Configuration of global procmail

Wojciech Komornicki wnk at hamline.edu
Tue Jul 17 17:43:10 UTC 2007 

Todd, 
    Thanks for the quick response.  I am running Fedora 5 and not 7 but
I do not think that should make a difference.  From the audit.log file
it seems that procmail is failing on a call to getattr

 Jul 17 11:19:21 kernel: audit(1184689161.358:29353): avc:  denied  {getattr } for  pid=29579 comm=procmail name="wk" dev=dm-0 ino=14091670 scontext=root:system_r:procmail_t tcontext=root:object_r:var_spool_t tclass=file

 I have encountered this before when a utility tries to get the attributes of a non-existent file.   I did not have a
 /etc/procmailrc file so I got one off of the web.

      # Please check if all the paths in PATH are reachable, remove the ones that
      # are not.

      PATH=/usr/bin:/bin:/usr/local/bin:.
      MAILDIR=$HOME/Mail        # You'd better make sure it exists
      DEFAULT=$MAILDIR/mbox
      LOGFILE=$MAILDIR/from
      LOCKFILE=$HOME/.lockmail


      # Anything that has not been delivered by now will go to $DEFAULT
      # using LOCKFILE=$DEFAULT$LOCKEXT

Now procmail does not fail but delivers mail to the users mbox.  If I omit the variable DEFAULT, procmail fails.  If I
change it to
      DEFAULT=/var/mail/$LOGNAME
procmail failes

So now procmail does not fail but does not deliver to the system mailbox but to the user's MAILDIR.

BTW: I am testing this out on an account I set up with not .procmailrc file.

--
Wojciech Komornicki

>>>>> "wnk" == Wojciech Komornicki <wnk at hamline.edu>
>>>>> "Todd" == Todd Zullinger <tmz at pobox.com>

  wnk:> Wojciech Komornicki wrote:
  wnk:> > I have posted this before but have not seen my own posting so let me
  wnk:> > try again.
  wnk:> >
  wnk:> > All of the information on procmail I have seen deal with one's own
  wnk:> > .prodmailrc file.  I had configured procmail on a DEC Alpha server
  wnk:> > running Digital UNIX but am having problems with procmail under
  wnk:> > Fedora 5.
  wnk:> >
  wnk:> > Procmail is enabled in sendmail.  However when /usr/bin/procmail is
  wnk:> > invoked even if there is no /etc/procmailrc file or a ~/.procmailrc
  wnk:> > file procmail fails with EX_TEMPFAIL.  I know that this means that
  wnk:> > there is an error in permissions but I am stumped as to how to reset
  wnk:> > the permissions. The permissions on on /usr/bin/procmail are
  wnk:> >         -rwxr-sr-x 1 root mail 69977 Jul 14 13:11 procmail
  wnk:> > which is what
  wnk:> >         make install-suid
  wnk:> > set.  procmail is registered in smrsh.
  wnk:> >
  wnk:> > Any advice is greatly appreciated.

  Todd:> More questions than advice. :)

  Todd:> Why are you manually installing procmail instead of using the packaged
  Todd:> version for F7?  The Fedora packaging doesn't install procmail setuid
  Todd:> (nor setgid) and hasn't done so since ~RH7 back in 2001.

  Todd:> $ ll /usr/bin/procmail
  Todd:> -rwxr-xr-x 1 root mail 91K 2007-03-27 08:34 /usr/bin/procmail

  Todd:> If you are running with SELinux in enforcing mode (the default), you
  Todd:> may want to look for denials in /var/log/audit/audit.log.

  Todd:> I'd first try the packaged version and see if that works better.

More information about the fedora-list mailing list