[Exim] Suggestion about EXIM_USER at built time

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Matthias Bernhardt
Dátum:  
Címzett: exim-users
CC: Andreas Metzler
Régi témák: Re: [Exim] Encoding the name of EXIM_USER instead of its user-id in the exim-binary.
Tárgy: [Exim] Suggestion about EXIM_USER at built time
Hello folks, hello Philip,

while researching the problem that the build process throws

*** User "exim" (specified in one of the Makefiles) does not exist.
    Please review your build-time configuration.


if the user specified in EXIM_USER in Local/Makefile, I found
that many people, mainly package builders, already have
complained about this behaviour, while many others can't
understand why this is a pain for package builders.


On Tue, 4 Nov 2003, Philip Hazel wrote:

> Subject: Re: [Exim] Encoding the name of EXIM_USER instead of
>          its user-id in the exim-binary.

>
> [ On Tue, 4 Nov 2003, Andreas Metzler wrote: ]
>
> > I am asking because I need to encode the name instead of uid for
> > binary redistribution, on installation a exim-user would be allocated
> > with a non-static id.
> >
> > Compilation would need to work on systems without an exim-user
> > present, too.
>
> I don't think that is currently possible. Personally, I like source
> distributions, but I do understand why some people have to go for
> distributing binaries. However, when I set this all up, I never imagined
> anything other than source distribution of Exim.



On Thu, 4 Sep 2003, Philip Hazel wrote:

> Subject: Re: [Exim] exim RPM build trouble
>
> On Thu, 4 Sep 2003, Neal D. Becker wrote:
>
> > It is a pain to have to create the exim user in order to do the build.
>
> You shouldn't need to have to create the user if you specify it
> numerically. (For a long time, you had to specify it numerically at
> build time, but people wanted support for names.)


This is fine if you know the target mailserver host and you are
able to figure out or foresee the userid that the desired user
will have on that system. But it wouldn't work, if you intend to
make a binary package that can be used on many hosts. The latter
makes sense for me since many people generally don't have
compilers on machines that shall be mailservers (for reasons of
security and or performance, both seem reasonable).


Here is a suggestion for future Exim behaviour that would, in my
opinion, rush out most of the problems mentioned in recent
threads about EXIM_USER problems at built time. It is basically
my observation of the behaviour of Obtuse Smtpd, very slightly
enhanced.

----8<----
In the Makefile, it is possible to specify either user,
user/group, uid or uid/gid. These values are being compiled into
the binary as default values, as given. Should the build system
lack user/group/uid/gid, this is worth not more than a warning.

When calling the program these values can be overridden by
commandline arguments (e.g. -u,-g) or configuration options.
They can once agin specify user, user/group, uid or uid/gid.

Depending whether user value is numeric or not, the missing part
can now be reconstructed by getpwuid() and getpwnam(). Depending
on whether the group value is numeric or not or empty, the
missing part(s) can be reconstructed with getgrgid(), getgrnam()
and getpwuid().

Obviously, this will fail at _runtime_, if the given user/uid or
group/gid do not exist, but an appropriate errormessage could
easily request to pass an existing user/group pair via the
commandline parameter or configuration options.
---->8----

Since Obtuse Smtpd is free Open Source Software (although not
GPL), it should be possible to arrange with Obtuse Systems Corp.
that no legal issues arise through imitating this behaviour or
even copying some code snippets.

yours, Matthias Bernhardt


PS: for reference: http://www.obtuse.com/smtpd.html