ezmlm-web/ezmlm-web
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

documentation for installation updated

Browse source 
improved suid-wrapper creation
This commit is contained in:
lars 2006-04-29 08:30:37 +00:00
parent b895416bc1
commit 07002d747d
8 changed files with 163 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
INSTALL
View file

@ -3,13 +3,14 @@ The following notes will guide you through the installation of ezmlm-web:
OVERVIEW: OVERVIEW:
0 - important notes 0 - important notes
1 - get it 1 - get it
2 - install executable 2 - install executable and shared files
3 - configuration file 3 - configuration file
4 - compile cgi wrapper 4 - compile cgi wrapper
5 - install cgi wrapper 5 - install cgi wrapper
6 - [optional] configure access control (http authentication) 6 - [optional] configure access control (http authentication)
7 - css stylesheet file 7 - css stylesheet file
8 - final test 8 - final test
9 - any problems?
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
@ -36,16 +37,11 @@ OVERVIEW:
(debian users may stop reading here) (debian users may stop reading here)
2. Copy ezmlm-web.cgi to some publically readable directory. It does not 2. Execute the following lines to install the cgi script and the shared data
have to be in a path accessible to your web server, but any user with a files to the appropriate locations.
mailing list must be able to run it (Check the read and execute rights perl Makefile.PL
on both the file and directory). We put our copy in "/usr/local/bin". make
make install
At the top of ezmlm-web.cgi you may have to change the $ENV{'PATH'}
variable. Be careful about what you set as the path. Too
much is a security risk and too little will cause the script to
malfunction. Version 2.0 requires that the following programs be
accessible in your path: mv, rm
3. Edit the examples/ezmlmwebrc.dist file and alter the variables to suit 3. Edit the examples/ezmlmwebrc.dist file and alter the variables to suit
@ -62,15 +58,6 @@ OVERVIEW:
supply to a minimum and also make reasonable guesses about default supply to a minimum and also make reasonable guesses about default
values. values.
The directory containing ezmlm-web's language files should be something
like '/usr/local/share/ezmlm-web/lang':
mkdir -p /usr/local/share/ezmlm-web
cp -r share/lang /usr/local/share/ezmlm-web
You can change this default location in the ezmlmwebrc file.
Do the same with the share/template directory (e.g copy it
to /usr/local/share/ezmlm-web/template). Then you also have to
set the appropriate location in the ezmlmwebrc file.
Finally, copy the ezmlmwebrc file to one of Finally, copy the ezmlmwebrc file to one of
the following places: the following places:
1) the home directory of the user that runs ezmlm-web.cgi (~/.ezmlmwebrc) 1) the home directory of the user that runs ezmlm-web.cgi (~/.ezmlmwebrc)
@ -80,26 +67,22 @@ OVERVIEW:
(ezmlm-web will look for it in these places in the given order) (ezmlm-web will look for it in these places in the given order)
4. Edit the index.c file and change the path to the path of your copy 4. For every user/virtual host that needs to manage mailing lists, you
of ezmlm-web.cgi. Then compile this file. You can do this by issuing need to create a suid wrapper owned by the user whom the mailing lists
this command: belong to. This wrapper needs to reside somewhere accessible by
gcc -o index.cgi share/index.c the web server. I suggest that you put it in a sub directory
of each user/virtual host's home directory (eg.
/home/luser/public_html/ezmlm for Apache).
Create a suid wrapper by issuing the following command:
5. For every user/virtual host that needs to manage mailing lists, you ezmlm-web-make-suid
need to create a SUID (user not root!!) copy of index.cgi (e.g
chmod 4755 index.cgi). These need to reside somewhere accessible by
the web server. I suggest that you put them in a sub directory (see
about security) of each user/virtual host's home directory (eg.
/home/luser/public_html/ezmlm for Apache).
The copies don't actually have to be called index.cgi, but it is nice The copies don't actually have to be called index.cgi, but it is nice
for web servers that can resolve a cgi script as an index page (see the for web servers that can resolve a cgi script as an index page. It is
srm.conf file in Apache). It is important to make sure that whichever important to make sure that whichever directory you choose to put them can
directory you choose to put them can
i: Execute CGI Scripts and i: Execute CGI Scripts and
ii: Be access controlled (here I mean both web and user access) by ii: Be access controlled (here I mean both web and user access) by
some method (eg .htaccess, access.conf for Apache). some method (eg .htaccess for Apache).
6. Install some method of securing access to the page. The following 6. Install some method of securing access to the page. The following
@ -138,9 +121,9 @@ OVERVIEW:
Again, see the ApacheWeek article for details. Again, see the ApacheWeek article for details.
7. You should copy the stylesheet file (share/css/default.css) to a location 7. Copy the stylesheet file (/usr/local/share/ezmlm-web/css/default.css)
of your choice. It has to be accessible by an URL - maybe a place like to a location of your choice. It has to be accessible by an URL - maybe
"/var/www/ezmlm-web.css" could be appropriate. a place like "/var/www/ezmlm-web.css" could be appropriate.
Now you may have to change the "HTML_CSS_FILE" setting in your Now you may have to change the "HTML_CSS_FILE" setting in your
ezmlmwebrc file. This value is a URL - not the local filename. ezmlmwebrc file. This value is a URL - not the local filename.

7
MANIFEST Normal file
View file

@ -0,0 +1,7 @@
ezmlm-web.cgi
changelog
copyright
TODO
UPGRADING
share
examples

114
Makefile.PL Normal file
View file

@ -0,0 +1,114 @@
# $Id$
use strict;
use ExtUtils::MakeMaker;
# See lib/ExtUtils/MakeMaker.pm for details of how to influence
# the contents of the Makefile that is written.
WriteMakefile(
'NAME' => 'ezmlm-web',
'AUTHOR' => 'Lars Kruse <devel@sumpfralle.de>',
'VERSION_FROM' => 'ezmlm-web.cgi', # finds $VERSION
'DISTNAME' => 'ezmlm-web',
'PREREQ_PM' => {
'Mail::Ezmlm' => 0.07,
'Mail::Address' => 1.15,
'CGI' => 2.6,
'CGI::Carp' => 1.06,
'DB_File' => 1.65,
'Getopt::Std' => 1.0,
'File::Find' => 0.0,
'File::Copy' => 2.02,
'File::Path' => 1.07,
'Text::ParseWords' => 3.0 },
'dist' => { COMPRESS => 'gzip', SUFFIX => 'gz' }
);
sub MY::postamble {
my ($self, $datadir) = @_;
my $SHAREDIR = "\$(DESTINSTALLSHARE)/$self->{NAME}";
return <<ENDOFTEXT
# REALINSTALLBIN is introduced later depending on "site" or "vendor" installation
export REALINSTALLBIN
export NOECHO
export CC
real_install_bin_: REALINSTALLBIN := \$(INSTALLSITEBIN)
real_install_bin_: install_suid_wrapper install_cgi
real_install_bin_site: REALINSTALLBIN := \$(INSTALLSITEBIN)
real_install_bin_site: install_suid_wrapper install_cgi
real_install_bin_vendor: REALINSTALLBIN := \$(INSTALLVENDORBIN)
real_install_bin_vendor: install_suid_wrapper install_cgi
real_install_bin_perl: REALINSTALLBIN := \$(INSTALLBIN)
real_install_bin_perl: install_suid_wrapper install_cgi
real_build_bin_: REALINSTALLBIN := \$(INSTALLSITEBIN)
real_build_bin_: build_suid_wrapper
real_build_bin_site: REALINSTALLBIN := \$(INSTALLSITEBIN)
real_build_bin_site: build_suid_wrapper
real_build_bin_vendor: REALINSTALLBIN := \$(INSTALLVENDORBIN)
real_build_bin_vendor: build_suid_wrapper
real_build_bin_perl: REALINSTALLBIN := \$(INSTALLBIN)
real_build_bin_perl: build_suid_wrapper
subdirs:: real_build_bin_\$(INSTALLDIRS)
clean_subdirs: clean_suid_wrapper
build_suid_wrapper:
\$(MAKE) -C suid-wrapper build
clean_suid_wrapper:
\$(MAKE) -C suid-wrapper clean
make_real_bin: real_install_bin_\$(INSTALLDIRS)
\$(MKPATH) \$(DESTDIR)\$(REALINSTALLBIN)
install_cgi: make_real_bin
install -c -m 755 ezmlm-web.cgi \$(DESTDIR)\$(REALINSTALLBIN)/ezmlm-web.cgi
install_suid_wrapper: build_suid_wrapper make_real_bin
\$(NOECHO) echo "WARNING: \$(REALINSTALLBIN)"
install -c -m 0755 suid-wrapper/index.cgi \$(DESTDIR)\$(REALINSTALLBIN)/ezmlm-web.wrapper
install -c -m 0755 suid-wrapper/ezmlm-web-make-suid \$(DESTDIR)\$(REALINSTALLBIN)/
install:: real_install_bin_\$(INSTALLDIRS) install_share_\$(INSTALLDIRS)
install_share_site:: DESTINSTALLSHARE := \$(DESTDIR)\$(PREFIX)/local/share
install_share_site:: install_share
install_share_vendor:: DESTINSTALLSHARE := \$(DESTDIR)\$(PREFIX)/share
install_share_vendor:: install_share
install_share:
install -d -m 0755 $SHAREDIR
install -d -m 0755 $SHAREDIR/lang
for file in share/lang/*.hdf ; \\
do install -c -m 0644 \$\$file $SHAREDIR/lang/ ; \\
done
install -d -m 0755 $SHAREDIR/css
for file in share/css/*.css ; \\
do install -c -m 0644 \$\$file $SHAREDIR/css/ ; \\
done
install -d -m 0755 $SHAREDIR/template
install -d -m 0755 $SHAREDIR/template/ui
install -d -m 0755 $SHAREDIR/template/ui/default
install -d -m 0755 $SHAREDIR/template/ui/gnupg
install -d -m 0755 $SHAREDIR/template/config_options
for file in share/template/*.cs ; \\
do install -c -m 0644 \$\$file $SHAREDIR/template/ ; \\
done
for file in share/template/config_options/*.cs ; \\
do install -c -m 0644 \$\$file $SHAREDIR/template/config_options/ ; \\
done
for file in share/template/ui/default/*.hdf ; \\
do install -c -m 0644 \$\$file $SHAREDIR/template/ui/default/ ; \\
done
for file in share/template/ui/gnupg/*.hdf ; \\
do install -c -m 0644 \$\$file $SHAREDIR/template/ui/gnupg/ ; \\
done
ENDOFTEXT
}

2
debian-related/DEBIAN/control
View file

@ -2,7 +2,7 @@ Package: ezmlm-web
Version: 3.2-1 Version: 3.2-1
Section: admin Section: admin
Priority: extra Priority: extra
Architecture: all Architecture: any
Depends: perl, httpd-cgi, libemail-address-perl, libemail-ezmlm-perl (>= 0.07) Depends: perl, httpd-cgi, libemail-address-perl, libemail-ezmlm-perl (>= 0.07)
Suggests: qmail-src, bash (>=2.0), gcc Suggests: qmail-src, bash (>=2.0), gcc
Maintainer: Lars Kruse <devel@sumpfralle.de> Maintainer: Lars Kruse <devel@sumpfralle.de>

15
suid-wrapper/Makefile Normal file
View file

@ -0,0 +1,15 @@
# Makefile to compile the binary suid-wrapper for ezmlm-web
#
# REALINSTALLBIN should be defined in the higher level Makefile
.PHONY: build clean
build:
$(NOECHO) echo "#define EZMLM_WEB_CGI \"$(REALINSTALLBIN)/ezmlm-web.cgi\"" >index.h
$(CC) -o index.cgi index.c
sed -i 's#^EZMLM_WEB_SUID_WRAPPER=.*$$#EZMLM_WEB_SUID_WRAPPER=$(REALINSTALLBIN)/ezmlm-web.wrapper#' ezmlm-web-make-suid
clean:
-rm index.cgi
$(NOECHO) echo "#define EZMLM_WEB_CGI \"/usr/bin/ezmlm-web.cgi\"" >index.h

6
debian-related/ezmlm-web-make-suid → suid-wrapper/ezmlm-web-make-suid
View file

@ -9,9 +9,7 @@
set -eu set -eu
C_SOURCE=/usr/share/ezmlm-web/index.c EZMLM_WEB_SUID_WRAPPER=/usr/local/bin/ezmlm-web.wrapper
which cc >/dev/null || { echo "no compiler (cc) installed - sorry" >&2; exit 1; }
[ $(id -u) -ne 0 ] && [ $# -ne 1 ] && echo "Syntax (for non-root): $(basename $0) DESTINATION_FILE" >&2 && exit 1 [ $(id -u) -ne 0 ] && [ $# -ne 1 ] && echo "Syntax (for non-root): $(basename $0) DESTINATION_FILE" >&2 && exit 1
[ $(id -u) -eq 0 ] && [ $# -gt 2 -o $# -lt 1 ] && echo "Syntax (for root): $(basename $0) [USERNAME] DESTINATION_FILE" >&2 && exit 1 [ $(id -u) -eq 0 ] && [ $# -gt 2 -o $# -lt 1 ] && echo "Syntax (for root): $(basename $0) [USERNAME] DESTINATION_FILE" >&2 && exit 1
@ -23,7 +21,7 @@ if [ $# -eq 1 ]
EZ_FILE=$2 EZ_FILE=$2
fi fi
cc -o "$EZ_FILE" "$C_SOURCE" cp "$EZMLM_WEB_SUID_WRAPPER" "$EZ_FILE"
if [ $(id -u) -eq 0 ] if [ $(id -u) -eq 0 ]
then chown "$EZ_USER". "$EZ_FILE" || { echo "the user '$EZ_USER' does not exist" >&2; rm "$EZ_FILE"; exit 1; } then chown "$EZ_USER". "$EZ_FILE" || { echo "the user '$EZ_USER' does not exist" >&2; rm "$EZ_FILE"; exit 1; }
fi fi

4
share/index.c → suid-wrapper/index.c
View file

@ -1,7 +1,7 @@
/* $Id$ */ /* $Id$ */
/* Change this path to wherever you decided to put ezmlm-web.cgi */ // define the location of your ezmlm-web.cgi file in this header file
#define EZMLM_WEB_CGI "/usr/local/bin/ezmlm-web.cgi" #include "index.h"
#include <stdio.h> #include <stdio.h>
#include <unistd.h> #include <unistd.h>

1
suid-wrapper/index.h Normal file
View file

@ -0,0 +1 @@
#define EZMLM_WEB_CGI "/usr/local/bin/ezmlm-web.cgi"