Description of problem: The rnews job that runs out of /etc/cron.hourly/inn-cron-rnews doesn't work. It launches 'rnews' as the 'news' user, but rnews is then unable to read spooled articles in /var/spool/news/incoming. The reason is that rnews is setuid 'uucp', and the 'incoming' directory is set to 0755,news:news (readable by the news user, but not writable by the news group or the uucp user). I can suggest two fixes for this: 1. Change the permissions of /var/spool/news/incoming to 0775 instead of 0755 2. Change the setuid user for 'rnews' to 'news' instead of 'uucp'. I have to admit that I don't know what the security implications are for these two solutions. I'm open to other suggestions. Version-Release number of selected component (if applicable): inn-2.4.3 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Let me correct that -- it can probably read the spooled articles, but the group permissions prevent it from unlinking the articles after it spools them.
I like the idea of 0775 directory rights much more. Build as inn-2.4.3-14.fc10. Was the 0775 solution working for you? (just by chmod) I could make F8 update if it is enough.
inn-2.4.3-10.fc8 has been submitted as an update for Fedora 8
inn-2.4.3-10.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update inn'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-3313
inn-2.4.3-10.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.