#!/bin/ksh
# @(#)pmdaemon 1.11 (PGP Moose) 99/01/27
# Checking daemon for PGP Moose
# Written by Greg Rose, RoSecure Software, Copyright C 1995.
# search path usually needs to be set, because this is invoked by "news"
#cd ~usenet/PGPmoose
export PATH=$PATH:.:/usr/local/bin
# Probably need a PGPPATH too.
export PGPPATH=.
# To approve automatic cancellations, use a special keyring
PMCANCELRING=pmcancel.pgp
# Root of the tree of news articles
PREFIX=/var/spool/news
# Name of file specifying controlled groups
GROUPS=checkedgroups
# File which contains details of "other moderators"
OTHERS=othermoderators
# Name of a log file. You have to arrange to clean this up yourself.
# Use /dev/null if you don't want a log.
LOG=mooselog
# Command to run to send mail to someone.
# If it isn't "sendmail" you might also have to fix the arguments.
MAIL=/usr/sbin/sendmail
# Command to run to submit a cancel article (assumed to be the path to inews)
INEWS="/usr/local/bin/inews -h"
# An email address to send all failing articles to.
MANAGER=ggr
# A place to put temp files. These can add up to about twice the
# size of the article being posted.
TMP=/tmp
# End of configuration
# Be neat and tidy.
TF=$TMP/pgpmt$$
trap "rm -f $TF.?; exit 1" 1 2 3 15
# Debugging
# exec >>/tmp/pmcheckdebug 2>&1
# set -x
cat $PREFIX/$1 >$TF.a
pmnewsgroups $TF.a >$TF.n
echo >>$LOG "`date` $1 appears in `cat $TF.n`"
# Debugging enable this
grep -i "^X-Auth" $TF.a >>$LOG
# Find out the important newsgroups; checking is more stringent for these.
check=`sed -e '/^#/d' -e 's/[ ].*//' $GROUPS | sort | comm -12 $TF.n -`
# Run the check on these groups.
for i in $check
do
echo >>$LOG "`date` checking $i"
pmcheck $i $TF.a >$TF.o 2>&1
status=$?
if [ "$status" != 0 ]; then
# Do the appropriate thing with this article.
# $1 $2 $3
# sci.crypt.research email crypt-request@cs.aukuni.ac.nz
set -- `grep "^$i[ ]" $GROUPS`
echo >>$LOG "failed in $i: action $2 $3"
cat >>$LOG $TF.o
# Prepare a cancel message to send.
pmcancel <$TF.a >$TF.c
# Prepare a mail message to send.
{
cat <<-END
To: $3
Subject: PGP Moose Daemon detected bad article (action: $2)
The PGP Moose daemon running on `hostname`
has detected an article which failed the checking
for the newsgroup $i.
A preformatted cancel message for this article is appended
in case it is useful.
The output from "pmcheck" is:
END
cat $TF.o
echo ''
echo 'The article contents are:'
cat $TF.a
echo ''
echo 'Cancel Message:'
cat $TF.c
} >$TF.m
# Check the (X-)Approved: or (X-)Approved-For-Group: line
# if PGP Moose simply wasn't used.
if [ "$status" = 1 -a "x$OTHERS" != "x" ]; then
sed \
-e 's/^[Xx]-//' \
-e 's/^[Aa][Pp][Pp][Rr][Oo][Vv][Ee][Dd]-[Ff][Oo][Rr]-[Gg][Rr][Oo][Uu][Pp]:/Approved:/' \
-e "s/$i\$//" \
-e '/^[Aa][Pp][Pp][Rr][Oo][Vv][Ee][Dd]: */!d' \
-e "s/^[Aa][Pp][Pp][Rr][Oo][Vv][Ee][Dd]: */$i /" \
-e 's/[^A-Za-z0-9@()<> ]/\\&/g' \
-e 's/ /[ ][ ]*/g' \
<$TF.a >$TF.p
while read pattern; do
if grep -s "^$pattern\$" $OTHERS >/dev/null; then
echo >>$LOG "found in $OTHERS -- ignoring"
continue 2
fi
done < $TF.p
if egrep -s '(tale|newgroups-request|group-admin)@isc.org' \
$TF.p >/dev/null; then
# blanket exception for David Lawrence.
echo >>$LOG "Posting from tale -- ignoring"
continue
fi
fi
# Hands off control messages, or ones using pgpverify
if egrep -s '^([Cc][Oo][Nn][Tt][Rr][Oo][Ll]:|X-PGP-Sig:)' $TF.a; then
echo >>$LOG "Control message or pgpverify used -- ignoring"
continue
fi
# Notify the manager (if any)
if [ "x$MANAGER" != "x" ]; then
$MAIL $MANAGER <$TF.m
fi
# Now what?
case "$2" in
email)
$MAIL $3 <$TF.m
;;
cancel)
$MAIL $3 <$TF.m
export PMUSER="PGP Moose Canceller"
export PMPASSWORD=cancel
export APP="PGP Moose Canceller <pmcancel@localhost>"
SECRING=$PMCANCELRING pmapp pmcancel@localhost $TF.c | $INEWS
echo >>$LOG "Cancel message posted."
;;
*)
echo >>$LOG "Unknown action $2"
;;
esac
fi
# Debugging -- add output from pmcheck to log.
cat $TF.o >>$LOG
done
# Also, if there are any individual users in the article, check for them.
users=`grep -i '^X-Auth.*: PGPMoose .*@' $TF.a | sed -e 's/^.*[ ]//'`
if [ "x$users" != "x" ]; then
echo >>$LOG "Checking for users: $users"
pmcheck $TF.a >$TF.o || {
cat <<-END
Subject: PGP Moose Daemon detected bad article
The PGP Moose daemon running on `hostname`
has detected an article which failed the checking
for $users.
The output from "pmcheck" is:
END
cat $TF.o
echo ''
echo 'The article contents:'
cat $TF.a
} | $MAIL $users
fi
rm -f $TF.?
exit 0
syntax highlighted by Code2HTML, v. 0.9.1