Cyrus-SASL + sendmail 8.12.9 + "group writable file"
Hajimu UMEMOTO
ume at mahoroba.org
Sat May 3 07:17:58 PDT 2003
Hi,
# I added CC: gshapiro who is the maintainer of sendmail.
>>>>> On Thu, 1 May 2003 19:38:36 -0500
>>>>> "Scot W. Hetzel" <hetzels at westbend.net> said:
hetzels> From: "David Babler" <dbabler at rigel.orionsys.com>
> Basic problem: sendmail errors with permissions/ownerships on
> /usr/local/etc/sasldb
>
> Symptom:
> maillog entry "error: safesasl(/usr/local/etc/sasldb) failed: Group
hetzels> readable file"
>
>
hetzels> We found the problem, the initial sendmail mail submission program was
hetzels> causing these errors to occur when sending mail from the local system. To
Though I'm using SASL2 and not tested SASL1, I cannot see such
problem. I think that MSP doesn't see sasldb2? unless you do enable
SMTP AUTH in submit.mc, and you don't need to have such configuration
by MSP.
hetzels> solve this problem you need to put the following into the submit.mc file
hetzels> that you use on your system (i.e. freebsd.submit.mc):
hetzels> define(`confRUN_AS_USER',`smmsp:mail')dnl
This is odd. The sendmail binary is not setuid to root, anymore. I
believe sendmail as MSP cannot change its user unless invoking from
root.
hetzels> define(`confTRUSTED_USER',`smmsp')dnl
hetzels> define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLDBFile')dnl
hetzels> NOTE: You must define confTRUSTED_USER, otherwise you will get an error in
hetzels> the log (readcf: option TrustedUser: unknown user smmsp:mail). This is
hetzels> caused by FEATURE(msp) defines confTRUSTED_USER using the confRUN_AS_USER
hetzels> value if not defined.
Sincerely,
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume at mahoroba.org ume at bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/
More information about the freebsd-questions
mailing list