|Summary:||No local mail delivery possible|
|Product:||[Retired] Red Hat Linux||Reporter:||Jos Vos <jos>|
|Component:||shadow-utils||Assignee:||Bernhard Rosenkraenzer <bero>|
|Status:||CLOSED RAWHIDE||QA Contact:|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2001-05-22 15:57:40 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Jos Vos 2001-05-22 14:12:04 UTC
Postfix isn't able to to deliver any local mail, because it calls the local delivery agent (procmail) as the user receiving the mail (and for root it even uses another user, see main.cf). This problem first appeared after procmail's setuid and setgid bits were removed in RHL 7.1. An (insecure?) workaround is to change procmail to setuid root / setgid mail. FWIW: only changing setgid mail (so not setuid root) works for delivering mail to all users except root.
Comment 1 Bernhard Rosenkraenzer 2001-05-22 15:32:00 UTC
Where is the problem? At least on my system, a local user can deliver mail to himself. I'm running postfix here without any problems or setuid/setgid bits.
Comment 2 Jos Vos 2001-05-22 15:49:38 UTC
A prerequisite for the problem is that no mail spoolfile (/var/spool/mail/$USER) exists for the receiving user (it can append to a spoolfile - except for root -, but it can't create a new spoolfile).
Comment 3 Bernhard Rosenkraenzer 2001-05-22 15:57:35 UTC
Don't do that, then(tm). The only ways to "fix" this would be making procmail or postfix setuid or making /var/mail world-writable, all of which opens the door to security problems. The problem can be reduced though: adduser should create an empty mail spool for the user. assigning to shadow-utils so I'll remember to do this.
Comment 4 Bernhard Rosenkraenzer 2001-05-22 16:36:55 UTC
Done in shadow-utils-20000902-1.
Comment 5 Jos Vos 2001-05-22 17:13:13 UTC
And what about users not created with useradd, like NIS users or users authenticated remotely? Furthermore, this would mean an environment with many thousands of users would *always* have many thousands of /var/spool/mail directory entries, not a very appealing idea...