I've set up exim with a configuration very similar to the default - the
only major changes are the addition of address rewriting. I have created a
uid and gid for exim (88 in the logs below) and have read the security
chapter but I am still having problems that seem to relate to the use of
setreuid. If I add the line
security = setuid
to the configuration file, email delivery works fine. If I omit the line
and use the defaults, presumably "setreuid+setuid", I get the following
error message.
: /PACK/exim/bin/exim -v -M 0wjqQD-0004kr-00
: delivering message 0wjqQD-0004kr-00
: LOG: 0 MAIN PANIC
: Expansion of
: ${lookup{$1}lsearch{/etc/exim/email2username}{$value}fail}@???
: failed while rewriting: failed to open /etc/exim/email2username for linear
: search: Permission denied
: LOG: 0 PANIC
: Cannot open /var/log/exim/mainlog: Permission denied
: LOG: 0 PANIC
: Cannot open /var/log/exim/paniclog: Permission denied
: exim: could not open panic log: aborting
I would prefer to use setreuid as it would seem to reduce process
overheads but can't figure out what I need to change. After much
head-scratching and reading of spec.txt, I tried a strace to try
and figure out where the permission problems were coming from and
found the following:
: setregid(65535, 100) = 0
: setreuid(65535, 5009) = 0
: stat("/home/steve", {st_mode=S_IFDIR|0755, st_size=3072, ...}) = 0
: open("/home/steve/.forward", O_RDONLY) = 8
: fstat(8, {st_mode=S_IFREG|0600, st_size=63, ...}) = 0
: fstat(8, {st_mode=S_IFREG|0600, st_size=63, ...}) = 0
: mmap(0, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
: 0x400e4000
: read(8, "\\steve, steven@???"..., 8192) = 63
: open("/etc/exim/email2username", O_RDONLY) = -1 EACCES (Permission denied)
: write(2, "LOG: 0 MAIN PANIC\n Expansion o"..., 211LOG: 0 MAIN PANIC
: Expansion of
: ${lookup{$1}lsearch{/etc/exim/email2username}{$value}fail}@???
: failed while rewriting: failed to open /etc/exim/email2username for linear
: search: Permission denied) = 211
Exim seems to be setting the euid to that of the user to read the .forward
file but not setting it back exim's uid to read the files needed by the
rewriting code?
Any suggestions to what I've missed or am I going to have to change to
setuid security and accept the extra overheads?
Extra notes:
Address rewriting reads:
*@lsearch;/etc/exim/localdomains \
${lookup{$1}lsearch{/etc/exim/username2email}\
{$value}fail}@??? Ffr
*@lsearch;/etc/exim/localdomains \
${lookup{$1}lsearch{/etc/exim/email2username}\
{$value}fail}@??? T
Steve Clarke
