[gentoo-dev] Abuse by gentoo developer

[gentoo-dev] Abuse by gentoo developer

[Casey Allen Shobe]

Hello all, I'm sorry to bring this here, but I don't know where else 
to take it, and feel that I was treated really unfairly.

As you know, I recently inquired about ebuild development on this 
list, and mentioned vpopmail.  Jory Pratt answered my mail and 
suggested that I submit a patch.

I then spent some time working on the ebuild, and in doing so, 
discovered that the postgres support in vpopmail was not very good 
at all, so I wrote back to Jory, and said that I was going to hold 
off working on the ebuild since I am currently working with the 
vpopmail team to improve vpopmail itself.  Jory wrote this rather 
rude reply:

-------------------
Casey Allen Shobe wrote:
> Well I patched the ebuild and got it working, but I'm so terribly 
> disappointed with vpopmail's horrible postgresql support that I 
> don't think I'll be using it at all until I rewrite it. :P
> 
> Ah well, thanks anyways.  I'll let you know when/if they let me
> fix vpopmail (already posted about it on the list).

The will not allow it and I will not allow someone to go fooling in 
an ebuild I maintain. Not trying to be an ass here but we have 
something called respect for others when it comes to the tree and 
what they maintain.
> 
> One suggestion for you, some servers (i.e. qmail-smptd) runs as a 
> non-root user, so they will fail to authenticate 
> unless /var/vpopmail/bin/vchkpw is SUID.  I have a script that
> runs once a minute on my machines and makes this file +s if it's
> not because I've dealt with this problem so much (mail server
> breaks every time I rebuild vpopmail).

Default install is setup as setuid seeing we know this already. 
Useless info like this tells me you do not understand the 
permissions that are being set in the ebuild.
> 
> I would strongly recommend doing chmod +s /var/vpopmail/bin/vchkpw 
> in the ebuild, and then if the end user doesn't want it SUID, then 
> that's what FEATURES=suidctl is for.

This is not how we can handle this the user should have already read 
up on how to setup vpopmail before ever installing it, which means 
they would already know that SUID is required.
-------------------

So, I wrote the following response, which I feel was courteous 
enough given the situation:

-------------------
On Tuesday 19 July 2005 16:09, you wrote:
> The will not allow it and I will not allow someone to go fooling
> in an ebuild I maintain. Not trying to be an ass here but we have
> something called respect for others when it comes to the tree and
> what they maintain.

Umm look, you ARE being an ass, and I don't appreciate it as I'm 
only trying to help.

A> I was simply offering you help - adding support for a postgres 
use flag to the ebuild that called appropriate configure options 
and such.  I have no intent of hacking up vpopmail source outside 
of the main distribution.

B> You are not one to say whether the vpopmail team will or will not 
accept my patches - I believe they will as my intent is to make 
vpopmail a better product, and members of their development team 
have already been welcoming and helpful in discussing the best way 
to redesign things.  It's no secret to the vpopmail team that the 
postgresql support is lacking flexibility and has some bugs, and is 
simply hacked together quickly by people who wanted it to work, and 
didn't care much for ease of use or configurability.  Try it 
yourself, I'm sure you'll be disappointed.  It's simply not as 
configurable as the mysql option, and neither mysql or postgresql 
allow customizing the backend table format without editing i.e. 
vpgsql.h for postgres.

> Default install is setup as setuid seeing we know this already.
> Useless info like this tells me you do not understand the
> permissions that are being set in the ebuild.

Umm, no it's not, and it's not useless info.  I reported the bug to 
the gentoo-dev list some months ago, but should have probably used 
bugs.gentoo.org instead.  In any case, it's certainly not installed 
setuid by default:

# emerge -va vpopmail && ls -l /var/vpopmail/bin/vchkpw

These are the packages that I would merge, in order:

Calculating dependencies ...done!
[ebuild   R   ] net-mail/vpopmail-5.4.6-r1  +clearpasswd -ipalias 
-mysql -postgres 0 kB [1]
[...]
>>> net-mail/vpopmail-5.4.6-r1 merged.
[...]
-rwx--x--x  1 root root 85036 Jul 19 23:53 /var/vpopmail/bin/vchkpw*

So stop telling me my info is useless, when it's obviously not.

> This is not how we can handle this the user should have already
> read up on how to setup vpopmail before ever installing it, which
> means they would already know that SUID is required.

As SUID is required for qmail-smtpd, vchkpw should indeed be 
installed SUID by default unless overridden by using suidctl.  This 
is NOT the case now.
-------------------

I then received this lovely mail from Jory:

-------------------
You want to curse me and tell me you think your gonna go playing in 
my vpopmail ebuild you can take your bullshit upstream I am black 
listing you on my filters so I do not need to read your bullshit 
you do not understand the full picture if you did you would know 
vpopmail works with more then just qmail you dumb ass. So have a 
nice Day chow!!
-------------------

Umm look I'm just trying to help here, and I really feel like I've 
been treated very unfairly by this developer.  I'm working hard to 
try to make vpopmail AND gentoo better products, I'd really 
appreciate not being told on things I know very well that I'm right 
about, and getting severe reactions like this when I prove that my 
statements were indeed correct and that I'm only trying to help.

I really feel that this response whas wholly unjustified, and that I 
did nothing to warrant it.  Please advise.

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
cshobe@seattleserver.com | cell 425-443-4653
AIM & Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Mauricio Lima PIlla]

http://www.gentoo.org/proj/en/devrel/policy.xml

"Developer relations should only be involved in a conflict when other
attempts to solve the issue have failed. Developers should attempt
polite discussion relating to the matter at hand to resolve conflict
between themselves. Developers within a single top level project (TLP)
engaged in conflict may wish to consult with the TLP manager. Although
TLP managers are not necessarily qualified to resolve personal disputes,
technical issues resulting in conflict can often be resolved within the
TLP without developer relations involvement. Personal issues should be
brought to the ombudsman via ombudsman@gentoo.org. Developer relations
may get involved when the above methods have failed. For resolution of
technical conflicts spanning more than one TLP, see the section entitled
'Presenting information to management.'"


On Qua, 2005-07-20 at 01:32 +0000, Casey Allen Shobe wrote:
> Hello all, I'm sorry to bring this here, but I don't know where else 
> to take it, and feel that I was treated really unfairly.
> 
> As you know, I recently inquired about ebuild development on this 
> list, and mentioned vpopmail.  Jory Pratt answered my mail and 
> suggested that I submit a patch.
> 
> I then spent some time working on the ebuild, and in doing so, 
> discovered that the postgres support in vpopmail was not very good 
> at all, so I wrote back to Jory, and said that I was going to hold 
> off working on the ebuild since I am currently working with the 
> vpopmail team to improve vpopmail itself.  Jory wrote this rather 
> rude reply:
> 
> -------------------
> Casey Allen Shobe wrote:
> > Well I patched the ebuild and got it working, but I'm so terribly 
> > disappointed with vpopmail's horrible postgresql support that I 
> > don't think I'll be using it at all until I rewrite it. :P
> > 
> > Ah well, thanks anyways.  I'll let you know when/if they let me
> > fix vpopmail (already posted about it on the list).
> 
> The will not allow it and I will not allow someone to go fooling in 
> an ebuild I maintain. Not trying to be an ass here but we have 
> something called respect for others when it comes to the tree and 
> what they maintain.
> > 
> > One suggestion for you, some servers (i.e. qmail-smptd) runs as a 
> > non-root user, so they will fail to authenticate 
> > unless /var/vpopmail/bin/vchkpw is SUID.  I have a script that
> > runs once a minute on my machines and makes this file +s if it's
> > not because I've dealt with this problem so much (mail server
> > breaks every time I rebuild vpopmail).
> 
> Default install is setup as setuid seeing we know this already. 
> Useless info like this tells me you do not understand the 
> permissions that are being set in the ebuild.
> > 
> > I would strongly recommend doing chmod +s /var/vpopmail/bin/vchkpw 
> > in the ebuild, and then if the end user doesn't want it SUID, then 
> > that's what FEATURES=suidctl is for.
> 
> This is not how we can handle this the user should have already read 
> up on how to setup vpopmail before ever installing it, which means 
> they would already know that SUID is required.
> -------------------
> 
> So, I wrote the following response, which I feel was courteous 
> enough given the situation:
> 
> -------------------
> On Tuesday 19 July 2005 16:09, you wrote:
> > The will not allow it and I will not allow someone to go fooling
> > in an ebuild I maintain. Not trying to be an ass here but we have
> > something called respect for others when it comes to the tree and
> > what they maintain.
> 
> Umm look, you ARE being an ass, and I don't appreciate it as I'm 
> only trying to help.
> 
> A> I was simply offering you help - adding support for a postgres 
> use flag to the ebuild that called appropriate configure options 
> and such.  I have no intent of hacking up vpopmail source outside 
> of the main distribution.
> 
> B> You are not one to say whether the vpopmail team will or will not 
> accept my patches - I believe they will as my intent is to make 
> vpopmail a better product, and members of their development team 
> have already been welcoming and helpful in discussing the best way 
> to redesign things.  It's no secret to the vpopmail team that the 
> postgresql support is lacking flexibility and has some bugs, and is 
> simply hacked together quickly by people who wanted it to work, and 
> didn't care much for ease of use or configurability.  Try it 
> yourself, I'm sure you'll be disappointed.  It's simply not as 
> configurable as the mysql option, and neither mysql or postgresql 
> allow customizing the backend table format without editing i.e. 
> vpgsql.h for postgres.
> 
> > Default install is setup as setuid seeing we know this already.
> > Useless info like this tells me you do not understand the
> > permissions that are being set in the ebuild.
> 
> Umm, no it's not, and it's not useless info.  I reported the bug to 
> the gentoo-dev list some months ago, but should have probably used 
> bugs.gentoo.org instead.  In any case, it's certainly not installed 
> setuid by default:
> 
> # emerge -va vpopmail && ls -l /var/vpopmail/bin/vchkpw
> 
> These are the packages that I would merge, in order:
> 
> Calculating dependencies ...done!
> [ebuild   R   ] net-mail/vpopmail-5.4.6-r1  +clearpasswd -ipalias 
> -mysql -postgres 0 kB [1]
> [...]
> >>> net-mail/vpopmail-5.4.6-r1 merged.
> [...]
> -rwx--x--x  1 root root 85036 Jul 19 23:53 /var/vpopmail/bin/vchkpw*
> 
> So stop telling me my info is useless, when it's obviously not.
> 
> > This is not how we can handle this the user should have already
> > read up on how to setup vpopmail before ever installing it, which
> > means they would already know that SUID is required.
> 
> As SUID is required for qmail-smtpd, vchkpw should indeed be 
> installed SUID by default unless overridden by using suidctl.  This 
> is NOT the case now.
> -------------------
> 
> I then received this lovely mail from Jory:
> 
> -------------------
> You want to curse me and tell me you think your gonna go playing in 
> my vpopmail ebuild you can take your bullshit upstream I am black 
> listing you on my filters so I do not need to read your bullshit 
> you do not understand the full picture if you did you would know 
> vpopmail works with more then just qmail you dumb ass. So have a 
> nice Day chow!!
> -------------------
> 
> Umm look I'm just trying to help here, and I really feel like I've 
> been treated very unfairly by this developer.  I'm working hard to 
> try to make vpopmail AND gentoo better products, I'd really 
> appreciate not being told on things I know very well that I'm right 
> about, and getting severe reactions like this when I prove that my 
> statements were indeed correct and that I'm only trying to help.
> 
> I really feel that this response whas wholly unjustified, and that I 
> did nothing to warrant it.  Please advise.
> 
> Cheers,
> -- 
> Casey Allen Shobe | http://casey.shobe.info
> cshobe@seattleserver.com | cell 425-443-4653
> AIM & Yahoo:  SomeLinuxGuy | ICQ:  1494523
> SeattleServer.com, Inc. | http://www.seattleserver.com
-- 
Mauricio Lima Pilla                           pilla@ucpel.tche.br
ESIN/UCPEL
http://g3pd.ucpel.tche.br/~pilla

"I'm just very selective about the reality I choose to accept."
                                                        -- Calvin

-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Mike Frysinger]

On Tuesday 19 July 2005 09:32 pm, Casey Allen Shobe wrote:
> Hello all, I'm sorry to bring this here, but I don't know where else
> to take it, and feel that I was treated really unfairly.

in this case you would want to take it up with devrel (short for Developer 
Relations)

you can find their homepage here:
http://www.gentoo.org/proj/en/devrel/

specifically you probably want to check out the 'user-relations' section
-mike
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Daniel Goller]

Allen Parker wrote:

><parrot>
>yah, what he said!
></parrot>
>
>On another note, Casey, you should attempt to figure out if anything
>you've said might have been taken the wrong way... a while back, i
>managed to get myself banned from #apache after going off like an
>idiot and then making a comment that was interpreted as sarcasm when i
>was only being genuine... I'm not saying you're to blame, but I'm
>saying you should look at what you said to see if anything you said
>could have been seen in the wrong light. It's possible that something
>you didn't intend as a negative was taken in an unintentional manner.
>  
>

sounds more like Anarchy had another bad day, one of many he seems to
have had, and his bad days are getting quite tiresome i would say

>ciao,
>infowolfe
>
>On 7/19/05, Mike Frysinger <vapier@gentoo.org> wrote:
>  
>
>>On Tuesday 19 July 2005 10:21 pm, Nathan L. Adams wrote:
>>
>>i think Nathan did a pretty good job of summing up anything i thought i might
>>add ;)
>>-mike
>>    
>>
>
>  
>

-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Mike Frysinger]

On Tuesday 19 July 2005 10:21 pm, Nathan L. Adams wrote:

i think Nathan did a pretty good job of summing up anything i thought i might 
add ;)
-mike
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Nathan L. Adams]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> The will not allow it and I will not allow someone to go fooling in 
> an ebuild I maintain. Not trying to be an ass here but we have 
> something called respect for others when it comes to the tree and 
> what they maintain.

Poor Jory. Respect isn't something that is owed to you; its something
that is shared between two or more people. Looking down on people and
being territorial (especially with something you don't actually own)
doesn't help.

I can't help but laugh at the idea that a dev on an F/OSS project would
get mad because somebody wanted to *improve* the code. If you can't take
the heat, don't join a F/OSS project...

> You want to curse me and tell me you think your gonna go playing in 
> my vpopmail ebuild

Wow, now its *his* vpopmail ebuild. And here I thought everything was
copyrighted to the Gentoo Foundation.

> you can take your bullshit upstream I am black 
> listing you on my filters so I do not need to read your bullshit

Sadly, this sort of childish behavior isn't isolated to this particular
dev. Its the equivalent of Cartman (Southpark) saying "screw you guys,
I'm going home". And it makes the speaker look just as mature.

> Umm look I'm just trying to help here, and I really feel like I've 
> been treated very unfairly by this developer.  I'm working hard to 
> try to make vpopmail AND gentoo better products, I'd really 
> appreciate not being told on things I know very well that I'm right 
> about, and getting severe reactions like this when I prove that my 
> statements were indeed correct and that I'm only trying to help.

Most of the Gentoo devs I've dealt with are very talented and very
likable people. They volunteer in a very professional manner and
understand that with their developer status comes a few responsibilities
(common curtesy being one of them).

But there does seem to be a vocal minority of asshats who like to carve
out their little fiefdoms and 'fend off invaders' at all costs. :(

> I really feel that this response whas wholly unjustified, and that I 
> did nothing to warrant it.  Please advise.

As Mike mentioned: http://www.gentoo.org/proj/en/devrel/

Hopefully, you'll stick around and help out again in the future.

Nathan

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC3bVF2QTTR4CNEQARAgu9AJ0c7E5zGqC1TUTtHpC5JqTxK3RlNACfT2nZ
P1Dz55PPdZ/DcqstSHPG2PY=
=nlVQ
-----END PGP SIGNATURE-----
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Allen Parker]

<parrot>
yah, what he said!
</parrot>

On another note, Casey, you should attempt to figure out if anything
you've said might have been taken the wrong way... a while back, i
managed to get myself banned from #apache after going off like an
idiot and then making a comment that was interpreted as sarcasm when i
was only being genuine... I'm not saying you're to blame, but I'm
saying you should look at what you said to see if anything you said
could have been seen in the wrong light. It's possible that something
you didn't intend as a negative was taken in an unintentional manner.

ciao,
infowolfe

On 7/19/05, Mike Frysinger <vapier@gentoo.org> wrote:
> On Tuesday 19 July 2005 10:21 pm, Nathan L. Adams wrote:
> 
> i think Nathan did a pretty good job of summing up anything i thought i might
> add ;)
> -mike

-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Robin H. Johnson]

[-- Attachment #1: Type: text/plain, Size: 2505 bytes --]

I'm not going to address Jory's behaviour here, but I would like to
look at the actual development stuff, namely the SUID status of vchkpw,
as I took care of vpopmail before Jory came on board.

On Wed, Jul 20, 2005 at 01:32:30AM +0000, Casey Allen Shobe wrote:
> > I would strongly recommend doing chmod +s /var/vpopmail/bin/vchkpw 
> > in the ebuild, and then if the end user doesn't want it SUID, then 
> > that's what FEATURES=suidctl is for.
> 
> Umm, no it's not, and it's not useless info.  I reported the bug to 
> the gentoo-dev list some months ago, but should have probably used 
> bugs.gentoo.org instead.  In any case, it's certainly not installed 
> setuid by default:
> 
> # emerge -va vpopmail && ls -l /var/vpopmail/bin/vchkpw
> 
> These are the packages that I would merge, in order:
> 
> Calculating dependencies ...done!
> [ebuild   R   ] net-mail/vpopmail-5.4.6-r1  +clearpasswd -ipalias 
> -mysql -postgres 0 kB [1]
> [...]
> >>> net-mail/vpopmail-5.4.6-r1 merged.
> [...]
> -rwx--x--x  1 root root 85036 Jul 19 23:53 /var/vpopmail/bin/vchkpw*
> 
> So stop telling me my info is useless, when it's obviously not.
> > This is not how we can handle this the user should have already
> > read up on how to setup vpopmail before ever installing it, which
> > means they would already know that SUID is required.
> As SUID is required for qmail-smtpd, vchkpw should indeed be 
> installed SUID by default unless overridden by using suidctl.  This 
> is NOT the case now.

This problem IS fixed in ~arch:

line 190 of both vpopmail-5.4.10.ebuild and vpopmail-5.4.9-r2.ebuild:
	chmod 4711 ${D}${VPOP_HOME}/bin/vchkpw

So if this is still a problem in arch, but works in ~arch, you SHOULD
file a bug report.

However the original reasoning for vchkpw NOT being setuid was that
setuid is NOT always needed depending on which backend you are using.

And as I've mentioned before I'd like MORE reports of packages working
well before they are moved to stable arch. Without those stable working
reports I don't have any means to judge just how much testing has been
done on a package, other than my own use of a package (and as such I do
leave things longer than the 30 days, because I don't entirely trust
them).

-- 
Robin Hugh Johnson
E-Mail     : robbat2@orbis-terrarum.net
Home Page  : http://www.orbis-terrarum.net/?l=people.robbat2
ICQ#       : 30269588 or 41961639
GnuPG FP   : 11AC BA4F 4778 E3F6 E4ED  F38E B27B 944E 3488 4E85

[-- Attachment #2: Type: application/pgp-signature, Size: 241 bytes --]

Re: [gentoo-dev] VPopmail - SUID vchkpw

[Casey Allen Shobe]

On Wednesday 20 July 2005 02:43, Robin H. Johnson wrote:
> This problem IS fixed in ~arch:
>
> line 190 of both vpopmail-5.4.10.ebuild and
> vpopmail-5.4.9-r2.ebuild: chmod 4711 ${D}${VPOP_HOME}/bin/vchkpw

Ahh okay, that explains things a bit.  I'm using x86, which means 
5.4.6.

> So if this is still a problem in arch, but works in ~arch, you
> SHOULD file a bug report.

Why not just wait for the newer releases to make it to arch?

> However the original reasoning for vchkpw NOT being setuid was
> that setuid is NOT always needed depending on which backend you
> are using.

I can confirm that - bincimap and qmail-pop3d run as root, so the 
setuid bit is not necessary.  I believe this is also the case for 
dovecot 1.0 beta releases, though there are no ebuilds for them so 
I haven't yet tested (<1.0 releases use libvpopmail directly 
instead of the checkpassword interface).  However it is necessary 
for any server running as a non-root user, i.e. qmail-smtpd.

Thus I believe this should have the same treatment as binaries like 
chsh - they won't work for non-root users without the setuid bit, 
but running as a non-root user is generally accepted.  If I want to 
be paranoid (which I am), I can use suidctl (which I do), and only 
uncomment the binary when I discover the need to.  There's not 
really any reverse of suidctl to my awareness.

Nor is there a use flag for qmail or similar on vpopmail, but the 
vpopmail ebuild requires qmail regardless of USE settings (postfix 
support is not present), so at least in the current state, since 
the package is built for qmail, it should assume qmail's non-root 
qmail-smtpd will need to access vchkpw.

I would encourage making vchkpw suid even if postfix is supported 
and used instead of qmail, because there are other softwares (i.e. 
IMAP & POP servers) which have a checkpassword interface which do 
may not run as the root user.

> And as I've mentioned before I'd like MORE reports of packages
> working well before they are moved to stable arch. Without those
> stable working reports I don't have any means to judge just how
> much testing has been done on a package, other than my own use of
> a package (and as such I do leave things longer than the 30 days,
> because I don't entirely trust them).

This sounds like a request for the QA team.  I tend to stay away 
from most ~arch packages simply because most of our systems are 
live production servers, but I'd be happy to test-drive new ebuilds 
of vpopmail if it would help get new versions into the stable tree 
faster.

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
cshobe@seattleserver.com | cell 425-443-4653
AIM & Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] Abuse by gentoo developer

[Casey Allen Shobe]

On Wednesday 20 July 2005 02:35, Allen Parker wrote:
> On another note, Casey, you should attempt to figure out if
> anything you've said might have been taken the wrong way...

Oh, I know it was.  If everything I said was taken how I meant it 
then there wouldn't have been a disagreement.  However I don't see 
how anything I said taken in the worst conceivable manner would 
lead to such a negative response.  Oh well.

Thanks for the advice in this thread, and sorry for bringing this up 
here where it doesn't really belong.

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
cshobe@seattleserver.com | cell 425-443-4653
AIM & Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] QA feedback

[Mike Frysinger]

On Wednesday 20 July 2005 01:37 am, Casey Allen Shobe wrote:
> On Wednesday 20 July 2005 02:43, Robin H. Johnson wrote:
> > And as I've mentioned before I'd like MORE reports of packages
> > working well before they are moved to stable arch. Without those
> > stable working reports I don't have any means to judge just how
> > much testing has been done on a package, other than my own use of
> > a package (and as such I do leave things longer than the 30 days,
> > because I don't entirely trust them).
>
> This sounds like a request for the QA team.  I tend to stay away
> from most ~arch packages simply because most of our systems are
> live production servers, but I'd be happy to test-drive new ebuilds
> of vpopmail if it would help get new versions into the stable tree
> faster.

maybe ... but i think more than just the QA team needs to brainstorm some sort 
of feedback system ...
-mike
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] VPopmail - SUID vchkpw

[Robin H. Johnson]

[-- Attachment #1: Type: text/plain, Size: 3606 bytes --]

On Wed, Jul 20, 2005 at 05:37:19AM +0000, Casey Allen Shobe wrote:
> > So if this is still a problem in arch, but works in ~arch, you
> > SHOULD file a bug report.
> Why not just wait for the newer releases to make it to arch?
See my note as to why they haven't moved yet, and consider testing them
yourself, and reporting back (via bugzilla!).

> > However the original reasoning for vchkpw NOT being setuid was
> > that setuid is NOT always needed depending on which backend you
> > are using.
> I can confirm that - bincimap and qmail-pop3d run as root, so the 
> setuid bit is not necessary.  I believe this is also the case for 
> dovecot 1.0 beta releases, though there are no ebuilds for them so 
> I haven't yet tested (<1.0 releases use libvpopmail directly 
> instead of the checkpassword interface).  However it is necessary 
> for any server running as a non-root user, i.e. qmail-smtpd.
For common operation of qmail-smtpd, vchkpw is NOT required. SMTP AUTH
is the only reason qmail-smtpd would call vchkpw.

> Thus I believe this should have the same treatment as binaries like 
> chsh - they won't work for non-root users without the setuid bit, 
> but running as a non-root user is generally accepted.  If I want to 
> be paranoid (which I am), I can use suidctl (which I do), and only 
> uncomment the binary when I discover the need to.  There's not 
> really any reverse of suidctl to my awareness.
chsh has also been vetted for security problems a LOT more closely than
vchkpw. I don't trust vchkpw with suid-root.

> Nor is there a use flag for qmail or similar on vpopmail, but the 
> vpopmail ebuild requires qmail regardless of USE settings (postfix 
> support is not present), so at least in the current state, since 
> the package is built for qmail, it should assume qmail's non-root 
> qmail-smtpd will need to access vchkpw.
The postfix maintainers were asked about it once before, and the answer
was that there wasn't enough demand for it. You're only the second
person that's asked (that I am aware of).

> I would encourage making vchkpw suid even if postfix is supported 
> and used instead of qmail, because there are other softwares (i.e. 
> IMAP & POP servers) which have a checkpassword interface which do 
> may not run as the root user.
This is decidedly not a good idea, unless vchkpw gets locked up more so
that only specific things can run it (otherwise it can easily be used
to brute-force passwords).

> > And as I've mentioned before I'd like MORE reports of packages
> > working well before they are moved to stable arch. Without those
> > stable working reports I don't have any means to judge just how
> > much testing has been done on a package, other than my own use of
> > a package (and as such I do leave things longer than the 30 days,
> > because I don't entirely trust them).
> This sounds like a request for the QA team.  I tend to stay away 
> from most ~arch packages simply because most of our systems are 
> live production servers, but I'd be happy to test-drive new ebuilds 
> of vpopmail if it would help get new versions into the stable tree 
> faster.
In the absence of a proper QA team, users are some of the best
large-scale QA available. All I'm asking for are reports that a package
"Works for me". Try the ebuilds out, and send some feedback in.

-- 
Robin Hugh Johnson
E-Mail     : robbat2@orbis-terrarum.net
Home Page  : http://www.orbis-terrarum.net/?l=people.robbat2
ICQ#       : 30269588 or 41961639
GnuPG FP   : 11AC BA4F 4778 E3F6 E4ED  F38E B27B 944E 3488 4E85

[-- Attachment #2: Type: application/pgp-signature, Size: 241 bytes --]

[gentoo-dev] Re: Abuse by gentoo developer

[Duncan]

Casey Allen Shobe posted <200507200132.30745.lists@seattleserver.com>,
excerpted below,  on Wed, 20 Jul 2005 01:32:30 +0000:

> Hello all, I'm sorry to bring this here, but I don't know where else to
> take it, and feel that I was treated really unfairly.
> 
> As you know, I recently inquired about ebuild development on this list,
> and mentioned vpopmail.  <developer> answered my mail and suggested that
> I submit a patch.
> 
> I then spent some time working on the ebuild, and in doing so,
> discovered that the postgres support in vpopmail was not very good at
> all, so I wrote back to <developer>, and said that I was going to hold
> off working on the ebuild since I am currently working with the vpopmail
> team to improve vpopmail itself.  <developer> wrote this rather rude
> reply:
> 
> -------------------
> Casey Allen Shobe wrote:
>> Well I patched the ebuild and got it working, but I'm so terribly
>> disappointed with vpopmail's horrible postgresql support that I don't
>> think I'll be using it at all until I rewrite it. :P
>> 
>> Ah well, thanks anyways.  I'll let you know when/if they let me fix
>> vpopmail (already posted about it on the list).
> 
> The will not allow it and I will not allow someone to go fooling in an
> ebuild I maintain. Not trying to be an ass here but we have something
> called respect for others when it comes to the tree and what they
> maintain.

snip/snip..

The following could be considered philosophical ramblings by some.  Those
who don't like that sort of thing.. skip on to the next message.

So as not to get too personal, I replaced the name with <developer>.  I
really wish this had been done in the original.  After all, for those
needing to know, it's not difficult to trace who <developer> might be,
especially since this was posted to a public list with the (ostensible)
goal of finding where to take it next, NOT to specifically point fingers,
and leaving names out of it can sometimes help ease tensions.

As others have stated, devrel is the place to take it.  However, there was
the question of what remark may have been taken wrongly.  I think I see
that, above.

<developer> likely took the "horrible ... support ... I won't be using at
all until I rewrite it" as a threat to his maintainership of the package,
not seeing that you meant working with upstream.  Else, perhaps he was
instrumental in creating the original upstream support you just called
"horrible", saying you were going to "rewrite" it, in which case yeah, I
can see someone getting a bit offended over that.

Yes, folks need to develop a rather thicker skin and take offense less
easily. However, the FLOSS community is unfortunately all too rich with
stories of rivalries and enemies made, for no reason other than offense
was taken where no offense was originally intended.

I've come to believe, due to a large degree to my own often humbling
experiences, that a good portion of the problem is that FLOSS community
developers often tend to be far better at what they do than most of their
real life peers, and are used to being considered /the/ reference
authority on their interests and often on computers or technology in
general.  In meatspace, they are usually 90th percentile and above, and so
used to "explaining" things in "normal people" terms that they do it as a
matter of course, simply assuming (usually correctly, in meatspace) they
have a better understanding of the topic than anyone else around.

Now, take this 90th plus percentile person, and change their peer group
from one of the general population to one where they are co-equal or even
at the LOW end of understanding of the tech involved, and it can be a VERY
humbling experience.  NO LONGER are they always right, or at least "right
enough" that no one else has the knowledge to question them!   Getting
used to being at the LOW end, having folks talk down to YOU, as you've
been used to talking down (not in a mean way, but just at a level that can
be understood) to others, NOT being the unquestioned authority on the
subject because no one else knows enough about it to question you, takes a
*LOT* of getting used to.

It is my belief that many of the misunderstandings in the community are
based on this problem.  Someone has a huge ego, because they are used to
being right, 99% of the time, and never having to say "I'm sorry", or "I
was wrong".  Get that someone interfacing with another someone with the
same problem, and there can be and often are fireworks!  Most in the
community eventually learn to deal with the problem, becoming rather more
humble in the process, but some never do.  One of the amazing things about
Linus, if you've watched him in action, is how well he seems to have
learned this lesson -- how incredibly well he defuses the situation (in
most cases, the bitkeeper thing was exceptional in that it was the
exception proving the general point) with his self deprecating humor.

So... I'd just consider this the growing pains of a developer, faced with
dealing with an environment where he is surrounded by mostly equals (or
better) for the first time, thus, STRONGLY reacting as if his legitimacy
was challenged, at the slightest suggestion that there might be a
different and possibly better solution to the issue.  That words like
"horrible" and "rewrite" were included only strengthened what was in his
view a serious challenge to his maintainership, and therefore, to his
legitimacy as a Gentoo developer.

I'd suggest apologies would be in order from both sides.  Unfortunately,
when one side has resorted to kill filing the other, it's very difficult
to get an apology through, and yes, then it's time to involve a third
party, the reason devrelations is there.  Ideally, both sides ultimately
learn from the situation, making the one less likely to take offense and
more "professional" in his reactions even when he /does/ take /personal/
offense, and the other more aware of the sensitivity of words such as
"horrible" and "rewrite", particularly for those somewhat insecure in
their position in the first place.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman in
http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html


-- 
gentoo-dev@gentoo.org mailing list

[gentoo-dev] Re: VPopmail - SUID vchkpw

[Duncan]

Robin H. Johnson posted
<20050720070457.GC11608@curie-int.orbis-terrarum.net>, excerpted below, 
on Wed, 20 Jul 2005 00:04:57 -0700:

>> > And as I've mentioned before I'd like MORE reports of packages working
>> > well before they are moved to stable arch. Without those stable
>> > working reports I don't have any means to judge just how much testing
>> > has been done on a package, other than my own use of a package (and as
>> > such I do leave things longer than the 30 days, because I don't
>> > entirely trust them).

>> This sounds like a request for the QA team.  I tend to stay away from
>> most ~arch packages simply because most of our systems are live
>> production servers, but I'd be happy to test-drive new ebuilds of
>> vpopmail if it would help get new versions into the stable tree faster.

> In the absence of a proper QA team, users are some of the best
> large-scale QA available. All I'm asking for are reports that a package
> "Works for me". Try the ebuilds out, and send some feedback in.

As a ~arch user (~amd64), and sometimes even a -* and/or hardmasked for
testing user, this is right up my alley, altho I don't use these specific
packages.

What's the best mechanism (other than becoming an AT, which I'm working
on) for a user to report such working ~arch packages, without spamming the
devs working so hard to stabilize them?  ATs have specific procedures in
place for marking an ebuild TESTED and requesting moving from unkeyworded
to ~arch, and from ~arch to stable (for amd64 ATs, here:
http://www.gentoo.org/proj/en/base/amd64/tests/index.xml ), but there do
not appear to be any such procedures outlined for normal ~arch users, at
least that' I've come across.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman in
http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html


-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] QA feedback

[Chris Gianelloni]

[-- Attachment #1: Type: text/plain, Size: 908 bytes --]

On Wed, 2005-07-20 at 01:43 -0400, Mike Frysinger wrote:
> > This sounds like a request for the QA team.  I tend to stay away
> > from most ~arch packages simply because most of our systems are
> > live production servers, but I'd be happy to test-drive new ebuilds
> > of vpopmail if it would help get new versions into the stable tree
> > faster.
> 
> maybe ... but i think more than just the QA team needs to brainstorm some sort 
> of feedback system ...

We *had* stable.gentoo.org, but I don't think anybody really used it and
I'm not sure the output actually went to anyone.  Perhaps now that we
have metadata.xml and a defined place for these to go to, we could
revive something similar?

Something like a little check box that means "WORKSFORME" on a
particular ebuild/arch.

-- 
Chris Gianelloni
Release Engineering - Strategic Lead/QA Manager
Games - Developer
Gentoo Linux

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-dev] VPopmail - SUID vchkpw

[Casey Allen Shobe]

On Wednesday 20 July 2005 07:04, Robin H. Johnson wrote:
> For common operation of qmail-smtpd, vchkpw is NOT required. SMTP
> AUTH is the only reason qmail-smtpd would call vchkpw.

True.  Sorry for not realizing that.

> chsh has also been vetted for security problems a LOT more
> closely than vchkpw. I don't trust vchkpw with suid-root.

Then use suidctl?

> The postfix maintainers were asked about it once before, and the
> answer was that there wasn't enough demand for it. You're only
> the second person that's asked (that I am aware of).

...and I'm not actually asking for it, though it would be nice to be 
in the ebuild just for the sake of completeness.  I don't actually 
know anybody who uses postfix+vpopmail on the vpopmail list.

> This is decidedly not a good idea, unless vchkpw gets locked up
> more so that only specific things can run it (otherwise it can
> easily be used to brute-force passwords).

True.  Would the best way to do that be to only give the vpopmail 
group execute access to vchkpw, and then add qmail-smtpd to that 
group, but still have vchkpw suid?

It seems that su could be easily used to brute-force passwords, too, 
but it's suid by default.

Maybe what is needed is an extension to suidctl where emerge checks 
any installed binaries against things present in suidctl.conf that 
*should* be made suid if they're listed in there even if they're 
not suid by default?

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
cshobe@seattleserver.com | cell 425-443-4653
AIM & Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] VPopmail - SUID vchkpw

[Mike Frysinger]

On Wednesday 20 July 2005 03:04 am, Robin H. Johnson wrote:
> On Wed, Jul 20, 2005 at 05:37:19AM +0000, Casey Allen Shobe wrote:
> > I can confirm that - bincimap and qmail-pop3d run as root, so the
> > setuid bit is not necessary.  I believe this is also the case for
> > dovecot 1.0 beta releases, though there are no ebuilds for them so
> > I haven't yet tested (<1.0 releases use libvpopmail directly
> > instead of the checkpassword interface).  However it is necessary
> > for any server running as a non-root user, i.e. qmail-smtpd.
>
> For common operation of qmail-smtpd, vchkpw is NOT required. SMTP AUTH
> is the only reason qmail-smtpd would call vchkpw.

how is that not common operation ?  SMTP AUTH is a pretty critical feature 
imho
-mike
-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] VPopmail - SUID vchkpw

[Robin H. Johnson]

[-- Attachment #1: Type: text/plain, Size: 2198 bytes --]

On Thu, Jul 21, 2005 at 12:28:31AM +0000, Casey Allen Shobe wrote:
> > chsh has also been vetted for security problems a LOT more
> > closely than vchkpw. I don't trust vchkpw with suid-root.
> Then use suidctl?
I do on my production machines.

> > The postfix maintainers were asked about it once before, and the
> > answer was that there wasn't enough demand for it. You're only
> > the second person that's asked (that I am aware of).
> ...and I'm not actually asking for it, though it would be nice to be 
> in the ebuild just for the sake of completeness.  I don't actually 
> know anybody who uses postfix+vpopmail on the vpopmail list.
For the sake of completeness and as an academic exercise, I'll accept
tested patches for it ;-).

> > This is decidedly not a good idea, unless vchkpw gets locked up
> > more so that only specific things can run it (otherwise it can
> > easily be used to brute-force passwords).
> True.  Would the best way to do that be to only give the vpopmail 
> group execute access to vchkpw, and then add qmail-smtpd to that 
> group, but still have vchkpw suid?
On the vpopmail list in the distant past, I recall mention of the
concept of an authentication server, so you could have vchkpw without
any additional permissions. Nobody took it up at the time, and I never
heard of it again. However it would be one of the best routes to solve
this. Just implement the checkpassword interface on a socket, and be
done with it.

> It seems that su could be easily used to brute-force passwords, too, 
> but it's suid by default.
Yes, but su does more logging than vchkpw ;-).

> Maybe what is needed is an extension to suidctl where emerge checks 
> any installed binaries against things present in suidctl.conf that 
> *should* be made suid if they're listed in there even if they're 
> not suid by default?
This is getting into cfengine territory (which can do exactly what
you're asking for here).

-- 
Robin Hugh Johnson
E-Mail     : robbat2@orbis-terrarum.net
Home Page  : http://www.orbis-terrarum.net/?l=people.robbat2
ICQ#       : 30269588 or 41961639
GnuPG FP   : 11AC BA4F 4778 E3F6 E4ED  F38E B27B 944E 3488 4E85

[-- Attachment #2: Type: application/pgp-signature, Size: 241 bytes --]

Re: [gentoo-dev] VPopmail - SUID vchkpw

[Casey Allen Shobe]

On Thursday 21 July 2005 00:32, Mike Frysinger wrote:
> how is that not common operation ?  SMTP AUTH is a pretty
> critical feature imho

It's not a supported on included part of qmail, which has not been 
modified in a number of years.  The functionality is provided only 
via unofficial patches.

I agree that it is pretty critical, however that is not the opinion 
of the software author (or if it is, he hasn't chosen to integrate 
it with the main distribution for whatever reason).  Many people 
are still quite happily using vanilla qmail with relayctrl 
providing pop-before-smtp style relay access.  So, though I do rely 
on it, it's an add-on feature that many opt not to use.

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
cshobe@seattleserver.com | cell 425-443-4653
AIM & Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com
-- 
gentoo-dev@gentoo.org mailing list

[gentoo-dev] Re: VPopmail - SUID vchkpw

[Duncan]

Casey Allen Shobe posted <200507210515.57488.lists@seattleserver.com>,
excerpted below,  on Thu, 21 Jul 2005 05:15:57 +0000:

> On Thursday 21 July 2005 00:32, Mike Frysinger wrote:
>> how is that not common operation ?  SMTP AUTH is a pretty critical
>> feature imho
> 
> It's not a supported on included part of qmail, which has not been
> modified in a number of years.  The functionality is provided only via
> unofficial patches.
> 
> I agree that it is pretty critical, however that is not the opinion of the
> software author (or if it is, he hasn't chosen to integrate it with the
> main distribution for whatever reason).

Let's just say... QMail is from DJ Bernstein, which will answer the
question for many right there. If you don't know the implications of that
in terms of version of software available and how patches must be added,
due to his license, and you are interested, look it up.  I don't think we
need the flame war that could ensue from a discussion thereof on this
list.  =8^|

Resisting the temptation to say more...

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman in
http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html


-- 
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] QA feedback

[Stuart Longland]

[-- Attachment #1: Type: text/plain, Size: 2050 bytes --]

Chris Gianelloni wrote:
> On Wed, 2005-07-20 at 01:43 -0400, Mike Frysinger wrote:
> 
>>>This sounds like a request for the QA team.  I tend to stay away
>>>from most ~arch packages simply because most of our systems are
>>>live production servers, but I'd be happy to test-drive new ebuilds
>>>of vpopmail if it would help get new versions into the stable tree
>>>faster.
>>
>>maybe ... but i think more than just the QA team needs to brainstorm some sort 
>>of feedback system ...
> 
> 
> We *had* stable.gentoo.org, but I don't think anybody really used it and
> I'm not sure the output actually went to anyone.  Perhaps now that we
> have metadata.xml and a defined place for these to go to, we could
> revive something similar?
> 
> Something like a little check box that means "WORKSFORME" on a
> particular ebuild/arch.

Actually, with the Gentoo/MIPS project... we've got a (semi-unofficial)
hardware compatability database, where people can specify what
configurations work for them, etc.

http://stuartl.longlandclan.hopto.org/gentoo/mips/

Basically, the above site, allows people to record what configurations
work for them, as well as the kernel configs used.  They can make their
own notes as to how this configuration runs.  It also works in reverse,
if I were to get an O2, I could go to that site, and have my pick of 3
(at time of writing) kernel configurations that I could try, two 2.6.9,
one 2.6.12-rc2.

Perhaps something for packages could be rigged up?  I would certainly
make use of such a system if one existed.  If anyone's interested (in
particular, arch teams) in the code for the above site, I'm happy to
distribute it -- just needs PHP and MySQL.
-- 
 ____                   _             Stuart Longland (a.k.a Redhatter)
/  _ \   ___    ___  __| |__  __   __ Gentoo Linux/MIPS Cobalt and Docs
- (_) \ /   \  ;   \(__   __)/  \ /  \                        Developer
 \    //  O _| / /\ \  | |  | /\ | /\ |
 /   / \   /__| /  \ \ | |  | \/ | \/ |
(___/   \____/|_;  |_| \_/   \__/ \__/ http://dev.gentoo.org/~redhatter

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 256 bytes --]