#!/bin/ksh # @(#)pmdaemon 1.11 (PGP Moose) 99/01/27 # Checking daemon for PGP Moose # Written by Greg Rose, RoSecure Software, Copyright C 1995. # search path usually needs to be set, because this is invoked by "news" #cd ~usenet/PGPmoose export PATH=$PATH:.:/usr/local/bin # Probably need a PGPPATH too. export PGPPATH=. # To approve automatic cancellations, use a special keyring PMCANCELRING=pmcancel.pgp # Root of the tree of news articles PREFIX=/var/spool/news # Name of file specifying controlled groups GROUPS=checkedgroups # File which contains details of "other moderators" OTHERS=othermoderators # Name of a log file. You have to arrange to clean this up yourself. # Use /dev/null if you don't want a log. LOG=mooselog # Command to run to send mail to someone. # If it isn't "sendmail" you might also have to fix the arguments. MAIL=/usr/sbin/sendmail # Command to run to submit a cancel article (assumed to be the path to inews) INEWS="/usr/local/bin/inews -h" # An email address to send all failing articles to. MANAGER=ggr # A place to put temp files. These can add up to about twice the # size of the article being posted. TMP=/tmp # End of configuration # Be neat and tidy. TF=$TMP/pgpmt$$ trap "rm -f $TF.?; exit 1" 1 2 3 15 # Debugging # exec >>/tmp/pmcheckdebug 2>&1 # set -x cat $PREFIX/$1 >$TF.a pmnewsgroups $TF.a >$TF.n echo >>$LOG "`date` $1 appears in `cat $TF.n`" # Debugging enable this grep -i "^X-Auth" $TF.a >>$LOG # Find out the important newsgroups; checking is more stringent for these. check=`sed -e '/^#/d' -e 's/[ ].*//' $GROUPS | sort | comm -12 $TF.n -` # Run the check on these groups. for i in $check do echo >>$LOG "`date` checking $i" pmcheck $i $TF.a >$TF.o 2>&1 status=$? if [ "$status" != 0 ]; then # Do the appropriate thing with this article. # $1 $2 $3 # sci.crypt.research email crypt-request@cs.aukuni.ac.nz set -- `grep "^$i[ ]" $GROUPS` echo >>$LOG "failed in $i: action $2 $3" cat >>$LOG $TF.o # Prepare a cancel message to send. pmcancel <$TF.a >$TF.c # Prepare a mail message to send. { cat <<-END To: $3 Subject: PGP Moose Daemon detected bad article (action: $2) The PGP Moose daemon running on `hostname` has detected an article which failed the checking for the newsgroup $i. A preformatted cancel message for this article is appended in case it is useful. The output from "pmcheck" is: END cat $TF.o echo '' echo 'The article contents are:' cat $TF.a echo '' echo 'Cancel Message:' cat $TF.c } >$TF.m # Check the (X-)Approved: or (X-)Approved-For-Group: line # if PGP Moose simply wasn't used. if [ "$status" = 1 -a "x$OTHERS" != "x" ]; then sed \ -e 's/^[Xx]-//' \ -e 's/^[Aa][Pp][Pp][Rr][Oo][Vv][Ee][Dd]-[Ff][Oo][Rr]-[Gg][Rr][Oo][Uu][Pp]:/Approved:/' \ -e "s/$i\$//" \ -e '/^[Aa][Pp][Pp][Rr][Oo][Vv][Ee][Dd]: */!d' \ -e "s/^[Aa][Pp][Pp][Rr][Oo][Vv][Ee][Dd]: */$i /" \ -e 's/[^A-Za-z0-9@()<> ]/\\&/g' \ -e 's/ /[ ][ ]*/g' \ <$TF.a >$TF.p while read pattern; do if grep -s "^$pattern\$" $OTHERS >/dev/null; then echo >>$LOG "found in $OTHERS -- ignoring" continue 2 fi done < $TF.p if egrep -s '(tale|newgroups-request|group-admin)@isc.org' \ $TF.p >/dev/null; then # blanket exception for David Lawrence. echo >>$LOG "Posting from tale -- ignoring" continue fi fi # Hands off control messages, or ones using pgpverify if egrep -s '^([Cc][Oo][Nn][Tt][Rr][Oo][Ll]:|X-PGP-Sig:)' $TF.a; then echo >>$LOG "Control message or pgpverify used -- ignoring" continue fi # Notify the manager (if any) if [ "x$MANAGER" != "x" ]; then $MAIL $MANAGER <$TF.m fi # Now what? case "$2" in email) $MAIL $3 <$TF.m ;; cancel) $MAIL $3 <$TF.m export PMUSER="PGP Moose Canceller" export PMPASSWORD=cancel export APP="PGP Moose Canceller " SECRING=$PMCANCELRING pmapp pmcancel@localhost $TF.c | $INEWS echo >>$LOG "Cancel message posted." ;; *) echo >>$LOG "Unknown action $2" ;; esac fi # Debugging -- add output from pmcheck to log. cat $TF.o >>$LOG done # Also, if there are any individual users in the article, check for them. users=`grep -i '^X-Auth.*: PGPMoose .*@' $TF.a | sed -e 's/^.*[ ]//'` if [ "x$users" != "x" ]; then echo >>$LOG "Checking for users: $users" pmcheck $TF.a >$TF.o || { cat <<-END Subject: PGP Moose Daemon detected bad article The PGP Moose daemon running on `hostname` has detected an article which failed the checking for $users. The output from "pmcheck" is: END cat $TF.o echo '' echo 'The article contents:' cat $TF.a } | $MAIL $users fi rm -f $TF.? exit 0