From nobody@FreeBSD.org  Mon Jan  4 21:11:58 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B5C46106566C
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  4 Jan 2010 21:11:58 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id A4F178FC15
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  4 Jan 2010 21:11:58 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o04LBwaq040362
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 4 Jan 2010 21:11:58 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o04LBwHp040361;
	Mon, 4 Jan 2010 21:11:58 GMT
	(envelope-from nobody)
Message-Id: <201001042111.o04LBwHp040361@www.freebsd.org>
Date: Mon, 4 Jan 2010 21:11:58 GMT
From: Mike Jakubik <mike.jakubik@intertainservices.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [patch] Fix mail/mailscanner 4.79.4
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         142327
>Category:       ports
>Synopsis:       [patch] Fix mail/mailscanner 4.79.4
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pgollucci
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 04 21:20:00 UTC 2010
>Closed-Date:    Tue Jan 05 01:33:10 UTC 2010
>Last-Modified:  Tue Jan 05 01:33:10 UTC 2010
>Originator:     Mike Jakubik
>Release:        8.0-STABLE
>Organization:
>Environment:
>Description:
This is a workaround to the continuous taint mode incompatibilities with this code.

Since I have been unsuccessful at reaching the mailscanner community to address these, i created this work around instead.

- This patch introduces a new rc variable called "mailscanner_user". If you changed the "Run As User" variable in MailScanner.conf (which triggers taint mode) you MUST now also set the same value in /etc/rc.conf.

- Removed ulimit bump from startup script, since its now dynamically set at boot time based on system resources.

>How-To-Repeat:

>Fix:
diff -urN mailscanner.orig/Makefile mailscanner/Makefile
--- mailscanner.orig/Makefile   2010-01-04 15:19:40.000000000 -0500
+++ mailscanner/Makefile        2010-01-04 16:00:18.000000000 -0500
@@ -7,6 +7,7 @@
 
 PORTNAME=      MailScanner
 PORTVERSION=   4.79.4
+PORTREVISION=  1
 CATEGORIES=    mail
 MASTER_SITES=  http://www.mailscanner.info/files/4/tar/
 DISTNAME=      ${PORTNAME}-install-${PORTVERSION}-${PATCHLEVEL}
diff -urN mailscanner.orig/files/mailscanner.in mailscanner/files/mailscanner.in
--- mailscanner.orig/files/mailscanner.in       2010-01-04 15:19:40.000000000 -0500
+++ mailscanner/files/mailscanner.in    2010-01-04 15:57:33.000000000 -0500
@@ -10,6 +10,7 @@
 #                                 Set it to "YES" to enable mailscanner
 # mailscanner_configfile (path):  Set to "%%PREFIX%%/etc/MailScanner/MailScanner.conf" by default.
 # mailscanner_pidfile (path):     Set to "/var/run/MailScanner.pid" by default.
+# mailscanner_user (str):     Set to "root" by default. If you changed the "Run As User" variable in MailScanner.conf you MUST also set the same value here.
 #
 
 . %%RC_SUBR%%
@@ -22,22 +23,20 @@
 : ${mailscanner_enable="NO"}
 : ${mailscanner_configfile="%%PREFIX%%/etc/MailScanner/MailScanner.conf"}
 : ${mailscanner_pidfile="/var/run/MailScanner.pid"}
+: ${mailscanner_user="root"}
 
 command="%%PREFIX%%/sbin/mailscanner"
 pidfile=${mailscanner_pidfile}
 command_args="${mailscanner_configfile}"
+procname="MailScanner"
 
 required_files="${mailscanner_configfile}"
 
-_ms_start_precmd() {
-       # Quietly try to raise the open_files limit
-       #
-       ulimit -n 2000 >/dev/null 2>&1
-}
-
-start_precmd=_ms_start_precmd
+start_cmd="mailscanner_start"
 
-procname="MailScanner"
+mailscanner_start() {
+    su -m ${mailscanner_user} -c "exec ${command} ${command_args}"
+}
 
 run_rc_command "$1"
 
diff -urN mailscanner.orig/files/pkg-message.in mailscanner/files/pkg-message.in
--- mailscanner.orig/files/pkg-message.in       2010-01-04 15:19:40.000000000 -0500
+++ mailscanner/files/pkg-message.in    2010-01-04 15:41:35.000000000 -0500
@@ -38,7 +38,19 @@
        Sophos users: Please take a look at the Sophos install
        script %%PREFIX%%/share/doc/MailScanner/Sophos.install.freebsd
 
-       Please also always look at the port changelog at
-       %%PREFIX%%/share/doc/MailScanner/CHANGES.port
+
+       *****************************************************************
+       A new rc variable called mailscanner_user has been added to the
+       startup script. This is a temporary workaround to address the
+       numerous taint mode problems that are still present in the code. 
+
+       If you changed the "Run As User" variable in MailScanner.conf
+       you MUST also set the same value in /etc/rc.conf.
+
+       i.e. mailscanner_user="postfix"
+
+       The new variable uses su to start the master perl script as the
+       specified user, this effectively disables perl's taint mode.
+       *****************************************************************
 
 *************************************************************************

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->pgollucci 
Responsible-Changed-By: pgollucci 
Responsible-Changed-When: Mon Jan 4 22:48:02 UTC 2010 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=142327 
State-Changed-From-To: open->closed 
State-Changed-By: pgollucci 
State-Changed-When: Tue Jan 5 01:33:10 UTC 2010 
State-Changed-Why:  
patch doesn't apply, please send another pr in with an updated patch 

http://www.freebsd.org/cgi/query-pr.cgi?pr=142327 
>Unformatted:
