XMail will not send any emails because it cant resolve any hostname. The problem is that libnss_files.so.2, libnss_dns.so.2 and libresolv.so.2 missing in /chroot/xmail/lib Bug easly reprodusable: just emerge xmail and try to send any message outside server. Here this problem described: http://www.mail-archive.com/xmail@xmailserver.org/msg14085.html http://xmailforum.homelinux.net/index.php?showtopic=3104 ... Bug only apears in chroot. Please solve it.
Created attachment 93610 [details, diff] etc patch for the init-script (In reply to comment #0) > XMail will not send any emails because it cant resolve any hostname. The > problem is that libnss_files.so.2, libnss_dns.so.2 and libresolv.so.2 missing > in /chroot/xmail/lib > this was not enough for me, i had to copy the /etc/resolv.conf into the chroot
i can submit new ebuild and startup script with many fixes. Will gentoo team accept updates from me to the portage?
(In reply to comment #2) > i can submit new ebuild and startup script with many fixes. Will gentoo team > accept updates from me to the portage? > Yes please. We're on the verge of removing xmail from Portage completely, as we couldn't find anyone to take care of it. I will even offer to proxy-maintain xmail for you, if you want (and can promise the devotion).
Andrej, give me please 4 days to fix two bugs in scripts. I will post all files soon.
Oops, i need litle more time to resolve paths mess. Sorry :(
Version bump, i need some time to adapt ebuild and scripts. 70% completed.
Created attachment 111857 [details] xmail 1.24 ebuild this is an ebuild for 1.24, not many changes but maybe it helps a bit. would it be possible to make a version without chroot (USE-flag?)?
net-mail/xmail is masked and will be removed in 30 days. It has bugs and no maintainer.
Sorry for long answer. I can write working ebuild. The are two problems: 1) It will be incompatible with current ebuilds(full deinstall before installation requried). This because my ebuild doesn't use chroot and iptables(as it provides soo many problems, bugs, and touches other programs). Instead it binds to default SMTP and POP3 port and after this drops root privs. 2) To drop root privs I wrote simple patch. But it was not accepted due to arhitecture reasons by upstream (my unix code is "inside a system independent source file"). Patch avaliable here: http://exe.messir.net/tempo/xmail_security.patch This is why I didn't write ebuild. If this two things are acceptable for gentoo team I will provide new ebuild.
(In reply to comment #9) > 2) To drop root privs I wrote simple patch. But it was not accepted due to > arhitecture reasons by upstream (my unix code is "inside a system independent > source file"). Patch avaliable here: > http://exe.messir.net/tempo/xmail_security.patch At least I am not interested in keeping packages around which needs patches to work which were refused by the upstream authors ...
I made an ebuild that doesnt use chroot and fixes the problems. It uses configurable (conf.d) port redirection and does not need root privs. I can fix it up and attach it here. The ebuild is not compatible to the existing one.
I think its a dirty hack to make port redirects. It will require: iptables, kernel with iptables, REDIRECT target and some amount of firewall rules. Thats not good way to solve the problem. Other network software works well without port redirects. Better to drop root privs after binding to port or use CAP_NET_BIND_SERVICE. Don't you want to use CAP_NET_BIND_SERVICE?
xmail is gone
