ph10 2006/02/21 16:24:20 GMT
Modified files:
exim-doc/doc-misc WishList
exim-doc/doc-txt ChangeLog NewStuff
exim-src/OS Makefile-BSDI os.Configuring os.h-BSDI
os.h-FreeBSD os.h-NetBSD
exim-src/src deliver.c exim.c structs.h verify.c
exim-src/src/transports appendfile.c pipe.c pipe.h smtp.c
Log:
Add support for setclassresources() in the pipe transport on FreeBSD,
NetBSD, and BSDI (aka BSD/OS).
Revision Changes Path
1.59 +0 -10 exim/exim-doc/doc-misc/WishList
1.309 +3 -0 exim/exim-doc/doc-txt/ChangeLog
1.88 +6 -0 exim/exim-doc/doc-txt/NewStuff
1.3 +1 -1 exim/exim-src/OS/Makefile-BSDI
1.2 +7 -0 exim/exim-src/OS/os.Configuring
1.2 +1 -0 exim/exim-src/OS/os.h-BSDI
1.2 +1 -0 exim/exim-src/OS/os.h-FreeBSD
1.2 +1 -0 exim/exim-src/OS/os.h-NetBSD
1.29 +16 -13 exim/exim-src/src/deliver.c
1.34 +3 -0 exim/exim-src/src/exim.c
1.10 +2 -0 exim/exim-src/src/structs.h
1.13 +5 -1 exim/exim-src/src/transports/appendfile.c
1.10 +68 -0 exim/exim-src/src/transports/pipe.c
1.5 +1 -0 exim/exim-src/src/transports/pipe.h
1.21 +5 -1 exim/exim-src/src/transports/smtp.c
1.34 +1 -1 exim/exim-src/src/verify.c
Index: WishList
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-misc/WishList,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- WishList 13 Feb 2006 15:09:30 -0000 1.58
+++ WishList 21 Feb 2006 16:24:19 -0000 1.59
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-misc/WishList,v 1.58 2006/02/13 15:09:30 ph10 Exp $
+$Cambridge: exim/exim-doc/doc-misc/WishList,v 1.59 2006/02/21 16:24:19 ph10 Exp $
EXIM 4 WISH LIST
----------------
@@ -2016,16 +2016,6 @@
It seems that there are clients that send AUTH when it hasn't been advertised,
some even after HELO, not even EHLO. Sigh. Possibly this should be an ACL
control, to enable it to be restricted to certain hosts.
-------------------------------------------------------------------------------
-
-(349) 13-Feb-06 S Add login_cap support to the pipe transport
-
-FreeBSD (and maybe others) have some functions for a per-user resource database
-of which login_cap() is one. A copile-time macro (set for FreeBSD) could enable
-a new pipe transport option to cause setclassresources() to be called to limit
-the resources used. It's a bit tricky, because it has to be done as root, but
-in the forked transport process. There will have to be some higher-level code
-to deal with this.
------------------------------------------------------------------------------
--- HWM 349 ------------------------------------------------------------------
---------------------------- End of WishList ---------------------------------
Index: ChangeLog
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
retrieving revision 1.308
retrieving revision 1.309
diff -u -r1.308 -r1.309
--- ChangeLog 20 Feb 2006 16:31:48 -0000 1.308
+++ ChangeLog 21 Feb 2006 16:24:19 -0000 1.309
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.308 2006/02/20 16:31:48 ph10 Exp $
+$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.309 2006/02/21 16:24:19 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
@@ -206,6 +206,9 @@
messages matching specified criteria.
PH/40 Changed the default ident timeout from 30s to 5s.
+
+PH/41 Added support for the use of login_cap features, on those BSD systems
+ that have them, for controlling the resources used by pipe deliveries.
Exim version 4.60
Index: NewStuff
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-txt/NewStuff,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- NewStuff 20 Feb 2006 16:31:48 -0000 1.87
+++ NewStuff 21 Feb 2006 16:24:19 -0000 1.88
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.87 2006/02/20 16:31:48 ph10 Exp $
+$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.88 2006/02/21 16:24:19 ph10 Exp $
New Features in Exim
--------------------
@@ -62,6 +62,12 @@
PH/09 The default for rfc4131_query_timeout has been changed from 30s to 5s.
+PH/10 When compiled on FreeBSD, NetBSD, or BSD/OS, the pipe transport has a new
+ Boolean option called use_classresources, defaulting false. If it is set
+ true, the setclassresources() function is used to set resource limits
+ when a pipe transport is run to perform a delivery. The limits for the
+ uid under which the pipe is to run are obtained from the login class
+ database.
Version 4.60
Index: Makefile-BSDI
===================================================================
RCS file: /home/cvs/exim/exim-src/OS/Makefile-BSDI,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Makefile-BSDI 23 May 2005 16:58:55 -0000 1.2
+++ Makefile-BSDI 21 Feb 2006 16:24:19 -0000 1.3
@@ -1,6 +1,6 @@
-# $Cambridge: exim/exim-src/OS/Makefile-BSDI,v 1.2 2005/05/23 16:58:55 fanf2 Exp $
+# $Cambridge: exim/exim-src/OS/Makefile-BSDI,v 1.3 2006/02/21 16:24:19 ph10 Exp $
-# Exim: OS-specific make file for BSDI. Its antique link editor
+# Exim: OS-specific make file for BSDI aka BSD/OS. Its antique link editor
# cannot handle the TextPop overriding.
CFLAGS=-O
Index: os.Configuring
===================================================================
RCS file: /home/cvs/exim/exim-src/OS/os.Configuring,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- os.Configuring 6 Oct 2004 15:07:39 -0000 1.1
+++ os.Configuring 21 Feb 2006 16:24:19 -0000 1.2
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-src/OS/os.Configuring,v 1.1 2004/10/06 15:07:39 ph10 Exp $
+$Cambridge: exim/exim-src/OS/os.Configuring,v 1.2 2006/02/21 16:24:19 ph10 Exp $
Configuring Exim for different Operating Systems
------------------------------------------------
@@ -183,6 +183,13 @@
One OS does not have the sys/resource.h header. If NO_SYS_RESOURCE_H is defined
in an os.h-<ostype> file, then the #include for this header is skipped in
exim.h.
+
+Support for login_cap functions
+-------------------------------
+
+Some of the BSD systems support functions for controlling the resources that
+user processes can use (e.g. login_getpwclass). If HAVE_LOGIN_CAP is defined,
+Exim supports this feature for running pipe deliveries.
The crypt_h header
------------------
Index: os.h-BSDI
===================================================================
RCS file: /home/cvs/exim/exim-src/OS/os.h-BSDI,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- os.h-BSDI 6 Oct 2004 15:07:39 -0000 1.1
+++ os.h-BSDI 21 Feb 2006 16:24:19 -0000 1.2
@@ -1,8 +1,9 @@
-/* $Cambridge: exim/exim-src/OS/os.h-BSDI,v 1.1 2004/10/06 15:07:39 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/OS/os.h-BSDI,v 1.2 2006/02/21 16:24:19 ph10 Exp $ */
/* Exim: OS-specific C header file for BSDI */
#define HAVE_BSD_GETLOADAVG
+#define HAVE_LOGIN_CAP
#define HAVE_MMAP
#define HAVE_SYS_MOUNT_H
#define SIOCGIFCONF_GIVES_ADDR
Index: os.h-FreeBSD
===================================================================
RCS file: /home/cvs/exim/exim-src/OS/os.h-FreeBSD,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- os.h-FreeBSD 6 Oct 2004 15:07:39 -0000 1.1
+++ os.h-FreeBSD 21 Feb 2006 16:24:19 -0000 1.2
@@ -1,8 +1,9 @@
-/* $Cambridge: exim/exim-src/OS/os.h-FreeBSD,v 1.1 2004/10/06 15:07:39 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/OS/os.h-FreeBSD,v 1.2 2006/02/21 16:24:19 ph10 Exp $ */
/* Exim: OS-specific C header file for FreeBSD */
#define HAVE_BSD_GETLOADAVG
+#define HAVE_LOGIN_CAP
#define HAVE_MMAP
#define HAVE_SYS_MOUNT_H
#define SIOCGIFCONF_GIVES_ADDR
Index: os.h-NetBSD
===================================================================
RCS file: /home/cvs/exim/exim-src/OS/os.h-NetBSD,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- os.h-NetBSD 6 Oct 2004 15:07:39 -0000 1.1
+++ os.h-NetBSD 21 Feb 2006 16:24:19 -0000 1.2
@@ -1,8 +1,9 @@
-/* $Cambridge: exim/exim-src/OS/os.h-NetBSD,v 1.1 2004/10/06 15:07:39 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/OS/os.h-NetBSD,v 1.2 2006/02/21 16:24:19 ph10 Exp $ */
/* Exim: OS-specific C header file for NetBSD */
#define HAVE_BSD_GETLOADAVG
+#define HAVE_LOGIN_CAP
#define HAVE_MMAP
#define HAVE_SYS_MOUNT_H
#define SIOCGIFCONF_GIVES_ADDR
Index: deliver.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/deliver.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- deliver.c 8 Feb 2006 16:10:46 -0000 1.28
+++ deliver.c 21 Feb 2006 16:24:19 -0000 1.29
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/deliver.c,v 1.28 2006/02/08 16:10:46 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/deliver.c,v 1.29 2006/02/21 16:24:19 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -1743,7 +1743,7 @@
if (addr->transport->setup != NULL)
{
- switch((addr->transport->setup)(addr->transport, addr, NULL,
+ switch((addr->transport->setup)(addr->transport, addr, NULL, uid, gid,
&(addr->message)))
{
case DEFER:
@@ -3617,12 +3617,25 @@
else return_path = new_return_path;
}
+ /* Find the uid, gid, and use_initgroups setting for this transport. Failure
+ logs and sets up error messages, so we just post-process and continue with
+ the next address. */
+
+ if (!findugid(addr, tp, &uid, &gid, &use_initgroups))
+ {
+ remote_post_process(addr, LOG_MAIN|LOG_PANIC, NULL, fallback);
+ continue;
+ }
+
/* If this transport has a setup function, call it now so that it gets
run in this process and not in any subprocess. That way, the results of
- any setup that are retained by the transport can be reusable. */
+ any setup that are retained by the transport can be reusable. One of the
+ things the setup does is to set the fallback host lists in the addresses.
+ That is why it is called at this point, before the continue delivery
+ processing, because that might use the fallback hosts. */
if (tp->setup != NULL)
- (void)((tp->setup)(addr->transport, addr, NULL, NULL));
+ (void)((tp->setup)(addr->transport, addr, NULL, uid, gid, NULL));
/* If this is a run to continue delivery down an already-established
channel, check that this set of addresses matches the transport and
@@ -3697,16 +3710,6 @@
for expansion. */
transport_filter_argv = NULL;
-
- /* Find the uid, gid, and use_initgroups setting for this transport. Failure
- logs and sets up error messages, so we just post-process and continue with
- the next address. */
-
- if (!findugid(addr, tp, &uid, &gid, &use_initgroups))
- {
- remote_post_process(addr, LOG_MAIN|LOG_PANIC, NULL, fallback);
- continue;
- }
/* Create the pipe for inter-process communication. If pipe creation
fails, it is probably because the value of remote_max_parallel is so
Index: exim.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/exim.c,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- exim.c 16 Feb 2006 10:05:33 -0000 1.33
+++ exim.c 21 Feb 2006 16:24:19 -0000 1.34
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/exim.c,v 1.33 2006/02/16 10:05:33 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/exim.c,v 1.34 2006/02/21 16:24:19 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -841,6 +841,9 @@
#endif
#if HAVE_IPV6
fprintf(f, " IPv6");
+#endif
+#ifdef HAVE_LOGIN_CAP
+ fprintf(f, " use_classresources");
#endif
#ifdef SUPPORT_PAM
fprintf(f, " PAM");
Index: structs.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/structs.h,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- structs.h 7 Feb 2006 11:19:00 -0000 1.9
+++ structs.h 21 Feb 2006 16:24:19 -0000 1.10
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/structs.h,v 1.9 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/structs.h,v 1.10 2006/02/21 16:24:19 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -138,6 +138,8 @@
struct transport_instance *,
struct address_item *,
struct transport_feedback *, /* For passing back config data */
+ uid_t, /* The uid that will be used */
+ gid_t, /* The gid that will be used */
uschar **); /* For an error message */
/**************************************/
int batch_max; /* ) */
Index: verify.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/verify.c,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- verify.c 14 Feb 2006 15:56:43 -0000 1.33
+++ verify.c 21 Feb 2006 16:24:19 -0000 1.34
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/verify.c,v 1.33 2006/02/14 15:56:43 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/verify.c,v 1.34 2006/02/21 16:24:19 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -1051,7 +1051,7 @@
if (addr->transport != NULL && !addr->transport->info->local)
{
- (void)(addr->transport->setup)(addr->transport, addr, &tf, NULL);
+ (void)(addr->transport->setup)(addr->transport, addr, &tf, 0, 0, NULL);
/* If the transport has hosts and the router does not, or if the
transport is configured to override the router's hosts, we must build a
Index: appendfile.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transports/appendfile.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- appendfile.c 10 Feb 2006 16:29:20 -0000 1.12
+++ appendfile.c 21 Feb 2006 16:24:20 -0000 1.13
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/transports/appendfile.c,v 1.12 2006/02/10 16:29:20 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/transports/appendfile.c,v 1.13 2006/02/21 16:24:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -247,6 +247,8 @@
tblock points to the transport instance
addrlist addresses about to be delivered (not used)
dummy not used (doesn't pass back data)
+ uid the uid that will be set (not used)
+ gid the gid that will be set (not used)
errmsg where to put an error message
Returns: OK, FAIL, or DEFER
@@ -254,7 +256,7 @@
static int
appendfile_transport_setup(transport_instance *tblock, address_item *addrlist,
- transport_feedback *dummy, uschar **errmsg)
+ transport_feedback *dummy, uid_t uid, gid_t gid, uschar **errmsg)
{
appendfile_transport_options_block *ob =
(appendfile_transport_options_block *)(tblock->options_block);
@@ -264,6 +266,8 @@
addrlist = addrlist; /* Keep picky compilers happy */
dummy = dummy;
+uid = uid;
+gid = gid;
/* Loop for quota, quota_filecount, quota_warn_threshold, mailbox_size,
mailbox_filecount */
Index: pipe.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transports/pipe.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- pipe.c 7 Feb 2006 11:19:03 -0000 1.9
+++ pipe.c 21 Feb 2006 16:24:20 -0000 1.10
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/transports/pipe.c,v 1.9 2006/02/07 11:19:03 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/transports/pipe.c,v 1.10 2006/02/21 16:24:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -11,6 +11,10 @@
#include "../exim.h"
#include "pipe.h"
+#ifdef HAVE_LOGIN_CAP
+#include <login_cap.h>
+#endif
+
/* Options specific to the pipe transport. They must be in alphabetic
@@ -71,6 +75,10 @@
(void *)offsetof(pipe_transport_options_block, umask) },
{ "use_bsmtp", opt_bool,
(void *)offsetof(pipe_transport_options_block, use_bsmtp) },
+ #ifdef HAVE_LOGIN_CAP
+ { "use_classresources", opt_bool,
+ (void *)offsetof(pipe_transport_options_block, use_classresources) },
+ #endif
{ "use_crlf", opt_bool,
(void *)offsetof(pipe_transport_options_block, use_crlf) },
{ "use_shell", opt_bool,
@@ -106,12 +114,68 @@
FALSE, /* timeout_defer */
FALSE, /* use_shell */
FALSE, /* use_bsmtp */
+ FALSE, /* use_classresources */
FALSE /* use_crlf */
};
/*************************************************
+* Setup entry point *
+*************************************************/
+
+/* Called for each delivery in the privileged state, just before the uid/gid
+are changed and the main entry point is called. In a system that supports the
+login_cap facilities, this function is used to set the class resource limits
+for the user.
+
+Arguments:
+ tblock points to the transport instance
+ addrlist addresses about to be delivered (not used)
+ dummy not used (doesn't pass back data)
+ uid the uid that will be set (not used)
+ gid the gid that will be set (not used)
+ errmsg where to put an error message
+
+Returns: OK, FAIL, or DEFER
+*/
+
+static int
+pipe_transport_setup(transport_instance *tblock, address_item *addrlist,
+ transport_feedback *dummy, uid_t uid, gid_t gid, uschar **errmsg)
+{
+pipe_transport_options_block *ob =
+ (pipe_transport_options_block *)(tblock->options_block);
+
+addrlist = addrlist; /* Keep compiler happy */
+dummy = dummy;
+uid = uid;
+gid = gid;
+errmsg = errmsg;
+ob = ob;
+
+#ifdef HAVE_LOGIN_CAP
+if (ob->use_classresources)
+ {
+ struct passwd *pw = getpwuid(uid);
+ if (pw != NULL)
+ {
+ login_cap_t *lc = login_getpwclass(pw);
+ if (lc != NULL)
+ {
+ setclassresources(lc);
+ login_close(lc);
+ }
+ }
+ }
+#endif
+
+return OK;
+}
+
+
+
+/*************************************************
* Initialization entry point *
*************************************************/
@@ -124,6 +188,10 @@
{
pipe_transport_options_block *ob =
(pipe_transport_options_block *)(tblock->options_block);
+
+/* Set up the setup entry point, to be called in the privileged state */
+
+tblock->setup = pipe_transport_setup;
/* If pipe_as_creator is set, then uid/gid should not be set. */
Index: pipe.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transports/pipe.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- pipe.h 7 Feb 2006 11:19:03 -0000 1.4
+++ pipe.h 21 Feb 2006 16:24:20 -0000 1.5
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/transports/pipe.h,v 1.4 2006/02/07 11:19:03 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/transports/pipe.h,v 1.5 2006/02/21 16:24:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -29,6 +29,7 @@
BOOL timeout_defer;
BOOL use_shell;
BOOL use_bsmtp;
+ BOOL use_classresources;
BOOL use_crlf;
} pipe_transport_options_block;
Index: smtp.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transports/smtp.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- smtp.c 7 Feb 2006 11:19:03 -0000 1.20
+++ smtp.c 21 Feb 2006 16:24:20 -0000 1.21
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/transports/smtp.c,v 1.20 2006/02/07 11:19:03 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/transports/smtp.c,v 1.21 2006/02/21 16:24:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -207,6 +207,8 @@
tblock pointer to the transport instance block
addrlist list of addresses about to be transported
tf if not NULL, pointer to block in which to return options
+ uid the uid that will be set (not used)
+ gid the gid that will be set (not used)
errmsg place for error message (not used)
Returns: OK always (FAIL, DEFER not used)
@@ -214,12 +216,14 @@
static int
smtp_transport_setup(transport_instance *tblock, address_item *addrlist,
- transport_feedback *tf, uschar **errmsg)
+ transport_feedback *tf, uid_t uid, gid_t gid, uschar **errmsg)
{
smtp_transport_options_block *ob =
(smtp_transport_options_block *)(tblock->options_block);
errmsg = errmsg; /* Keep picky compilers happy */
+uid = uid;
+gid = gid;
/* Pass back options if required. This interface is getting very messy. */