Bug#305957: Postinstall script replaces configuration escape sequences with their expansions on upgrade
Barry Kitson
Barry Kitson <b.kitson@ieee.org>, 305957@bugs.debian.org
Sat, 23 Apr 2005 15:15:08 +1000
--=-lWVak5qCFPb0qr/UzmFg
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Package: exim4-config
Version: 4.50-6
When upgrading any recent version of the exim4 package, the exim4-config
postinst script tries to update /etc/exim4/update-exim4.conf.conf
configuration file automagically. This configuration file is used (by
update-exim4.conf) to dynamically create a new exim configuration file
(/var/lib/exim4/config.autogenerated) from templates
(/etc/exim4/exim4.conf.template or /etc/exim4/conf.d).
All appears to work if the configuration variables (ie environment
variables) in etc/exim4/update-exim4.conf.conf do not contained escape
sequences. If they do they will be replaced with their expansion. A
result can be that the exim configuration is fatally corrupted.
For example, a configuration in /etc/exim4/update-exim4.conf.conf
such as...
dc_relay_domains='*.some.net.somewhere:\\N^[^.]*$'
will be re-written (after upgrading exim4) as ...
dc_relay_domains='*.some.net.somewhere:\N^[^.]*$'
This change in the configuration is clearly not intended. (The result
in the example above is that exim stops sending mail and resolving
addresses.)
A patch fixing the problem is attached...
Regards,
Barry.
--
Barry Kitson <b.kitson@ieee.org>
--=-lWVak5qCFPb0qr/UzmFg
Content-Disposition: attachment; filename=exim4.config.patch
Content-Type: text/x-patch; name=exim4.config.patch; charset=ANSI_X3.4-1968
Content-Transfer-Encoding: quoted-printable
diff -Naur exim4-4.50.old/debian/exim4-config.postinst exim4-4.50/debian/ex=
im4-config.postinst
--- exim4-4.50.old/debian/exim4-config.postinst 2005-04-23 14:54:29.7011221=
99 +1000
+++ exim4-4.50/debian/exim4-config.postinst 2005-04-23 14:56:45.164653443 +=
1000
@@ -283,22 +283,38 @@
echo "${variable}=3D''" >> $UE4CC
fi
done
+
# insert new values, remove outdated ones.
- sed -e "s=C4^[[:space:]]*dc_eximconfig_configtype=3D.*=C4dc_eximconfig_co=
nfigtype=3D'${dc_eximconfig_configtype}'=C4" \
- -e "s=C4^[[:space:]]*dc_local_interfaces=3D.*=C4dc_local_interfaces=3D'${=
dc_local_interfaces}'=C4" \
- -e "s=C4^[[:space:]]*dc_other_hostnames=3D.*=C4dc_other_hostnames=3D'${dc=
_other_hostnames}'=C4" \
- -e "s=C4^[[:space:]]*dc_readhost=3D.*=C4dc_readhost=3D'${dc_readhost}'=C4=
" \
- -e "s=C4^[[:space:]]*dc_relay_domains=3D.*=C4dc_relay_domains=3D'${dc_rel=
ay_domains}'=C4" \
- -e "s=C4^[[:space:]]*dc_relay_nets=3D.*=C4dc_relay_nets=3D'${dc_relay_net=
s}'=C4" \
- -e "s=C4^[[:space:]]*dc_smarthost=3D.*=C4dc_smarthost=3D'${dc_smarthost}'=
=C4" \
- -e "s=C4^[[:space:]]*dc_minimaldns=3D.*=C4dc_minimaldns=3D'${dc_minimaldn=
s}'=C4" \
- -e "s=C4^[[:space:]]*CFILEMODE=3D.*=C4CFILEMODE=3D'${CFILEMODE}'=C4" \
- -e "s=C4^[[:space:]]*dc_never_users=3D.*=C4=C4" \
- -e "s=C4^[[:space:]]*dc_use_split_config=3D.*=C4dc_use_split_config=3D'${=
dc_use_split_config}'=C4" \
- -e "s=C4^[[:space:]]*dc_hide_mailname=3D.*=C4dc_hide_mailname=3D'${dc_hid=
e_mailname}'=C4" \
- -e "s=C4^[[:space:]]*dc_mailname_in_oh=3D.*=C4dc_mailname_in_oh=3D'${dc_m=
ailname_in_oh}'=C4" \
- < $UE4CC \
- > ${UE4CC}.tmp
+
+ # Use environment variables to communicate data to awk, to
+ # avoid shell (or awk or sed) string expansion which may
+ # expand escape sequences. Note that the variables named in
+ # ${dc_directives} (but not the variable names themselves) may
+ # contain escaped characters. =20
+
+ export dc_directives ${dc_directives}
+
+ awk '
+ BEGIN {
+ split( ENVIRON["dc_directives"], directives, "[[:space:]]"=
);
+ }
+ {
+ written =3D 0;
+ for ( i in directives )
+ {
+ regex =3D "^[[:space:]]*" directives[i] "=3D";
+ if ( ( $0 ~ regex ) && ( ! written ) )
+ {
+ # Add single quotes (\0x27) around the valu=
e.
+ print directives[i] "=3D\x27" ENVIRON[direc=
tives[i]] "\x27";
+ written =3D 1;
+ break;
+ }
+ }
+ if ( ! written )
+ print $0;
+ }' < ${UE4CC} > ${UE4CC}.tmp
+
mv ${UE4CC}.tmp $UE4CC
=20
echo $mailname > /etc/mailname
--=-lWVak5qCFPb0qr/UzmFg--