WIJATA.COM
» Main Page

» About Me

» Mail Me

» My CV

» My study

» My Software

» Collected links

» Selected friends

» My ftp site

» wijata.com
domain


» artysta.art.pl
domain



 
This webpage is here to present software created by me, or in co-operation with other people.
A short description and downloads are available from here. If You want send me some suggestions, bugfixes etc. go ahead.
Always You can contact me via mail, or even better via mailing list set at softwarewijata.com. Subscribe via mailing to software-subscribewijata.com.
ERUP & mod_diffprivs FileGuards QMail & patches Sendmail2SMTP

This is page for ERUP project, where ERUP stands for: enhanced regular user privileges.
ERUP is a Linux kernel patch (and module for 2.4 kernel) which allows regular users to have enhanced privileges. With ERUP unprivileged users can call privileged system calls, which normally are restricted to superuser only.
For more information read README file included in distribution. And also read ChangeLog to see current development status.

There is also Apache module (mod_diffprivs), which uses this module. With this module each request may be served as any user without need of use suexec (which only works with cgi, not build-in php). Apache may also setgroups & chroot to specified dir before serving request. You may download it from sourceforge.net
There is also my own patched version which You may download from this site.

Currently available files for ERUP:
 Currently available files for mod_diffprivs:
For apache version 2.2, I recommend the Apache 2 ITK MPM and/or Peruser MPM for Apache 2.x.

From this page You can download latest available FileGuard patch for Linux kernel sources.
More specification for what it is about I'll write later.
In meantime You'll have to read the documentation.

You may also be interested with A Virtual Filesystem Project and Filesystem in USErspace.
Since FileGuard software is no longer developed, check them out.
Currently available files for FileGuards:
 

From this page You can download QMail MTA and some useful patches to QMail.
Note, that only following patches are created by me:

  • qmail-qqpf is a qmail-queue post filter. Filtering is done after the mail is queued. If the environmental variable QQPOSTF is set, qmail runs filter program pointed by QQPOSTF and passes to it files from queue. The first argument is filename containing mail body, the second is filename contains delivery information (uid, pid, mail from, rcpt to). Stdin, stdout, stderr are open to /dev/null. If the filter returns with code between 1 and 99, the return code is passed as an error code and mail is dequeued. For error codes look into qmail.c file. For custom error codes use my qmail-qqxrc patch.
  • qmail-qqxrc patch allows You to customize error codes returned by qmail-queue (see qmail.c for details). With this patch You can create control/qqxrcode file containing new error codes and descriptions. Syntax is:
    retcode description
    eg.:
    30 Well known virus found
    This patch is meant to customize error code descriptions returned by qmail-queue patched with qmail-qqpf or if qmail-queue returns unknown error code for any other reason.
  • qmail-alwaysbcc is a patch which makes qmail to send a blind carbon copy (BCC:) of each message to specified address. The address is read from environment variable called ALWAYSBCC.
    I know that there is already QUEUE_EXTRA parameter in extra.h, but I needed change the address without recompiling qmail. So the patch is out.
  • qmail-mplimit is a patch which addresses qmail-send nasty behavior to try all message recipients from one message before trying any other message. The problem was well described here http://cyberdesk.com/qmail/qmail-send.html at the last paragraph (at the end of page, starting from words Note to self) and here http://www.cyberis.net/support/qmail/misc/THOUGHTS.phtml (Section 5, from words Exception).
    The patch simply limits one time recipients tried of message to 4/5*concurrency. After that message is moved back to queue and next recipients are tried. This way qmail is able to deliver next message even while processing another say 10M message with 1000 recipients on slow network.
  • qmail-pl is a patch which adds some Polish messages. I guess not all anyway.
  • qmail-smtpd-rlchk is a patch for qmail-smtpd combining two features in one. First it tries to valid local recipient after rcpt to: command is issued. If recipient is invalid for sure, it simply rejects him with 5xx code. If validity of local recipient can't be verified (ie. due to lack of privileges or he's remote), he's accepted. This was created to address the qmail's delayed bounce behavior and to reduce the amount of double-bounces.
    Second, it tries to valid remote sender given in mail from: command. It simply connects to best MX for domain sender and checks if our sender is accepted as remote recipient. In case of any error mail sender is accepted. If remote MX rejects our sender with some errorcode, we also reject him with the same errorcode and reason.
    In addition positive responses are cached.
    It works for me, it may work for You...
  • qmail-ravenmp are some patches bundled together. Check the header of the patch for details.
You may also be interested in visiting QMail.org webpage or QMail's homepage.
Currently available files for QMail:

Sendmail2SMTP is a program, which takes an email as it's input, translates it to SMTP session and passes it to SMTP server.
It was created mainly for use with PHP. First, You don't have to have a real /usr/sbin/sendmail (or /usr/lib/sendmail) on machine with php installed. Second, You may put this program into chroot environment (see ERUP/mod_diffprivs above). With this program You can continue using php's mail() function. Just change sendmail_path in php.ini if required.
Currently available files for Sendmail2SMTP: