Cyrus-SASL + sendmail 8.12.9 + "group writable file"
dbabler at rigel.orionsys.com
Mon Apr 28 20:03:28 PDT 2003
Basic problem: sendmail errors with permissions/ownerships on
maillog entry "error: safesasl(/usr/local/etc/sasldb) failed: Group readable file"
I'm getting pretty frustrated trying to find the secret handshake to
make this work. Searches of the archives for this problem produce lots
of hits, but few answers - and no answers that make this work.
OS: FreeBSD 4.8-RC
SENDMAIL_CFLAGS+= -I/usr/local/include/sasl1 -DSASL
And a CVSUP and make world was recently done (and repeated today for
good measure) after those options were set. Sendmail had also been built
prior to that with those options with the last patched 8.12.8 following
the CERT advisory.
Installed Cyrus-SASL 1.5.28 from the ports collection.
My sendmail.mc file contains (as per the ASMTP FAQ):
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN')dnl
define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5 LOGIN')dnl
And yes, the ODontBlameSendmail appears in the generated sendmail.cf
file. As appears in the various archived times this question has come
up, changing permissions and ownerships only move the error from group
read errors to access denied errors. For ownerships of the database
file, I've tried:
cyrus:mail (as installed by the port)
both with and without group read permissions. In short, none of those
permutations work. The truly weird part is that the DontBlameSendmail
option is not being honored, and I have NO idea why not.
More information about the freebsd-questions