Procmail can't create mailbox
Rick Stevens
ricks at nerd.com
Mon Dec 1 21:21:50 UTC 2008
Bob McClure Jr wrote:
> On Mon, Dec 01, 2008 at 10:11:08AM -0800, Rick Stevens wrote:
>> Bob McClure Jr wrote:
>>> On Sat, Nov 29, 2008 at 09:28:38AM -0500, Mark Corsi wrote:
>>>> My guess is that the server is seeing the process as 'other'. This leaves
>>>> two solutions. One is to start the process with sudo so it starts as root. I
>>>> would hazard a guess that this would open up an unexpected security hole
>>>> since this is a mail process. The other solution is to make the process
>>>> owner part of the group that owns that folder and make the folder group
>>>> writable. Pretty sure the second solution will maintain security while
>>>> accomplishing your goal.
>>> Well, I already have a sufficiently secure work-around, but that works
>>> around a symptom. I want to find out why an out-of-the-box
>>> configuration quit working.
>> Were there any diagnostics in the logs that may be of use?
>
> Only
>
> Nov 28 18:45:46 lfvsfcp19080 postfix/local[30613]: 759B024035:
> to=<bmcclure at dn.net>, orig_to=<root at dn.net>, relay=local, delay=3,
> delays=0/0/0/3, dsn=5.2.0, status=bounced (can't create user output
> file. Command output: procmail: Couldn't create "/var/mail/bmcclure" )
>
>> Did you
>> check /usr/bin/procmail and verified it was rwxr-xr-x (755), owned by
>> root, group of mail?
>
> -rwxr-xr-x 1 root mail 99128 Jul 12 2006 /usr/bin/procmail
>
>> Yes, /var/mail is a symlink to /var/spool/mail and
>> the link should be mode rwxrwxrwx (777).
>
> lrwxrwxrwx 1 root root 10 Nov 21 20:43 /var/mail -> spool/mail
>
>> /var/spool/mail itself should be owned by root, group of mail with mode
>> rwxrwxr-x (775).
>
> drwxrwxr-x 2 root mail 4096 Nov 28 04:02 /var/spool/mail
>
>> The files below that should be owned by the user whose
>> mailbox it is, group of mail with mode rw-rw---- (660).
>
> -rw------- 1 root root 0 Nov 28 04:02 root
> -rw-rw---- 1 root mail 0 Nov 21 20:52 root2
> -rw-rw---- 1 rpc mail 0 Nov 21 20:47 rpc
>
>> I know of no extra things that may be affected by the addition of a user
>> via the "adduser" scripts that wouldn't be handled IF all of the user-
>> related files (home directories, hidden files, etc.) are present.
>
> drwx------ 25 bmcclure bmcclure 12288 Dec 1 04:02 /home/bmcclure
> -rw-r--r-- 1 bmcclure apache 1716 Nov 28 21:40 /home/bmcclure/.procmailrc
>
> I am mystified.
Have you tried (as root):
touch /var/mail/bmcclure
chown bmcclure:mail /var/mail/bmcclure
chmod 660 /var/mail/bmcclure
Not sure if the adduser scripts create the empty mailbox or not. They
may...check that, they do. One of the possible exit values for useradd
is:
13 can’t create mail spool
Ok, now THAT'S subtle to find!
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer ricks at nerd.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Change is inevitable, except from a vending machine. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list