On Thu, Dec 1, 2016 at 2:53 AM, akhiezer <lf...@cruziero.com> wrote: > > From: "Douglas R. Reno" <ren...@linuxfromscratch.org> > > Date: Thu, 1 Dec 2016 00:56:27 -0600 > > Subject: Re: [blfs-dev] Sendmail page - Think we are missing a command > > > > Pierre Labastie wrote: > > > On 01/12/2016 04:38, Douglas R. Reno wrote: > > >> Hello, > > >> > > >> Upon trying to run the newaliases command in the Configuration > > >> Information page, I'll get the following error: > > >> > > >> newaliases: cannot open /etc/mail/aliases: Group writable file > > >> > > >> For context, these are the commands that I ran (similar to the book): > > >> > > >> renodr [ /sources ]$ su > > >> Password: > > >> root [ /sources ]# echo $(hostname) > /etc/mail/local-host-names > > >> root [ /sources ]# cat > /etc/mail/aliases << "EOF" > > >> > postmaster: root > > >> > MAILER-DAEMON: root > > >> > > > >> > EOF > > >> root [ /sources ]# newaliases > > >> newaliases: cannot open /etc/mail/aliases: Group writable file > > >> root [ /sources ]# > > >> > > >> In order to fix this, I had to run something similar to: > > >> > > >> root [ /sources ]# chmod -v 644 /etc/mail/aliases > > >> mode of '/etc/mail/aliases' changed from 0664 (rw-rw-r--) to 0644 > > >> (rw-r--r--) > > >> root [ /sources ]# newaliases > > >> /etc/mail/aliases: 2 aliases, longest 4 bytes, 31 bytes total > > >> > > >> I propose adding the "chmod -v 644 /etc/mail/aliases" command to the > > >> book. > > > Normally you do want such files 0644, and the corresp generated .db files > as 0640 : but the root of the problem is why the 0664 appeared at all ... > > > > >> > > >> I'd like to ask for comments / suggestions before I put it in there > > >> myself. > > >> > > > I guess it is an "umask" problem. > > > ... +1 > > > > > Normally, if your bash startup files > > > are set as in the book, umask should be 022 when you are root, and no > > > additional instruction should be necessary. OTOH, maybe su does not > > > run the bash startup files... > > > > > As far as I can see after tracing it for a little bit, I can't find a > > line in /root/.bashrc, /etc/profile, /etc/bashrc, or /root/.bash_profile > > that accomplishes that. However, we do execute it in > > /etc/profile.d/umask.sh. > > > > > > When I am "su"ed to root, my umask is 0022. If I use my normal user, my > > umask is 0002. > > > > root [ ~ ]# umask > > 0022 > > > > renodr [ /sources ]$ umask > > 0002 > > > > > And if you do 'su -' ? > > renodr [ /sources ]$ su - root Password: root [ ~ ]# umask 0022 root [ ~ ]#
> > I just verified that all of my bash startup files are identical to the > > ones in the book. > > > > > The wider picture here is that one should use 'install ...' with explicit > permissions, ownership, group, full src-path, full tgt-path, &c - thus > reducing or eliminating implicit intentions; and then verify that what > was intended, has actually been put in place. > > Yeah, that definitely would be an interesting idea.
-- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page