Hi Ingo,
You don't need to do that.
Just make a seperate file for the nagios alias and make it owned by the
correct user and group. Postfix local agent should then deliver mail
with the perms of the alias file.
From man 8 local:
*DELIVERY RIGHTS*
Deliveries to external files and external commands are
made with the rights of the receiving user on whose behalf
the delivery is made. In the absence of a user context,
the *local*(8) <http://www.postfix.org/local.8.html> daemon uses the
owner rights of the *:include:*
file or alias database. When those files are owned by the
superuser, delivery is made with the rights specified with
the *default_privs
<http://www.postfix.org/postconf.5.html#default_privs>* configuration parameter.
I have done this before for this exact problem and it works fine
dave
Ingo Lantschner wrote:
Hello,
I am using Ubuntu Server 6.06 as base os for a Nagios systemmonitor.
Yesterday I was looking for a way to feed alerts send as emails from
RAID-controllers like 3ware. First it was quite simple: Adding a line to
/etc/aliases
nagios: "|/usr/local/nagios/libexec/eventhandlers/handle-RAID-mail"
Writing the script was not the problem, but the permissions were. Nagios
uses a pipe which is for obvious reasons not writable by nobody:nogroup.
In order to get around this problem I changed the user runing "local":
$ sudo postconf -e default_privs=nagios
Now the emails go straight into Nagios.
BUT: What are the security implications of tampering with the
permissions of postfix? Any input is welcome - tia Ingo.
--
ubuntu-server mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
