[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Exim and right permissions for execution of a perl script

To: Patrick J Okui <pokui at one2net.co.ug>
Subject: Re: Exim and right permissions for execution of a perl script
From: Brian Candler <B.Candler at pobox.com>
Date: Thu, 22 Aug 2002 20:23:59 +0100
Cc: Afnog Mailing List <afnog at afnog.org>
Content-Disposition: inline
Content-Type: text/plain; charset=us-ascii
Delivered-To: afnog-archive at lists.eahd.or.ug
Delivered-To: afnog-outgoing at afnog.org
Delivered-To: afnog at afnog.org
In-Reply-To: <1030025609.32674.4.camel at favour>; from pokui at one2net.co.ug on Thu, Aug 22, 2002 at 05:13:26PM +0300
References: <1029924722.6920.34.camel at favour> <20020821165937.B62248 at linnet.org> <1029997368.29680.6.camel at favour> <20020822082710.A82333 at uk.tiscali.com> <1030005341.29680.26.camel at favour> <1030025609.32674.4.camel at favour>
Sender: owner-afnog at afnog.org
User-Agent: Mutt/1.2.5.1i

On Thu, Aug 22, 2002 at 05:13:26PM +0300, Patrick J Okui wrote:
> now on my secondary name server I am getting this..
> any ideas?
> 
> ns2:/usr/exim # tail /var/log/exim/paniclog 
> 2002-08-22 14:13:49 17hpuP-0000BI-00 unable to set gid=44 or uid=44
> (euid=123): local delivery to |/dns/scripts/slave_ns.pl
> <|/dns/scripts/slave_ns.pl> transport=address_pipe

Who are users 123 and 44 in your password file? Are they 'exim' and 'named'
respectively?

Can you try a delivery with debugging turned on, i.e.

  # exim -d db-test at yourdomain

and post the results?

What version of exim are you running? I have just tested with exim-4.05 and
it works fine for me.

Also, have you done anything out-of-the-ordinary on the security side, such
as making 'exim' suid exim instead of suid root, or using the
"deliver_drop_privilege" option? Delivery processes need to have root rights
in order to be able to switch to the chosen delivery user. See sections 47.1
and 47.2 of the manual.

Regards,

Brian.

-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org

Follow-Ups:
- Re: Exim and right permissions for execution of a perl script
  - From: Patrick J Okui <pokui at one2net.co.ug>

References:
- Exim and right permissions for execution of a perl script
  - From: Patrick J Okui <pokui at one2net.co.ug>
- Re: Exim and right permissions for execution of a perl script
  - From: Brian Candler <B.Candler at pobox.com>
- Re: Exim and right permissions for execution of a perl script
  - From: Patrick J Okui <pokui at one2net.co.ug>
- Re: Exim and right permissions for execution of a perl script
  - From: Brian Candler <B.Candler at pobox.com>
- Re: Exim and right permissions for execution of a perl script
  - From: Patrick J Okui <pokui at one2net.co.ug>
- Re: Exim and right permissions for execution of a perl script
  - From: Patrick J Okui <pokui at one2net.co.ug>
- Re: Exim and right permissions for execution of a perl script
  - From: Patrick J Okui <pokui at one2net.co.ug>

Prev by Date: Re: Exim and right permissions for execution of a perl script
Next by Date: A IE 6.0 patch
Prev by thread: Re: Exim and right permissions for execution of a perl script
Next by thread: Re: Exim and right permissions for execution of a perl script
Index(es):
- Date
- Thread