Группа :: Система/Серверы
Пакет: postfix
Главная Изменения Спек Патчи Загрузить Bugs and FR
Патч: postfix-2.2.4-alt-defaults.patch
diff -upk.orig postfix-2.2.4.orig/conf/main.cf postfix-2.2.4/conf/main.cf
--- postfix-2.2.4.orig/conf/main.cf 2005-03-04 17:48:25 +0000
+++ postfix-2.2.4/conf/main.cf 2005-06-23 12:37:33 +0000
@@ -56,7 +56,7 @@ mail_owner = postfix
# These rights are used in the absence of a recipient user context.
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
#
-#default_privs = nobody
+#default_privs = postman
# INTERNET HOST AND DOMAIN NAMES
#
@@ -172,7 +172,7 @@ mail_owner = postfix
# local_recipient_maps setting if:
#
# - You define $mydestination domain recipients in files other than
-# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
+# /etc/passwd, /etc/postfix/aliases, or the $virtual_alias_maps files.
# For example, you define $mydestination domain recipients in
# the $virtual_mailbox_maps files.
#
@@ -221,10 +221,8 @@ unknown_local_recipient_reject_code = 55
# You can specify the list of "trusted" network addresses by hand
# or you can let Postfix do it for you (which is the default).
#
-# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
-# clients in the same IP subnetworks as the local machine.
-# On Linux, this does works correctly only with interfaces specified
-# with the "ifconfig" command.
+# By default (mynetworks_style = host), Postfix "trusts" SMTP
+# clients of the local machine only.
#
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
@@ -232,8 +230,8 @@ unknown_local_recipient_reject_code = 55
# your entire provider's network. Instead, specify an explicit
# mynetworks list by hand, as described below.
#
-# Specify "mynetworks_style = host" when Postfix should "trust"
-# only the local machine.
+# Specify "mynetworks_style = subnet" when Postfix should "trust" SMTP
+# clients in the same IP subnetworks as the local machine.
#
#mynetworks_style = class
#mynetworks_style = subnet
@@ -364,16 +362,16 @@ unknown_local_recipient_reject_code = 55
# database, then the NIS alias database. See aliases(5) for syntax
# details.
#
-# If you change the alias database, run "postalias /etc/aliases" (or
+# If you change the alias database, run "postalias /etc/postfix/aliases" (or
# wherever your system stores the mail alias file), or simply run
# "newaliases" to build the necessary DBM or DB file.
#
# It will take a minute or so before changes become visible. Use
# "postfix reload" to eliminate the delay.
#
-#alias_maps = dbm:/etc/aliases
-#alias_maps = hash:/etc/aliases
-#alias_maps = hash:/etc/aliases, nis:mail.aliases
+#alias_maps = cdb:/etc/postfix/aliases
+#alias_maps = hash:/etc/postfix/aliases
+#alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
# The alias_database parameter specifies the alias database(s) that
@@ -381,10 +379,9 @@ unknown_local_recipient_reject_code = 55
# configuration parameter, because alias_maps (see above) may specify
# tables that are not necessarily all under control by Postfix.
#
-#alias_database = dbm:/etc/aliases
-#alias_database = dbm:/etc/mail/aliases
-#alias_database = hash:/etc/aliases
-#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
+#alias_database = cdb:/etc/postfix/aliases
+#alias_database = hash:/etc/postfix/aliases
+#alias_database = hash:/etc/postfix/aliases, hash:/opt/majordomo/aliases
# ADDRESS EXTENSIONS (e.g., user+foo)
#
diff -upk.orig postfix-2.2.4.orig/proto/ADDRESS_REWRITING_README.html postfix-2.2.4/proto/ADDRESS_REWRITING_README.html
--- postfix-2.2.4.orig/proto/ADDRESS_REWRITING_README.html 2005-03-09 19:30:54 +0000
+++ postfix-2.2.4/proto/ADDRESS_REWRITING_README.html 2005-06-23 12:37:33 +0000
@@ -1030,8 +1030,8 @@ one of the following: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
- alias_maps = hash:/etc/aliases
- alias_maps = dbm:/etc/aliases, nis:mail.aliases
+ alias_maps = cdb:/etc/postfix/aliases
+ alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases
</pre>
</blockquote>
@@ -1042,7 +1042,8 @@ Usually it is one of the following: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
- alias_database = hash:/etc/aliases (4.4BSD, LINUX)
+ alias_database = cdb:/etc/postfix/aliases (LINUX)
+ alias_database = hash:/etc/aliases (4.4BSD)
alias_database = dbm:/etc/aliases (4.3BSD, SYSV<4)
alias_database = dbm:/etc/mail/aliases (SYSV4)
</pre>
diff -upk.orig postfix-2.2.4.orig/proto/BASIC_CONFIGURATION_README.html postfix-2.2.4/proto/BASIC_CONFIGURATION_README.html
--- postfix-2.2.4.orig/proto/BASIC_CONFIGURATION_README.html 2004-10-25 20:58:59 +0000
+++ postfix-2.2.4/proto/BASIC_CONFIGURATION_README.html 2005-06-29 17:10:04 +0000
@@ -255,19 +255,15 @@ hostnames of the machine, including $myh
<p> By default, Postfix will forward mail from clients in authorized
network blocks to any destination. Authorized networks are defined
with the mynetworks configuration parameter. The default is to
-authorize all clients in the IP subnetworks that the local machine
-is attached to. </p>
-
-<p> IMPORTANT: If your machine is connected to a wide area network
-then your default mynetworks setting may be too friendly. </p>
+authorize all clients from the local machine only. </p>
<p> Examples (specify only one of the following): </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
- mynetworks_style = subnet (default: authorize subnetworks)
- mynetworks_style = host (safe: authorize local machine only)
+ mynetworks_style = subnet (unsafe: authorize subnetworks)
+ mynetworks_style = host (default: authorize local machine only)
mynetworks = 127.0.0.0/8 (safe: authorize local machine only)
mynetworks = 127.0.0.0/8 168.100.189.2/32 (authorize local machine)
</pre>
@@ -280,13 +276,13 @@ parameter value.
<ul>
-<li> <p> Specify "mynetworks_style = host" when Postfix should
-forward mail from only the local machine. </p>
+<li> <p> Specify "mynetworks_style = host" (the default) when
+Postfix should forward mail from only the local machine. </p>
-<li> <p> Specify "mynetworks_style = subnet" (the default) when
-Postfix should forward mail from SMTP clients in the same IP
-subnetworks as the local machine. On Linux, this works correctly
-only with interfaces specified with the "ifconfig" command. </p>
+<li> <p> Specify "mynetworks_style = subnet" when Postfix should
+forward mail from SMTP clients in the same IP subnetworks as the
+local machine. On Linux, this works correctly only with
+interfaces specified with the "ip" command. </p>
<li> <p> Specify "mynetworks_style = class" when Postfix should
forward mail from SMTP clients in the same IP class A/B/C networks
@@ -373,14 +369,14 @@ for the super-user to a human person too
<blockquote>
<pre>
-/etc/aliases:
+/etc/postfix/aliases:
postmaster: you
root: you
</pre>
</blockquote>
<p> Execute the command "newaliases" after changing the aliases
-file. Instead of /etc/aliases, your alias file may be located
+file. Instead of /etc/postfix/aliases, your alias file may be located
elsewhere. Use the command "postconf alias_maps" to find out.</p>
<p> The Postfix system reports problems to the postmaster alias.
diff -upk.orig postfix-2.2.4.orig/proto/VIRTUAL_README.html postfix-2.2.4/proto/VIRTUAL_README.html
--- postfix-2.2.4.orig/proto/VIRTUAL_README.html 2004-04-23 23:49:43 +0000
+++ postfix-2.2.4/proto/VIRTUAL_README.html 2005-06-23 12:37:33 +0000
@@ -259,7 +259,7 @@ section at the top of this document.</p>
2 virtual_mailbox_domains = example.com ...more domains...
3 virtual_mailbox_base = /var/mail/vhosts
4 virtual_mailbox_maps = hash:/etc/postfix/vmailbox
- 5 virtual_minimum_uid = 100
+ 5 virtual_minimum_uid = 500
6 virtual_uid_maps = static:5000
7 virtual_gid_maps = static:5000
8 virtual_alias_maps = hash:/etc/postfix/virtual
diff -upk.orig postfix-2.2.4.orig/proto/postconf.proto postfix-2.2.4/proto/postconf.proto
--- postfix-2.2.4.orig/proto/postconf.proto 2005-03-09 19:48:30 +0000
+++ postfix-2.2.4/proto/postconf.proto 2005-06-29 17:50:57 +0000
@@ -844,7 +844,7 @@ Examples:
<pre>
default_database_type = hash
-default_database_type = dbm
+default_database_type = cdb
</pre>
%PARAM default_delivery_slot_cost 5
@@ -932,7 +932,7 @@ which would never accumulate at least th
(subject to slot cost parameter as well) are never preempted.
</p>
-%PARAM default_privs nobody
+%PARAM default_privs postman
<p>
The default rights used by the local(8) delivery agent for delivery
@@ -1133,7 +1133,7 @@ Time units: s (seconds), m (minutes), h
The default time unit is s (seconds).
</p>
-%PARAM disable_vrfy_command no
+%PARAM disable_vrfy_command yes
<p>
Disable the SMTP VRFY command. This stops some techniques used to
@@ -6668,7 +6668,7 @@ Postfix refuses mail that is nested deep
This feature is available in Postfix 2.0 and later.
</p>
-%PARAM mynetworks_style subnet
+%PARAM mynetworks_style host
<p>
The method to generate the default value for the mynetworks parameter.
@@ -6683,7 +6683,7 @@ This is the list of trusted networks for
<li><p>Specify "mynetworks_style = subnet" when Postfix
should "trust" SMTP clients in the same IP subnetworks as the local
machine. On Linux, this works correctly only with interfaces
-specified with the "ifconfig" command. </p>
+specified with the "ip" command. </p>
<li><p>Specify "mynetworks_style = class" when Postfix should
"trust" SMTP clients in the same IP class A/B/C networks as the
@@ -7501,7 +7501,7 @@ it will open the table directly. Before
virtual(8) delivery agent will terminate with a fatal error.
</p>
-%PARAM virtual_minimum_uid 100
+%PARAM virtual_minimum_uid 500
<p>
The minimum user ID value that the virtual(8) delivery agent accepts
diff -upk.orig postfix-2.2.4.orig/src/global/mail_params.h postfix-2.2.4/src/global/mail_params.h
--- postfix-2.2.4.orig/src/global/mail_params.h 2005-02-27 15:06:07 +0000
+++ postfix-2.2.4/src/global/mail_params.h 2005-06-23 12:37:33 +0000
@@ -69,7 +69,7 @@ extern char *var_sgid_group;
extern gid_t var_sgid_gid;
#define VAR_DEFAULT_PRIVS "default_privs"
-#define DEF_DEFAULT_PRIVS "nobody"
+#define DEF_DEFAULT_PRIVS "postman"
extern char *var_default_privs;
extern uid_t var_default_uid;
extern gid_t var_default_gid;
@@ -323,7 +323,7 @@ extern bool var_broken_auth_clients;
* Standards violation: disable VRFY.
*/
#define VAR_DISABLE_VRFY_CMD "disable_vrfy_command"
-#define DEF_DISABLE_VRFY_CMD 0
+#define DEF_DISABLE_VRFY_CMD 1
extern bool var_disable_vrfy_cmd;
/*
@@ -415,7 +415,7 @@ extern bool var_percent_hack;
*/
#define VAR_ALIAS_MAPS "alias_maps"
#ifdef HAS_NIS
-#define DEF_ALIAS_MAPS ALIAS_DB_MAP ", nis:mail.aliases"
+#define DEF_ALIAS_MAPS ALIAS_DB_MAP
#else
#define DEF_ALIAS_MAPS ALIAS_DB_MAP
#endif
@@ -1492,7 +1492,7 @@ extern int var_trigger_timeout;
extern char *var_mynetworks;
#define VAR_MYNETWORKS_STYLE "mynetworks_style"
-#define DEF_MYNETWORKS_STYLE MYNETWORKS_STYLE_SUBNET
+#define DEF_MYNETWORKS_STYLE MYNETWORKS_STYLE_HOST
extern char *var_mynetworks_style;
#define MYNETWORKS_STYLE_CLASS "class"
@@ -1851,7 +1851,7 @@ extern char *var_virt_uid_maps;
extern char *var_virt_gid_maps;
#define VAR_VIRT_MINUID "virtual_minimum_uid"
-#define DEF_VIRT_MINUID 100
+#define DEF_VIRT_MINUID 500
extern int var_virt_minimum_uid;
#define VAR_VIRT_MAILBOX_BASE "virtual_mailbox_base"
diff -upk.orig postfix-2.2.4.orig/src/local/local.c postfix-2.2.4/src/local/local.c
--- postfix-2.2.4.orig/src/local/local.c 2005-06-23 12:26:28 +0000
+++ postfix-2.2.4/src/local/local.c 2005-06-23 12:37:33 +0000
@@ -434,7 +434,7 @@
/* .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR"
/* Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
/* $name expansions of $mailbox_command.
-/* .IP "\fBdefault_privs (nobody)\fR"
+/* .IP "\fBdefault_privs (postman)\fR"
/* The default rights used by the \fBlocal\fR(8) delivery agent for delivery
/* to external file or command.
/* .IP "\fBforward_expansion_filter (see 'postconf -d' output)\fR"
diff -upk.orig postfix-2.2.4.orig/src/util/sys_defs.h postfix-2.2.4/src/util/sys_defs.h
--- postfix-2.2.4.orig/src/util/sys_defs.h 2005-06-21 21:12:00 +0000
+++ postfix-2.2.4/src/util/sys_defs.h 2005-06-29 17:52:47 +0000
@@ -616,11 +616,11 @@ extern int initgroups(const char *, int)
#define HAS_FLOCK_LOCK
#define HAS_FCNTL_LOCK
#define INTERNAL_LOCK MYFLOCK_STYLE_FLOCK
-#define DEF_MAILBOX_LOCK "fcntl, dotlock" /* RedHat >= 4.x */
+#define DEF_MAILBOX_LOCK "fcntl" /* ALT Linux mbox locking policy */
#define HAS_FSYNC
#define HAS_DB
-#define DEF_DB_TYPE "hash"
-#define ALIAS_DB_MAP "hash:/etc/aliases"
+#define DEF_DB_TYPE "cdb"
+#define ALIAS_DB_MAP "cdb:/etc/postfix/aliases"
#define HAS_NIS
#define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0)
#define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin"
diff -upk.orig postfix-2.2.4.orig/src/virtual/virtual.c postfix-2.2.4/src/virtual/virtual.c
--- postfix-2.2.4.orig/src/virtual/virtual.c 2005-02-08 19:12:24 +0000
+++ postfix-2.2.4/src/virtual/virtual.c 2005-05-08 13:38:44 +0000
@@ -159,7 +159,7 @@
/* .IP "\fBvirtual_mailbox_maps (empty)\fR"
/* Optional lookup tables with all valid addresses in the domains that
/* match $virtual_mailbox_domains.
-/* .IP "\fBvirtual_minimum_uid (100)\fR"
+/* .IP "\fBvirtual_minimum_uid (500)\fR"
/* The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts
/* as a result from $virtual_uid_maps table lookup.
/* .IP "\fBvirtual_uid_maps (empty)\fR"