Thanks to all for the input. There were some very well worded responses,
that were easy to understand and follow. Les, you got any further questions?
I'm pretty well sated on this topic now, and pretty sure it won't be a
problem for me in the future thanks to the response.
Is there an archive for these threads? Complete with a search engine?
I think a lot of my sillier questions would be answered quickly if I
were able to look at old threads on this list. If not, we should really
think about setting one up.
At 09:06 AM 10/5/99 -0400, Fiamingo, Frank wrote:
>Joel,
>
>This is caused by the Gauntlet is running sendmail as uucp while retaining
>the
>older sendmail.cf. When the Solaris sendmail patch 105395-06 is installed
>the newer /usr/lib/sendmail
>(version 8.8.8) complains about two things:
> 1. not having a fully qualified hostname - either replace the
>/etc/mail/sendmail.cf file
> with a more appropriate one, or edit it and add the line
> Dj$w.$P
> after the "Ok to manually edit" line that puts
> Dj$w
> in the file.
> 2. sendmail now complains if root doesn't own the /etc/mail
>directory and the files
> it will use in that directory, e.g. sendmail.cf and aliases. - If
>you're using the newer
> sendmail.cf that came with the patch, try setting "O
>RunAsUser=uucp". Alternatively,
> you can give root ownership of /etc/mail and all it's files, remove
>the link between
> /usr/bin/newliases and /usr/lib/sendmail, and copy /usr/lib/sendmail
>to /usr/bin/newaliases,
> as a root owned, non-suid program, e.g.:
> rm /usr/bin/newaliases
> cp /usr/lib/sendmail /usr/bin/newaliases
> chmod 555 /usr/bin/newaliases
> chown root:bin /usr/bin/newaliases
> Now you can only run newaliases as root, but the Gauntlet
>administration program shouldn't complain.
>
> Frank
>
>> -----Original Message-----
>> From: W Joel Gridley [SMTP:[EMAIL PROTECTED]]
>> Sent: Tuesday, October 05, 1999 1:29 AM
>> To: Les Diefenbach; [EMAIL PROTECTED]
>> Subject: Re: Alias0 unsafe map file
>>
>> Yes, could someone please answer Mr. Diefenbach? He has
>> asked this question before, and I was dissappointed to see
>> that no one answered, as I am also having issues regarding this.
>>
>> At 10:11 AM 10/4/99 -0500, Les Diefenbach wrote:
>> >I'm running Gauntlet 5.0 on Solaris 2.6 and when I give the newaliases
>> command
>> >I get the following error:
>> >
>> ># newaliases
>> >WARNING: local host name (hades) is not qualified; fix $j in config file
>> >dbm map "Alias0": unsafe map file /etc/mail/aliases
>> >WARNING: cannot open alias database /etc/mail/aliases
>> >Cannot create database for alias file /etc/mail/aliases: No such device
>> >#
>> >
>> >I want to add an alias for firewalladmin in the alias file to send
>> >mail to my real email address. Right now, the messages are bouncing
>> because
>> >firewalladmin is a unknown user.
>> >
>> >Permissions are as follows:
>> >
>> >drwxr-xr-x 2 bin mail 512 Oct 4 09:04 .
>> >drwxr-xr-x 28 root sys 4096 Oct 4 09:06 ..
>> >-r--r--r-- 1 root root 94 Apr 14 08:32 .MAP
>> >-r--r--r-- 1 root other 94 Sep 23 10:01 .MAP.PRE5.0
>> >-rw-r--r-- 1 bin bin 153 Sep 22 10:51 Mail.rc
>> >-rw-r--r-- 1 uucp root 1013 Oct 4 09:21 aliases
>> >-rwxr-xr-x 1 uucp other 1201 Sep 23 10:01 aliases.PRE5.0
>> >-rwxr-xr-x 1 uucp root 0 Sep 22 11:03 aliases.dir
>> >-rw-r--r-- 1 uucp root 1011 Oct 4 08:57 aliases.old
>> >-rwxr-xr-x 1 uucp root 1024 Sep 22 11:03 aliases.pag
>> >-rw-r--r-- 1 bin bin 1829 Sep 22 10:37 mailx.rc
>> >-r--r--r-- 1 bin bin 11973 Sep 22 10:37 main.cf
>> >-rwxr-xr-x 1 root other 26865 Sep 22 11:29 main.cf.new
>> >-rw-r--r-- 1 root root 15285 Oct 4 09:26 sendmail.cf
>> >-r--r--r-- 1 root other 27176 Sep 23 10:01 sendmail.cf.PRE5.0
>> >-rw-r--r-- 1 root root 15285 Oct 4 08:57 sendmail.cf.old
>> >-rw-r--r-- 1 root bin 4911 Sep 21 03:37 sendmail.hf
>> >-rw-r--r-- 1 root root 32 Sep 22 11:43 sendmail.pid
>> >-r--r--r-- 1 bin bin 9197 Sep 22 10:37 subsidiary.cf
>> >-rwxr-xr-x 1 root other 27176 Sep 22 11:29 subsidiary.cf.new
>> >
>> >
>> >/usr/lib/sendmail permissions are as follows:
>> >
>> >
>> >-rwsr-xr-x 1 uucp bin 346984 Sep 21 03:37 /usr/lib/sendmail
>> >
>> >
>> >--
>> >Thanks Les
>> >==================================================================
>> >Computer Sciences Corporation
>> >[EMAIL PROTECTED]
>> >
>> >"As a matter of fact, I do have a plan - and it's so cunning,
>> >you could put a tail on it and call it a weasel."
>> >==================================================================
>> >
>> >-
>>
>>
>>
Joel Gridley, CCNA "Be the packet."
Network Security/Firewall Specialist
GTE Internetworking, "Powered by BBN."
Burlington, MA
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
