Re: [exim] MacOS development was Re: After upgrade to Exim 4…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Lasse Törngren
Date:  
À: Andrew C Aitchison, exim-users
CC: Martin D Kealey
Sujet: Re: [exim] MacOS development was Re: After upgrade to Exim 4.95 or 4.96: "setgroups: Invalid argument"
Hello Andrew,



I use this since at least Mac OS X 10.11, probably longer. Maybe it works also on Snow Leopard:



dscl . -create /Users/exim

dscl . -create /Users/exim UniqueID 90

dscl . -create /Users/exim RealName "Exim user"

dscl . -create /Users/exim PrimaryGroupID 6

dscl . -create /Users/exim PASSWORD "*"



Best regards

Lasse



Från: Andrew C Aitchison <exim@???>
Datum: onsdag 28 september 2022 16:21
Till: <exim-users@???>
Kopia: Martin D Kealey <martin@???>, <lasse.torngren@???>
Ämne: MacOS development was Re: [exim] After upgrade to Exim 4.95 or 4.96: "setgroups: Invalid argument"



On Tue, 20 Sep 2022, Martin D Kealey via Exim-users wrote:



Lasse Törngren <lasse.torngren@???> wrote:



I am using a couple of Macs as servers, and has one server running MacOS

Mojave and Exim 4.94 without any issue.



I have tried to upgrade to Exim 4.95 on this machine, and to Exim 4.96 on

a new server that I am setting up with MacOS Big Sur. On both servers I get

Exim Panic with “setgroups: Invalid argument” at local (virtual) delivery.





Disclaimers:

1. There's currently no support for MacOS because there are no active

developers with access to that platform.

2. I don't have access to anything running MacOS, so I can only offer

general guidance.



I have got my hands on a 2007 Mac Book Pro running Snow Leopard and

i686-apple-darwin10-gcc-4.2.1 (GCC) 4.2.1 (Apple Inc. build 5666) (dot 3)



I have successfully built pcre2, but cannot build exim until

I have an "exim" user on the machine*.

How do I create a *system* user to a Mac ?



* Yes I *could* *build* exim without an exim user,

but I would not be able to *test* the executable ...



If you know your way around C code and would like to help, I'd encourage

you to join the exim-dev list, and discuss a possible fix, with a view to

incorporating it in the next Exim release, and reinstating support for

MacOS.



I will move this discussion there.



Does anyone know that Snow Leopard is too old to be useful ?

There is a newer mac in the house, though it is used, unlike the

Snow Leopard machine we unpacked from storage.



The message “*setgroups: Invalid argument*” originates from one of the

functions `priv_drop_temp` and `priv_restore` in the source file `

src/src/priv.c`, which was a new addition for the 4.95 release. (I would

start by patching the messages so you can see which of those two functions

is failing.)



It might also be informative to explore the versions of those functions

implemented in sshd, and see if they've been patched to cope with setgroups

behaviour on MacOS.



In the meantime, if you write a wrapper that starts Exim with an empty

supplementary group set, that might alleviate some of the problems.



I note that in the source file `src/src/exim.c` circa line 3943 it has `

setgroups` gated thus:

```



#ifndef OS_SETGROUPS_ZERO_DROPS_ALL

    && setgroups(0, NULL) != 0


#endif

    && setgroups(1, group_list) != 0




```

which suggests that the same conditional logic should be applied in `

src/src/priv.c`.



Lasse and I have tried that and also established

that the process has 20+ supplementary group permissions

which is more than NGROUPS_MAX on Snow Leopard

(not sure what it is on his machine:

     egrep NGROUPS_MAX /usr/include/sys/syslimits.h


should tell us ).



--

Andrew C. Aitchison                      Kendal, UK


                    andrew@???