Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 23602 - Vpopmail ebuild uses --enable-tcpserver-file=/etc/tcp.smtp, which makes for potential permissions issues.
Summary: Vpopmail ebuild uses --enable-tcpserver-file=/etc/tcp.smtp, which makes for p...
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Robin Johnson
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-06-27 09:03 UTC by Scott J Garner
Modified: 2004-01-22 01:02 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Scott J Garner 2003-06-27 09:03:31 UTC 
When --enable-tcpserver-file=/etc/tcp.smtp is used in building vpopmail,
applications linking to /var/vpopmail/lib/libvpopmail.a will use that same path.
 This is a problem with (for example) courier-imapd's authvchkpw module since it
also attempts to create tmp files based on that path.  The result:

Jun 26 22:06:48 highvoltage imapd: Connection, ip=[127.0.0.1]
Jun 26 22:06:48 highvoltage imapd: tcprules: fatal: unable to create
/etc/tcp.smtptmp.7652: access denied

My solution was to change the path in the ebuild
--enable-tcpserver-file=/var/vpopmail/etc/tcp.smtp and create symlinks from
/etc/tcp.smtp.* to /var/vpopmail/etc/.




Reproducible: Always
Steps to Reproduce:
1. emerge and configure vpopmail
2. emerge and configure courier-imapd
3. attempt to authenticate via courier-imapd's authvchkpw

Actual Results:  
In /var/log/mail.log:

Jun 26 22:06:48 highvoltage imapd: Connection, ip=[127.0.0.1]
Jun 26 22:06:48 highvoltage imapd: tcprules: fatal: unable to create
/etc/tcp.smtptmp.7652: access denied

Expected Results:  
A clear write of the tcp.smtptmp.xxxx file.

Portage 2.0.48-r1 (default-x86-1.4, gcc-3.2.2, glibc-2.3.1-r4)
=================================================================
System uname: 2.4.20-gentoo-r5 i686 Intel(R) Xeon(TM) CPU 2.40GHz
GENTOO_MIRRORS="http://gentoo.oregonstate.edu http://distro.ibiblio.org/pub/Linu
              x/distributions/gentoo"
CONFIG_PROTECT="/etc /var/qmail/control /usr/share/config /usr/kde/2/share/confi
              g /usr/kde/3/share/config /usr/X11R6/lib/X11/xkb"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
PORTDIR="/usr/portage"
DISTDIR="/usr/portage/distfiles"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR_OVERLAY=""
USE="x86 oss 3dnow apm avi crypt cups encode gif jpeg libg++ mikmod mmx motif mp
              eg ncurses nls pdflib png quicktime slang spell truetype xml2 xmms
xv zlib gdbm                berkdb readline svga tcltk java guile sdl gpm libwww
perl python esd imlib oggvo               rbis opengl mozilla X gtk2 gnome gtk
mysql tcpd pam ssl -alsa -qt -kde -arts"
COMPILER="gcc3"
CHOST="i686-pc-linux-gnu"
CFLAGS="-O2 -mcpu=i686 -pipe"
CXXFLAGS="-O2 -mcpu=i686 -pipe"
ACCEPT_KEYWORDS="x86"
MAKEOPTS="-j2"
AUTOCLEAN="yes"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
FEATURES="sandbox ccache"
Comment 1 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2003-08-06 01:19:43 UTC 
I'd say anything that wrote to either /etc/ OR /var/vpopmail/etc is severaly broken.

I'm going to see about reproducing this and finding a better fix.

I don't see why they want to write to the file anyway, they don't need tmp files at all.
Comment 2 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-01-22 01:02:40 UTC 
old bug. I haven't seen anybody complain about this for a long time, and if the do, my answer remains the same. go and use the relay-ctrl package instead.