diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-01-03 12:01:19 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-01-03 12:06:02 +0200 |
commit | 17f28552af10e72a221a0be16417249852774f1b (patch) | |
tree | 080dfec9313f0f1eca51ae58162e874a2d43be0e | |
parent | c2cbf4e863a8f3a5081357d4b48f54cec2cd5d69 (diff) | |
download | wydawca-17f28552af10e72a221a0be16417249852774f1b.tar.gz wydawca-17f28552af10e72a221a0be16417249852774f1b.tar.bz2 |
Update docs.
* etc/wydawca.rc: Update.
* doc/wydawca.texi: Update.
-rw-r--r-- | doc/wydawca.texi | 2 | ||||
-rw-r--r-- | etc/wydawca.rc | 157 |
2 files changed, 97 insertions, 62 deletions
diff --git a/doc/wydawca.texi b/doc/wydawca.texi index c3a91f8..ab18e47 100644 --- a/doc/wydawca.texi +++ b/doc/wydawca.texi @@ -1930,7 +1930,7 @@ all the directories below the build tree to 777 before creating the tarball. This constitutes a security hole (see CVE-2009-4029[1], for more details). -Please, rebuild the package using a newer Automake (v. 1.11.2 or newer) +Please, rebuild the package using a newer Automake (at least v. 1.11.1) and resubmit. _EOF_ cat <<_EOF_ diff --git a/etc/wydawca.rc b/etc/wydawca.rc index e4e7b47..04e7be9 100644 --- a/etc/wydawca.rc +++ b/etc/wydawca.rc @@ -15,7 +15,7 @@ with wydawca. If not, see <http://www.gnu.org/licenses/>. */ /* Configure logging via syslog. - For more info, run `info wydawca syslog'. + * For more info, run `info wydawca syslog'. */ syslog { facility local1; @@ -24,7 +24,7 @@ syslog { } /* Enable statistics output at the end of the run. - For more info, run `info wydawca statistics'. + * For more info, run `info wydawca statistics'. */ statistics all; @@ -35,7 +35,7 @@ file-sweep-time "1 hour"; umask 022; /* Set the name of the tar binary. This is optional. - See `info wydawca archivation', for more info. + * See `info wydawca archivation', for more info. */ tar-program "/bin/tar"; @@ -50,8 +50,8 @@ sql default { } /* Configure dictionaries. - Run `info wydawca dictionaries', for the detailed description of these. - The provided ones use Savane database structure. + * Run `info wydawca dictionaries', for the detailed description of these. + * The provided ones use Savane database structure. */ dictionary project-owner { @@ -80,7 +80,7 @@ dictionary project-uploader { } /* Configure email notifications - See `info wydawca notification', for a description. + * See `info wydawca notification', for a description. */ admin-address "root@localhost"; @@ -119,13 +119,13 @@ EOT; # Notify the user about successful uploads notify-event { event success; - recipient user; message <<EOT +To: ${email:user} Subject: Upload of ${project} successful Upload of ${project} to ${dir} finished successfully. Files uploaded: -${triplet:upload} +${triplet:upload}$- Regards, Wydawca @@ -136,14 +136,14 @@ EOT; # Notify project admin about a successful upload. notify-event { event success; - recipient owner; message <<EOT +To: ${email:owner} Subject: Upload of ${project} successful ${user:real-name} (${user:email}) successfully uploaded files for ${project} to ${dir}. Files uploaded: -${triplet:upload} +${triplet:upload}$- Regards, Wydawca @@ -151,18 +151,19 @@ The Project Submission Robot EOT; } -# Notify project admin, if someone non authorized attempted to upload some -# files for the project they run. +/* Notify project admin, if someone non authorized attempted to upload some + * files for the project they run. + */ notify-event { event bad-ownership; - recipient owner; message <<EOT +To: ${email:owner} Subject: Suspicious upload of ${project} Someone not authorized to make releases for ${project} has attempted to upload the following files to ${dir}: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. The person who attempted the upload was ${user:real-name}, user name ${user:name}, email ${user:email}. @@ -176,47 +177,20 @@ The Project Submission Robot EOT; } -# Notify the user (submitter), if the directive signature does not match -# his record. -# It may be a good idea not to notify users about such events, just to -# stay on a safe side. Notifying project admins (see below) should be quite -# enough. -notify-event { - event bad-directive-signature; - recipient user; - message <<EOT -Subject: Suspicious upload of ${project} - -Someone (apparently you), has tried to make a release for ${project}. -However, the signature of the directive file was wrong, which looks -suspicious. The person uploaded the following files: - -${triplet:full} - -This upload has been ignored and the files removed. If it was you who -attempted this upload, please make sure you use the right PGP key and -try again. If not, please let us know as soon as possible, so we can -track down the person trying to make believe he is you. - -Regards, -Wydawca -The Project Submission Robot -EOT; -} - -# Notify the project admin, if submitted directive signature did not match -# submitter record. +/* Notify the project admin, if submitted directive signature did not match + * any of the submitter records. + */ notify-event { event bad-directive-signature; - recipient owner; message <<EOT +To: ${email:owner} Subject: Suspicious upload of ${project} ${user:real-name} (${user:email}) has tried to make a release for ${project}. However, the signature of the directive file was wrong, which looks suspicious. The person uploaded the following files: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. @@ -226,22 +200,23 @@ The Project Submission Robot EOT; } -# Notify the user (submitter), if the detached signature does not match -# his record. -# It may be a good idea not to notify users about such events, just to -# stay on a safe side. Notifying project admins (see below) should be quite -# enough. +/* Notify the user (submitter), if the detached signature did not match + * his record. + * It may be a good idea not to notify users about such events, just to + * stay on a safe side. Notifying project admins (see below) should be quite + * enough. + */ notify-event { event bad-detached-signature; - recipient user; message <<EOT +To: ${email:user} Subject: Suspicious upload of ${project} Someone (apparently you), has tried to make a release for ${project}. However, the detached signature signature was wrong, which looks suspicious. The person uploaded the following files: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. If it was you who attempted this upload, please make sure you use the right PGP key and @@ -254,19 +229,20 @@ The Project Submission Robot EOT; } -# Notify the project admin, if submitted detached signature did not match -# submitter record. +/* Notify the project admin, if submitted detached signature did not match + * submitter record. + */ notify-event { event bad-detached-signature; - recipient owner; message <<EOT +To: ${email:owner} Subject: Suspicious upload of ${project} ${user:real-name} (${user:email}) has tried to make a release for ${project}. However, the detached signature file was wrong, which looks suspicious. The person uploaded the following files: -${triplet:full} +${triplet:full}$- This upload has been ignored and the files removed. @@ -276,11 +252,70 @@ The Project Submission Robot EOT; } -/* Configure distribution spools. - A spool defines where to look for input triplets, and where to - copy uploaded files. +/* Notify both the submitter and the project owner about uploads + * that did not pass distribution verification (see check-script below). + * The X-Wydawca-Uploader header supplies additional information for the + * project owner about the user who did the upload. + */ +notify-event { + event check-failure; + message <<EOT +To: ${email:user} +Cc: ${email:owner} +Subject: ${triplet:dist} rejected +X-Wydawca-Uploader: "${user:real-name}" (${user:name}) <${user:email}> + +Your upload of ${triplet:dist} has been rejected by the distribution +verification procedure with the following diagnostics: + +${check:diagn}$- + +Please fix the tarball and resubmit. - See `info wydawca spool', for a detailed explanation. +Regards, +Wydawca +The Project Submission Robot +EOT; +} + +/* Make sure the distributed tarball does not contain a security hole + * described in CVE-2009-4029. Reject it, if it does. + * See `info wydawca verification', for a description of check-script. + * + * Note: this script relies on GNU tar and grep. + */ +check-script <<EOT +case ${WYDAWCA_DIST_FILE} in +*.tar|*.tar.*) + if tar -xOf ${WYDAWCA_DIST_FILE} --occurrence=1 \ + --wildcards --no-wildcards-match-slash '*/Makefile.in' | \ + grep -q 'perm -777'; then + fmt <<_EOF_ +The top-level Makefile.in in ${WYDAWCA_DIST_FILE} changes mode of +all the directories below the build tree to 777 before creating the tarball. +This constitutes a security hole (see CVE-2009-4029[1], for more details). + +Please, rebuild the package using a newer Automake (at least v. 1.11.1) +and resubmit. +_EOF_ + cat <<_EOF_ +-- +[1] http://article.gmane.org/gmane.comp.sysutils.autotools.announce/131 +_EOF_ + exit 1 + fi + ;; +*) + ;; +esac +exit 0 +EOT; + +/* Configure distribution spools. + * A spool defines where to look for input triplets, and where to + * copy uploaded files. + * + * See `info wydawca spool', for a detailed explanation. */ spool download { |