Re: [exim] Problem with exim-4.74 + mailman

Wed, 09 Feb 2011 07:11:56 -0800 

On Wed, 9 Feb 2011 13:59:34 +0100 Heiko Schlittermann wrote:
> Frank Elsner <frank.els...@tu-berlin.de> (Wed Feb  9 13:15:20 2011):
> > On Wed, 9 Feb 2011 07:00:34 -0500 Phil Pennock wrote:
> > 
> >   [ ... ]
> > 
> > > You didn't read README.UPDATING or the announcement for 4.73?
> > 
> > Yes, maybe I misunderstand it :-(
> > 
> >   [ ... ]
> > 
> > > See README.UPDATING for more.
> > 
> > |  * The Exim run-time user can no longer be root; this was always
> > |    strongly discouraged, but is now prohibited both at build and
> > |    run-time.  If you need Exim to run routinely as root, you'll need to
> > |    patch the source and accept the risk.  Here be dragons.
> > 
> > I have EXIM_USER=ref:exim in Local/Makefile. 
> > User "exim" is uid 103 in /etc/passwd.
> > 
> > But the binary is 
> > 
> > -rwsr-xr-x   1 root     root      864428 Feb  9 11:27 exim-4.74
>  
> > Setuid to bind to port 25, I guess? Or should I remove it?
> 
> If started by root, it doesn't matter. Exim should change it's euid
> after binding to the port.
> 
> How is your exim started? Using some -C oder -D option?
> 
> As far as I understand, the suid bit is used to change the euid/egid to 
> whatever for 
> local transports.
> 
> The config file is not owned by your exim user?
> 
> If you add the "pid" logselector, you should see, that a new process is
> forked for delivery.
> 
> I did a short test (using 4.74)
 
[ ... ]

I've found a difference between 4.69 and 4.74:

Exim version 4.69 uid=0 gid=0 pid=23817 D=fbb95cfd
 ..
seeking password data for user "exim": using cached result
getpwnam() succeeded uid=103 gid=1
seeking password data for user "mailman": cache not available
getpwnam() succeeded uid=126319 gid=104

Exim version 4.74 uid=0 gid=0 pid=23866 D=fbb95cfd
 ..
admin user
seeking password data for user "exim": cache not available
getpwnam() succeeded uid=103 gid=1
seeking password data for user "exim": using cached result
getpwnam() succeeded uid=103 gid=1
seeking password data for user "104": cache not available
seeking password data for user "104": cache not available
seeking password data for user "exim": using cached result
getpwnam() succeeded uid=103 gid=1


The /etc/passwd entries are

exim:x:103:1::/home/exim:/bin/sh
mailman:x:126319:104:The MailMan:/opt/mailman:/bin/false

Should I change the config file from MAILMAN_USER    = 104
                                  to MAILMAN_USER    = 126319 ???


--Frank Elsner

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to