Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 99334

Summary: Non-root users unable to send mail with courier's sendmail
Product: Gentoo Linux Reporter: Jonathan Sailor <jsailor>
Component: Current packagesAssignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed>
Status: RESOLVED FIXED    
Severity: minor CC: iggy, jsailor, net-mail+disabled, swtaylor
Priority: Normal    
Version: 2005.0   
Hardware: x86   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Jonathan Sailor 2005-07-17 09:05:15 UTC
By default, the /usr/lib/courier/courier/submit binary used by courier to add message to the mail queue is readable and executable only by user mail or group mail. When normal users try to run sendmail, it finds that it cannot execute submit, prints an error message, and exits.

/usr/bin/sendmail is installed as being owned by root:mail. Making it setuid allows normal users to send mail. (According to the courier documentation, setting it setgid only sets the effective gid to mail; http://www.courier-mta.org/install.html#suid has more info.) IMO, /usr/bin/sendmail should be set setuid when installed; if not, the ebuild should output a message warning the user.

jsailor@gentoo ~ $ sendmail
sendmail: ERR: Permission denied
432 Service temporarily unavailable.
jsailor@gentoo ~ $ sudo chmod u+s /usr/bin/sendmail
jsailor@gentoo ~ $ sendmail
To: jsailor@jesnetplus.com
Subject: test

Testing...
^Djsailor@gentoo ~ $ sudo emerge --info
Portage 2.0.51.19 (default-linux/x86/2005.0, gcc-3.3.5-20050130, glibc-2.3.5-r0, 2.6.11-gentoo-r4 i686)
=================================================================
System uname: 2.6.11-gentoo-r4 i686 AMD Athlon(tm) XP 2800+
Gentoo Base System version 1.6.12
Python:              dev-lang/python-2.3.5 [2.3.5 (#1, Apr 30 2005, 14:33:29)]
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
dev-lang/python:     2.3.5
sys-apps/sandbox:    1.2.10
sys-devel/autoconf:  2.13, 2.59-r6
sys-devel/automake:  1.5, 1.8.5-r3, 1.6.3, 1.7.9-r1, 1.9.5, 1.4_p6
sys-devel/binutils:  2.15.92.0.2-r10
sys-devel/libtool:   1.5.18-r1
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-march=athlon-xp -O2 -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/cups/docs/ /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-march=athlon-xp -O2 -fomit-frame-pointer -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms strict"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j1"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage"
USE="x86 X aalib acl acpi aim alsa apm avi berkdb bitmap-fonts bzlib calendar cdr cdrom cgi chroot cracklib crypt cups curl emboss encode escreen esd ethereal exif expat fam fbdev foomaticdb force-cgi-redirect fortran ftp gcj gd gdbm gif gimpprint gpm gtk gtk2 icq idea imagemagick imap imlib ipv6 ithreads jabber java jikes jpeg libg++ libwww mad maildir matroska mikmod motif mp3 mpeg mpeg4 mplayer msn mysql ncurses nls nptl objc ogg oggvorbis opengl oss pam pcre pdflib perl plotutils png ppds procmail pthreads python readline samba skey slang spell ssl svga symlink tcltk tcpd threads tiff transcode truetype truetype-fonts type1-fonts usb vhosts vim-with-x vorbis wxwindows xml2 xv xvid zlib userland_GNU kernel_linux elibc_glibc"
Unset:  ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS
Comment 1 Brian Jackson (RETIRED) gentoo-dev 2005-07-29 07:10:20 UTC
Should be in cvs shortly. I went with a warning instead of making yet another
thing suid that doesn't need to be under most circumstances.