Fiona Ebner [Fri, 21 Oct 2022 13:02:47 +0000 (15:02 +0200)]
d/postinst: register binary in .forward
Similar to how it is done for pve-manager in PVE. If pvemailforward is
detected, nothing is done. An adapted pve-manager will cleanly handle
the switchover for PVE installations.
Fiona Ebner [Fri, 21 Oct 2022 13:02:46 +0000 (15:02 +0200)]
add Debian packaging
It is a setuid binary owned by root, since the initial step of reading
the configuration files on both PVE and PBS requires higher privileges
which can't be mapped easily otherwise.
Used parts of the packaging in proxmox-backup as a basis.
Fiona Ebner [Fri, 21 Oct 2022 13:02:45 +0000 (15:02 +0200)]
initial commit
It is intended to replace the current pvemailforward binary+script in
PVE and also be used in PBS. The implemenation is largely based on the
pvemailforward script to try and keep behavior mostly the same in PVE.
To read the config in PBS, the binary would need to belong to
backup:backup with setuid and setgid bits (proxmox-backup is 700 owned
by backup:backup and user.cfg is 640 owned by root:backup). To read
the configs in PVE the setgid bit for www-data would need to be set.
To avoid this issue, the helper will be a root-owned setuid binary and
set the effective UID to the real UID, after reading in the config
files.