public inbox for pmg-devel@lists.proxmox.com
 help / color / mirror / Atom feed
* [pmg-devel] [PATCH pmg-api 0/2] change sample-entries in default Who-Objects and check in pmg7to8
@ 2025-01-30 12:33 Stoiko Ivanov
  2025-01-30 12:33 ` [pmg-devel] [PATCH pmg-api 1/2] fix #5972: ruledb: default ruleset: use .example as TLD Stoiko Ivanov
  2025-01-30 12:33 ` [pmg-devel] [PATCH pmg-api 2/2] pmg7to8: add check for deprecated default entries in ruledb Stoiko Ivanov
  0 siblings, 2 replies; 3+ messages in thread
From: Stoiko Ivanov @ 2025-01-30 12:33 UTC (permalink / raw)
  To: pmg-devel

The issue was originally reported in our community-forum:
https://forum.proxmox.com/threads/.158455/

Stoiko Ivanov (2):
  fix #5972: ruledb: default ruleset: use .example as TLD
  pmg7to8: add check for deprecated default entries in ruledb

 src/PMG/CLI/pmg7to8.pm | 19 +++++++++++++++++++
 src/PMG/DBTools.pm     |  4 ++--
 src/tests/testdb.txt   |  4 ++--
 3 files changed, 23 insertions(+), 4 deletions(-)

-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [pmg-devel] [PATCH pmg-api 1/2] fix #5972: ruledb: default ruleset: use .example as TLD
  2025-01-30 12:33 [pmg-devel] [PATCH pmg-api 0/2] change sample-entries in default Who-Objects and check in pmg7to8 Stoiko Ivanov
@ 2025-01-30 12:33 ` Stoiko Ivanov
  2025-01-30 12:33 ` [pmg-devel] [PATCH pmg-api 2/2] pmg7to8: add check for deprecated default entries in ruledb Stoiko Ivanov
  1 sibling, 0 replies; 3+ messages in thread
From: Stoiko Ivanov @ 2025-01-30 12:33 UTC (permalink / raw)
  To: pmg-devel

following RFC 2606
https://www.rfc-editor.org/rfc/rfc2606.html

reported in our community forum:
https://forum.proxmox.com/threads/.158455/

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
 src/PMG/DBTools.pm   | 4 ++--
 src/tests/testdb.txt | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
index 8770d06..1acc0cb 100644
--- a/src/PMG/DBTools.pm
+++ b/src/PMG/DBTools.pm
@@ -644,12 +644,12 @@ sub init_ruledb {
     # WHO Objects
 
      # Blacklist
-    my $obj =  PMG::RuleDB::EMail->new ('nomail@fromthisdomain.com');
+    my $obj =  PMG::RuleDB::EMail->new ('nomail@fromthisdomain.example');
     my $blacklist = $ruledb->create_group_with_obj(
 	$obj, 'Blacklist', 'Global blacklist');
 
     # Whitelist
-    $obj = PMG::RuleDB::EMail->new('mail@fromthisdomain.com');
+    $obj = PMG::RuleDB::EMail->new('mail@fromthisdomain.example');
     my $whitelist = $ruledb->create_group_with_obj($obj, 'Whitelist', 'Global whitelist');
 
     # WHEN Objects
diff --git a/src/tests/testdb.txt b/src/tests/testdb.txt
index 794aa15..2c4f062 100644
--- a/src/tests/testdb.txt
+++ b/src/tests/testdb.txt
@@ -1,6 +1,6 @@
 Found RULE 4: Blacklist
   FOUND FROM GROUP 1: Blacklist
-    OBJECT 1: nomail@fromthisdomain.com
+    OBJECT 1: nomail@fromthisdomain.example
   FOUND ACTION GROUP 17: Block
     OBJECT 30: block message
 Found RULE 2: Block Viruses
@@ -49,7 +49,7 @@ Found RULE 11: Block Multimedia Files
     OBJECT 27: remove matching attachments
 Found RULE 5: Whitelist
   FOUND FROM GROUP 2: Whitelist
-    OBJECT 2: mail@fromthisdomain.com
+    OBJECT 2: mail@fromthisdomain.example
   FOUND ACTION GROUP 16: Accept
     OBJECT 29: accept message
 Found RULE 8: Block Spam (Level 10)
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [pmg-devel] [PATCH pmg-api 2/2] pmg7to8: add check for deprecated default entries in ruledb
  2025-01-30 12:33 [pmg-devel] [PATCH pmg-api 0/2] change sample-entries in default Who-Objects and check in pmg7to8 Stoiko Ivanov
  2025-01-30 12:33 ` [pmg-devel] [PATCH pmg-api 1/2] fix #5972: ruledb: default ruleset: use .example as TLD Stoiko Ivanov
@ 2025-01-30 12:33 ` Stoiko Ivanov
  1 sibling, 0 replies; 3+ messages in thread
From: Stoiko Ivanov @ 2025-01-30 12:33 UTC (permalink / raw)
  To: pmg-devel

with a new section for future checks of the rule database.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
 src/PMG/CLI/pmg7to8.pm | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/PMG/CLI/pmg7to8.pm b/src/PMG/CLI/pmg7to8.pm
index d0a6cbe..4e11b6b 100644
--- a/src/PMG/CLI/pmg7to8.pm
+++ b/src/PMG/CLI/pmg7to8.pm
@@ -13,6 +13,7 @@ use PMG::API2::APT;
 use PMG::API2::Certificates;
 use PMG::API2::Cluster;
 use PMG::RESTEnvironment;
+use PMG::RuleDB;
 use PMG::Utils;
 
 use Term::ANSIColor;
@@ -526,6 +527,23 @@ sub check_dkms_modules {
     }
 }
 
+sub check_ruledb {
+    log_info("Check the rulesystem...");
+
+    my $rdb = PMG::RuleDB->new();
+    my $ogroups = $rdb->load_objectgroups("who");
+    for my $who ($ogroups->@*) {
+	my $group_name = $who->{name};
+	next if ($group_name ne 'Blacklist' && $group_name ne 'Whitelist');
+	my $objects = $rdb->load_group_objects($who->{id});
+	for my $obj ($objects->@*) {
+	    log_warn("deprecated default entry in '$group_name' present: $obj->{address}")
+		if ($obj->{address} =~ m/(?:no)?mail\@fromthisdomain.com/);
+	}
+    }
+    return;
+}
+
 sub check_misc {
     print_header("MISCELLANEOUS CHECKS");
     my $ssh_config = eval { PVE::Tools::file_get_contents('/root/.ssh/config') };
@@ -637,6 +655,7 @@ __PACKAGE__->register_method ({
     code => sub {
 	my ($param) = @_;
 
+	check_ruledb();
 	check_pmg_packages();
 	check_cluster_status();
 	my $upgraded_db = check_running_postgres();
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-01-30 12:34 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-01-30 12:33 [pmg-devel] [PATCH pmg-api 0/2] change sample-entries in default Who-Objects and check in pmg7to8 Stoiko Ivanov
2025-01-30 12:33 ` [pmg-devel] [PATCH pmg-api 1/2] fix #5972: ruledb: default ruleset: use .example as TLD Stoiko Ivanov
2025-01-30 12:33 ` [pmg-devel] [PATCH pmg-api 2/2] pmg7to8: add check for deprecated default entries in ruledb Stoiko Ivanov

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal