At 04:15 PM Wednesday 3/31/99, [EMAIL PROTECTED] wrote:
>Hello,
>I built qmail V1.03 on a Solaris 2.5.1 (SPARC) machine.
>All went well, but when I tried to do some tests, a strange behaviour
>appeared. I was successfully able to do a local-to-local delivery running
>the following command as "pv" (a local non-privileged username):
>
> echo to: pv | /var/qmail/bin/qmail-inject
>
>But when I tried to run the same command as root, it failed with the
>message:
>
> qmail-inject: fatal: qq trouble in home directory (#4.3.0)
>
>I looked into the syslog file: nothing.
>
>I traced the run with truss(1), with the following command:
>
> truss -iafe sh -c 'echo to: pv | /var/qmail/bin/qmail-inject' 2>&1
>
>and this is (part of) the output:
>1244: chdir("/usr/local/qmail") = 0
>1248: chdir("/usr/local/qmail") = 0
>1248: execve("bin/qmail-queue", 0x0002A530, 0xEFFFFD8C) argc = 1
>1248: *** SUID: ruid/euid/suid = 0 / 500 / 500 ***
>1248: chdir("/usr/local/qmail") Err#13 EACCES
>1248: _exit(61)
>% ls -lad / /usr /usr/local /usr/local/qmail
>drwxr-sr-x 23 root root 1024 Mar 31 11:25 /
>drwxrwxr-x 31 root sys 1024 Oct 20 1997 /usr
>drwx--lr-x 17 root sys 512 Mar 29 11:19 /usr/local
>drwxr-xr-x 10 root qmail 512 Mar 30 13:04 /usr/local/qmail
Is root in the supplementary group sys?
Do this:
# chmod g+rx /usr/local
(Given you have o=rx, I'm assuming you don't mind the permission issue of g+rx)
Supplementary groups are not relinquished when a setuid program executes and
group 'sys' has no access to /usr/local
If you cannot g+rx, you'll need to move the qmail directory out from
underneath /usr/local
That's my first guess anyway, it's been a while since I've look at this sort
of thing in great detail.
Regards.
