From owner-freebsd-ports  Sat Sep 22 22:20:11 2001
Delivered-To: freebsd-ports@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 173C937B419
	for <freebsd-ports@hub.freebsd.org>; Sat, 22 Sep 2001 22:20:01 -0700 (PDT)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f8N5K1w31589;
	Sat, 22 Sep 2001 22:20:01 -0700 (PDT)
	(envelope-from gnats)
Received: from utopia.leeym.com (utopia.leeym.com [211.72.162.194])
	by hub.freebsd.org (Postfix) with ESMTP id D600737B42A
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 22 Sep 2001 22:12:40 -0700 (PDT)
Received: by utopia.leeym.com (Postfix, from userid 1000)
	id 516F91059F0; Sun, 23 Sep 2001 13:05:52 +0800 (CST)
Message-Id: <20010923050552.516F91059F0@utopia.leeym.com>
Date: Sun, 23 Sep 2001 13:05:52 +0800 (CST)
From: Yen-Ming Lee <leeym@utopia.leeym.com>
Reply-To: Yen-Ming Lee <leeym@utopia.leeym.com>
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.113
Subject: ports/30751: postfix (and postfix-current) install script
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org


>Number:         30751
>Category:       ports
>Synopsis:       postfix (and postfix-current) install script
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Sep 22 22:20:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Yen-Ming Lee
>Release:        FreeBSD 4.4-STABLE i386
>Organization:
>Environment:
System: FreeBSD utopia.leeym.com 4.4-STABLE FreeBSD 4.4-STABLE #1: Fri Sep 21 05:18:34 CST 2001 root@utopia.leeym.com:/usr/obj/usr/src/sys/UTOPIA i386


>Description:

After install postfix (or postfix-current), postfix-script will check if all
directrories exists or create them, at this time postfix-script will source
install.cf which generated by INSTALL.sh.

But during installing procedure, we didn't run INSTALL.sh, so that install.cf
doesn't exist. then postfix-script will create spool directories with default
owner and group, postfix:wheel, which should be postfix:maildrop if everything
goes well.

Since installing procedure install postfix-script-sgid as postfix-script, 
we should run INSTALL.sh first, or just put a default install.cf into
/usr/local/etc/postfix, so that postfix-script can source install.cf and
chgrp /var/spool/postfix/maildrop correctly.

With wrong group of /var/spool/postfix/maildrop, postfix/postdrop will
always complain like this:
Sep 23 08:58:29 utopia postfix/postdrop[83962]: warning: mail_queue_enter: create file maildrop/44847.83962: Permission denied
Sep 23 08:58:39 utopia postfix/postdrop[83962]: warning: mail_queue_enter: create file maildrop/44847.83962: Permission denied
Sep 23 09:00:09 utopia postfix/postdrop[83962]: warning: mail_queue_enter: create file maildrop/44847.83962: Permission denied
Sep 23 09:14:40 utopia postfix/postdrop[83962]: warning: mail_queue_enter: create file maildrop/44847.83962: Permission denied
Sep 23 09:15:20 utopia postfix/postdrop[83960]: warning: mail_queue_enter: create file maildrop/979716.83960: Permission denied

BTW, INSTALL.sh will update symbolic link and manpage as well.

>How-To-Repeat:

# cd /usr/ports/mail/postfix-current; make all
[skipped]
# make install
===>  Installing for postfix-20010808_3
postfix:*:1002:
You already have a group "postfix", so I will use it.
maildrop:*:1003:
You already have a group "maildrop", so I will use it.
postfix:*:10001:1002::0:0:Postfix Mail System:/nonexistent:/nonexistent
You already have a user "postfix", so I will use it.
Installed HTML documentation in /usr/local/share/doc/postfix
Installed text documentation in /usr/local/share/doc/postfix
--------------------------------------------------
- To replace your existing sendmail with postfix -
- type "make replace"                            -
--------------------------------------------------
===>   Generating temporary packing list
postfix/postfix-script: warning: creating missing Postfix maildrop directory
.: Can't open /usr/local/etc/postfix/install.cf: No such file or directory
postfix/postfix-script: warning: creating missing Postfix pid directory
postfix/postfix-script: warning: creating missing Postfix incoming directory
postfix/postfix-script: warning: creating missing Postfix active directory
postfix/postfix-script: warning: creating missing Postfix bounce directory
postfix/postfix-script: warning: creating missing Postfix defer directory
postfix/postfix-script: warning: creating missing Postfix deferred directory
postfix/postfix-script: warning: creating missing Postfix flush directory
postfix/postfix-script: warning: creating missing Postfix saved directory
postfix/postfix-script: warning: creating missing Postfix corrupt directory
postfix/postfix-script: warning: creating missing Postfix public directory
postfix/postfix-script: warning: creating missing Postfix private directory
===>   Compressing manual pages for postfix-20010808_3
===>   Registering installation for postfix-20010808_3
===>  SECURITY NOTE:
      This port has installed the following binaries which execute with
      increased privileges.
3356979  130 -r-xr-sr-x    1 root             maildrop            66296   9/23 13:02 /usr/local/sbin/postdrop

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.postfix.org/

# ls -la /var/spool/postfix
total 14
drwxr-xr-x  14 root     wheel  512   9/23 13:02 .
drwxr-xr-x  13 root     wheel  512   9/23 13:02 ..
drwx------   2 postfix  wheel  512   9/23 13:02 active
drwx------   2 postfix  wheel  512   9/23 13:02 bounce
drwx------   2 postfix  wheel  512   9/23 13:02 corrupt
drwx------   2 postfix  wheel  512   9/23 13:02 defer
drwx------   2 postfix  wheel  512   9/23 13:02 deferred
drwx------   2 postfix  wheel  512   9/23 13:02 flush
drwx------   2 postfix  wheel  512   9/23 13:02 incoming
drwx-wx--T   2 postfix  wheel  512   9/23 13:02 maildrop
drwxr-xr-x   2 postfix  wheel  512   9/23 13:02 pid
drwx------   2 postfix  wheel  512   9/23 13:02 private
drwxr-xr-x   2 postfix  wheel  512   9/23 13:02 public
drwx------   2 postfix  wheel  512   9/23 13:02 saved

>Fix:

I suggest to run INSTALL.sh or put a default install.cf in post-install section
or ${PKGINSTALL} script
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message