Re: [exim] Problem with exim-4.74 + mailman

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Heiko Schlittermann
Datum:  
To: exim-users
Betreff: Re: [exim] Problem with exim-4.74 + mailman
Frank Elsner <Frank.Elsner@???> (Wed Feb 9 13:15:20 2011):
> On Wed, 9 Feb 2011 07:00:34 -0500 Phil Pennock wrote:
>
> [ ... ]
>
> > You didn't read README.UPDATING or the announcement for 4.73?
>
> Yes, maybe I misunderstand it :-(
>
> [ ... ]
>
> > See README.UPDATING for more.
>
> |  * The Exim run-time user can no longer be root; this was always
> |    strongly discouraged, but is now prohibited both at build and
> |    run-time.  If you need Exim to run routinely as root, you'll need to
> |    patch the source and accept the risk.  Here be dragons.

>
> I have EXIM_USER=ref:exim in Local/Makefile.
> User "exim" is uid 103 in /etc/passwd.
>
> But the binary is
>
> -rwsr-xr-x   1 root     root      864428 Feb  9 11:27 exim-4.74


> Setuid to bind to port 25, I guess? Or should I remove it?


If started by root, it doesn't matter. Exim should change it's euid
after binding to the port.

How is your exim started? Using some -C oder -D option?

As far as I understand, the suid bit is used to change the euid/egid to whatever for
local transports.

The config file is not owned by your exim user?

If you add the "pid" logselector, you should see, that a new process is
forked for delivery.

I did a short test (using 4.74)

    MM_USER = 12
    MM_GROUP = 12


  ---- router
    mm:
      driver = accept
      domains = +vmail_domains
      local_parts = xxx
      transport = pipi


   ---- transport
    pipi:
      driver = pipe
      command = /bin/sh -c "/bin/cat >/tmp/xxx"
      current_directory = /tmp
      home_directory = /tmp
      log_fail_output
      user = MM_USER
      group = MM_GROUP


And it worked. The file created is owned by uid/gid 12.


--
Heiko