Bug 1032503 – smrsh running perl file that attempts to write or append to a file

Bug 1032503 - smrsh running perl file that attempts to write or append to a file

Summary:	smrsh running perl file that attempts to write or append to a file

Status:	CLOSED NOTABUG

Aliases:	None

Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	sendmail (Show other bugs)
Sub Component:
Version:	6.4
Hardware:	x86_64 Linux

Priority	unspecified Severity medium
Target Milestone:	rc
Target Release:	---
Assigned To:	Jaroslav Škarvada
QA Contact:	qe-baseos-daemons
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2013-11-20 05:13 EST by anthony.gladdish
Modified:	2015-02-04 06:37 EST (History)
CC List:	1 user (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2015-02-04 06:37:48 EST
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description anthony.gladdish 2013-11-20 05:13:08 EST

Description of problem:

Smrsh is receiving mail sent to a specific mail alias, which in turn runs my perl script, but get the error "Unknown mailer error 13" in maillog.
Perl script bombs out when attempting to open a file for writing or appending.
There’s enough disk space and permissions seem adequate.
I suspect it’s a bug.


Version-Release number of selected component (if applicable):

RHEL 6.4
Perl 5.10.1
sendmail 8.14.4.8.el6


How reproducible:

Add aliases to 
#vi /etc/aliases
test_jm_res: "|/etc/smrsh/perl /etc/smrsh/test_jm_res.pl"
#newaliases
#service sendmail restart

Create symbolic links:
#ls -la /etc/smrsh/
lrwxrwxrwx.  1 root root   31 Nov  8 09:44 test_jm_res.pl -> /opt/test_jm_res/test_jm_res.pl
lrwxrwxrwx.  1 root root   13 Oct 24 13:32 perl -> /usr/bin/perl

#ls -la /opt/test_jm_res/
drwxrwxr-x. 2 root mail 4096 Nov  8 10:01 .
drwxr-xr-x. 7 root root 4096 Nov  8 09:33 ..
-rwxr-xr-x. 1 root root  603 Nov  8 10:01 test_jm_res.pl
-rwxrwxrwx. 1 root root    0 Nov  8 09:50 test_jm_res_stderr

Create perl script:
#touch /opt/test_jm_res/test_jm_res.pl

#!/etc/smrsh/perl

use strict;
use warnings;

my $test_jm_res_stderr = '/opt/test_jm_res/test_jm_res_stderr';

# get email response:
my $msg_response;
while (<STDIN>) {
    $msg_response .= $_;
};

# bombing out here:
open (MYFILE2, ">>$test_jm_res_stderr") || die "File does not exist\n";
print MYFILE2 "debug: $@ \n";
close(MYFILE2);


Actual results:

Get the error "stat=unknown mailer error 13" in maillog.


Expected results:

Expect message reponse sent to aliases, to be written to supplied custom log file /opt/test_jm_res/test_jm_res_stderr, but it is empty.


Regards,
Anthony Gladdish

Comment 3 Jaroslav Škarvada 2015-02-04 06:37:48 EST

Hi,

there are probably two problems blocking your perl script from working as expected:

1. Your script needs write access to /opt/test_jm_res. In default configuration it is run under 'mail' user, so the following should give it write access:
# chown mail /opt/test_jm_res
# chmod u+w /opt/test_jm_res

2. Creating/writing file under /opt triggered by incoming email is potentially dangerous operation which can be result of e.g. successful exploitation of mail server, thus it is blocked by selinux in default configuration. The best and easiest fix is to move the log file to e.g. /var/tmp, or you can create your own selinux rule (module) for it, or (not recommended) disable selinux.

By fixing these two things in the setup, it works correctly, thus closing.

Note You need to log in before you can comment on or make changes to this bug.