Now re-start the sendmail process. An example of how to do this on
a typical system follows: a typical system follows:
--- sendmail-8.13.2/smrsh/smrsh.c.smrsh_paths 2004-08-06 20:54:22.000000000 +0200 diff -up sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths sendmail-8.14.3/smrsh/smrsh.8
+++ sendmail-8.13.2/smrsh/smrsh.c 2004-12-17 15:41:48.675691131 +0100 --- sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths 2004-08-06 05:55:35.000000000 +0200
@@ -77,7 +77,7 @@ +++ sendmail-8.14.3/smrsh/smrsh.8 2008-07-15 14:38:07.000000000 +0200
# ifdef SMRSH_CMDDIR @@ -39,7 +39,7 @@ Briefly,
# define CMDDIR SMRSH_CMDDIR
# else /* SMRSH_CMDDIR */
-# define CMDDIR "/usr/adm/sm.bin"
+# define CMDDIR "/etc/smrsh"
# endif /* SMRSH_CMDDIR */
#endif /* ! CMDDIR */
@@ -89,7 +89,7 @@
# ifdef SMRSH_PATH
# define PATH SMRSH_PATH
# else /* SMRSH_PATH */
-# define PATH "/bin:/usr/bin:/usr/ucb"
+# define PATH "/bin:/usr/bin"
# endif /* SMRSH_PATH */
#endif /* ! PATH */
--- sendmail-8.13.2/smrsh/smrsh.8.smrsh_paths 2004-08-06 05:55:35.000000000 +0200
+++ sendmail-8.13.2/smrsh/smrsh.8 2004-12-17 15:42:56.785371918 +0100
@@ -39,7 +39,7 @@
.I smrsh .I smrsh
limits programs to be in a single directory, limits programs to be in a single directory,
by default by default
@ -133,7 +115,7 @@
allowing the system administrator to choose the set of acceptable commands, allowing the system administrator to choose the set of acceptable commands,
and to the shell builtin commands ``exec'', ``exit'', and ``echo''. and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
It also rejects any commands with the characters It also rejects any commands with the characters
@@ -56,10 +56,10 @@ @@ -56,10 +56,10 @@ so forwarding to ``/usr/ucb/vacation'',
and and
``vacation'' ``vacation''
all actually forward to all actually forward to
@ -146,7 +128,7 @@
For example, a reasonable additions is For example, a reasonable additions is
.IR vacation (1), .IR vacation (1),
and the like. and the like.
@@ -68,7 +68,7 @@ @@ -68,7 +68,7 @@ never include any shell or shell-like pr
(such as (such as
.IR perl (1)) .IR perl (1))
in the in the
@ -155,7 +137,7 @@
directory. directory.
Note that this does not restrict the use of shell or perl scripts Note that this does not restrict the use of shell or perl scripts
in the sm.bin directory (using the ``#!'' syntax); in the sm.bin directory (using the ``#!'' syntax);
@@ -79,20 +79,7 @@ @@ -79,20 +79,7 @@ is a very bad idea.
.IR procmail (1) .IR procmail (1)
allows users to run arbitrary programs in their allows users to run arbitrary programs in their
.IR procmailrc (5). .IR procmailrc (5).
@ -177,3 +159,24 @@
+/etc/smrsh \- directory for restricted programs +/etc/smrsh \- directory for restricted programs
.SH SEE ALSO .SH SEE ALSO
sendmail(8) sendmail(8)
diff -up sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths sendmail-8.14.3/smrsh/smrsh.c
--- sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths 2004-08-06 20:54:22.000000000 +0200
+++ sendmail-8.14.3/smrsh/smrsh.c 2008-07-15 14:38:07.000000000 +0200
@@ -77,7 +77,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
# ifdef SMRSH_CMDDIR
# define CMDDIR SMRSH_CMDDIR
# else /* SMRSH_CMDDIR */
-# define CMDDIR "/usr/adm/sm.bin"
+# define CMDDIR "/etc/smrsh"
# endif /* SMRSH_CMDDIR */
#endif /* ! CMDDIR */
@@ -89,7 +89,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
# ifdef SMRSH_PATH
# define PATH SMRSH_PATH
# else /* SMRSH_PATH */
-# define PATH "/bin:/usr/bin:/usr/ucb"
+# define PATH "/bin:/usr/bin"
# endif /* SMRSH_PATH */
#endif /* ! PATH */

9
sendmail.spec
View File

@ -14,8 +14,8 @@
Summary: A widely used Mail Transport Agent (MTA) Summary: A widely used Mail Transport Agent (MTA)
Name: sendmail Name: sendmail
Version: 8.14.2 Version: 8.14.3
Release: 5%{?dist} Release: 1%{?dist}
License: Sendmail License: Sendmail
Group: System Environment/Daemons Group: System Environment/Daemons
URL: http://www.sendmail.org/ URL: http://www.sendmail.org/
@ -36,7 +36,7 @@ Source15: sendmail-etc-mail-mailertable
Source16: sendmail-etc-mail-trusted-users Source16: sendmail-etc-mail-trusted-users
Source17: sendmail-etc-mail-virtusertable Source17: sendmail-etc-mail-virtusertable
Patch3: sendmail-8.14.0-makemapman.patch Patch3: sendmail-8.14.0-makemapman.patch
Patch4: sendmail-8.13.2-smrsh-paths.patch Patch4: sendmail-8.14.3-smrsh_paths.patch
Patch5: sendmail-8.12.2-movefiles.patch Patch5: sendmail-8.12.2-movefiles.patch
Patch7: sendmail-8.13.7-pid.patch Patch7: sendmail-8.13.7-pid.patch
Patch9: sendmail-8.12.7-hesiod.patch Patch9: sendmail-8.12.7-hesiod.patch
@ -539,6 +539,9 @@ exit 0
%changelog %changelog
* Tue Jul 22 2008 Thomas Woerner <twoerner@redhat.com> 8.14.3-1
- new version 8.14.3
* Thu Jul 10 2008 Tom "spot" Callaway <tcallawa@redhat.com> 8.14.2-5 * Thu Jul 10 2008 Tom "spot" Callaway <tcallawa@redhat.com> 8.14.2-5
- rebuild against db4-4.7 - rebuild against db4-4.7

2
sources
View File

@ -1 +1 @@
1c1472365344ca8061d6453c43c9a831 sendmail.8.14.2.tar.gz a5ee5d26e1f546a2da5fb9a513bd6bce sendmail.8.14.3.tar.gz