Re: [Exim] nobody_user?

Top Page
Delete this message
Reply to this message
Author: Toralf Lund
Date:  
To: exim-users
Subject: Re: [Exim] nobody_user?
Philip Hazel wrote:

>On Thu, 18 Mar 2004, Toralf Lund wrote:
>
>
>
>>scu-archive: "|/usr/bin/mhonarc -outdir
>>/u/project/ServoKortScanner/email -quiet -add"
>>ks: "|/usr/bin/mhonarc -outdir /usr/local/www/htdocs/mail/ks -quiet -add"
>>
>>in /etc/aliases (this is based on our actual setup.)
>>
>>There is a local user account with login name "ks", but none called
>>"scu-archive".
>>
>>For the 1st alias I want the pipe to run as user "guest". For the 2nd I
>>want "ks" - i.e. the login-name matching LHS of the alias. Setting
>>user=guest for the pipe transport would cause both aliases to be run as
>>"guest", which is not what I want.
>>
>>
>
>Two possibilities come immediately to mind:
>
>1. If you can easily test for a local user in a string expansion (e.g.
>search /etc/passwd), you can put something like this on the transport
>
> user = ${lookup{$local_part}lsearch{/etc/passwd}{$local_part}{guest}}
>
>

It may be possible to do something like that. Never really thought of
it... Actually, right now the MX is also NIS master and has all users in
its /etc/passwd, so the above should work. It would be even better if
the user could be looked up using getpwnam() like (as far as I
understand) check_local_user does, though. Do you know if that's possible?

>This will be particularly easy if all your non-users take a particular
>form, e.g. contain hyphens (as in your example).
>
>2. Otherwise, you may have to have two different redirect routers, one
>with only local users in the alias file, and one without. Then you can
>use two different transports.
>
>

Yes. It also occurred to me after writing the last message that it might
be acceptable to have user=guest for all aliasfiles lookups, as long as
there is a different pipe transport for .forward/filter files. I
actually tried to draw a somewhat simplified picture with the above
example; what we *really* have is

1.

scu-archive: "|/usr/bin/mhonarc <and so on>"
in /etc/aliases

2.

~ks/.forward containing
# Exim filter
unseen noerror pipe /usr/bin/mhonarc <and so on>

and similar for other users, i.e. most pipes for real users are set up
via .forward so it could be OK to run the ones from aliases under a
special id. Maybe I would be defining non-standard behaviour for
/etc/aliases that way, though, and I'm not 100% happy with that...