SOLVED in 7.2: Perl problems on FreeBSD (again)
Jules Field
MailScanner at ecs.soton.ac.uk
Sun Nov 22 12:01:01 GMT 2009
I *think* I have found all the occurrences of this problem, and have
just released a new beta.
If I have missed any, please do shout!
Jules.
On 20/11/2009 12:28, Julian Field wrote:
> Can you tell me what the changes are, and give me any hints or tips on
> what changes I need to make to my code to work with these new changes?
>
> It'll take me hours to find out exactly what I need to change, and I
> simply don't have that much time right now. But I would like to get
> the problem fixed as soon as poss.
>
> Jules.
>
> On 15/11/2009 20:53, Sanderson4 wrote:
>> To follow up on my previous post, Perl 5.10.1 resolved bugs in taint
>> that MailScanner got around in 5.8 and 5.10. Now that taint has been
>> fixed in 5.10.1, MailScanner doesn't run.
>> Sanderson4
>>
>> On Sun, Nov 15, 2009 at 1:59 PM, Sanderson4 <sanderson4 at gmail.com
>> <mailto:sanderson4 at gmail.com>> wrote:
>>
>> Unfortunately, the issue is MailScanner and not Perl. When a user
>> sets "Run As Users" and "Run As Group" in MailScanner, it forces
>> Perl to run in taint mode because Perl was directed by
>> MailScanner to run as a different user. For security reasons this
>> causes Perl to be very sceptical as to what tasks the assigned
>> user can perform. MailScanner has not been updated to resolve
>> these tainted tasks (ie load custom function files or chown).
>> The reason you don't see the Linux community compain about Perl is
>> because they use a packaging system that doesn't force a user to
>> upgrade to the latest version of Perl each time they upgrade
>> MailScanner. FreeBSD's portmaster and portupgrade check each
>> dependancy of MailScanner and will upgrade any dependancy that has
>> a newer version available. I know with portmaster you can include
>> the -x argument to "avoid building or updating ports that match
>> this pattern." Unfortunately I don't use portupgrade so I don't
>> know how to exclude an upgrade. Please refer to the man page for
>> a solution.
>> With that said, we as a FreeBSD community need to submit bug
>> requests to Jules so he can resolve these programming constraints
>> that newer versions of Perl produce.
>> Cheers,
>> Sanderson4
>> On Sun, Nov 15, 2009 at 12:18 PM, Drew Marshall
>> <drew.marshall at trunknetworks.com
>> <mailto:drew.marshall at trunknetworks.com>> wrote:
>>
>>
>> On 15 Nov 2009, at 14:03, Mog wrote:
>>
>> Hi,
>>
>> I followed the procedure you described exactly. I'm
>> guessing the other people who are experiencing the same
>> problem did the same thing as well (as mentioned on the
>> ports mailing list). I'm using that exact version of perl
>> you mentioned and used the perl-after-upgrade call as
>> always. As it turns out, to get the mail server back up
>> and running again I had to revert to the packaged version
>> perl-5.10.0_2.tbz and ignore the upgrade (like last time
>> this happened).
>>
>>
>> Yup, same here. Make sure you continue to be vigilant when
>> running portupgrade again or else you will be right back again.
>>
>>
>>
>> I can only assume that either you did something extra we
>> haven't to make it work, or ... Actually there is no or,
>> I'm out of ideas. I have no idea why it should work for a
>> few people but not dozens of others (unless you're using
>> portmaster and we're using portupgrade or something). Nor
>> do I know what actually is the cause of the problem.
>>
>>
>> I have upgraded to 5.10.1 and had to roll back too. I have no
>> idea what could be causing the issue but it's a right pain.
>>
>>
>>
>> I can't see any logical reason why every so often a perl
>> upgrade will cause MailScanner to break. Presumably either
>> it's a recurring problem with the FreeBSD port, the
>> upgrade process, or within perl itself.
>>
>>
>> It's not a problem within the same version but every so often
>> a new version pops out and having gone through the upgrade,
>> then reinstalling all the p5-* ports (portupgrade -f p5-* I
>> always do that as I don't find the the perl-after-upgrade
>> script does the job fully but then I have never run it with
>> the -f option so I'll try that next time) to find that
>> something borks MS and then you have to downgrade again is a
>> right pain :-(
>>
>> I really like FreeBSD but I just can't see what is causing
>> this to happen. Surely perl is perl and therefore it should
>> work for everyone or no one? Or have I missed something
>> (Probably!)?
>>
>> Drew
>> -- In line with our policy, this message has been
>> scanned for
>> viruses and dangerous content.
>> Our email policy can be found at www.trunknetworks.com/policy
>> <http://www.trunknetworks.com/policy>
>>
>> Trunk Networks Limited is registered in Scotland with
>> registration number: SC351063
>> Registered Office 55-57 West High Street Inverurie AB51 3QQ
>>
>>
>> -- MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> <mailto:mailscanner at lists.mailscanner.info>
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
>>
>>
>
> Jules
>
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list