Ian FREISLICH <if@???> wrote:
> "Odhiambo G. Washington" wrote:
[...]
>> > R=local_user T=mail_spool defer (13): Permission denied: creating lock
>> > file hitching post /var/mail/muz.lock.Muz-linux.41f62d04.00000957
>> > (euid=1004 egid=8)
>> >
>> > What is the Permission I have set incorrectly?
>> chmod 1777 /var/mail
> That effectively makes /var/mail another temporary directory. Why
> not deliver as group mail and make /var/mail mode 770 and owned by
> root.mail:
> local_delivery:
> driver = appendfile
> ...
> group = mail
> ...
> Maybe it's not such a security problem for you if you don't have
> local users.
[...]
This entirely depends on how the other programs are installed. For
(NFS-)safe locking IIRC (please correct me if I am wrong) the programs
(MUA like mutt or pine, pop server, procmail,...) need write
permissions to the directory. You can either have /var/mail be 0770
root:mail and the programs be SGID mail (or invoke a SGID helper
binary for locking) or you can have /var/mail 4777 without any SGID.
(e.g. Debian's policy is 0770 and any theprograms are configured
accordingly by default.)
cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
http://downhill.aus.cc/