Re: [exim] problem in system_aliases router

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Toralf Lund
CC: exim-users
Subject: Re: [exim] problem in system_aliases router
On Wed, 26 Jan 2005, Toralf Lund wrote:

> 13:07:54 135071 expanding: ${lookup{$local_part}lsearch{/etc/aliases}}
> 13:07:54 135071    result: :include:/usr/local/etc/mail.jokes
> 13:07:54 135071 expanded: :include:/usr/local/etc/mail.jokes
> 13:07:54 76363 LOG: MAIN PANIC DIE
> 13:07:54 76363   unable to set gid=4 or uid=998 (euid=93): system_aliases
> router (recipient is jokes...)
> 13:07:54 76363 SMTP>> 421 Unexpected failure, please try later

>
> - that's for a slightly different address from the one mentioned earlier, but
> one that's configured in the same manner.
>
> This leads me to believe that Exim does try to execute under the ids specified
> via "user" and "group", but somehow fails. I think the problem goes away if I
> remove these settings, so I'm now trying to find out if that has any undesired
> side effects. Comments?


That leads me right to the answer, which of course I should have known,
but it did not spring to mind right away.

The answer is that if you specify a user for a redirect router, Exim
insists on using it when reading an :include: file. This means that you
cannot use :include: with a user setting for verification, because at
that time, Exim is running as "exim", and it cannot change uid. (It
might work if you set user=exim.)

The only solutions you have are (a) don't specify the user (or try
user=exim); or (b) don't use :include:, at least not when verifying. You
could set up two different routers, one for verifying and one for
delivering, though that's a bit messy.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book