From b162d5cacde85999353afa87a4210c5b5d42ceab Mon Sep 17 00:00:00 2001 From: rhatto Date: Fri, 6 Oct 2006 22:12:14 +0000 Subject: added permission checking on configuration (both local and global) and keyring files --- GUIDELINES | 1 + README | 53 ++++++++++++++++++++++++-- firma | 127 +++++++++++++++++++++++++++++++++++++++++++++++++++++-------- 3 files changed, 162 insertions(+), 19 deletions(-) diff --git a/GUIDELINES b/GUIDELINES index 801364f..a41e21f 100755 --- a/GUIDELINES +++ b/GUIDELINES @@ -131,6 +131,7 @@ In the future this procedure will be automatic. mkdir touch chmod + chown basename expect fold diff --git a/README b/README index e626415..69f9b5b 100755 --- a/README +++ b/README @@ -153,11 +153,40 @@ Setup user your MTA runs. If you run postfix, the user is specified by the main.cf parameter "default_privs". - We suggest you to use + we suggest you to use MAIL_AGENT=/usr/sbin/sendmail MAIL_AGENT_ARGS=-t + as optional parameters, you can also set + + USER= user that runs firma (usually the same as your MTA user); + defaults to "nobody"; you can also specify this parameter + in each mailing list config file if you plan to have one + user per mailing list + + GROUP= group that runs firma (usually the same as your MTA group); + defaults to "nogroup"; you can also specify this parameter + in each mailing list config file if you plan to have one + group per mailing list + + LOG_TO_SYSLOG= set to "1" to log errors and warnings to syslog, else firma + will print errors to STDERR + + LOGGER_BINARY= if logging to syslog, set the path to logger's binary + + SYSLOG_PRIORITY= if logging to syslog, set a priority for the error messages + (defaults to "user.err") + + USE_GPG_HIDDEN_RECIPIENT_OPTION= set to '1' to use GnuPG's --hidden-recipient + option, available from version 1.4.0 onwards + (try 'man gpg' for more information) + + REMOVE_THESE_HEADERS_ON_ALL_LISTS= headers that should be stripped from list + messages on all lists running under firma + (space separated case-insensitive entries) + (may include regexps (e.g., X-.*) + 4 - then create your lists with the command firma -c your-list @@ -174,6 +203,22 @@ Setup the owner of the config file and keyring should be nobody.nobody (or the user your MTA run as) and its permissions must be 600. + after it you can add some optional parameters on this list config file: + + SUBJECT_PREFIX= prefix to be included in the subject of list messages + + REMOVE_THESE_HEADERS= headers that should be stripped from list messages + (space separated case-insensitive entries) + (may include regexps (e.g., X-.*) + + REPLIES_SHOULD_GO_TO_LIST= set to '1' to add a Reply-To header containing the + list address + + SILENTLY_DISCARD_INVALID_MESSAGES= set to '1' to silently discard invalid + messages (message not signed/encrypted, + sender not subscribed to the list, etc.) + instead of sending bounces back to sender + 5 - create an alias to the list at your MTA; on sendmail or postfix, add this to your aliases file: @@ -186,8 +231,8 @@ Setup alternatively, you can use a virtual ... - 6 - admin tasks are performed through your-list-request@yourmachine or - via command-line: + 6 - admin tasks are performed through your-list-request@yourmachine (currently + not implemente) or via command-line: firma -a your-list @@ -199,7 +244,7 @@ Setup subscribe key-id pubkey from file or keyserver (currently not implemented) - unsure email-address + unsub email-address unsubscribe all keys with email-address IDs (currently not implemented) diff --git a/firma b/firma index bfa05f9..c14f3f6 100755 --- a/firma +++ b/firma @@ -33,6 +33,14 @@ # # And it may contain the following optional parameters: # +# USER= user that runs firma (usually the same as your MTA user); +# defaults to "nobody"; you can also specify this parameter +# in each mailing list config file if you plan to have one +# user per mailing list +# GROUP= group that runs firma (usually the same as your MTA group); +# defaults to "nogroup"; you can also specify this parameter +# in each mailing list config file if you plan to have one +# group per mailing list # LOG_TO_SYSLOG= set to "1" to log errors and warnings to syslog, else firma # will print errors to STDERR # LOGGER_BINARY= if logging to syslog, set the path to logger's binary @@ -175,6 +183,14 @@ WARNING: Setting LOG_TO_SYSLOG to '0'." fi fi + if [ -z "$USER" ]; then + USER="nobody" + fi + + if [ -z "$GROUP" ]; then + GROUP="nobody" + fi + return $return_code } @@ -838,28 +854,28 @@ function NewList { echo "Creating folder $LIST_PATH..." if mkdir "$LIST_PATH"; then # || (echo "$(basename $0): error creating $LIST_PATH: installation aborted"; exit 1) - echo "creating list config file and will ask some questions." + echo "Creating list config file and will ask some questions." read -rep " List keyring location: ("$LIST_PATH") " LIST_HOMEDIR LIST_HOMEDIR=${LIST_HOMEDIR:-"$LIST_PATH"} - # NAO USAR UTF-8 (VER DETAILS) + # Dont use UTF-8 (look at DETAILS) read -rep " List email address: " LIST_ADDRESS read -rep " List administrator(s) email address(es) (space delimited): " LIST_ADMIN read -rep " List description (optional): " DESCRIPTION read -resp " Passphrase to protect the list's secret key: " PASSPHRASE - # todo: key specs (size, expiry date...) + # TODO: key specs (size, expiry date...) - echo "creating your config..." + echo "Creating your config..." touch $LIST_CONFIG_FILE - chown root.root $LIST_CONFIG_FILE chmod 600 $LIST_CONFIG_FILE + chown $USER.$GROUP $LIST_CONFIG_FILE if [ -f "$LIST_CONFIG_FILE" ]; then DeclareGpgVars # removed: MAIL_AGENT=$MAIL_AGENT\nGPG_BINARY=$GPG_BINARY\n - echo -e "LIST_HOMEDIR=$LIST_HOMEDIR\nLIST_ADDRESS=$LIST_ADDRESS\nLIST_ADMIN=$LIST_ADMIN\nPASSPHRASE=$PASSPHRASE" > $LIST_CONFIG_FILE - echo "now generating your keyring..." + echo -e "LIST_HOMEDIR=\'$LIST_HOMEDIR\'\nLIST_ADDRESS=\'$LIST_ADDRESS\'\nLIST_ADMIN=\'$LIST_ADMIN\'\nPASSPHRASE=\'$PASSPHRASE\'" > $LIST_CONFIG_FILE + echo "Now generating your keyring..." $GPG --gen-key <&2 "$(basename $0): $ERROR_MESSAGE" fi -- cgit v1.2.3