This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Exim permissions


I broke my exim setup by trying to pipe procmail output back into
/var/mail.

I just spent a week trying to start the exim service again. I deleted
everything but only after deleting /var/mail did it start.
Even then it stopped because it couldn't write to
/var/log/exim.log

I don't understand the permissions. Freshly untarred, I
$ cp configure.sample configure

Administrator@AFLD-SERVER /usr/local/exim
$ exim -bV
Exim version 4.10 #3 built 24-Jul-2002 23:53:52
Copyright (c) University of Cambridge 2002
2002-08-30 14:34:48 Exim configuration file /usr/local/exim/configure has the wr
ong owner, group, or mode

Administrator@AFLD-SERVER /usr/local/exim
$ ls -al configure
-rw-r--r--    1 Administ None        21764 Aug 30 14:34 configure

Administrator@AFLD-SERVER /usr/local/exim
$ chown SYSTEM configure

Administrator@AFLD-SERVER /usr/local/exim
$ !exim
exim -bV
Exim version 4.10 #3 built 24-Jul-2002 23:53:52
Copyright (c) University of Cambridge 2002

Administrator@AFLD-SERVER /usr/local/exim
$ exim -v lang@ms.chinmin.edu.tw
LOG: MAIN
  <= Administrator@afld-server U=Administrator P=local S=346

Administrator@AFLD-SERVER /usr/local/exim
$ LOG: MAIN PANIC DIE
  unable to set gid=0 or uid=0 (euid=500): remote delivery to lang@ms.chinmin.ed
u.tw with transport=remote_smtp
LOG: MAIN
  == lang@ms.chinmin.edu.tw R=dnslookup T=remote_smtp defer (-1): smtp transport
 process returned non-zero status 0x0100: exit code 1
LOG: MAIN PANIC DIE
  unable to set gid=0 or uid=0 (euid=500): post-delivery tidying

g/uid=0 is Everyone.
I guess we need to run it as a service to avoid this suid problem.
What I did was set exim_user to Administrator in configure and
then I can send from the command line (at least for Administrator
:-).

exim -bP shows exim_user and exim_group are Everyone in the
unconfigured cygwin build.

And mail to Administrator from remote addresses is being accepted and 
stored in /var/mail/Administrator with exim_user = Administrator.

But there will still be problems for unprivileged users because
although Administrator's mail waiting for a queue runner in
spool/input has 640 permissions, unprivileged
user's mail had only permissions of 444 (or was it 440?). A log message of
Permission denied was being recorded in spool/log/mainlog but the
line showing exim had put the mail in the queue, hypothetically:

2002-08-30 17:50:33 H1NI08-000220-00 <= test@penpals.chinmin.edu.tw U=test
P=local S=379

was missing. Despite this the mail was in the queue and was being
sent and this was being recorded in spool/log/mainlog.
Perhaps this was a log permission problem, as well as an input one.

The different permissions for Administrator's mail in the queue
and other users' is probably related to the permissions on
/usr/local/exim/spool/input, the directory under which the mails
in the queue are held.

At the moment, this is 

Administrator@AFLD-SERVER /usr/local/exim/spool
$ ls -al input
total 4
drwxr-x---    2 Administ Everyone     4096 Aug 30 18:05 .
drwxr-xr-x    6 Administ None            0 Aug 30 14:36 ..

We shall see what happens for a test user. I have to make the
decision whether to comment out exim_user = Administrator in
/usr/local/exim/configure before I do this or not.

-- 
Greg Matheson                You can't get there from here.
Chinmin College
                                 
Taiwan Penpals Archive <URL: http://netcity.hinet.net/kurage>

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]