Author: David Powers Date: To: exim-users Subject: [Exim] strange uid/gid problem
I am trying to run my exim as a user other than root (as recommended) and
for the most part it works just fine. I set user and group to mailnull and
mail in the beginning and then set specific users and groups for maildir
delivery in my routers (which works perfectly). However, my filter routers
don't seem to be working in the same way. When I attempt to set a user and
group in them exim crashes out with the following error:
2002-07-28 17:51:11 unable to set gid=1011 or uid=1011 (euid=26):
domain_filter_router router
The configuration for that particular router is:
# This router handles the per domain filtering
domain_filter_router:
driver = redirect
condition = ${lookup pgsql{select domains.filter from domains where
domains.domain='$domain' and domains.filter <> '' limit 1}{$value}{false}}
user = ${lookup pgsql{select systemuid from domains where
domains.domain='$domain' limit 1}{$value}fail}
group = ${lookup pgsql{select systemgid from domains where
domains.domain='$domain' limit 1}{$value}fail}
data = # Exim Filter\nif error_message then finish endif\n${lookup
pgsql{select domains.filter from domains where domains.domain='$domain'
limit 1}{$value}$... (more to this line, but not useful)
directory_transport = maildir_delivery
reply_transport = address_reply
allow_filter
allow_fail
check_ancestor
and the transports it calls:
maildir_delivery:
driver = appendfile
maildir_format = true
create_directory = true
create_file = belowhome
directory = ${lookup pgsql{select deliverto from addresses, domains where
domains.domain='$domain' and addresses.address='$local_part' and
addresses.domain$
quota = ${lookup pgsql{select addresses.diskquota from addresses, domains
where domains.domain='$domain' and addresses.address='$local_part' and
addresses.$
quota_warn_threshold = 90%
address_reply:
driver = autoreply
Any ideas how I can run under a non-root uid/gid and still get filters that
run under the appropriate uid/gid's? My understanding on reading the manual
was that this should be possible (this initial routing should run under root
regardless) but it doesn't seem to be the case with the filter routers.