ports/151783: mail/fetchmail: rc.d script broken in case of MDA use

Victor Balada Diaz victor at bsdes.net
Wed Oct 27 17:40:10 UTC 2010 

>Number:         151783
>Category:       ports
>Synopsis:       mail/fetchmail: rc.d script broken in case of MDA use
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 27 17:40:10 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Victor Balada Diaz
>Release:        7.1-RELEASE-p13
>Organization:
CoolBleiben
>Environment:
FreeBSD localhost.localdomain 7.1-RELEASE-p13 FreeBSD 7.1-RELEASE-p13 #7 r210046M: Wed Jul 14 10:40:48 CEST 2010     victor at localhost.localdomain:/usr/obj/usr/src-7.1/sys/DEBUG  amd64

>Description:
If you're using --mda parameter this is the documented behaviour of fetchmail: (from man page)


              If fetchmail is running as root,  it  sets  its  user  id  while
              delivering  mail  through  an MDA as follows:  First, the FETCH-
              MAILUSER, LOGNAME, and USER environment variables are checked in
              this  order.  The value of the first variable from his list that
              is defined (even if it is empty!) is looked  up  in  the  system
              user  database.  If  none of the variables is defined, fetchmail
              will use the real user id it was started with.  If  one  of  the
              variables  was  defined,  but the user stated there isn't found,
              fetchmail continues running as root, without checking  remaining
              variables  on the list.  Practically, this means that if you run
              fetchmail as root (not recommended), it is most useful to define
              the  FETCHMAILUSER environment variable to set the user that the
              MDA should run as. Some MDAs (such as maildrop) are designed  to
              be  setuid  root  and  setuid to the recipient's user id, so you
              don't lose functionality this way even when running fetchmail as
              unprivileged user.  Check the MDA's manual for details.

So if you login by ssh, become root, and start the fetchmail with a global config that needs an MDA, it will try to use the MDA of your LOGNAME or USER and will give an error:

Oct 27 19:15:38 oro fetchmail[89429]: Cannot switch effective user id to 1001: Operation not permitted

>How-To-Repeat:
1) create a standard configuration that use other program as MDA and make sure that MDA program doesn't have setuid or setgid perms.
2) login as your current user
3) do su to become root
4) start the fetchmail daemon /usr/local/etc/rc.d/fetchmail start
5) look at the logs, you'll see it's unable to deliver anything.
>Fix:
define in the shell script FETCHMAILUSER as = $fetchmail_user (by default, fetchmail) before starting fetchmail in daemon mode.

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list