Bug 1032503 - smrsh running perl file that attempts to write or append to a file
Summary: smrsh running perl file that attempts to write or append to a file
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sendmail
Version: 6.4
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Jaroslav Škarvada
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-11-20 10:13 UTC by anthony.gladdish
Modified: 2015-02-04 11:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-04 11:37:48 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description anthony.gladdish 2013-11-20 10:13:08 UTC 
Description of problem:

Smrsh is receiving mail sent to a specific mail alias, which in turn runs my perl script, but get the error "Unknown mailer error 13" in maillog.
Perl script bombs out when attempting to open a file for writing or appending.
There’s enough disk space and permissions seem adequate.
I suspect it’s a bug.


Version-Release number of selected component (if applicable):

RHEL 6.4
Perl 5.10.1
sendmail 8.14.4.8.el6


How reproducible:

Add aliases to 
#vi /etc/aliases
test_jm_res: "|/etc/smrsh/perl /etc/smrsh/test_jm_res.pl"
#newaliases
#service sendmail restart

Create symbolic links:
#ls -la /etc/smrsh/
lrwxrwxrwx.  1 root root   31 Nov  8 09:44 test_jm_res.pl -> /opt/test_jm_res/test_jm_res.pl
lrwxrwxrwx.  1 root root   13 Oct 24 13:32 perl -> /usr/bin/perl

#ls -la /opt/test_jm_res/
drwxrwxr-x. 2 root mail 4096 Nov  8 10:01 .
drwxr-xr-x. 7 root root 4096 Nov  8 09:33 ..
-rwxr-xr-x. 1 root root  603 Nov  8 10:01 test_jm_res.pl
-rwxrwxrwx. 1 root root    0 Nov  8 09:50 test_jm_res_stderr

Create perl script:
#touch /opt/test_jm_res/test_jm_res.pl

#!/etc/smrsh/perl

use strict;
use warnings;

my $test_jm_res_stderr = '/opt/test_jm_res/test_jm_res_stderr';

# get email response:
my $msg_response;
while (<STDIN>) {
    $msg_response .= $_;
};

# bombing out here:
open (MYFILE2, ">>$test_jm_res_stderr") || die "File does not exist\n";
print MYFILE2 "debug: $@ \n";
close(MYFILE2);


Actual results:

Get the error "stat=unknown mailer error 13" in maillog.


Expected results:

Expect message reponse sent to aliases, to be written to supplied custom log file /opt/test_jm_res/test_jm_res_stderr, but it is empty.


Regards,
Anthony Gladdish
Comment 3 Jaroslav Škarvada 2015-02-04 11:37:48 UTC 
Hi,

there are probably two problems blocking your perl script from working as expected:

1. Your script needs write access to /opt/test_jm_res. In default configuration it is run under 'mail' user, so the following should give it write access:
# chown mail /opt/test_jm_res
# chmod u+w /opt/test_jm_res

2. Creating/writing file under /opt triggered by incoming email is potentially dangerous operation which can be result of e.g. successful exploitation of mail server, thus it is blocked by selinux in default configuration. The best and easiest fix is to move the log file to e.g. /var/tmp, or you can create your own selinux rule (module) for it, or (not recommended) disable selinux.

By fixing these two things in the setup, it works correctly, thus closing.
Note You need to log in before you can comment on or make changes to this bug.