Date: Sun, 25 Aug 2019 10:30:51 -0400 From: William Dudley <wfdudley@gmail.com> To: MJ <mafsys1234@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: openwebmail broke with latest update Message-ID: <CAFsnNZKZDxGBZoW9kaUgNJuJsnjKEcqWnWo9vOkV4%2BDLWh4SXg@mail.gmail.com> In-Reply-To: <ae843fb4-8a24-f19b-0f00-6670fe01f46e@gmail.com> References: <CAFsnNZKhm97zBjKi1VHSx0ZWzm_W-qKkJZwuTTte3s7etfmquA@mail.gmail.com> <ae843fb4-8a24-f19b-0f00-6670fe01f46e@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark,
Thanks for your suggestions.
I left my debugging attempts out of my email to the list.
I checked the permissions, and they are as they should be: 4755 for
openwebmail.pl, owned by root:mail.
What I guess I need to do is write a small perl test program to see if the
setuid stuff works; perhaps
the FreeBSD Perl maintainer decided/forgot about the setuid Perl feature.
Since I haven't played with that Perl feature in a long while, that means a
bit of research . . .
Bill Dudley
This email is free of malware because I run Linux.
On Sun, Aug 25, 2019 at 10:09 AM MJ <mafsys1234@gmail.com> wrote:
> Hello Bill,
>
> On 25/08/2019 2:36 am, William Dudley wrote:
> > Hi,
> >
> > Running 11.2-RELEASE-p11
> > and also openwebmail-2.53_4
> >
> > All software is installed using pkg; I try to keep things mostly "stock"
> to
> > make
> > maintenence easy. This is a mail and web server that I use to supply
> > mailing
> > lists to a bunch of non-profits
> >
> > I just did pkg upgrade to openwebmail (and a bunch of other things) and
> > now openwebmail "fails" with the following message when I login to check
> > my mail:
> >
> > Set effective gid to mail(6) failed!
>
> -- DISCLAIMER - I don't use openwebmail and I'm a old user of Perl that
> stopped using it years
> ago. --
>
> I had a quick look in the code and where it could fail it suggests two
> things:
>
> a) perl has no idea of setuid (I think that's a compile option?)
>
> b) the script that runs (openwebmail.pl) is not setuid itself. That is,
> it should be permissions 4555 or 4755 or it's
> not owned by root or running under the mail group.
>
> But as you said you install from packages, I'd expect perl to be compiled
> with setuid (eg ENABLE_SUIDPERL=yes
> used to be the setting when making from ports)
>
> So my best guess would be permissions or ownership of the perl scripts?
>
> If you do a search within /usr/local/www/apacheNN/cgi-bin/openwebmail (I'm
> guessing the path here), you might find
> other references to your error:
> cd /usr/local/www/apacheNN/cgi-bin/openwebmail
> find . -type f -exec grep "Set effective gid to mail" {} \; -print
>
> and see what turns up. There was another script with the same error when I
> checked it. Make sure that one also has
> the correct permissions and ownership.
>
> I hope this is more of a help than a hindrance! :-)
>
> Cheers,
> Mark
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFsnNZKZDxGBZoW9kaUgNJuJsnjKEcqWnWo9vOkV4%2BDLWh4SXg>