added suid-wrapper for mailgate

23 years ago · e2a0bd227c
3 changed files with 51 additions and 6 deletions
--- a/rt/rc.rt
+++ b/rt/rc.rt
@ -32,6 +32,7 @@
 %restart -u root
    opServiceEnabled rt || exit 0
    ${rt_apachectl} stop
+    sleep 2
    ${rt_apachectl} start

 %daily -u root
--- a/rt/rt-mailgate.c
+++ b/rt/rt-mailgate.c
@ -0,0 +1,21 @@
+#include <sys/types.h>
+#include <unistd.h>
+
+#define DIR  "@l_prefix@/libexec/rt"
+#define PROG "@l_prefix@/libexec/rt/tools/rt-mailgate"
+
+int main(int argc, char *argv[])
+{
+    static char *const myenv[] = {
+        "PATH=/bin:/usr/bin",
+        NULL
+    };
+
+    if (chdir(DIR) == -1) {
+        perror("chdir");
+        exit(1);
+    }
+
+    execve(PROG, argv, myenv);
+}
+
--- a/rt/rt.spec
+++ b/rt/rt.spec
@ -51,18 +51,21 @@ Source5:      rtsetup
 Source6:      rtcleanup
 Source7:      rtupgrade
 Source8:      rtapachectl
+Source9:      rt-mailgate.c

 #   build information
 Prefix:       %{l_prefix}
 BuildRoot:    %{l_buildroot}
 BuildPreReq:  OpenPKG, openpkg >= 20020206, perl, perl-openpkg
-BuildPreReq:  perl-sys, perl-util, perl-ds, perl-text
+BuildPreReq:  perl-sys, perl-util, perl-ds, perl-text, perl-apache
 BuildPreReq:  perl-dbi, perl-dbix, perl-mail, perl-www
+BuildPreReq:  apache, apache::with_mod_perl = yes
 PreReq:       OpenPKG, openpkg >= 20020206, perl, perl-openpkg,
-PreReq:       MTA, MYSQL, apache, apache::with_mod_perl = yes, perl-apache
-PreReq:       perl-sys, perl-util, perl-ds, perl-text
+PreReq:       perl-sys, perl-util, perl-ds, perl-text, perl-apache
 PreReq:       perl-dbi, perl-dbix, perl-mail, perl-www
-PreReq:       perl-dbi::with_dbd_mysql = yes
+PreReq:       apache, apache::with_mod_perl = yes
+PreReq:       MYSQL, perl-dbi::with_dbd_mysql = yes
+PreReq:       MTA
 AutoReq:      no
 AutoReqProv:  no

@ -82,6 +85,18 @@ AutoReqProv:  no
 %build
    rm -rf $RPM_BUILD_ROOT

+    #   compile SUID wrapper
+    mkdir suidwrap
+    ( cd suidwrap
+      cp %{SOURCE rt-mailgate.c} .
+      %{l_shtool} subst \
+        -e 's;@l_prefix@;%{l_prefix};g' \
+        -e 's;@l_rusr@;%{l_rusr};g' \
+        -e 's;@l_rgrp@;%{l_rgrp};g' \
+        rt-mailgate.c
+      %{l_cc} -o rt-mailgate rt-mailgate.c
+    )
+
    #   perform common prolog operations
    rt=%{l_prefix}/libexec/rt
    %{l_prefix}/bin/perl-openpkg prolog
@ -250,13 +265,21 @@ AutoReqProv:  no
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/var/rt/log

-    # better places ?
+    # better places
    mv $RPM_BUILD_ROOT%{l_prefix}/etc/rt/insertdata \
       $RPM_BUILD_ROOT%{l_prefix}/libexec/rt/tools/
+    mv $RPM_BUILD_ROOT%{l_prefix}/bin/rt-mailgate \
+       $RPM_BUILD_ROOT%{l_prefix}/libexec/rt/tools/
+    %{l_shtool} install -c -s -m 755 \
+        suidwrap/rt-mailgate \
+        $RPM_BUILD_ROOT%{l_prefix}/bin/

    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%{l_prefix}/libexec/rt' \
+        '%attr(755,%{l_musr},%{l_mgrp}) %{l_prefix}/libexec/rt/tools/rt-mailgate' \
+        '%attr(755,%{l_musr},%{l_mgrp}) %{l_prefix}/libexec/rt/tools/insertdata' \
+        '%attr(6755,%{l_rusr},%{l_rgrp}) %{l_prefix}/bin/rt-mailgate' \
        '%attr(640,%{l_musr},%{l_rgrp}) %{l_prefix}/etc/rt/config.pm' \
        '%attr(750,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/rt/mason-data' \
        '%attr(750,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/rt/mason-session' \
@ -286,6 +309,6 @@ AutoReqProv:  no
    if [ $1 -eq 0 ]; then
        $RPM_INSTALL_PREFIX/etc/rc rt stop
        rm -f $RPM_INSTALL_PREFIX/var/rt/mason-session/*
-        rm -f $RPM_INSTALL_PREFIX/var/rt/mason-data/*
+        rm -f -r $RPM_INSTALL_PREFIX/var/rt/mason-data/*
        rm -f $RPM_INSTALL_PREFIX/var/rt/log/*
    fi