I've set up a script which will be kicked off when a mail arrives for a user on
the system. This goes via sendmail and procmail. The script is run by the user
in a privileged shell, but I'm getting a different permissions result if the
script is run from the commandline or via procmail.
If the script is run manually as the user testuser, a directory is created with
permissions:
[EMAIL PROTECTED] ~ $ rundir/create.sh
[EMAIL PROTECTED] ~ $ ls -lad /opt/newbase[/b]
[i]drwxr-xr-x 2 root root 512 May 10 13:57 newbase[/i]
If the script is run via the mail kickoff, I get the permissions:
[i]drwx------ 2 root root 512 May 10 12:54 newbase
[/i]
To break it down, its like this:
mail -> sendmail -> procmail -> create.sh -> mkdir -p /opt/newbase
[b]# cat /etc/release[/b]
[i] Solaris 10 11/06 s10s_u3wos_10 SPARC
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 14 November 2006[/i]
[b]# cat ~testuser/.forward[/b]
[i]|/opt/sfw/bin/procmail[/i]
[b]# cat ~testuser/.procmailrc[/b]
[i]PATH=/bin:/usr/bin:/opt/sfw/bin
MAILDIR=$HOME #you'd better make sure it exists
DEFAULT=$MAILDIR/mbox #completely optional
LOGFILE=$MAILDIR/from #recommended
:0:
* ^From.*fatted.*
|/export/home/ipdutest/rundir/create.sh[/i]
[b]# cat ~testuser/rundir/create.sh[/b]
[i]#!/usr/bin/pfsh
mkdir -p /opt/newbase[/i]
[b]# cat /etc/user_attr[/b]
[i]testuser::::defaultpriv=basic,file_dac_write;profiles=Primary
Administrator;type=normal
(so the user should get full Admin/root privileges)[/i]
I thought it might have something to do with sendmails smrsh, but if I run that
(added create.sh to /var/sadm/sm.bin):
[EMAIL PROTECTED] ~ $ /usr/lib/smrsh -c rundir/create.sh[/b]
I get the same permissions as a manual run:
[i]drwxr-xr-x 2 root root 512 May 10 13:58 newbase[/i]
Any idea's on why this permission difference is happening?
This message posted from opensolaris.org
_______________________________________________
opensolaris-discuss mailing list
[email protected]
