[exim] Urgent problem with exim, php and apache ("unable to…

Top Page
Delete this message
Reply to this message
Author: Karim 'Kasi Mir' Senoucci
Date:  
To: exim-users
Subject: [exim] Urgent problem with exim, php and apache ("unable to set gid/uid" error)
Hello all,
I recently updated one of my servers - it's now running Ubuntu Linux
14.04.1 server. The exim running is 4.82, the apache calls itself:

> Apache/2.4.10 (Unix) mpm-itk/2.4.7-02 OpenSSL/1.0.1f PHP/5.5.16


My problem is that since the update, I cannot send mail via PHP's mail
function anymore. PHP logs no error, but exim writes

> unable to set gid=1002 or uid=0 (euid=0): forcing real = effective


(1002 is the apache group)

The thing is: ecactly the same PHP script is running fine from the
console even if I log in as the user (and group) of the apache
webserver. It just doesn't work from within apache/php.

What is the problem here? The debug output for the web-based try is
fairly short:

> Exim version 4.82 uid=1308 gid=1002 pid=2701 D=fbb95cfd
> Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
> Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM
> Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm 
> dbmjz dbmnz dnsdb dsearch nis nis0 passwd
> Authenticators: cram_md5 plaintext
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
> Fixed never_users: 0
> Size of off_t: 8
> Compiler: GCC [4.8.2]
> Library version: GnuTLS: Compile: 2.12.23
>                          Runtime: 2.12.23
> Library version: PCRE: Compile: 8.31
>                        Runtime: 8.31 2012-07-06
> Total 13 lookups
> WHITELIST_D_MACROS: "OUTGOING"
> TRUSTED_CONFIG_LIST: "/etc/exim4/trusted_configs"
> LOG: MAIN PANIC DIE
>   unable to set gid=1002 or uid=0 (euid=0): forcing real = effective
> search_tidyup called
> >>>>>>>>>>>>>>>> Exim pid=2701 terminating with rc=1 >>>>>>>>>>>>>>>>


The console-based try (which succeeds) is pages and pages of debug
output, I'll include the line up to the first difference:

> exec /usr/sbin/exim4 -d=0xfbb95cfd -Mc 1XWMlR-0000dk-Aa
> Exim version 4.82 uid=106 gid=113 pid=2466 D=fbb95cfd
> Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
> Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM
> Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm 
> dbmjz dbmnz dnsdb dsearch nis nis0
>  passwd
> Authenticators: cram_md5 plaintext
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
> Fixed never_users: 0
> Size of off_t: 8
> Compiler: GCC [4.8.2]
> Library version: GnuTLS: Compile: 2.12.23
>                          Runtime: 2.12.23
> Library version: PCRE: Compile: 8.31
>                        Runtime: 8.31 2012-07-06
> Total 13 lookups
> WHITELIST_D_MACROS: "OUTGOING"
> TRUSTED_CONFIG_LIST: "/etc/exim4/trusted_configs"
> changed uid/gid: forcing real = effective
>   uid=0 gid=113 pid=2466
>   auxiliary group list: <none>


uid=0 is of course root, gid=113 is "Debian-exim", the default group for
exim. So, from what I gather, exim tries to become root:Debian-exim, and
succeeds from the console but fails from within apache. Why? The exim4
executable has the properpermissions:

> -rwsr-xr-x 1 root root 983296 Feb 25 2014 /usr/sbin/exim4


Why doesn't this work when exim is called via apache/php? What can I do
to get PHP mail() working again with exim?

Any help is appreciated; I'm banging my head against the wall here.

Greetings
Kasi Mir