Procmail can't create mailbox
Bob McClure Jr
bob at bobcatos.com
Mon Dec 1 21:38:18 UTC 2008
On Mon, Dec 01, 2008 at 01:21:50PM -0800, Rick Stevens wrote:
> Bob McClure Jr wrote:
>> On Mon, Dec 01, 2008 at 10:11:08AM -0800, Rick Stevens wrote:
>>> Bob McClure Jr wrote:
>>>> On Sat, Nov 29, 2008 at 09:28:38AM -0500, Mark Corsi wrote:
>>>>> My guess is that the server is seeing the process as 'other'. This leaves
>>>>> two solutions. One is to start the process with sudo so it starts as root. I
>>>>> would hazard a guess that this would open up an unexpected security hole
>>>>> since this is a mail process. The other solution is to make the process
>>>>> owner part of the group that owns that folder and make the folder group
>>>>> writable. Pretty sure the second solution will maintain security while
>>>>> accomplishing your goal.
>>>> Well, I already have a sufficiently secure work-around, but that works
>>>> around a symptom. I want to find out why an out-of-the-box
>>>> configuration quit working.
>>> Were there any diagnostics in the logs that may be of use?
>>
>> Only
>>
>> Nov 28 18:45:46 lfvsfcp19080 postfix/local[30613]: 759B024035:
>> to=<bmcclure at dn.net>, orig_to=<root at dn.net>, relay=local, delay=3,
>> delays=0/0/0/3, dsn=5.2.0, status=bounced (can't create user output
>> file. Command output: procmail: Couldn't create "/var/mail/bmcclure" )
>>
>>> Did you
>>> check /usr/bin/procmail and verified it was rwxr-xr-x (755), owned by
>>> root, group of mail?
>>
>> -rwxr-xr-x 1 root mail 99128 Jul 12 2006 /usr/bin/procmail
>>
>>> Yes, /var/mail is a symlink to /var/spool/mail and
>>> the link should be mode rwxrwxrwx (777).
>>
>> lrwxrwxrwx 1 root root 10 Nov 21 20:43 /var/mail -> spool/mail
>>
>>> /var/spool/mail itself should be owned by root, group of mail with mode
>>> rwxrwxr-x (775).
>>
>> drwxrwxr-x 2 root mail 4096 Nov 28 04:02 /var/spool/mail
>>
>>> The files below that should be owned by the user whose
>>> mailbox it is, group of mail with mode rw-rw---- (660).
>>
>> -rw------- 1 root root 0 Nov 28 04:02 root
>> -rw-rw---- 1 root mail 0 Nov 21 20:52 root2
>> -rw-rw---- 1 rpc mail 0 Nov 21 20:47 rpc
>>
>>> I know of no extra things that may be affected by the addition of a user
>>> via the "adduser" scripts that wouldn't be handled IF all of the user-
>>> related files (home directories, hidden files, etc.) are present.
>>
>> drwx------ 25 bmcclure bmcclure 12288 Dec 1 04:02 /home/bmcclure
>> -rw-r--r-- 1 bmcclure apache 1716 Nov 28 21:40 /home/bmcclure/.procmailrc
>>
>> I am mystified.
>
> Have you tried (as root):
>
> touch /var/mail/bmcclure
> chown bmcclure:mail /var/mail/bmcclure
> chmod 660 /var/mail/bmcclure
Yeah, I know that works.
> Not sure if the adduser scripts create the empty mailbox or not.
Hmm. I've been assuming that it doesn't, but I just looked at
/etc/defaults/useradd, and indeed:
# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
> They
> may...check that, they do. One of the possible exit values for useradd
> is:
>
> 13 can’t create mail spool
>
> Ok, now THAT'S subtle to find!
Well, that would explain this server, and I know just how to fix it.
Now I have to go back to the others, because, on at least one of them,
useradd was not creating the mailbox. Gotta verify that's the case
and fix that.
Thanks for the clue.
> ----------------------------------------------------------------------
> - Rick Stevens, Systems Engineer ricks at nerd.com -
> - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
> - -
> - Change is inevitable, except from a vending machine. -
> ----------------------------------------------------------------------
Cheers,
--
Bob McClure, Jr. Bobcat Open Systems, Inc.
bob at bobcatos.com http://www.bobcatos.com
"For I know the plans I have for you," declares the LORD, "plans to
prosper you and not to harm you, plans to give you hope and a future."
Jeremiah 29:11 (NIV)
More information about the Redhat-install-list
mailing list