Date: Sun, 27 Jun 2004 10:54:48 +0200 From: Oliver Fuchs <oliverfuchs@onlinehome.de> To: freebsd-questions@freebsd.org Subject: Re: Sendmail permission problems Message-ID: <20040627085447.GA6609@oliverfuchs.ath.cx> In-Reply-To: <200406260041.RAA20032@Hercules.ceosoft.com> References: <200406260041.RAA20032@Hercules.ceosoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 25 Jun 2004, Jamie LaPointe wrote: > I am having problems with a Perl based application (Bugzilla 2.16.5) that > uses Sendmail. I recently upgraded from Sendmail version 8.9.3 to 8.12.10 > and am using FreeBSD 5.2.1-Release. I installed this version of Sendmail > from the Ports collection from the FreeBSD FTP site. Ever since I upgraded > to this new version I have been having the following problem when attempting > to send an email via Bugzilla (the following error is from the mailog): > > Jun 25 17:11:42 srv-linbsd01 sm-mta[539]: starting daemon (8.12.10): > SMTP+queuei > > ng@00:30:00 > > Jun 25 17:11:42 srv-linbsd01 sm-msp-queue[542]: starting daemon (8.12.10): > queue > > ing@00:30:00 > > Jun 25 17:11:42 srv-linbsd01 sm-msp-queue[547]: starting daemon (8.12.10): > queue > > ing@00:30:00 > > Jun 25 17:12:04 srv-linbsd01 sendmail[630]: i5Q0C4fA000630: SYSERR(apache): > coll > > ect: Cannot write ./dfi5Q0C4fA000630 (bfcommit, uid=1003, gid=25): > Permission de > > nied > > Jun 25 17:12:04 srv-linbsd01 sendmail[630]: i5Q0C4fA000630: from=apache, > size=46 > > 8, class=0, nrcpts=0, relay=apache@localhost > > Jun 25 17:12:04 srv-linbsd01 sendmail[630]: i5Q0C4fA000630: i5Q0C4fB000630: > DSN: > > collect: Cannot write ./dfi5Q0C4fA000630 (bfcommit, uid=1003, gid=25): > Permissi > > on denied > > Jun 25 17:12:04 srv-linbsd01 sendmail[630]: i5Q0C4fB000630: SYSERR(apache): > queu > > eup: cannot create queue file ./qfi5Q0C4fB000630, euid=1003: Permission > denied > > Jun 25 17:12:04 srv-linbsd01 sendmail[631]: i5Q0C4K8000631: SYSERR(apache): > coll > > ect: Cannot write ./dfi5Q0C4K8000631 (bfcommit, uid=1003, gid=25): > Permission de > > nied > > Jun 25 17:12:04 srv-linbsd01 sendmail[631]: i5Q0C4K8000631: from=apache, > size=45 > > 9, class=0, nrcpts=0, relay=apache@localhost > > Jun 25 17:12:04 srv-linbsd01 sendmail[631]: i5Q0C4K8000631: i5Q0C4K9000631: > DSN: > > collect: Cannot write ./dfi5Q0C4K8000631 (bfcommit, uid=1003, gid=25): > Permissi > > on denied > > Jun 25 17:12:04 srv-linbsd01 sendmail[631]: i5Q0C4K9000631: SYSERR(apache): > queu > > eup: cannot create queue file ./qfi5Q0C4K9000631, euid=1003: Permission > denied > > > > It sure appears that something is screwed up with Permissions, yet > /var/spool/clientmqueue has the following permission: > > -bash-2.05b# ls -l > > total 32 > > drwxrwx--- 2 smmsp smmsp 512 Jun 25 12:09 clientmqueue > > drwxr-xr-x 3 root daemon 512 Apr 6 08:53 cups > > drwxrwxr-x 2 uucp dialer 512 Jun 25 17:11 lock > > drwxr-xr-x 2 root daemon 512 Feb 23 12:41 lpd > > drwxr-xr-x 3 root daemon 16384 Jun 25 15:17 mqueue > > drwx------ 2 root daemon 512 Feb 23 12:41 opielocks > > drwxr-xr-x 3 root daemon 512 Feb 23 12:41 output > > drwxr-xr-x 15 root wheel 512 Jun 25 11:48 postfix > > drwxrwxrwt 2 root wheel 512 Apr 6 08:53 samba > > > > >From everything that I have read this is correct. I also checked the > permission for the sendmail binary and it has the following permission: > > -bash-2.05b# ls -l /usr/libexec/sendmail/sendmail > > -r-xr-sr-x 1 root smmsp 635864 Feb 23 12:42 sendmail A look at SECURITY doc in /usr/local/share/doc/sendmail gives me: -r-xr-sr-x root smmsp ... /PATH/TO/sendmail drwxrwx--- smmsp smmsp ... /var/spool/clientmqueue drwx------ root wheel ... /var/spool/mqueue -r--r--r-- root wheel ... /etc/mail/sendmail.cf -r--r--r-- root wheel ... /etc/mail/submit.cf Oliver -- ... don't touch the bang bang fruit
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040627085447.GA6609>