On Thu, Nov 24, 2005 at 07:17:54PM +1100, the unit calling itself Ian McWilliam
wrote:
> >
> >Perhaps some fwd progress... got cert & key files installed, but I am
> >bombing during the authentication process. Following is part of the
> >debug output from my client. I double-checked the password value, and
> >it's correct (changed here, but my client's log shows it correctly).
> >
> >The culprit seems to be the "group not found" error... WTF, O??
> >
> >23:17:13.312 << 0009 USER jm\0D\0A
> >23:17:13.359 >> 0005 +OK\0D\0A
> >23:17:13.359 << 0017 PASS abcdefghij\0D\0A
> >23:17:13.500 >> 0033 -ERR [SYS/TEMP] group not found\0D\0A
> >23:17:20.718 << 0006 QUIT\0D\0A
> >23:17:20.718 18: SSL read error -41 (locus 0, type 0, code 0, 'No data
> >was read because the remote system closed the connection (recv() ==
> >0)')
> >--- Connection closed normally at Wed, 23 Nov 2005 23:17:20. ---
> >
>
> OK, It looks like the port needs some work as it doesn't handle the
> default group name.
>
> main.c:# define DEFAULT_GROUP_NAME "mail"
>
> It appears that this can be changed with a command line arg.
It can - that's how I finally got it to work. According to man akpop3d,
-g groupID does it. (and apparently I'm confused - I thought group ID
was the number, but akpop3d wants the group name, ... whatever)
> main.c: case 'g': group_name = optarg; break;
>
> It looks like the groupname is used as an argument to lock the users
> mail box.
>
> pop3_session.c.orig: g_inf = getgrnam("mail");
> pop3_session.c.orig: if (g_inf==NULL) {
> pop3_session.c.orig: if (setegid(g_inf->gr_gid)!=0 && real_username
> [0] == 0) {
> pop3_session.c.orig: syslog(LOG_ERR,"%s: %u: %s","setegid()
> failed",g_inf->gr_gid,strerror(errno));
> pop3_session.c.orig: if (setgid(g_inf->gr_gid)!=0 && real_username
> [0] == 0) {
> pop3_session.c.orig: syslog(LOG_ERR,"%s: %u: %s","setgid()
> failed",g_inf->gr_gid,strerror(errno));
> pop3_session.c.orig: if ((rc=lock_maildrop(maildrop,u_inf-
> >pw_uid,g_inf->gr_gid))<=0)
>
> yup, it then fchowns the lock file
>
> lock_maildrop.c: fchown(fd,uid,gid);
>
> So I would assume on other unix systems /var/mail is group mail by
> default, maybe??.
That may be... I checked a FreeBSD and a Linux (Fedora) box - both
listed "mail" as the group for /var/mail. So OpenBSD would appear to be
in a minority position.
> if you want to add mail to the /etc/group file
>
> man -k groupadd
>
> groupadd (8) - add a group to the system
I thought about this, but wouldn't you actually have to change group
ownership of /var/mail to group "mail" for this to make any difference?
And if you did this, wouldn't you risk breaking something else?
Thanks for the insight,
Jay
