openwebmail broke with latest update

William Dudley wfdudley at gmail.com
Sun Aug 25 14:31:05 UTC 2019 

Mark,

Thanks for your suggestions.

I left my debugging attempts out of my email to the list.

I checked the permissions, and they are as they should be: 4755 for
openwebmail.pl, owned by root:mail.

What I guess I need to do is write a small perl test program to see if the
setuid stuff works; perhaps
the FreeBSD Perl maintainer decided/forgot about the setuid Perl feature.

Since I haven't played with that Perl feature in a long while, that means a
bit of research . . .

Bill Dudley

This email is free of malware because I run Linux.


On Sun, Aug 25, 2019 at 10:09 AM MJ <mafsys1234 at gmail.com> wrote:

> Hello Bill,
>
> On 25/08/2019 2:36 am, William Dudley wrote:
> > Hi,
> >
> > Running 11.2-RELEASE-p11
> > and also openwebmail-2.53_4
> >
> > All software is installed using pkg; I try to keep things mostly "stock"
> to
> > make
> > maintenence easy.  This is a mail and web server that I use to supply
> > mailing
> > lists to a bunch of non-profits
> >
> > I just did pkg upgrade to openwebmail (and a bunch of other things) and
> > now openwebmail "fails" with the following message when I login to check
> > my mail:
> >
> > Set effective gid to mail(6) failed!
>
> -- DISCLAIMER - I don't use openwebmail and I'm a old user of Perl that
> stopped using it years
> ago. --
>
> I had a quick look in the code and where it could fail it suggests two
> things:
>
> a) perl has no idea of setuid (I think that's a compile option?)
>
> b) the script that runs (openwebmail.pl) is not setuid itself. That is,
> it should be permissions 4555 or 4755 or it's
> not owned by root or running under the mail group.
>
> But as you said you install from packages, I'd expect perl to be compiled
> with setuid (eg ENABLE_SUIDPERL=yes
> used to be the setting when making from ports)
>
> So my best guess would be permissions or ownership of the perl scripts?
>
> If you do a search within /usr/local/www/apacheNN/cgi-bin/openwebmail (I'm
> guessing the path here), you might find
> other references to your error:
> cd /usr/local/www/apacheNN/cgi-bin/openwebmail
> find . -type f -exec grep "Set effective gid to mail" {} \; -print
>
> and see what turns up. There was another script with the same error when I
> checked it. Make sure that one also has
> the correct permissions and ownership.
>
> I hope this is more of a help than a hindrance! :-)
>
> Cheers,
> Mark
>

More information about the freebsd-questions mailing list