Re: [Lurker-users] Permissions errors
Brought to you by:
terpstra
Menu
▾
▴
Re: [Lurker-users] Permissions errors
|
From: Gerald L. <ger...@sy...> - 2009-09-20 22:47:50
|
On Sat, 19 Sep 2009 21:49:02 +0200 "Wesley W. Terpstra" <we...@te...> wrote: > On Sat, Sep 19, 2009 at 3:01 AM, Gerald Livingston > > > > #!/bin/bash > > echo $LOGNAME >> /home/testlogname > > > > I made it 777 > > > > I made /home/testlogname 666 > > > > I changed my aliases file to > > > > bska-archive: "| /home/bska-archive/elogname" > > > > I sent a message. It caused the script to write > > > > bska-archive > > > > into the log file./home/bska-archive/elogname > > I then created another alias > > > > supertest: "| /home/bska-archive/elogname" > > > > supertest does not exist as a real user on the system. > > > > It still wrote "supertest" into /home/testlogname so it is calling > > the script as the user to whom the message is sent. > > > > If the user supertest does not exist, clearly the printing of > supertest means something is wrong. You can't possibly have executed > something as a non-existant user. I can only conclude that whatever > program you're using to deliver mail is NOT changing user. > > A better test would be to make your sell script: > "touch /tmp/test-file". Then run it and see who > created/owns /tmp/test-file. nobody:nogroup postfix runs chroot by default on a Debian install <sigh>. It passes the part of the email address before the "@" as $LOGNAME to external scripts. Making it not chroot would break a lot of other stuff. LDA's like procmail require a local user so they can get around the chroot. I'm using ecartis as a mailing list manager and it "just works" with nothing but aliases. list1: "|/usr/lib/ecartis/ecartis -s list1" It has to be able to write things like the member database files and temporary files for redelivering emails. I still don't quite understand why it works but lurker does not. I'll keep picking at it as time permits. Gerald |
