File mailman.spec of Package mailman.15639

# spec file for package mailman
# Copyright (c) 2020 SUSE LLC
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via

Name:           mailman
#!BuildIgnore: sendmail
BuildRequires:  krb5
BuildRequires:  pcre-devel
BuildRequires:  postfix
BuildRequires:  pwdutils
BuildRequires:  python-devel
Requires:       cron
Requires:       logrotate
Requires:       python
Requires:       smtp_daemon
Requires:       w3m
PreReq:         /usr/sbin/useradd /usr/sbin/groupadd /bin/echo /bin/cp /bin/rm /bin/mkdir /usr/bin/awk /usr/bin/touch /usr/bin/getent openssl
PreReq:         permissions
Summary:        The GNU Mailing List Manager
License:        GPL-2.0-or-later
Group:          Productivity/Networking/Email/Mailinglists
Version:        2.1.17
Release:        0
Source:         %{name}-%{version}.tgz
Source1:        README.SUSE
Source2:        mailman-2.1-manpages.tgz
Source4:        mailman-generate-sysconfig
Source4:        SuSEconfig.mailman-SuSE
Source5:        rcmailman
Source6:        aliases
Source7:        sysconfig.mailman
Source8:        mailman.sgidlist
Source9:        mailman-apache2.conf
Source11:       logrotate.mailman
Source12:       mm-text.png
Patch1:         mailman-wrapper.patch
Patch2:         mailman-SuSE.patch
Patch3:         mailman-2.1.14-python.dif
Patch5:         mailman-2.1.14-editarch.patch
Patch6:         mailman-2.1.14-misc-PACKAGES.diff
Patch7:         mailman-2.1.2-list_lists.patch
Patch10:        mailman-2.1.4-dirmode.patch
Patch11:        mailman-2.1.4-notavaliduser.patch
Patch17:        mailman-weak-password.diff
Patch18:        mailman-2.1.5-no_extra_asian.dif
Patch19:        mailman-2.1.14-CVE-2016-6893.patch
Patch20:        mailman-2.1.15-CVE-2018-13796.patch
# patches collected at
Patch21:        mailman-2.1.15-CVE-2018-0618.patch
Patch22:        mailman-2.1.11-CVE-2015-2775.patch
Patch23:        mailman-2.1.15-CVE-2018-5950.patch
# PATCH-FIX-UPSTREAM CVE-2020-12137-XSS-MIME_type-confusion.patch bsc#1170558
# XSS due to MIME type confusion
Patch24:        CVE-2020-12137-XSS-MIME_type-confusion.patch
# PATCH-FIX-UPSTREAM CVE-2020-12108_injection_options.patch bsc#1171363
# arbitrary content injection in
Patch25:        CVE-2020-12108_injection_options.patch
# PATCH-FIX-UPSTREAM CVE-2020-15011_inject_private_login.patch bsc#1173369
# Originally from
Patch26:        CVE-2020-15011_inject_private_login.patch

Patch50:        mailman-SuSE2.patch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
%define       m_uid 72
%define       m_gid 67
%define       apache2_confd       /etc/apache2/conf.d
%define       sendmail_libd       /usr/lib/sendmail.d
%define       mailman_confd       /etc/mailman
# ----------------------------------------------------------------------------

This is the GNU Mailing List manager. Mailman provides an
easy-to-configure means of maintaining mailing lists including Web
administration. Mailman is written in Python.

    John Viega <>

%setup -q
%patch5 -p1
%patch6 -p1
%patch10 -p1
%patch11 -p1
%patch17 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
cp -av %{S:1} .
chmod -x NEWS
# ----------------------------------------------------------------------------

/usr/sbin/groupadd -g %{m_gid} -o -r mailman 2> /dev/null || :
/usr/sbin/useradd -r -o -g mailman -u %{m_uid} -s /bin/bash -c "GNU mailing list manager" -d /var/lib/mailman mailman 2> /dev/null || :
./configure --prefix=/usr/lib/mailman --sysconfdir=/etc \
	--localstatedir=/var/run --libexecdir=/usr/lib/mailman \
	--mandir=%{_mandir} --with-groupname=mailman --with-username=mailman \
	--with-var-prefix=/var/lib/mailman \
        --without-permcheck \
	--with-cgi-gid=nobody --with-mail-gid=nobody # fake
make OPT="$RPM_OPT_FLAGS -fpie -pie"
# ----------------------------------------------------------------------------

install -d $RPM_BUILD_ROOT/{usr/sbin,etc/{mailman,sysconfig,init.d,logrotate.d},var/adm/fillup-templates,sbin/conf.d}/
# add a hint to the crontab
cat <<EOF > $RPM_BUILD_ROOT/usr/lib/mailman/cron/crontab
# if you want to make changes to this file, please modify 
# /usr/lib/mailman/cron/crontab and restart mailman
# add user mailman in column 6 since we are going to use it as system crontab
awk '/^[0-9,\*]/ { print $1 " " $2 " " $3 " " $4 " " $5 " mailman " $6 " " $7 " " $8 } /^\#/ { print $0 }' \
	$RPM_BUILD_ROOT/usr/lib/mailman/cron/ \
	>> $RPM_BUILD_ROOT/usr/lib/mailman/cron/crontab
# write initial wrapper id files:
. %{S:7}
getent group $MAILMAN_CGI_GID | cut -d: -f3 > $RPM_BUILD_ROOT/%{mailman_confd}/mailman.cgi-gid
echo %{m_gid} > $RPM_BUILD_ROOT/%{mailman_confd}/mailman.mail-gid
# SuSEconfig stuff:
install -m 644 %{S:7} $RPM_BUILD_ROOT/var/adm/fillup-templates/
install -m 755 %{S:4} $RPM_BUILD_ROOT/usr/lib/mailman/bin/
install -m 644 %{S:8} %{buildroot}/usr/lib/mailman/sgidlist
# start script:
ln -sf ../../etc/init.d/mailman $RPM_BUILD_ROOT/usr/sbin/rcmailman
install -m 755 %{S:5} $RPM_BUILD_ROOT/etc/init.d/mailman
# make sure there is a valid  group writable aliases.db
# if the aliases.db would be generated later on, list creation
# through the web interface would not work!
install -m 664 %{S:6} $RPM_BUILD_ROOT/var/lib/mailman/data/aliases
# created in %%post and marked as %%ghost in the file section, so simply fake it:
/usr/bin/touch $RPM_BUILD_ROOT/var/lib/mailman/data/aliases.db
# apache stuff:
mkdir -p $RPM_BUILD_ROOT/%{apache2_confd}
cp -av %{S:9} $RPM_BUILD_ROOT/%{apache2_confd}/mailman.conf
# link to enhance interoperability with Sendmail
mkdir -p $RPM_BUILD_ROOT/%{sendmail_libd}/bin
ln -sf ../../../lib/mailman/mail/mailman $RPM_BUILD_ROOT/%{sendmail_libd}/bin/mailman
install -d $RPM_BUILD_ROOT%{_mandir}/man8/
tar xz -C $RPM_BUILD_ROOT%{_mandir}/man8/ -f %SOURCE2
install -m 644 %{S:11} $RPM_BUILD_ROOT/etc/logrotate.d/mailman
cp %SOURCE12 $RPM_BUILD_ROOT/usr/lib/mailman/icons/

# Better solution for bsc#1154328 (and bnc#697638)
install -m 0664 -D /dev/null %{buildroot}/var/lib/%{name}/logs/error

# ----------------------------------------------------------------------------

# ----------------------------------------------------------------------------

/usr/sbin/groupadd -g %{m_gid} -o -r mailman 2> /dev/null || :
/usr/sbin/useradd -r -o -g mailman -u %{m_uid} -s /bin/bash -c "GNU mailing list manager" -d /var/lib/mailman mailman 2> /dev/null || :
exit 0
# ----------------------------------------------------------------------------

%{fillup_and_insserv mailman}
%set_permissions -f usr/lib/mailman/sgidlist
# handle very old installations
test -d var/spool/mailman && {
    echo -n "Moving /var/spool/mailman -> /var/lib/mailman... "
    (cd var/lib/mailman && cp -a var/spool/mailman/* .)  && rm -rf var/spool/mailman
    echo "Done."
echo "All done."
# use Mailman facilities for updating old data
if test -z "$YAST_IS_RUNNING" ; then
    echo "Please remember to run '/usr/lib/mailman/bin/mailman-generate-sysconfig' to configure mailman"
# re-create the list aliases 
usr/lib/mailman/bin/genaliases > /dev/null
# update the alias db file and make it group-writeable (important for being able to create mailing lists thru the web interface)
if [ -x usr/sbin/postalias -a -r var/lib/mailman/data/aliases ]; then 
    usr/sbin/postalias var/lib/mailman/data/aliases || :
    chmod g+w var/lib/mailman/data/aliases.db
exit 0
# ----------------------------------------------------------------------------
%verify_permissions -f /usr/lib/mailman/sgidlist

%stop_on_removal mailman
# ----------------------------------------------------------------------------

%restart_on_update mailman
# ----------------------------------------------------------------------------

%defattr(-, root, root)
%doc %{_mandir}/man8/*.8.gz
%dir %{mailman_confd}
%config(noreplace) /etc/logrotate.d/mailman
%config(noreplace) %{mailman_confd}/mailman.*-gid
%dir %attr(2755, root, mailman) /usr/lib/mailman/
%attr(-, root, mailman) /usr/lib/mailman/[^Mmc]*
%attr(-, root, mailman) /usr/lib/mailman/cron
%dir %attr(-, root, mailman) /usr/lib/mailman/cgi-bin
%verify(not mode) %attr(2755, root, mailman) /usr/lib/mailman/cgi-bin/*
%dir %attr(2755, root, mailman) /usr/lib/mailman/Mailman/
%attr(-, root, mailman) /usr/lib/mailman/Mailman/[^m]*
%attr(-, root, mailman) /usr/lib/mailman/messages
%dir %attr(-, root, mailman) /usr/lib/mailman/mail
%verify(not mode) %attr(2755, root, mailman) /usr/lib/mailman/mail/mailman
%config(noreplace) %attr(-, root, mailman) /usr/lib/mailman/Mailman/m*
%dir %attr(2755, mailman, mailman) /var/lib/mailman/
%attr(-, root, mailman) /var/lib/mailman/[^d]*
%dir %attr(750, mailman, www) /var/lib/mailman/archives
%dir %attr(750, mailman, www) /var/lib/mailman/archives/private
%dir %attr(2775, root, mailman) /var/lib/mailman/data/
%config(noreplace) %attr(-, root, mailman) /var/lib/mailman/data/[^a]*
%config(noreplace) %attr(-, mailman, mailman) /var/lib/mailman/data/aliases
%ghost %attr(0664, wwwrun, mailman) /var/lib/mailman/logs/error
%ghost %attr(0664, mailman, mailman) /var/lib/mailman/data/aliases.db
%dir /etc/apache2
%dir %{apache2_confd}
%config (noreplace) %{apache2_confd}/mailman.conf
%dir %{sendmail_libd}
%dir %{sendmail_libd}/bin
# ----------------------------------------------------------------------------

openSUSE Build Service is sponsored by