documentation for installation updated

improved suid-wrapper creation

INSTALL

@@ -3,13 +3,14 @@ The following notes will guide you through the installation of ezmlm-web:
 OVERVIEW:
   0 - important notes
   1 - get it
-  2 - install executable
+  2 - install executable and shared files
   3 - configuration file
   4 - compile cgi wrapper
   5 - install cgi wrapper
   6 - [optional] configure access control (http authentication)
   7 - css stylesheet file
   8 - final test
+  9 - any problems?
 
 
 ------------------------------------------------------------------------------
@@ -36,16 +37,11 @@ OVERVIEW:
 	(debian users may stop reading here)
 
 
-2.	Copy ezmlm-web.cgi to some publically readable directory. It does not
-	have to be in a path accessible to your web server, but any user with a
-	mailing list must be able to run it (Check the read and execute rights
-	on both the file and directory). We put our copy in "/usr/local/bin".
-
-	At the top of ezmlm-web.cgi you may have to change the $ENV{'PATH'}
-	variable. Be careful about what you set as the path. Too 
-	much is a security risk and too little will cause the script to 
-	malfunction. Version 2.0 requires that the following programs be 
-	accessible in your path: mv, rm
+2.	Execute the following lines to install the cgi script and the shared data
+	files to the appropriate locations.
+		perl Makefile.PL
+		make
+		make install
 
 
 3.	Edit the examples/ezmlmwebrc.dist file and alter the variables to suit
@@ -62,15 +58,6 @@ OVERVIEW:
 	supply to a minimum and also make reasonable guesses about default
 	values.
 
-	The directory containing ezmlm-web's language files should be something
-	like '/usr/local/share/ezmlm-web/lang':
-		mkdir -p /usr/local/share/ezmlm-web
-		cp -r share/lang /usr/local/share/ezmlm-web
-	You can change this default location in the ezmlmwebrc file.
-	Do the same with the share/template directory (e.g copy it
-	to /usr/local/share/ezmlm-web/template). Then you also have to
-	set the appropriate location in the ezmlmwebrc file.
-
 	Finally, copy the ezmlmwebrc file to one of
 	the following places:
 		1) the home directory of the user that runs ezmlm-web.cgi (~/.ezmlmwebrc)
@@ -80,26 +67,22 @@ OVERVIEW:
 	 (ezmlm-web will look for it in these places in the given order)
 
 
-4.	Edit the index.c file and change the path to the path of your copy
-	of ezmlm-web.cgi. Then compile this file. You can do this by issuing
-	this command:
-		gcc -o index.cgi share/index.c
+4.	For every user/virtual host that needs to manage mailing lists, you
+	need to create a suid wrapper owned by the user whom the mailing lists
+	belong to. This wrapper needs to reside somewhere accessible by 
+	the web server. I suggest that you put it in a sub directory 
+	of each user/virtual host's home directory (eg.
+	/home/luser/public_html/ezmlm for Apache). 
 
-
-5.	For every user/virtual host that needs to manage mailing lists, you
-	need to create a SUID (user not root!!) copy of index.cgi (e.g
-	chmod 4755 index.cgi). These need to reside somewhere accessible by 
-	the web server. I suggest that you put them in a sub directory (see 
-	about security) of each user/virtual host's home directory (eg.
-    /home/luser/public_html/ezmlm for Apache). 
+	Create a suid wrapper by issuing the following command:
+		ezmlm-web-make-suid 
 
 	The copies don't actually have to be called index.cgi, but it is nice
-	for web servers that can resolve a cgi script as an index page (see the
-	srm.conf file in Apache). It is important to make sure that whichever
-	directory you choose to put them can
+	for web servers that can resolve a cgi script as an index page. It is
+	important to make sure that whichever directory you choose to put them can
 		i:	Execute CGI Scripts and
 		ii:	Be access controlled (here I mean both web and user access) by
-			some method (eg .htaccess, access.conf for Apache).
+			some method (eg .htaccess for Apache).
 
 
 6.	Install some method of securing access to the page. The following
@@ -138,9 +121,9 @@ OVERVIEW:
 	Again, see the ApacheWeek article for details.
 
 
-7.	You should copy the stylesheet file (share/css/default.css) to a location
-	of your choice. It has to be accessible by an URL - maybe a place like
-	"/var/www/ezmlm-web.css" could be appropriate.
+7.	Copy the stylesheet file (/usr/local/share/ezmlm-web/css/default.css)
+	to a location of your choice. It has to be accessible by an URL - maybe
+	a place like "/var/www/ezmlm-web.css" could be appropriate.
 	Now you may have to change the "HTML_CSS_FILE" setting in your
 	ezmlmwebrc file. This value is a URL - not the local filename.
 

MANIFEST

@@ -0,0 +1,7 @@
+ezmlm-web.cgi
+changelog
+copyright
+TODO
+UPGRADING
+share
+examples

Makefile.PL

@@ -0,0 +1,114 @@
+# $Id$
+
+use strict;
+use ExtUtils::MakeMaker;
+# See lib/ExtUtils/MakeMaker.pm for details of how to influence
+# the contents of the Makefile that is written.
+WriteMakefile(
+	'NAME'		=> 'ezmlm-web',
+	'AUTHOR'	=> 'Lars Kruse <devel@sumpfralle.de>',
+	'VERSION_FROM'	=> 'ezmlm-web.cgi', # finds $VERSION
+	'DISTNAME'		=> 'ezmlm-web',
+	'PREREQ_PM'		=> {
+			'Mail::Ezmlm' => 0.07,
+			'Mail::Address'	=> 1.15,
+			'CGI'	=> 2.6,
+			'CGI::Carp'	=> 1.06,
+			'DB_File'	=> 1.65,
+			'Getopt::Std'	=> 1.0,
+			'File::Find'	=> 0.0,
+			'File::Copy'	=> 2.02,
+			'File::Path'	=> 1.07,
+			'Text::ParseWords'	=> 3.0 },
+	'dist'		=> { COMPRESS => 'gzip', SUFFIX => 'gz' }
+);
+
+sub MY::postamble {
+	my ($self, $datadir) = @_;
+	my $SHAREDIR = "\$(DESTINSTALLSHARE)/$self->{NAME}";
+	return <<ENDOFTEXT
+# REALINSTALLBIN is introduced later depending on "site" or "vendor" installation
+export REALINSTALLBIN
+export NOECHO
+export CC
+
+real_install_bin_:	REALINSTALLBIN := \$(INSTALLSITEBIN)
+real_install_bin_:	install_suid_wrapper install_cgi
+
+real_install_bin_site:	REALINSTALLBIN := \$(INSTALLSITEBIN)
+real_install_bin_site:	install_suid_wrapper install_cgi
+
+real_install_bin_vendor:	REALINSTALLBIN := \$(INSTALLVENDORBIN)
+real_install_bin_vendor:	install_suid_wrapper install_cgi
+
+real_install_bin_perl:	REALINSTALLBIN := \$(INSTALLBIN)
+real_install_bin_perl:	install_suid_wrapper install_cgi
+
+real_build_bin_:	REALINSTALLBIN := \$(INSTALLSITEBIN)
+real_build_bin_:	build_suid_wrapper
+
+real_build_bin_site:	REALINSTALLBIN := \$(INSTALLSITEBIN)
+real_build_bin_site:	build_suid_wrapper
+
+real_build_bin_vendor:	REALINSTALLBIN := \$(INSTALLVENDORBIN)
+real_build_bin_vendor:	build_suid_wrapper
+
+real_build_bin_perl:	REALINSTALLBIN := \$(INSTALLBIN)
+real_build_bin_perl:	build_suid_wrapper
+
+
+subdirs:: real_build_bin_\$(INSTALLDIRS)
+
+clean_subdirs: clean_suid_wrapper
+
+build_suid_wrapper:
+	\$(MAKE) -C suid-wrapper build
+
+clean_suid_wrapper:
+	\$(MAKE) -C suid-wrapper clean
+
+make_real_bin:	real_install_bin_\$(INSTALLDIRS)
+	\$(MKPATH) \$(DESTDIR)\$(REALINSTALLBIN)
+
+install_cgi:	make_real_bin
+	install -c -m 755 ezmlm-web.cgi \$(DESTDIR)\$(REALINSTALLBIN)/ezmlm-web.cgi
+
+install_suid_wrapper:	build_suid_wrapper make_real_bin
+	\$(NOECHO) echo "WARNING: \$(REALINSTALLBIN)"
+	install -c -m 0755 suid-wrapper/index.cgi \$(DESTDIR)\$(REALINSTALLBIN)/ezmlm-web.wrapper
+	install -c -m 0755 suid-wrapper/ezmlm-web-make-suid \$(DESTDIR)\$(REALINSTALLBIN)/
+
+install::	real_install_bin_\$(INSTALLDIRS) install_share_\$(INSTALLDIRS)
+install_share_site::	DESTINSTALLSHARE := \$(DESTDIR)\$(PREFIX)/local/share
+install_share_site::	install_share
+install_share_vendor::	DESTINSTALLSHARE := \$(DESTDIR)\$(PREFIX)/share
+install_share_vendor::	install_share
+install_share:
+	install -d -m 0755 $SHAREDIR
+	install -d -m 0755 $SHAREDIR/lang
+	for file in share/lang/*.hdf ; \\
+		do	install -c -m 0644 \$\$file $SHAREDIR/lang/ ; \\
+	 done
+	install -d -m 0755 $SHAREDIR/css
+	for file in share/css/*.css ; \\
+		do	install -c -m 0644 \$\$file $SHAREDIR/css/ ; \\
+	 done
+	install -d -m 0755 $SHAREDIR/template
+	install -d -m 0755 $SHAREDIR/template/ui
+	install -d -m 0755 $SHAREDIR/template/ui/default
+	install -d -m 0755 $SHAREDIR/template/ui/gnupg
+	install -d -m 0755 $SHAREDIR/template/config_options
+	for file in share/template/*.cs ; \\
+		do	install -c -m 0644 \$\$file $SHAREDIR/template/ ; \\
+	 done
+	for file in share/template/config_options/*.cs ; \\
+		do	install -c -m 0644 \$\$file $SHAREDIR/template/config_options/ ; \\
+	 done
+	for file in share/template/ui/default/*.hdf ; \\
+		do	install -c -m 0644 \$\$file $SHAREDIR/template/ui/default/ ; \\
+	 done
+	for file in share/template/ui/gnupg/*.hdf ; \\
+		do	install -c -m 0644 \$\$file $SHAREDIR/template/ui/gnupg/ ; \\
+	 done
+ENDOFTEXT
+}

debian-related/DEBIAN/control

@@ -2,7 +2,7 @@ Package: ezmlm-web
 Version: 3.2-1
 Section: admin
 Priority: extra
-Architecture: all
+Architecture: any
 Depends: perl, httpd-cgi, libemail-address-perl, libemail-ezmlm-perl (>= 0.07)
 Suggests: qmail-src, bash (>=2.0), gcc
 Maintainer: Lars Kruse <devel@sumpfralle.de>

suid-wrapper/Makefile

@@ -0,0 +1,15 @@
+# Makefile to compile the binary suid-wrapper for ezmlm-web
+#
+# REALINSTALLBIN should be defined in the higher level Makefile
+
+.PHONY: build clean
+
+build:
+	$(NOECHO) echo "#define EZMLM_WEB_CGI \"$(REALINSTALLBIN)/ezmlm-web.cgi\"" >index.h
+	$(CC) -o index.cgi index.c
+	sed -i 's#^EZMLM_WEB_SUID_WRAPPER=.*$$#EZMLM_WEB_SUID_WRAPPER=$(REALINSTALLBIN)/ezmlm-web.wrapper#' ezmlm-web-make-suid
+
+clean:
+	-rm index.cgi
+	$(NOECHO) echo "#define EZMLM_WEB_CGI \"/usr/bin/ezmlm-web.cgi\"" >index.h
+

suid-wrapper/ezmlm-web-make-suid

@@ -9,9 +9,7 @@
 
 set -eu
 
-C_SOURCE=/usr/share/ezmlm-web/index.c
-
-which cc >/dev/null || { echo "no compiler (cc) installed - sorry" >&2; exit 1; }
+EZMLM_WEB_SUID_WRAPPER=/usr/local/bin/ezmlm-web.wrapper
 
 [ $(id -u) -ne 0 ] && [ $# -ne 1 ] && echo "Syntax (for non-root): $(basename $0) DESTINATION_FILE" >&2 && exit 1
 [ $(id -u) -eq 0 ] && [ $# -gt 2 -o $# -lt 1 ] && echo "Syntax (for root): $(basename $0) [USERNAME] DESTINATION_FILE" >&2 && exit 1
@@ -23,7 +21,7 @@ if [ $# -eq 1 ]
 			EZ_FILE=$2
   fi
 
-cc -o "$EZ_FILE" "$C_SOURCE"
+cp "$EZMLM_WEB_SUID_WRAPPER" "$EZ_FILE"
 if [ $(id -u) -eq 0 ]
 	then chown "$EZ_USER". "$EZ_FILE" || { echo "the user '$EZ_USER' does not exist" >&2; rm "$EZ_FILE"; exit 1; }
   fi

suid-wrapper/index.c

@@ -1,7 +1,7 @@
 /* $Id$ */
 
-/* Change this path to wherever you decided to put ezmlm-web.cgi */
-#define EZMLM_WEB_CGI "/usr/local/bin/ezmlm-web.cgi"
+// define the location of your ezmlm-web.cgi file in this header file
+#include "index.h"
 
 #include <stdio.h>
 #include <unistd.h>

suid-wrapper/index.h

@@ -0,0 +1 @@
+#define EZMLM_WEB_CGI "/usr/local/bin/ezmlm-web.cgi"