Hello Andrew,
I use this since at least Mac OS X 10.11, probably longer. Maybe it works also on Snow Leopard:
dscl . -create /Users/exim
dscl . -create /Users/exim UniqueID 90
dscl . -create /Users/exim RealName "Exim user"
dscl . -create /Users/exim PrimaryGroupID 6
dscl . -create /Users/exim PASSWORD "*"
Best regards
Lasse
Från: Andrew C Aitchison <exim@???>
Datum: onsdag 28 september 2022 16:21
Till: <exim-users@???>
Kopia: Martin D Kealey <martin@???>, <lasse.torngren@???>
Ämne: MacOS development was Re: [exim] After upgrade to Exim 4.95 or 4.96: "setgroups: Invalid argument"
On Tue, 20 Sep 2022, Martin D Kealey via Exim-users wrote:
Lasse Törngren <lasse.torngren@???> wrote:
I am using a couple of Macs as servers, and has one server running MacOS
Mojave and Exim 4.94 without any issue.
I have tried to upgrade to Exim 4.95 on this machine, and to Exim 4.96 on
a new server that I am setting up with MacOS Big Sur. On both servers I get
Exim Panic with “setgroups: Invalid argument” at local (virtual) delivery.
Disclaimers:
1. There's currently no support for MacOS because there are no active
developers with access to that platform.
2. I don't have access to anything running MacOS, so I can only offer
general guidance.
I have got my hands on a 2007 Mac Book Pro running Snow Leopard and
i686-apple-darwin10-gcc-4.2.1 (GCC) 4.2.1 (Apple Inc. build 5666) (dot 3)
I have successfully built pcre2, but cannot build exim until
I have an "exim" user on the machine*.
How do I create a *system* user to a Mac ?
* Yes I *could* *build* exim without an exim user,
but I would not be able to *test* the executable ...
If you know your way around C code and would like to help, I'd encourage
you to join the exim-dev list, and discuss a possible fix, with a view to
incorporating it in the next Exim release, and reinstating support for
MacOS.
I will move this discussion there.
Does anyone know that Snow Leopard is too old to be useful ?
There is a newer mac in the house, though it is used, unlike the
Snow Leopard machine we unpacked from storage.
The message “*setgroups: Invalid argument*” originates from one of the
functions `priv_drop_temp` and `priv_restore` in the source file `
src/src/priv.c`, which was a new addition for the 4.95 release. (I would
start by patching the messages so you can see which of those two functions
is failing.)
It might also be informative to explore the versions of those functions
implemented in sshd, and see if they've been patched to cope with setgroups
behaviour on MacOS.
In the meantime, if you write a wrapper that starts Exim with an empty
supplementary group set, that might alleviate some of the problems.
I note that in the source file `src/src/exim.c` circa line 3943 it has `
setgroups` gated thus:
```
#ifndef OS_SETGROUPS_ZERO_DROPS_ALL
&& setgroups(0, NULL) != 0
#endif
&& setgroups(1, group_list) != 0
```
which suggests that the same conditional logic should be applied in `
src/src/priv.c`.
Lasse and I have tried that and also established
that the process has 20+ supplementary group permissions
which is more than NGROUPS_MAX on Snow Leopard
(not sure what it is on his machine:
egrep NGROUPS_MAX /usr/include/sys/syslimits.h
should tell us ).
--
Andrew C. Aitchison Kendal, UK
andrew@???
