Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 23602

Summary: Vpopmail ebuild uses --enable-tcpserver-file=/etc/tcp.smtp, which makes for potential permissions issues.
Product: Gentoo Linux Reporter: Scott J Garner <mrfab>
Component: [OLD] ServerAssignee: Robin Johnson <robbat2>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Scott J Garner 2003-06-27 09:03:31 UTC
When --enable-tcpserver-file=/etc/tcp.smtp is used in building vpopmail,
applications linking to /var/vpopmail/lib/libvpopmail.a will use that same path.
 This is a problem with (for example) courier-imapd's authvchkpw module since it
also attempts to create tmp files based on that path.  The result:

Jun 26 22:06:48 highvoltage imapd: Connection, ip=[127.0.0.1]
Jun 26 22:06:48 highvoltage imapd: tcprules: fatal: unable to create
/etc/tcp.smtptmp.7652: access denied

My solution was to change the path in the ebuild
--enable-tcpserver-file=/var/vpopmail/etc/tcp.smtp and create symlinks from
/etc/tcp.smtp.* to /var/vpopmail/etc/.




Reproducible: Always
Steps to Reproduce:
1. emerge and configure vpopmail
2. emerge and configure courier-imapd
3. attempt to authenticate via courier-imapd's authvchkpw

Actual Results:  
In /var/log/mail.log:

Jun 26 22:06:48 highvoltage imapd: Connection, ip=[127.0.0.1]
Jun 26 22:06:48 highvoltage imapd: tcprules: fatal: unable to create
/etc/tcp.smtptmp.7652: access denied

Expected Results:  
A clear write of the tcp.smtptmp.xxxx file.

Portage 2.0.48-r1 (default-x86-1.4, gcc-3.2.2, glibc-2.3.1-r4)
=================================================================
System uname: 2.4.20-gentoo-r5 i686 Intel(R) Xeon(TM) CPU 2.40GHz
GENTOO_MIRRORS="http://gentoo.oregonstate.edu http://distro.ibiblio.org/pub/Linu
              x/distributions/gentoo"
CONFIG_PROTECT="/etc /var/qmail/control /usr/share/config /usr/kde/2/share/confi
              g /usr/kde/3/share/config /usr/X11R6/lib/X11/xkb"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
PORTDIR="/usr/portage"
DISTDIR="/usr/portage/distfiles"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR_OVERLAY=""
USE="x86 oss 3dnow apm avi crypt cups encode gif jpeg libg++ mikmod mmx motif mp
              eg ncurses nls pdflib png quicktime slang spell truetype xml2 xmms
xv zlib gdbm                berkdb readline svga tcltk java guile sdl gpm libwww
perl python esd imlib oggvo               rbis opengl mozilla X gtk2 gnome gtk
mysql tcpd pam ssl -alsa -qt -kde -arts"
COMPILER="gcc3"
CHOST="i686-pc-linux-gnu"
CFLAGS="-O2 -mcpu=i686 -pipe"
CXXFLAGS="-O2 -mcpu=i686 -pipe"
ACCEPT_KEYWORDS="x86"
MAKEOPTS="-j2"
AUTOCLEAN="yes"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
FEATURES="sandbox ccache"
Comment 1 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2003-08-06 01:19:43 UTC
I'd say anything that wrote to either /etc/ OR /var/vpopmail/etc is severaly broken.

I'm going to see about reproducing this and finding a better fix.

I don't see why they want to write to the file anyway, they don't need tmp files at all.
Comment 2 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-01-22 01:02:40 UTC
old bug. I haven't seen anybody complain about this for a long time, and if the do, my answer remains the same. go and use the relay-ctrl package instead.