I hate responding again... I've set /usr/bin/dspam to 551, 6777, 6775, 755, 777, 2777, 1777, 4777, and a few others, and all with the same error. Then I tried 2510 which is what I was using on my old RHEL4 box. Same error as well.
On 1/27/2011 11:34 PM, Frantisek Hanzlik wrote: > news...@acrocat.com wrote: >> Hi Franz - >> >> /etc/mail was: >> drwxr-sr-x 9 smmta smmsp >> >> /etc/mail/smrsh/ >> drwsr-sr-x 2 root root >> >> I changed them to what you had below (755 root:root). Same error: >> >> Cannot exec /etc/mail/smrsh: Permission denied >> Jan 27 21:14:10 acrocatlabs sm-mta[11770]: p0QDZfKc004026: >> to="|/usr/bin/dspam --user global --class=spam --source=error", >> ctladdr=<s...@acrocat.com> (8/0), delay=1+07:38:26, xdelay=00:00:00, maile >> >> I'm really stumped on this one. If they are 755 root:root, how can root >> not have perms to do this? >> >> One thing I noticed: >> ls -la /etc/mail/smrsh >> drwsr-sr-x 2 root root 4096 2011-01-24 14:14 . >> lrwxrwxrwx 1 root root 14 2011-01-24 14:14 dspam -> /usr/bin/dspam >> lrwxrwxrwx 1 root root 26 2011-01-19 19:54 mail.local -> >> /usr/lib/sm.bin/mail.local >> lrwxrwxrwx 1 root root 17 2011-01-19 19:54 procmail -> >> /usr/bin/procmail >> >> ls -la /usr/bin/dspam >> -r-xr-s--- 1 root mail 258639 2011-01-26 15:25 /usr/bin/dspam >> ls -la /usr/bin/procmail >> -rwsr-sr-x 1 root mail 89176 2010-08-04 19:49 /usr/bin/procmail >> >> The actual binaries are root:mail and the links under ../smrsh are >> root:root... could that be the issue? >> >> Ed >> >> On 1/27/2011 10:04 PM, Frantisek Hanzlik wrote: >>> It looks fine... >>> But, maybe are bad permissions on "/etc/mail" and "/etc/mail/smrsh" >>> directories himself. You wrote in previous mail they are: >>> >>> ls -la /etc/mail/smrsh/ >>> drwxr-sr-x 2 root root 4096 2011-01-24 14:14 . >>> drwxr-sr-x 9 smmta smmsp 4096 2011-01-26 09:06 .. >>> >>> Here is suspicious SGID bit on both direstories. >>> Fedora has "smrsh" directory directly under /etc, with permissions: >>> ls -ld /etc/smrsh >>> drwxr-xr-x. 2 root root 4096 21. led 00.40 /etc/smrsh >>> >>> ls -ld /etc/mail >>> drwxr-xr-x. 2 root root 4096 25. led 11.42 /etc/mail >>> >>> I think there isn't any reason to have SGID bits set on both these >>> directories, on the contrary this may cause these problems when sendmail >>> does any security checks. >>> >>> Franta Hanzlik > Oh, I make mistake - when sendmail call LDA, it is done with recipient > credentials. Thus, /usr/bin/dspam should be world runnable. > > Franta Hanzlik > > ------------------------------------------------------------------------------ > Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! > Finally, a world-class log management solution at an even better price-free! > Download using promo code Free_Logger_4_Dev2Dev. Offer expires > February 28th, so secure your free ArcSight Logger TODAY! > http://p.sf.net/sfu/arcsight-sfd2d > _______________________________________________ > Dspam-user mailing list > Dspam-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspam-user > > !DSPAM:1,4d41f520173488869814400! > ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
