NetBSD Problem Report #46790

From mw@fenrir.wzff.de  Thu Aug  9 22:50:21 2012
Return-Path: <mw@fenrir.wzff.de>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	by www.NetBSD.org (Postfix) with ESMTP id 19D8D63B85F
	for <gnats-bugs@gnats.NetBSD.org>; Thu,  9 Aug 2012 22:50:21 +0000 (UTC)
Message-Id: <20120809225003.00241EEA4F0@fenrir.wzff.de>
Date: Fri, 10 Aug 2012 00:50:02 +0200 (CEST)
From: Moritz Wilhelmy <mw@wzff.de>
Reply-To: Moritz Wilhelmy <mw@wzff.de>
To: gnats-bugs@gnats.NetBSD.org
Subject: Error delivering mails to msgs(1)
X-Send-Pr-Version: 3.95

>Number:         46790
>Category:       bin
>Synopsis:       Error delivering mails to msgs(1)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 09 22:55:00 +0000 2012
>Last-Modified:  Tue Nov 19 22:25:00 +0000 2013
>Originator:     Moritz Wilhelmy
>Release:        NetBSD 6.0_BETA2
>Organization:
Fictional Enterprises Ltd
>Environment:
System: NetBSD fenrir.wzff.de 6.0_BETA2 NetBSD 6.0_BETA2 (GENERIC) i386
Architecture: i386
Machine: i386
>Description:
	After enabling msgs in /etc/aliases as described within the file and
	running newaliases

	% tail -2 /etc/mail/aliases
	# uncomment this for msgs(1):
	msgs: "|/usr/bin/msgs -s"

	I get the following error in /var/log/maillog:

	Aug 10 00:37:05 fenrir postfix/local[380]: 961C6EEA4A7: to=<msgs@fenrir.wzff.de>, orig_to=<msgs>, relay=local, delay=0.37, delays=0.2/0.09/0/0.08, dsn=5.3.0, status=bounced (Command died with status 13: "/usr/bin/msgs -s". Command output: /var/msgs/bounds: Permission denied )


>How-To-Repeat:
>Fix:
	Either document how msgs should be invoked and refer to the documentation from /etc/aliases
	or set correct permissions on the /var/msgs/bounds file at installation time.

>Audit-Trail:
From: neitzel@marshlabs.gaertner.de
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: bin/46790
Date: Tue, 19 Nov 2013 23:15:14 +0100

 [msgs(1), the web-2.0 from the 80ies which NetBSD manages to break
 every six years :-)]

 I considered "postconf default_privs=daemon" to be an appropriate
 fix in my environment, but that may not be approriate for everybody.
 So I suggest a comment in the default aliases file pointing out that
 further action is required.  My patch below may be a tad too verbose,
 feel free to shorten it at your discretion.

 							Martin


 Index: aliases
 ===================================================================
 RCS file: /cvsroot/src/etc/aliases,v
 retrieving revision 1.22
 diff -u -r1.22 aliases
 --- aliases	25 Aug 2010 15:38:44 -0000	1.22
 +++ aliases	19 Nov 2013 21:55:44 -0000
 @@ -54,3 +54,22 @@

  # uncomment this for msgs(1):
  # msgs: "|/usr/bin/msgs -s"
 +
 +# Please note for such "|program" destinations:
 +#
 +# NetBSD's previous default MTA, Allmann's/ISC's "sendmail" package,
 +# executed such programs as user "daemon", while the current default
 +# MTA "postfix" uses the user "nobody" instead (see local(8), section
 +# "DELIVERY RIGHTS").
 +#
 +# The msgs(1) spool is adjusted to the "daemon" setting;  it will work
 +# out of the with the ("package") sendmail MTA but not with the default
 +# postfix.   You NEED to make an informed policy decision here.
 +# You could either just
 +#
 +#	# postconf default_privs=daemon
 +#
 +# affecting all(!) program destinations in this aliases(5) file,
 +# or employ something such as "sudo" or other setuid/gid solutions tailored
 +# to individual "|program" destinations.  (Whatever you do, *don't* just
 +# make /var/msgs{,/bounds} writable for "nobody", i.e. the world.)

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.