diff options
| author | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-01-03 12:01:19 +0200 |
|---|---|---|
| committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-01-03 12:06:02 +0200 |
| commit | 17f28552af10e72a221a0be16417249852774f1b (patch) | |
| tree | 080dfec9313f0f1eca51ae58162e874a2d43be0e | |
| parent | c2cbf4e863a8f3a5081357d4b48f54cec2cd5d69 (diff) | |
| download | wydawca-17f28552af10e72a221a0be16417249852774f1b.tar.gz wydawca-17f28552af10e72a221a0be16417249852774f1b.tar.bz2 | |
Update docs.
* etc/wydawca.rc: Update.
* doc/wydawca.texi: Update.
| -rw-r--r-- | doc/wydawca.texi | 2 | ||||
| -rw-r--r-- | etc/wydawca.rc | 157 |
2 files changed, 97 insertions, 62 deletions
diff --git a/doc/wydawca.texi b/doc/wydawca.texi index c3a91f8..ab18e47 100644 --- a/doc/wydawca.texi +++ b/doc/wydawca.texi @@ -1927,13 +1927,13 @@ case $@{WYDAWCA_DIST_FILE@} in fmt <<_EOF_ The top-level Makefile.in in $@{WYDAWCA_DIST_FILE@} changes mode of all the directories below the build tree to 777 before creating the tarball. This constitutes a security hole (see CVE-2009-4029[1], for more details). -Please, rebuild the package using a newer Automake (v. 1.11.2 or newer) +Please, rebuild the package using a newer Automake (at least v. 1.11.1) and resubmit. _EOF_ cat <<_EOF_ -- [1] http://article.gmane.org/gmane.comp.sysutils.autotools.announce/131 _EOF_ diff --git a/etc/wydawca.rc b/etc/wydawca.rc index e4e7b47..04e7be9 100644 --- a/etc/wydawca.rc +++ b/etc/wydawca.rc @@ -12,33 +12,33 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with wydawca. If not, see <http://www.gnu.org/licenses/>. */ /* Configure logging via syslog. - For more info, run `info wydawca syslog'. + * For more info, run `info wydawca syslog'. */ syslog { facility local1; tag wydawca; print-priority yes; } /* Enable statistics output at the end of the run. - For more info, run `info wydawca statistics'. + * For more info, run `info wydawca statistics'. */ statistics all; /* Remove any stray files that are more than an hour old. */ file-sweep-time "1 hour"; /* Set default umask. */ umask 022; /* Set the name of the tar binary. This is optional. - See `info wydawca archivation', for more info. + * See `info wydawca archivation', for more info. */ tar-program "/bin/tar"; /* Configure SQL databases. See `info wydawca sql'. */ @@ -47,14 +47,14 @@ sql default { database "savane"; user "savane"; password "guessme"; } /* Configure dictionaries. - Run `info wydawca dictionaries', for the detailed description of these. - The provided ones use Savane database structure. + * Run `info wydawca dictionaries', for the detailed description of these. + * The provided ones use Savane database structure. */ dictionary project-owner { type sql; params (default); query "SELECT user.email, user.realname " @@ -77,13 +77,13 @@ dictionary project-uploader { "AND groups.unix_group_name='${project}' " "AND user.gpg_key is not NULL"; params (default); } /* Configure email notifications - See `info wydawca notification', for a description. + * See `info wydawca notification', for a description. */ admin-address "root@localhost"; from-address "wydawca@localhost"; # See `info wydawca statreports'. @@ -116,56 +116,57 @@ EOT; # See `info wydawca event'. # Notify the user about successful uploads notify-event { event success; - recipient user; message <<EOT +To: ${email:user} Subject: Upload of ${project} successful Upload of ${project} to ${dir} finished successfully. Files uploaded: -${triplet:upload} +${triplet:upload}$- Regards, Wydawca The Project Submission Robot EOT; } # Notify project admin about a successful upload. notify-event { event success; - recipient owner; message <<EOT +To: ${email:owner} Subject: Upload of ${project} successful ${user:real-name} (${user:email}) successfully uploaded files for ${project} to ${dir}. Files uploaded: -${triplet:upload} +${triplet:upload}$- Regards, Wydawca The Project Submission Robot EOT; } -# Notify project admin, if someone non authorized attempted to upload some -# files for the project they run. +/* Notify project admin, if someone non authorized attempted to upload some + * files for the project they run. + */ notify-event { event bad-ownership; - recipient owner; message <<EOT +To: ${email:owner} Subject: Suspicious upload of ${project} Someone not authorized to make releases for ${project} has attempted to upload the following files to ${dir}: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. The person who attempted the upload was ${user:real-name}, user name ${user:name}, email ${user:email}. If you think this is an error and wish this user to be authorized to make releases for ${project}, please contact <puszcza-hackers@gnu.org.ua>. Otherwise, let us know so we could undertake appropriate measures. @@ -173,117 +174,151 @@ Otherwise, let us know so we could undertake appropriate measures. Regards, Wydawca The Project Submission Robot EOT; } -# Notify the user (submitter), if the directive signature does not match -# his record. -# It may be a good idea not to notify users about such events, just to -# stay on a safe side. Notifying project admins (see below) should be quite -# enough. -notify-event { - event bad-directive-signature; - recipient user; - message <<EOT -Subject: Suspicious upload of ${project} - -Someone (apparently you), has tried to make a release for ${project}. -However, the signature of the directive file was wrong, which looks -suspicious. The person uploaded the following files: - -${triplet:full} - -This upload has been ignored and the files removed. If it was you who -attempted this upload, please make sure you use the right PGP key and -try again. If not, please let us know as soon as possible, so we can -track down the person trying to make believe he is you. - -Regards, -Wydawca -The Project Submission Robot -EOT; -} - -# Notify the project admin, if submitted directive signature did not match -# submitter record. +/* Notify the project admin, if submitted directive signature did not match + * any of the submitter records. + */ notify-event { event bad-directive-signature; - recipient owner; message <<EOT +To: ${email:owner} Subject: Suspicious upload of ${project} ${user:real-name} (${user:email}) has tried to make a release for ${project}. However, the signature of the directive file was wrong, which looks suspicious. The person uploaded the following files: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. Regards, Wydawca The Project Submission Robot EOT; } -# Notify the user (submitter), if the detached signature does not match -# his record. -# It may be a good idea not to notify users about such events, just to -# stay on a safe side. Notifying project admins (see below) should be quite -# enough. +/* Notify the user (submitter), if the detached signature did not match + * his record. + * It may be a good idea not to notify users about such events, just to + * stay on a safe side. Notifying project admins (see below) should be quite + * enough. + */ notify-event { event bad-detached-signature; - recipient user; message <<EOT +To: ${email:user} Subject: Suspicious upload of ${project} Someone (apparently you), has tried to make a release for ${project}. However, the detached signature signature was wrong, which looks suspicious. The person uploaded the following files: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. If it was you who attempted this upload, please make sure you use the right PGP key and try again. If not, please let us know as soon as possible, so we can track down the person trying to make believe he is you. Regards, Wydawca The Project Submission Robot EOT; } -# Notify the project admin, if submitted detached signature did not match -# submitter record. +/* Notify the project admin, if submitted detached signature did not match + * submitter record. + */ notify-event { event bad-detached-signature; - recipient owner; message <<EOT +To: ${email:owner} Subject: Suspicious upload of ${project} ${user:real-name} (${user:email}) has tried to make a release for ${project}. However, the detached signature file was wrong, which looks suspicious. The person uploaded the following files: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. Regards, Wydawca The Project Submission Robot EOT; } -/* Configure distribution spools. - A spool defines where to look for input triplets, and where to - copy uploaded files. +/* Notify both the submitter and the project owner about uploads + * that did not pass distribution verification (see check-script below). + * The X-Wydawca-Uploader header supplies additional information for the + * project owner about the user who did the upload. + */ +notify-event { + event check-failure; + message <<EOT +To: ${email:user} +Cc: ${email:owner} +Subject: ${triplet:dist} rejected +X-Wydawca-Uploader: "${user:real-name}" (${user:name}) <${user:email}> + +Your upload of ${triplet:dist} has been rejected by the distribution +verification procedure with the following diagnostics: + +${check:diagn}$- + +Please fix the tarball and resubmit. - See `info wydawca spool', for a detailed explanation. +Regards, +Wydawca +The Project Submission Robot +EOT; +} + +/* Make sure the distributed tarball does not contain a security hole + * described in CVE-2009-4029. Reject it, if it does. + * See `info wydawca verification', for a description of check-script. + * + * Note: this script relies on GNU tar and grep. + */ +check-script <<EOT +case ${WYDAWCA_DIST_FILE} in +*.tar|*.tar.*) + if tar -xOf ${WYDAWCA_DIST_FILE} --occurrence=1 \ + --wildcards --no-wildcards-match-slash '*/Makefile.in' | \ + grep -q 'perm -777'; then + fmt <<_EOF_ +The top-level Makefile.in in ${WYDAWCA_DIST_FILE} changes mode of +all the directories below the build tree to 777 before creating the tarball. +This constitutes a security hole (see CVE-2009-4029[1], for more details). + +Please, rebuild the package using a newer Automake (at least v. 1.11.1) +and resubmit. +_EOF_ + cat <<_EOF_ +-- +[1] http://article.gmane.org/gmane.comp.sysutils.autotools.announce/131 +_EOF_ + exit 1 + fi + ;; +*) + ;; +esac +exit 0 +EOT; + +/* Configure distribution spools. + * A spool defines where to look for input triplets, and where to + * copy uploaded files. + * + * See `info wydawca spool', for a detailed explanation. */ spool download { url ftp://your.domain.net; source "/home/ftp/incoming/ftp"; destination "/home/ftp/gnu"; |