On Sat, Nov 09, 2019 at 09:06:04AM +0900, Olaf Meeuwissen wrote: > Hi Haines, > > Haines Brown writes: > > > However, there was a glitch I do not understand. I could not get SMTP > > authentication (I'm running exim4 and mutt). Turned out that exim > > could not read my etc/eximr4/passwd.client file. Its ownership and > > permissinons were > > > > -rw-r----- 1 root saned 653 Oct 29 12:17 passwd.client > > I would have expected this file to have group Debian-exim (or mail), not > saned which is normally used for a scanner server. > > Please check the access and ownership of /etc/eximr4 and files in it. > > ls -ld /etc/eximr4 # for the directory itself > ls -l /etc/eximr4 # for the files in it > > Then use the chgrp and chmod utilities to fix things up.
$ ls -ld /etc/exim4 drwxr-xr-x 3 root root 4096 Oct 29 12:17 /etc/exim4 $ ls -l /etc/exim4 total 92 drwxr-xr-x 9 root root 4096 Jul 25 16:44 conf.d -rw-r--r-- 1 root root 79161 Jul 20 07:35 exim4.conf.template -rw-r--r-- 1 root saned 653 Oct 29 12:17 passwd.client -rw-r--r-- 1 root root 1067 Oct 29 11:00 update-exim4.conf.conf > > I recovered an ability to send e-mal by changing the permission to > > > > -rw-r--r-- > > This is probably a very Bad Thing. Everyone can now read your password > file :-o I know it's a Bad Thing, but was desperate to recover e-mail so I could resolve the problem. I find that an old machine running Debian 4.9.110-1 the ownership of passwd.client was root:Debian-exim. So I put user into the Debian-exim group, returned the permissions for passwd.client to 620, and gave ownwership of the file to root:Debian-exim. Now I have: $ ls -la /etc/exim4/ | grep passwd.client -rw-r----- 1 root Debian-exim 653 Oct 29 12:17 passwd.client The real issue seems to be that when I installed Deuan Ascii as expert and then upgraded to Beowulf user was not automatically put into Debian-exim group and passwd.client waa given root:saned ownership. I don't see how a misttake made during installation could possibly have led to that result. > > If user is in saned group, shouldn't the user running exim be able to > > get SMTP authentication by reading passwd.client? > > Only if that user can also read the content of the directory in the > first place. For that it needs r-x on the directory. Ah, right. Of course. > # I vaguely remember that only --x is sufficient but am no longer sure > # (and too lazy to check ;-) Just checked. I created a test-c directory containing a file named "test": $ ls -la | grep test-c d--x--x--x 2 root haines 4096 Nov 9 06:13 test-c I am able to edit and save the "test" file with these ownerships and permissions of its parent. > Hope this helps, > -- > Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27 Yes, it certainly did. Thank you. The problem remains, however, concerning how an installation could assign saned to be owner of passwe.client. Not sure, but suspect that an automated installation of Ascii with a destkop on another drive got things right, but can't best because I never set up e-mail for that drive. Haines Brown _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
