Solaris Gotcha - Re: Quick upgrade review from 2.4x -> 3.0

["Christopher X. Candreva" <ch...@westnet.com>]

On Wed, 29 Sep 2004, Chris Santerre wrote:

> OK, I'm officially running 3.0 in production now. The upgrade was
> miraculously easy. Despite my paranoia that something was going to bite me
> in the behind, it went so smooth I was still worried. 

Did the same last night. There is one MAJOR gotcha for Solaris that isn't in 
the docs, but is on the wiki.

Sys-Hostname-Long is majorly broken on Solaris. It assumes a gnu hostname 
command and issues 'hostname --fqdn' to get the hostname, resorting to an 
IP method if this returns an error.

hostname on solaris however doesn't take options, and if you are root set's 
the system hostname to whatever you pass it. Upshot: Run spamd 3.0.0 as root 
on Solaris to suid to your users, and it changes your hostname to --fqdn !

So if you did a make test of S::H::L as a user other than root, all tests 
pass and it looks like it works. Call it from a program running as root 
-- and WHAM, odd things start happening since your hostname is now wrong. 
IE -- syslog stops working.

This was posted on the wiki and on the CPAN site, but evidently no one had 
e-mailed the author of Sys-Hostname-Long! I mailed him about this last 
night.

I highly suggest at LEAST adding a note to the INSTALL notes of SA 3.0.0

-Chris

==========================================================
Chris Candreva  -- chris@westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/

Re: Solaris Gotcha - Re: Quick upgrade review from 2.4x -> 3.0

[Alex S Moore <as...@edge.net>]

On Wed, 29 Sep 2004 14:12:48 -0400 (EDT)
"Christopher X. Candreva" <ch...@westnet.com> wrote:

> 
> Sys-Hostname-Long is majorly broken on Solaris. It assumes a gnu
> hostname command and issues 'hostname --fqdn' to get the hostname,
> resorting to an IP method if this returns an error.
> 
> hostname on solaris however doesn't take options, and if you are root
> set's the system hostname to whatever you pass it. Upshot: Run spamd
> 3.0.0 as root on Solaris to suid to your users, and it changes your
> hostname to --fqdn !

This does not sound good.

I have been running SA3.0 for a while on Solaris 9 from MIMEDefang and
have never had the hostname changed.  In fact, my spamassassin package
does not list Sys::Hostname::Long as a prerequiste.

Alex

Re: Solaris Gotcha - Re: Quick upgrade review from 2.4x -> 3.0

[Michael Parker <pa...@pobox.com>]

On Wed, Sep 29, 2004 at 02:40:35PM -0400, Christopher X. Candreva wrote:
> However, perhaps given the importance of SA and the symplicity of what this 
> does, SA might want to just not use this module and do something else -- 
> even ask for the FQDN in the configure part, when it asks for the e-mail 
> address to use and the other questions.
> 
[snip]
> 
> The more I think about it I think SA should just drop the module and do 
> something else. 

SA doesn't use this module directly, so consider it dropped :)

It's used by Mail::SPF::Query, maybe Net::DNS but I don't remember.

What should happen is the author of Sys::Hostname::Long should fix the
issue, then the author of Mail::SPF::Query should require the
version of Sys::Hostname::Long with the issue fixed.  Since we don't
require the Mail::SPF::Query module to be installed, we can't require
a certain version, but in INSTALL we can recommend using a specific
version which will in turn make sure that the Sys::Hostname::Long
issue is fixed.

Michael

BTW: Hardcoding a hostname as part of a module install is unwise
(think installs that run on multiple systems either via package
install or global NFS mounts)

Re: Solaris Gotcha - Re: Quick upgrade review from 2.4x -> 3.0

["Christopher X. Candreva" <ch...@westnet.com>]

On Wed, 29 Sep 2004, Keith Hackworth wrote:

> I ran into this too and I emailed the developer for this module about
> this.   I haven't seen a response yet.  I fixed it by modifying his perl

Well, he responded to almost immediately when I mailed him ast night 
(actually about 2:00 AM EDT ), and I gave him the correct syntax for 
hostname on Solaris.  He sounded like this was the first he had heard about 
it.

However, perhaps given the importance of SA and the symplicity of what this 
does, SA might want to just not use this module and do something else -- 
even ask for the FQDN in the configure part, when it asks for the e-mail 
address to use and the other questions.

Looking at the code for S::H::L -- it seems like overkill for such a simple 
function -- rather than decide at install time what system it is and install 
the proper code, each time it is called is tries to detect what kind of 
system it is on and do the appropriate thing.  Also, hostname is called 
without any kind of path, replying on the setting of $PATH

The more I think about it I think SA should just drop the module and do 
something else. 

==========================================================
Chris Candreva  -- chris@westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/