Re: [Exim] File permission and aliases files

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: CaLViN
CC: Philip Hazel
Subject: Re: [Exim] File permission and aliases files
On Tue, 24 Jun 2003, CaLViN wrote:

> -rw-rw----    1 mail     rellits      1892 Jun 17 20:42 /opt/rellits.com/mail/aliases

>
> This is the configuration that works. User mail is in group rellits.
> Now I change the permissions on the alias file to this:
>
> -rw-rw----    1 calvin   rellits      1892 Jun 17 20:42 /opt/rellits.com/mail/aliases

>
> With this config I get the error.


I now know why.

> > What happens if you do an Exim test run using the -bh option?
>
> MAIL FROM: cstiller@???


You left off the beginning of the debug output! That would contain
information about changing uid/gid. However, I can tell you what is
happening.

When Exim is receiving messages it changes uid/gid to the Exim uid/gid.
It does NOT obey "initgroups". So if you use sender or recipient
verification, all the routers that are run must be capable of running as
(in your case) mail:mail without any other available groups.

I've made a note to point out that "initgroups" is not used when Exim is
receiving messages, at the places in the manual where the change of
uid/gid is mentioned (7.3 and 21.2).


--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book