Re: [vchkpw] qmail+vpopmail+chkuser problems

[tonix (Antonio Nati)]

At 23.45 09/09/2005, you wrote:

Greetings,

 I'm currently working on moving my mail server to another box.  I have
copied the database, rcpt files, /home/vpopmail/domains over. with the
new qmail setup I have decided to use chkuser 2.0.  I'm not recieving any
errors adding domains, adding users, or using vuserinfo. qmail starts
without any errors however; upon recieving test emails (telent localhost
25) it says that the domains I have added don't exist.  I'm using default
chkuser_settings.h file except that I enabled debuging and debug stderr.

Heres my run command. I am using my mysql patch for tcpserver so you wont
see the /home/vpopmail/etc/tcp.smtp file.  This works PERFECTLY without
chkuser. Before -u was 92 and -g was 91. its not set to vpopmail


As chkuser reads qmail/vpopmail control files, if it runs as non 
privileged user it will never be able to read any control file.


You must be sure the running UID/GID may read files.

If you log as root and run ./qmail-smtpd directly, you can enter the 
same commands as you did telnetting, but chkuser will act as root and 
will read everything. If it works, it means you must use appropriated UID/GID.


If you have multiple users, then you must use root as uid (using uid 
switching for additional security if you are not using TLS).


Tonino


#!/bin/sh
export QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl
exec /usr/local/bin/tcpserver -p -R -S -u98 -g98 -v -c100 0 smtp
/usr/local/bin/rblsmtpd -r relays.ordb.org /var/qmail/bin/qmail-smtpd 2
/var/log/smtpd-debug.log

-r-sr-sr-x  1 qmaild nofiles 95620 Sep  9 18:05 /var/qmail/bin/qmail-smtpd

Re: [vchkpw] qmail+vpopmail+chkuser problems

[doug-vpop]

Ok I did run the test like you said, I loged in as root stoped qmail and
ran /var/qmail/bin/qmail-smtpd manually

and I still get the error

511 sorry, you must specify a domain (#5.1.1 - chkuser).

Per my previous conversation I did compile UID and GID switching, an below
you can see I changed the bit so that it can do this, however; even as
root it still doesn't work and I think I'm going to be forced to remove
the patch and just go about business like usual.  Thanks for all the help
tho.

-doug

 At 23.45 09/09/2005, you wrote:
Greetings,

  I'm currently working on moving my mail server to another box.  I have
copied the database, rcpt files, /home/vpopmail/domains over. with the
new qmail setup I have decided to use chkuser 2.0.  I'm not recieving any
errors adding domains, adding users, or using vuserinfo. qmail starts
without any errors however; upon recieving test emails (telent localhost
25) it says that the domains I have added don't exist.  I'm using default
chkuser_settings.h file except that I enabled debuging and debug stderr.

Heres my run command. I am using my mysql patch for tcpserver so you wont
see the /home/vpopmail/etc/tcp.smtp file.  This works PERFECTLY without
chkuser. Before -u was 92 and -g was 91. its not set to vpopmail

 As chkuser reads qmail/vpopmail control files, if it runs as non
 privileged user it will never be able to read any control file.

 You must be sure the running UID/GID may read files.

 If you log as root and run ./qmail-smtpd directly, you can enter the
 same commands as you did telnetting, but chkuser will act as root and
 will read everything. If it works, it means you must use appropriated
 UID/GID.

 If you have multiple users, then you must use root as uid (using uid
 switching for additional security if you are not using TLS).

 Tonino

#!/bin/sh
export QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl
exec /usr/local/bin/tcpserver -p -R -S -u98 -g98 -v -c100 0 smtp
/usr/local/bin/rblsmtpd -r relays.ordb.org /var/qmail/bin/qmail-smtpd 2
/var/log/smtpd-debug.log

-r-sr-sr-x  1 qmaild nofiles 95620 Sep  9 18:05
 /var/qmail/bin/qmail-smtpd