amanda remove most the environment variable for security reason.
mailx require the HOME environment variable to find the user .mailrc file
Could you try the attached patch.
Do someone know if the HOME environment variable can be used to break
suid program?
Jean-Louis
Thomas Steiger wrote:
I have a question about sending mails in amanda. For example the
'amcheck -m <config>' command sends a mail if any errors are detected.
The log file amcheck.<datestampe>.debug shows me the following content:
...
amcheck: spawning /usr/bin/Mail in pipeline
amcheck: argument list: /usr/bin/Mail -s "<config> AMANDA PROBLEM:
FIX BEFORE RUN, IF POSSIBLE" [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> .
I assume that amcheck sends the mail under the user amanda (as
configured by compilation) but it seems that the personal config file
for the MAILER (~/.mailrc) will not be used to send the mail. In the
sendmail log i can find the following error:
ruleset=trust_auth, [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>,
relay=localhost [127.0.0.1 <http://127.0.0.1>], reject=550 5.7.1
<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>... not authenticated
But if i use the following command on the shell to send a mail (under
the user amanda):
/usr/bin/Mail -s "<config> AMANDA PROBLEM: FIX BEFORE RUN, IF
POSSIBLE" [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
everything goes fine.
The contents of the file .mailrc is:
set smtp=smtp://localhost
set smtp-auth=login
set smtp-auth-user=userxyz
set smtp-auth-password=**************
Does anybody know how i can configure amanda so that the mailer uses
the smtp auth configuration?
diff -u -r --show-c-function --new-file --exclude-from=/home/martinea/src.orig/amanda.diff --ignore-matching-lines='$Id:' amanda-2.5.1p2.new/common-src/alloc.c amanda-2.5.1p2.new.HOME/common-src/alloc.c
--- amanda-2.5.1p2.new/common-src/alloc.c 2006-07-05 06:41:32.000000000 -0400
+++ amanda-2.5.1p2.new.HOME/common-src/alloc.c 2007-01-11 10:49:29.000000000 -0500
@@ -398,6 +398,7 @@ safe_env(void)
"PATH",
#endif
"DISPLAY",
+ "HOME",
NULL
};
