jean-paul natola wrote:
>
*Snip*
>> Do an:
>>
>> ls -lFG /var/log/exim
>>
>> And see who 'owns' the log files, plus insuring that there are no subdirs
>> of same.
>
> it appears the both logs are owned by the same
>
> milter# ls -lFGh /var/log/exim
> total 9968
> -rw-r--r-- 1 root mail 1.3M Oct 24 22:50 1
> -rw-r----- 1 mailnull mail 268K Jan 5 16:23 mainlog
> -rw-r----- 1 mailnull mail 914K Jan 5 10:51 mainlog.0.gz
> -rw-r--r-- 1 root mail 0B Nov 9 10:16 p5-Mail-SpamAssassin-3.1.7
> -rw-r----- 1 mailnull mail 470K Jan 5 15:33 paniclog
> -rw-r----- 1 mailnull mail 1.3M Jan 5 16:23 rejectlog
> -rw-r----- 1 mailnull mail 5.3M Jan 5 10:51 rejectlog.0.gz
>
Note that:
non-root user:group, other than mailnull:mail, do NOT have read access in your
environment (mine DO allow 'read' for the mailing-team user group).
Presuming that you are running either grep or exigrep as root may not be enough.
I am by no means the expert, as - these tests aside - I always use grep myself,
not exigrep.
But I suspect that exigrep *might* drop root privs even if invoked by the root
user. Some other Exim-ish stuff does so.
Marc?
- grep, BTW, definitely makes no such move.
Bill
