Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
tags #403605 pending thanks On Tue, Dec 19, 2006 at 12:29:47PM +0100, Paul Slootman wrote: Yes, this fixes it. Committed to svn, thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
On Mon, Dec 18, 2006 at 05:37:46PM +0100, Paul Slootman wrote: On Mon 18 Dec 2006, Marc Haber wrote: On Mon, Dec 18, 2006 at 12:41:27PM +0100, Paul Slootman wrote: Package: exim4-config Version: 4.63-11 Severity: grave Justification: email was bounced, thus lost to me Bounced e-mail is not lost. Downgrading. Yes, it is. If you bounce mail e.g. for a sales email address, most potential customers will move on to another vendor. *I* do not have the data, hence it is lost. I disagree. I have a wildcard MX *.wurtel.net, and that's filled in /etc/exim4/update-exim4.conf.conf accordingly: dc_other_hostnames='wurtel.net : *.wurtel.net : ...' not supported, dc_other_hostnames is a list of semicolon-separated domain names. No wildcards here. Why is the field called dc_other_HOSTnames then, if it's DOMAINnames? historical reasons. Please notice that from a DNS point of view, any fully qualified host name is also a domain name, hence the abbreviation FQ_D_N. I see it as a mapping between MX records and the exim config. It basically is part of relay control. It works just fine as it is, Yes, but it has never been supported. Which is one reason for us not to test this. if the script didn't forget to quote the arguments to echo. Having to implement wildcard MXen in another way just obfuscates the exim config even more. Actually, the Debconf-based exim config is a vehicle for people with no or small technical knowlegde to get a basic e-mail server to work. Having a wildcard MX is definetely an advanced topic. I recommend that a fix is included in the version that's to go into etch. Agreed. Be warned, however, that we might fix this by forbidding * and ? in ue4.conf.conf by means of replacing them with _ after giving a warning. Better move your wildcard to the macros made available inside exim configuration. Please give examples, because it's a pain to find out what the macro of the day is in the exim4-config setup :-( If you find this a pain, you are not sufficiently familiar with exim configuration to run a system with a wildcard MX. Looking for dc_other_hostnames in update-exim4.conf.conf(5) will lead you to DEBCONFlocal_domainsDEBCONF, which will - when looked for in exim configuration - lead you to the MAIN_LOCAL_DOMAINS macro. Is there any definitive list, with explanations? No, we expect people fiddling with these to know their way around exim configuration to ease our support load. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
On Tue 19 Dec 2006, Marc Haber wrote: Please give examples, because it's a pain to find out what the macro of the day is in the exim4-config setup :-( If you find this a pain, you are not sufficiently familiar with exim configuration to run a system with a wildcard MX. Uhm, no, I'm sufficiently familiar with the exim config, not the random macros used by exim4-config. Looking for dc_other_hostnames in update-exim4.conf.conf(5) will lead you to DEBCONFlocal_domainsDEBCONF, which will - when looked for in exim configuration - lead you to the MAIN_LOCAL_DOMAINS macro. Is there any definitive list, with explanations? No, we expect people fiddling with these to know their way around exim configuration to ease our support load. Again, knowledge of exim configuration does not automatically lead to knowledge of obfuscated exim4-config macro names like DEBCONFlocal_domainsDEBCONF and MAIN_LOCAL_DOMAINS. It's a pity that you go out of your way to make it so hard to use exim4-config when in principle it's a fine way of configuring exim4. Paul Slootman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
package exim4-config tags #403605 confirmed On Mon, Dec 18, 2006 at 12:41:27PM +0100, Paul Slootman wrote: I have a wildcard MX *.wurtel.net, and that's filled in /etc/exim4/update-exim4.conf.conf accordingly: dc_other_hostnames='wurtel.net : *.wurtel.net : ...' However, I noticed once that instead of *.wurtel.net, the generated config file had db.wurtel.net. At the time I passed that off as an error on my part, as when running update-exim4.conf again it was correct. Upon investigation it appeared that if a file exists in the current directory that matches *.wurtel.net when update-exim4.conf is run, the filename is filled into the config file, hence corrupting it :-( update-exim4.conf echoes the value of dc_other_hostnames without any quoting! The culprit is line 126 of update-exim4.conf. Please try replacing it with local_domains=$(echo localhost:${dc_other_hostnames} | \ quoting the occurrence of ${dc_other-hostnames}. Please report back whether this fixes the issue for you (it does for me), and I'll commit this change, along with some more quotes in other parts of the script. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
On Tue, Dec 19, 2006 at 12:27:39PM +0100, Paul Slootman wrote: On Tue 19 Dec 2006, Marc Haber wrote: Please give examples, because it's a pain to find out what the macro of the day is in the exim4-config setup :-( If you find this a pain, you are not sufficiently familiar with exim configuration to run a system with a wildcard MX. Uhm, no, I'm sufficiently familiar with the exim config, not the random macros used by exim4-config. Do you want to be constructive? If so, please stop the insults and use your exim configuration knowledge to read the configuration, which is rather easy to understand at least in this part. If you want to bitch or just to get rid of your christmas frustration, please do this somewhere else as I have enough of that myself. Looking for dc_other_hostnames in update-exim4.conf.conf(5) will lead you to DEBCONFlocal_domainsDEBCONF, which will - when looked for in exim configuration - lead you to the MAIN_LOCAL_DOMAINS macro. Is there any definitive list, with explanations? No, we expect people fiddling with these to know their way around exim configuration to ease our support load. Again, knowledge of exim configuration does not automatically lead to knowledge of obfuscated exim4-config macro names like DEBCONFlocal_domainsDEBCONF and MAIN_LOCAL_DOMAINS. It's a pity that you go out of your way to make it so hard to use exim4-config when in principle it's a fine way of configuring exim4. If you know it so much better, please offer to take over the package. Or, better, take this to -devel or to the tech ctte. Greetings Marc, wondering why people insist on discussing after an answer of yes, this is a bug, and it will be fixed -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
On Tue 19 Dec 2006, Marc Haber wrote: The culprit is line 126 of update-exim4.conf. Please try replacing it with local_domains=$(echo localhost:${dc_other_hostnames} | \ quoting the occurrence of ${dc_other-hostnames}. Please report back whether this fixes the issue for you (it does for me), and I'll commit this change, along with some more quotes in other parts of the script. Yes, this fixes it. Paul Slootman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
Package: exim4-config Version: 4.63-11 Severity: grave Justification: email was bounced, thus lost to me I have a wildcard MX *.wurtel.net, and that's filled in /etc/exim4/update-exim4.conf.conf accordingly: dc_other_hostnames='wurtel.net : *.wurtel.net : ...' However, I noticed once that instead of *.wurtel.net, the generated config file had db.wurtel.net. At the time I passed that off as an error on my part, as when running update-exim4.conf again it was correct. Today I again noticed in the exim logs that a lot of mail was being bounced due to relay not permitted. Again I saw db.wurtel.net instead of *.wurtel.net, and now I was sure I hadn't made any mistake. Upon investigation it appeared that if a file exists in the current directory that matches *.wurtel.net when update-exim4.conf is run, the filename is filled into the config file, hence corrupting it :-( update-exim4.conf echoes the value of dc_other_hostnames without any quoting! I could imagine that this might even be used to bypass security if a malicious user could get an admin to run update-exim4.conf in a directory with specially prepared filenames. I recommend that a fix is included in the version that's to go into etch. Paul Slootman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
package exim4-config severity #403605 important thanks On Mon, Dec 18, 2006 at 12:41:27PM +0100, Paul Slootman wrote: Package: exim4-config Version: 4.63-11 Severity: grave Justification: email was bounced, thus lost to me Bounced e-mail is not lost. Downgrading. I have a wildcard MX *.wurtel.net, and that's filled in /etc/exim4/update-exim4.conf.conf accordingly: dc_other_hostnames='wurtel.net : *.wurtel.net : ...' not supported, dc_other_hostnames is a list of semicolon-separated domain names. No wildcards here. However, I noticed once that instead of *.wurtel.net, the generated config file had db.wurtel.net. At the time I passed that off as an error on my part, as when running update-exim4.conf again it was correct. Today I again noticed in the exim logs that a lot of mail was being bounced due to relay not permitted. Again I saw db.wurtel.net instead of *.wurtel.net, and now I was sure I hadn't made any mistake. Upon investigation it appeared that if a file exists in the current directory that matches *.wurtel.net when update-exim4.conf is run, the filename is filled into the config file, hence corrupting it :-( update-exim4.conf echoes the value of dc_other_hostnames without any quoting! I could imagine that this might even be used to bypass security if a malicious user could get an admin to run update-exim4.conf in a directory with specially prepared filenames. I recommend that a fix is included in the version that's to go into etch. Agreed. Be warned, however, that we might fix this by forbidding * and ? in ue4.conf.conf by means of replacing them with _ after giving a warning. Better move your wildcard to the macros made available inside exim configuration. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403605: exim4-config: dc_other_hostnames expanded by the shell, corrupting it
On Mon 18 Dec 2006, Marc Haber wrote: On Mon, Dec 18, 2006 at 12:41:27PM +0100, Paul Slootman wrote: Package: exim4-config Version: 4.63-11 Severity: grave Justification: email was bounced, thus lost to me Bounced e-mail is not lost. Downgrading. Yes, it is. If you bounce mail e.g. for a sales email address, most potential customers will move on to another vendor. *I* do not have the data, hence it is lost. I have a wildcard MX *.wurtel.net, and that's filled in /etc/exim4/update-exim4.conf.conf accordingly: dc_other_hostnames='wurtel.net : *.wurtel.net : ...' not supported, dc_other_hostnames is a list of semicolon-separated domain names. No wildcards here. Why is the field called dc_other_HOSTnames then, if it's DOMAINnames? I see it as a mapping between MX records and the exim config. It works just fine as it is, if the script didn't forget to quote the arguments to echo. Having to implement wildcard MXen in another way just obfuscates the exim config even more. I recommend that a fix is included in the version that's to go into etch. Agreed. Be warned, however, that we might fix this by forbidding * and ? in ue4.conf.conf by means of replacing them with _ after giving a warning. Better move your wildcard to the macros made available inside exim configuration. Please give examples, because it's a pain to find out what the macro of the day is in the exim4-config setup :-( Is there any definitive list, with explanations? (A pointer to what exim variable or setting is involved is fine, or just a chapter number in the exim docs, although those may be volatile.) Paul Slootman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]