Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Sun, 1 Sep 2002 16:33:00 +0800 From: Greg Matheson To: cygwin AT cygwin DOT com Subject: Re: Exim permissions Message-ID: <20020901163300.A31128@ms> Mail-Followup-To: cygwin AT cygwin DOT com References: <20020830182247 DOT B21574 AT ms> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020830182247.B21574@ms>; from lang@ms.chinmin.edu.tw on Fri, Aug 30, 2002 at 18:22:47 +0800 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id g818Ts220424 Basically this is the same email as before about trying to get exim working with some references from exim documentation thrown in ;-) Here is section 47.1 from the exim manual about permissions exim runs under. The Exim binary is normally setuid to root, which means that it gains root privilege (runs as root) when it starts execution. In some special cases (for example, when the daemon is not in use and there are no local deliveries), it may be possible to run Exim setuid to some user other than root. ... It is not necessary to be root to do any of the other things Exim does, such as receiving messages and delivering them externally over SMTP, and it is obviously more secure if Exim does not run as root except when necessary. For this reason, a user and group for Exim to use must be defined in Local/Makefile. These are known as .the Exim user ・ and .the Exim group・. Their values can be changed by the run time configuration, though this is not recommended. Often a user called exim is used, but some sites use mail or another user name altogether. So if this hasn't been changed in configure, exim_user and exim_group are Everyone (uid=0). This is what was specified in Pierre Humblet's build, according to exim -bP. Exim uses setuid() whenever it gives up root privilege. This is a permanent abdication; the process cannot regain root afterwards. ... If the process is not a daemon process or a queue runner process or a delivery process or a process for testing address routing (started with -bt), the uid and gid are changed to the Exim user and group. This means that Exim always runs under its own uid and gid when receiving messages.... For a daemon, queue-runner, delivery, or address testing process, the uid remains as root at this stage, but the gid is changed to the Exim group. So whatever the uid is at the point where exim is creating directories in the spool for receiving messages, I think that, other than for log, it is creating them under Everyone group, because this is the gid it is running under. Everyone is uid=0, gid=0. This may be the reason for this error message: 2002-09-01 06:20:14 H1PC6P-00021O-00 unable to set gid=0 or uid=0 (euid=500): remote delivery to lang AT ms DOT chinmin DOT edu DOT tw with transport=remote_smtp 2002-09-01 06:20:14 H1PC6P-00021O-00 == lang AT ms DOT chinmin DOT edu DOT tw R=dnslookup T=remote_smtp defer (-1): smtp transport process returned non-zero status 0x0100: exit code 1 uid=500 is Administrator. But wait, Is exim trying to become Everyone here, or root, to deliver the mail? The exim binary is not setuid to root, so exim must be running without root privileges, having been called by a non-privileged user. Or have I completely misunderstood here? I thought Administrator=root, and cygwin took care of these issues. On the other hand, ... I wonder if my problem is I don't have a user root, as in C:\cygwin\usr\doc\cygwin-doc-1.1\html\cygwin-ug-net\ntsec.html Back to permissions, in 4.4 of the exim manual, There are three settings that you must supply, because Exim will not build without them. They are the location of the run time configuration file (CONFIGURE_FILE), the directory in which Exim binaries will be installed (BIN_DIRECTORY), and the identity of the Exim user (EXIM_USER and maybe EXIM_GROUP as well). There are a few other parameters that can be specified either at build time or at run time to enable the same binary to be used on a number of different machines. However, if the locations of Exim・s spool directory and log file directory (if not within the spool directory) are fixed, it is recommended that you specify them in Local/Makefile instead of at run time, so that errors detected early in Exim・s execution (such as a malformed configuration file) can be logged. This second paragraph suggests Exim's log files are created as quickly as possible, even before the setgid to exim_group. This assumption is consistent with the group permission of None for /usr/local/exim/spool/log, different than the Everyone group permission for /usr/local/exim/spool/input. Administrator AT AFLD-SERVER /usr/local/exim $ ls -al spool total 20 drwxr-xr-x 6 Administ None 0 Aug 31 17:50 . drwxr-xr-x 3 Administ None 4096 Aug 31 12:38 .. drwxr-x--- 2 Administ Everyone 4096 Aug 30 16:54 db drwxr-x--- 2 Administ Everyone 12288 Sep 1 10:35 input drwxr-xr-x 2 Administ None 0 Aug 30 17:22 log drwxr-x--- 2 Administ Everyone 0 Aug 31 17:56 msglog But the FAQ Q0044 says that the spool directory and all subdirectories should be 750. And the owner and group should be the exim_user (and exim_group). The group permission of the spool and exim directories are both None. The owner is Administrator. The executable is: Administrator AT AFLD-SERVER /usr/local/bin $ ls -al exim lrwxrwxrwx 1 Administ None 110 Aug 30 14:33 exim -> exim-4.10-3.exe $ ls -al exim-4.10-3.exe -rwxr-xr-x 1 Administ None 473088 Jul 25 12:08 exim-4.10-3.exe Note no suid bit set. Is this the way it should be? On ownership of the spool, 4.14 says: When it starts up, Exim tries to create its spool directory if it does not exist. The Exim uid and gid are used for the owner and group of the spool directory. Sub-directories are automatically created in the spool directory as necessary. Now, when exim accepts a message, it puts it in a queue in spool/input. Administrator AT AFLD-SERVER /usr/local/exim/spool $ ls -al input ls: input/H1P6KR-0001XG-00-H: No such file or directory total 17 drwxr-x--- 2 Administ Everyone 12288 Sep 1 10:35 . drwxr-xr-x 6 Administ None 0 Aug 31 17:50 .. -rw------- 1 Everyone Everyone 34 Aug 31 17:40 H1PC6P-00021O-00-D -rw------- 1 Everyone Everyone 839 Sep 1 10:20 H1PC6P-00021O-00-H -rw------- 1 Everyone Everyone 0 Aug 31 17:50 H1PC6P-00021O-00-J -rw-r--r-- 1 Administ SYSTEM 63 Aug 31 17:56 H1PCY3-000210-00-D -rw------- 1 Everyone Everyone 1036 Sep 1 10:35 H1PCY3-000210-00-H -rw------- 1 Everyone Everyone 0 Aug 31 17:56 H1PCY3-000210-00-J The error message indicates I have damaged my file system by deleting files by hand ;-) The problem is these ownership and permissions are allowing exim to receive mail from the Administrator address, but not from a non-privileged address from the command line or from mutt. The error message is: 2002-09-01 11:14:31 H1QP07-0002D4-00 Failed to create spool file /usr/local/exim/spool/input//H1QP07-0002D4-00-D: Permission denied Before I think I tried something (different permissions? exim_user=exim?). Now I have to think of my best plan of action. Create root user? Set exim_user in configure. Run the daemon under the exim account, even though Pierre Humblet's CYGWIN.README suggests there is no compelling reason to? Or change the permissions on the spool subdirectories by hand? I don't know but I think I'm going to try creating a root user as in the User Guide. I've tried all the other alternatives, and although exim was receiving and delivering mail from non-privileged accounts, permission was still being denied in some cases. -- Greg Matheson Where do I have to be to get to Chinmin College where I want to be? Taiwan Penpals Archive -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/