[exim] Running exim daemon without any root privileges

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Bernd Jendrissek
Date:  
À: exim-users
Sujet: [exim] Running exim daemon without any root privileges

I want to set up an exim listening process to capture emails after
another host has transmogrified them in some way. Our product is an
"email branding" server, and I'm setting up an automated test harness to
check that our transmogrifier performs the correct transformations.

The intention is to have a test "master" that both sends input emails to
the transmogrifier, and accepts the latter's output to compare against
the expected output. I've already set the transmogrifier to return its
output to the test master via port 7357, and now I need to accept them
on that port. That's simple enough with daemon_smtp_port, but I also
need to convince exim (on the test master) not to expect any root
privileges. Fine, I could use exim_user = bernd, but then my colleague
charles needs his own copy of this config file. I thought I could use
exim_user = $caller_uid, but exim complains:
seeking password data for user "$caller_uid": cache not available
getpwnam() returned NULL (user not found)
What to do?

Here is my complete config file so far. I'm using exim 4.67 from
Ubuntu/Gutsy. This actually does what I want it to, except the config
isn't portable:

never_users = root
host_lookup = !*
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 8h
helo_accept_junk_hosts = *
smtp_accept_max = 200
smtp_accept_queue_per_connection = 25
log_selector = +sender_on_delivery +smtp_confirmation
message_size_limit = 32M
preserve_message_logs = false
exim_user = bernd
exim_group = bernd
log_file_path = @localstatedir@/log/exim_%s    # for make-time substitution
spool_directory = /tmp/
daemon_smtp_port = 7357
acl_smtp_rcpt = acl_check_rcpt


begin acl
acl_check_rcpt:
accept

begin routers

feedback:
driver = accept
transport = feedback
no_more

begin transports

feedback:
  driver = pipe
  command = sh -c "cat >>/tmp/feedback"    # to be elaborated later with 
perl, diff, etc.


begin retry

*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h