Re: [exim] Apache executing Exim

On Wed, Mar 23, 2005 at 10:54:38AM +0000, Brian Candler wrote:
> Assuming that your CGI is doing a fork/exec of exim, another solution is
> temporarily to replace exim with a script which makes a note of what its
> parent is, which at that instant should be the CGI itself. This means you
> don't have to touch the scripts themselves.
>
> Example (untested): if you are invoking /usr/exim/bin/exim, move it out of
> the way and replace it with
>
> #!/bin/sh
> echo "I am $$, parent is $PPID: `ps -p $PPID`" >>/tmp/exim.log
> exec /usr/exim/bin/exim-4.50-1 "$@"

Actually, you should be able to do this in a lot less risky fashion within
exim itself using ${run} in the non-SMTP ACL. By the time you run it then
the CGI will be the grandparent (if the log command is run directly) or
great grandparent (if run within a shell), so your version of ps must be
able to show the ancestor processes. (Exim has a $pid variable but not
$ppid unfortunately).

Under FreeBSD there is sysutils/pstree in ports, and once installed you can
do:

acl_not_smtp = acl_show_source

[under 'begin acl']
acl_show_source:
warn log_message = Called from ${run {/usr/local/bin/pstree -p $pid} {$value} }

accept

The output isn't pretty once it's found it's way into exim's logs, but it
does show you the relevant bit of process tree.

Regards,

Brian.