At 3:58 PM -0400 9/26/07, Jerry Yeager imposed structure on a stream
of electrons, yielding:
In running the various 1.0.n versions of Dovecot's LDA with the
instructions in the wiki for using LDA with Postfix [on OS X 10.4]
things went well using the instructions as-is (no setuid problems).
This changed in moving over to the 1.1 beta. The LDA refused to work
failing with the error "setgroups() failed: Operation not permitted"
as I mentioned in a previous message.
That looks like a bug. A program that calls setgroups() must be
running as root. It seems to me that a code path leading to such a
call should probably be able to identify that issue before the call
and provide a better failure message than translating EPERM into its
standard meaning....
The interesting question would be: why does deliver want to call
setgroups() at all?
After reading the exchange between Bill Cole and Rich Winkel and
following up on this, it seems that the new 1.1b wants you to give
the Deliver app specific setuid permission via:
cd /path/to/where/dovecot's/deliver/is
sudo chmod u+s deliver
Then things worked as before. There was no need to give the group
's' permission nor to change ownership of deliver from the default
root:staff or root:wheel or whomever... . The error message seems
odd though.
I am not sure if, overall, this means there is a problem in Dovecot
1.0.n or that things are being tightened up in 1.1b.
Thanks Bill and Rich for the tip!
I'd love to take credit, but I thought that was about the LDA with
Sendmail, which is rather different, and Rich was running 1.0.3...
In any event, I won't go so far as to say that running deliver as
setuid root is actively dangerous, but it feels wrong to me and I
wouldn't do it. That may be from too much exposure to bizarre attacks
through delivery agents in the Dark Ages.
That it works without being setuid on Linux is a touch odd.
--
Bill Cole
[EMAIL PROTECTED]