There was a problem with the tmda-ofmipd patch I sent out earlier today.
I now realize that the script pointed to by the --home-script parameter
must return more information than the standard --vhome-script does.
This script must write the following information to stdout:
homedir uid gid groups ...
where homedir is the email user's home directory
uid is the uid of the owner of homedir
gid is the gid of the owner of homedir
groups is a list of gid's to which uid belongs;
gid is duplicated in this list
All this information must be written to stdout on a single line,
separated by white space.
This patched version of tmda-ofmipd now uses this complete set of
information returned by --home-script to properly find and read the
user's .tmda/config file, as described in my earlier email.
Here's the updated patch.
*** tmda-newofmipd Sat Sep 17 17:21:54 2005
--- /usr/bin/tmda-ofmipd Sat Sep 17 11:43:09 2005
***************
*** 172,196 ****
the --vhome-script parameter above.
- -H <script>
- --home-script <script>
- Similar --vhome-script, above, but it is meant to be used with
- a non-VMailMgr environment, with no virtual domains file.
-
- This script takes two arguments, the user name and the domain,
- on its command line. It must write the following information
- to stdout, each item separated by white space:
-
- homedir uid gid groups ...
-
- where homedir is the email user's home directory
- uid is the user who owns homedir
- gid is the group who owns homedir
- groups is a list of groups to which uid belongs;
- gid is duplicated in this list of groups
-
- NOTE: This option is only used when you have an installation
- that's NOT structured like qmail with VMailMgr. You cannot
- use --vhome-script or --vdomains-path with this option.
-
-t <script>
--throttle-script <script>
--- 172,175 ----
***************
*** 246,252 ****
connections = 20
vhomescript = None
- homescript = None
vdomainspath = '/var/qmail/control/virtualdomains'
- vdomainspathspecified = None
throttlescript = None
--- 225,229 ----
***************
*** 293,314 ****
try:
opts, args = getopt.getopt(sys.argv[1:],
! 'p:u:a:R:A:Fc:C:dVhfbPS:H:v:t:', ['proxyport=',
! 'username=',
! 'authfile=',
! 'remoteauth=',
! 'authprog=',
! 'fallback',
! 'configdir=',
! 'connections=',
! 'debug',
! 'version',
! 'help',
! 'foreground',
! 'background',
! 'pure-proxy',
! 'vhome-script=',
! 'home-script=',
! 'vdomains-path=',
! 'throttle-script='])
except getopt.error, msg:
usage(1, msg)
--- 270,290 ----
try:
opts, args = getopt.getopt(sys.argv[1:],
! 'p:u:a:R:A:Fc:C:dVhfbPS:v:t:', ['proxyport=',
! 'username=',
! 'authfile=',
! 'remoteauth=',
! 'authprog=',
! 'fallback',
! 'configdir=',
! 'connections=',
! 'debug',
! 'version',
! 'help',
! 'foreground',
! 'background',
! 'pure-proxy',
! 'vhome-script=',
! 'vdomains-path=',
! 'throttle-script='])
except getopt.error, msg:
usage(1, msg)
***************
*** 377,394 ****
elif opt in ('-S', '--vhome-script'):
vhomescript = arg
- elif opt in ('-H', '--home-script'):
- homescript = arg
elif opt in ('-v', '--vdomains-path'):
- vdomainspathspecified = True
vdomainspath = arg
elif opt in ('-t', '--throttle-script'):
throttlescript = arg
! if (vhomescript or vdomainspathspecified) and homescript:
! raise ValueError, \
! '--home-script is not compatible with --vhome-script or --vdomains-path.'
!
! if configdir and (vhomescript or homescript):
! msg = "WARNING: --[v]home-script and --config-dir are incompatible." + \
" Ignoring --config-dir."
configdir = None
--- 353,363 ----
elif opt in ('-S', '--vhome-script'):
vhomescript = arg
elif opt in ('-v', '--vdomains-path'):
vdomainspath = arg
elif opt in ('-t', '--throttle-script'):
throttlescript = arg
! if vhomescript and configdir:
! msg = "WARNING: --vhome-script and --config-dir are incompatible." + \
" Ignoring --config-dir."
configdir = None
***************
*** 1167,1201 ****
will have his mail tagged using his TMDA config file."""
def process_message(self, peer, mailfrom, rcpttos, data, auth_username):
- if homescript:
- userinfo = auth_username.split('@', 1)
- user = userinfo[0]
- if len(userinfo) > 1:
- domain = userinfo[1]
- else:
- domain = ''
- homedir, uidstring, gidstring, groupstring = \
- Util.getvuserhomedir(user, domain, homescript).split(' ', 3)
- uid = int(uidstring)
- gid = int(gidstring)
- groups = []
- for g in groupstring.split(' '):
- groups += [ int(g) ]
- print >> DEBUGSTREAM, 'user homedir: "%s"' % (homedir,)
- # This is so "~" will work in the .tmda/* files.
- os.environ['HOME'] = homedir
- else:
- gid = Util.getgid(auth_username)
- groups = Util.getgrouplist(auth_username)
- uid = Util.getuid(auth_username)
- # This is so "~" will always work in the .tmda/* files.
- os.environ['HOME'] = Util.gethomedir(auth_username)
if configdir is None:
# ~user/.tmda/
! tmda_configdir = os.path.join(os.environ['HOME'], '.tmda')
else:
tmda_configdir = os.path.join(os.path.expanduser
(configdir), auth_username)
tmda_configfile = os.path.join(tmda_configdir, 'config')
# If running as uid 0, fork the tmda-inject process, and
# then change UID and GID to the authenticated user.
--- 1136,1158 ----
will have his mail tagged using his TMDA config file."""
def process_message(self, peer, mailfrom, rcpttos, data, auth_username):
if configdir is None:
# ~user/.tmda/
! tmda_configdir = os.path.join(os.path.expanduser
! ('~' + auth_username), '.tmda')
else:
tmda_configdir = os.path.join(os.path.expanduser
(configdir), auth_username)
tmda_configfile = os.path.join(tmda_configdir, 'config')
+ if pure_proxy and not os.path.exists(tmda_configfile):
+ sendmail_program = os.environ.get('TMDA_SENDMAIL_PROGRAM') \
+ or '/usr/sbin/sendmail'
+ inject_cmd = [sendmail_program, '-i', '--'] + rcpttos
+ else:
+ execdir = os.path.dirname(os.path.abspath(program))
+ inject_path = os.path.join(execdir, 'tmda-inject')
+ inject_cmd = [inject_path, '-c', tmda_configfile] + rcpttos
+ # This is so "~" will always work in the .tmda/* files.
+ os.environ['HOME'] = Util.gethomedir(auth_username)
# If running as uid 0, fork the tmda-inject process, and
# then change UID and GID to the authenticated user.
***************
*** 1204,1210 ****
if pid == 0:
os.seteuid(0)
! os.setgid(gid)
! os.setgroups(groups)
! os.setuid(uid)
else:
rpid, status = os.wait()
--- 1161,1173 ----
if pid == 0:
os.seteuid(0)
! os.setgid(Util.getgid(auth_username))
! os.setgroups(Util.getgrouplist(auth_username))
! os.setuid(Util.getuid(auth_username))
! try:
! Util.pipecmd(inject_cmd, data)
! except Exception, err:
! print >> DEBUGSTREAM, 'Error:', err
! os._exit(-1)
! os._exit(0)
else:
rpid, status = os.wait()
***************
*** 1212,1233 ****
if status != 0:
raise IOError, 'tmda-inject failed!'
- return
- if pure_proxy and not os.path.exists(tmda_configfile):
- sendmail_program = os.environ.get('TMDA_SENDMAIL_PROGRAM') \
- or '/usr/sbin/sendmail'
- inject_cmd = [sendmail_program, '-i', '--'] + rcpttos
else:
! execdir = os.path.dirname(os.path.abspath(program))
! inject_path = os.path.join(execdir, 'tmda-inject')
! inject_cmd = [inject_path, '-c', tmda_configfile] + rcpttos
! try:
Util.pipecmd(inject_cmd, data)
- except Exception, err:
- print >> DEBUGSTREAM, 'Error:', err
- if running_as_root:
- os._exit(-1)
- if running_as_root:
- # Should never get here!
- os._exit(0)
--- 1175,1181 ----
if status != 0:
raise IOError, 'tmda-inject failed!'
else:
! # no need to fork
Util.pipecmd(inject_cmd, data)
--
Lloyd Zusman
[EMAIL PROTECTED]
God bless you.
_____________________________________________
tmda-users mailing list ([email protected])
http://tmda.net/lists/listinfo/tmda-users
