From yds@CoolRat.org  Tue Jan 15 14:53:13 2002
Return-Path: <yds@CoolRat.org>
Received: from CoolRat.org (bgp431251bgs.union01.nj.comcast.net [68.36.218.89])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2D13237B419; Tue, 15 Jan 2002 14:53:12 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
  (uid 1001)
  by CoolRat.org with local; Tue, 15 Jan 2002 17:53:10 -0500
Message-Id: <courier.3C44B2D6.00011FC0@CoolRat.org>
Date: Tue, 15 Jan 2002 17:53:10 -0500
From: Yarema <yds@CoolRat.org>
Reply-To: Yarema <yds@CoolRat.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: dwhite@FreeBSD.org, lioux@FreeBSD.org, dinoex@FreeBSD.org
Subject: Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         33929
>Category:       docs
>Synopsis:       Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 15 15:00:02 PST 2002
>Closed-Date:    Wed Jun 30 02:33:47 GMT 2004
>Last-Modified:  Wed Jun 30 02:33:47 GMT 2004
>Originator:     Yarema
>Release:        FreeBSD 4.5-RC i386
>Organization:
CoolRat.org
>Environment:
System: FreeBSD volyn.coolrat.org 4.5-RC FreeBSD 4.5-RC #0: Thu Jan 10 04:09:32 EST 2002 root@volyn.coolrat.org:/usr/obj/usr/src/sys/TIGER100 i386
>Description:

Now that PR31473 has been committed, Section 15.15 of the FreeBSD Porter's
Handbook needs to be updated.  I chose to add user 'courier' and group
'courier' as UID and GID 62.  There's a problem with that section of the
Handbook.  Since the qmail users are not sorted by UID 'msql' and 'qmails'
ended up with the same UID which is probaly a security hole for either one
or both of those ports.  The same thing could be said about 'ifmail' sharing
the same UID with 'pgsql'.  While putting 'ifmail' in group 'uucp' might be
the Right Thing (TM) for that port.  Using the same UID as PostgreSQL is
probably a Bad Thing (TM).

The patch below updates:

doc/en_US.ISO8859-1/books/porters-handbook/book.sgml
doc/ru_RU.KOI8-R/books/porters-handbook/book.sgml
doc/ja_JP.eucJP/books/porters-handbook/book.sgml

to bring them all in sync.  Changes include adding user 'bind' UID 53 to
the top of the list, adding user 'courier' and sorting the list by UID so
that future UID duplication is easier to avoid.  User 'bind' UID 53 already
exists in /usr/src/etc/master.passwd and this section documents UIDs 50
through 999.  So user 'bind' clearly needs to be documented here.

Of interest to the mail/sendmail port is that I removed:

smmsp:*:90:90:Sendmail Queue:/nonexistent:/nonexistent

since user 'smmsp' already exists as UID 25 in /usr/src/etc/master.passwd --
patching the mail/sendmail port to use UID 25 instad of 90 makes more sense
(to me at least).

The patch is gzipped and uuencoded since it contains both ru_RU.KOI8-R and
ja_JP.eucJP encodings which are not 7bit.

>How-To-Repeat:
>Fix:
begin 644 PortersHandbook.diff.gz
M'XL("".H1#P"`U!O<G1E<G-(86YD8F]O:RYD:69F`.V8WV_;5!3'GY>_XCRA
MC<3QC\3Y84U3896F#D:[955YFQS[-O%P?#,[7MK_YY8'0&+BA\8&9>Q':).V
M<=4FW8:T(1`/4,0/#2%>N<=.FZ1CI>VVATEI3^/Z^GZ/SSWV.9_;"H(`)C5$
MXER:+B0G"I.YG)H79+%(Z7N>6*5NC;B>4-8=$T?"X:17JMA)ZEJE8P6]!F=U
M!V0%I)0FRYJ2`T62E%@\'C^2VV,7?1)Y5$'.:&I:4U.1Q[$Q$%)J6DWD(1X>
M91G&QF+0_Z*U,G$!?7M)@(MERP-N?!`,WW6)4P/;\FI`9V%Z8MR#(JG5"7%`
ME8"',>@HG\\G3XI5W=5/Q2`F[`R?K+JTY.H5]&(YI5,5_3)U35K17@_C3&OG
M>@,4ICSBFQ2F/>)JHN^YHDT-W19W%%03'>J0.>Z(AQ6+/^L.1<LQT7L*39/X
M]YM\!`IAVN8T41,]/H7[LFG)<F+Q%Q81&/.N[W$W&0DMS"&.0$6W;.`^KJ*;
M`<4>><G1:Z%<UF3MS#MO7"R`J=?THNX1H'5G.`:OK+M$#"71IV`6-1$7YI5C
M<8/ZKL4%W)F"=CHZAW,826&>W["BB5=U5_2JE-KBSO3AS(#O&U5TD4&;GCX]
M!=4P(8(?)J2OQXE5OVA;1B]$JTCFB!&.XX=ET!C,\56BMRS:NX(L\=61"G4&
M5Q7.&<Y*E88QY+2,-D7YFS@Y.VL9!"8Q(7"<7ZT2]\2>M`XM(ZH!-9N0,U@$
M:C[!RP2+P'(-?%&R"MK$A=,FE.>+KF7N]XSJ]3J7Y"2T&>K:)LQ8)H$94HPB
MVB\0T&U+QP><D]'.AP^CG\HK^)J(T9RAFPKA%1N%J6<*]\09CN'J<LH!)=%=
MKJ!$1=6!)>&*L@>4Q(^Z%GP)<ND#2N*'7TMT%ZR87.90:SG4\J'B7;%[@JQ6
M*9Q_6U">+BJS*.*\@8*&RGQ/F$,[-\^5,-XKGQU).&7/*W>5%T@8!I?FT<*&
MB`T-7ALLO-UYPP_8JU0\S'Q>0BL0QPQ[V7F?^&2_,C'=.BER75K)A#_C;A)+
M)&H_AN[L7RD<(\,MG0,%^NT>$3-E$VR+EF/8/J\_'1Q:P[90+W,XS5,?/+]8
ML6K\`J(-CE.7\PK\*O=JDA,QH0=PU[]T83KYUN1$3KAP4'K[3L3:5$AO19.D
M87H?RN<0NK.:I&AJ?@#=V70J1#<>A]`=9>'/C>!^8^-!IY&`QYT`[C^$=@.:
MF^O!ZH/ONHU.`YF=@.[6P.#:PQ9L-C<[C;6@%8-CS=4FW-OH+C77FK`>;'1N
MKS7Y-N"?H`.=QDKW49-/7F]N!BOH"=8:6_>ZB/[F?]/^9;-^1/H1Z?^7]%E5
MC4B?1>2/2#\B_8CTKR+I>X0+MFZO=EN;G=L)6-]`1FT^7%UI0#NX'RP%<!SY
M%=SA9ZN-=K,)?-X&'S\1L6P7\Y?U2V>GDL0WSDX=@O+CQ`!00.%,EC5)1BS+
MNY0_C,N]D$]I:74`\GD.=P4[%OZ2DH;^0.?894^^7&9_L!9C[&?V/EM97&Q]
M=/>W:UUVG7W+/F;?L,\92_857RS>_)ZUD=+L0_8+!S6PQVR)M3_;XJ-(<19<
M:WWR%6NS9?8!V^:7;HQ(/B+YBR2Y<!22#[TES[T5@+H3!I[7LMJ,X^SW"*W9
M7MO,2IBSB?"TU]R?K:J6HC;-1=PPR))+L%</I;N?I6C^;I<_PHXD/MJ1C'8D
MK]".1'BN'<G3.X/X\^UPXB]YI\(^9>V%[84;"\OLR<VE6]=9^^N_[VRQE=8C
M=H_=8C^P%?9CHH]IG+X<7`MVH/P3G,'#D[7%U;_8#?9KR/I6]-\+[O!W=I<[
-V4[$_@56>IM6>Q@`````
`
end
>Release-Note:
>Audit-Trail:

From: Giorgos Keramidas <keramida@freebsd.org>
To: Yarema <yds@CoolRat.org>
Cc: FreeBSD-gnats-submit@freebsd.org, dwhite@freebsd.org,
	lioux@freebsd.org, dinoex@freebsd.org
Subject: Re: ports/33929: Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
Date: Thu, 24 Jan 2002 02:49:28 +0200

 Adding to audit trail:
 
 Date: Wed, 16 Jan 2002 06:06:06 -0500
 From: Yarema <yds@CoolRat.org>
 Subject: Re: Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
 
 --On Wednesday, January 16, 2002 08:52:57 +0100 Dirk Meyer
 <dirk.meyer@dinoex.sub.org> wrote:
 
 >> to bring them all in sync.  Changes include adding user 'bind' UID 53 to
 >> the top of the list, adding user 'courier' and sorting the list by UID so
 >> that future UID duplication is easier to avoid.  User 'bind' UID 53
 >> already exists in /usr/src/etc/master.passwd and this section documents
 >> UIDs 50 through 999.  So user 'bind' clearly needs to be documented here.
 >>
 >> Of interest to the mail/sendmail port is that I removed:
 >>
 >> smmsp:*:90:90:Sendmail Queue:/nonexistent:/nonexistent
 >>
 >> since user 'smmsp' already exists as UID 25 in
 >> /usr/src/etc/master.passwd -- patching the mail/sendmail port to use UID
 >> 25 instad of 90 makes more sense (to me at least).
 >
 > 1) The sendmail port uses an already existiting UID/GID and does not
 > remove it.
 
 I noticed that.
 
 > 2) It may violate POLA to make the sendmail port create this
 > UID/GID on older FreeBSD-Systems with 25 instead of 90.
 
 Perhaps I over did it with having the patch remove
 smmsp:*:90:90:Sendmail Queue:/nonexistent:/nonexistent
 
 I think the rest of the patch makes good sense and fixes a number of
 inconsistencies in the documentation.  Perhaps if the right people are
 proded it might get applied. :)
 
 Dirk, what about ifmail using UID 70, the same as pgsql?  Wouldn't it make
 more sense for news/ifmail to use 65 which seems to be available?
 
 -- 
 Yarema

From: Giorgos Keramidas <keramida@freebsd.org>
To: Yarema <yds@CoolRat.org>
Cc: FreeBSD-gnats-submit@freebsd.org, dwhite@freebsd.org,
	lioux@freebsd.org, dinoex@freebsd.org
Subject: Re: ports/33929: Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
Date: Thu, 24 Jan 2002 02:47:55 +0200

 Adding to audit-trail:
 
     Date: Wed, 16 Jan 2002 08:52:57 +0100
     From: dirk.meyer@dinoex.sub.org (Dirk Meyer)
     Subject: Re: Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
 
     > to bring them all in sync.  Changes include adding user 'bind' UID 53 to
     > the top of the list, adding user 'courier' and sorting the list by UID so
     > that future UID duplication is easier to avoid.  User 'bind' UID 53 already
     > exists in /usr/src/etc/master.passwd and this section documents UIDs 50
     > through 999.  So user 'bind' clearly needs to be documented here.
     >
     > Of interest to the mail/sendmail port is that I removed:
     >
     > smmsp:*:90:90:Sendmail Queue:/nonexistent:/nonexistent
     >
     > since user 'smmsp' already exists as UID 25 in /usr/src/etc/master.passwd --
     > patching the mail/sendmail port to use UID 25 instad of 90 makes more sense
     > (to me at least).
 
     1) The sendmail port uses an already existiting UID/GID and does not remove it.
     2) It may violate POLA to make the sendmail port create this UID/GID on
        older FreeBSD-Systems with 25 instead of 90.
 
     kind regards Dirk

From: Giorgos Keramidas <keramida@freebsd.org>
To: Yarema <yds@CoolRat.org>
Cc: FreeBSD-gnats-submit@freebsd.org, dwhite@freebsd.org,
	lioux@freebsd.org, dinoex@freebsd.org
Subject: Re: ports/33929: Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
Date: Thu, 24 Jan 2002 02:51:21 +0200

 Adding to audit-trail:
 
 Date: Thu, 17 Jan 2002 11:38:31 +0100
 From: dirk.meyer@dinoex.sub.org (Dirk Meyer)
 Subject: Re: Section 15.15 of the FreeBSD Porter's Handbook needs to be updated.
 
 > Dirk, what about ifmail using UID 70, the same as pgsql?  Wouldn't
 > it make more sense for news/ifmail to use 65 which seems to be
 > available?
 
 I can changes this 70 was assigned way back in the years:
 http://www.FreeBSD.org/cgi/cvsweb.cgi/ports/news/ifmail/Attic/pkg-install
 
 While the postgresql7 change was just some 10 Month ago:
 http://www.FreeBSD.org/cgi/cvsweb.cgi/ports/databases/postgresql7/pkg-install?rev=1.3&content-type=text/x-cvsweb-markup
 
 If the new one keeps free, I will take the anger of the users, (less
 then postgresql7)
 
 kind regards Dirk
 
 - Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany
 
Responsible-Changed-From-To: freebsd-ports->freebsd-doc 
Responsible-Changed-By: petef 
Responsible-Changed-When: Tue Feb 5 00:36:18 PST 2002 
Responsible-Changed-Why:  
A -doc guy should take care of this. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=33929 
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Wed Jun 30 02:33:07 GMT 2004 
State-Changed-Why:  
Except for the courier change (which is no longer correct), all 
of these changes have been made long ago.  This PR seems to have 
been just forgotten. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=33929 
>Unformatted:
