-
October 22nd, 2002, 05:49 PM
#1
Sendmail problems
I'm using FreeBSD 4.7-stable, and I'm having this problem running sendmail:
Every user (except for 'root' which can send Emails fine) is denied sending mail with an error resembling this:
collect: Cannot write ./dfg9MGEbgT000633 (bfcommit, uid=1002, gid=25): Permission denied
queuep: cannot create queue temp file ./tfg9MGEbgT000633, uid=1002: Permission denied
I figured that no user other than root had write-permission in the mailqueue, so I did this:
Code:
chmod 777 /var/spool/mqueue
Although this solved my problem, I'm quite sure that this is not the way to go. I'm not sure how many security-leaks I created here. Can anyone help me out? (original permissions on /var/spool/mqueue are 755, chown root:deamon. I checked this against other FreeBSD 7.5-ST machines running sendmail, and they all had these settings).
I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.
-
October 22nd, 2002, 06:20 PM
#2
Check which owner owns sendmail (maybe uucp?). Make the owner of /var/spool/mqueue that user. Also check the group ownership as well, make them match. Then you should be able to set your permissions back to 755 or maybe even to 750. I am suprised that this worked in that sendmail didn't complain about the lax file permissions.
/nebulus
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
October 22nd, 2002, 06:38 PM
#3
The owner of sendmail is root, so both the owners of sendmail and the /var/spool/mqueue already are the same.
I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.
-
October 22nd, 2002, 06:42 PM
#4
Hate to have an entire post consisting of one question, but is sendmail still setuid?
mine is r-sr-xr-x
If not already setup, you could create a mail group, put all the users you want to sendmail in that group, change group ownership of sendmail to mail, change group ownership of /var/spool/mqueue (what about /var/mail?) and that might fix the problem as well. I still suspect though that maybe sendmail is no longer setuid (and therefore a normal user wouldn't be able to open it).
/nebulus
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|