below
>From: Bill Shupp [mailto:[EMAIL PROTECTED]]
>on 8/20/01 7:50 PM, Dave VanAuken at [EMAIL PROTECTED] spake:
>
>> just had a nasty problem, from what I can tell here is the chain of events.
>>
>> - virtual user creates pop account POPUSER
>> - virtual user then creates maillist POPUSER using [EMAIL PROTECTED] as the
>> owner
>> - POPUSER maillist files are put in ~/vpopmail/domains/virtual.com/POPUSER
>> directory
>> - virtual user deletes pop account POPUSER effectively taking the directory
>> with
>> him
>> - links for the POPUSER mail list still exist pointing into limbo
>> - qmail admin having all sorts of panic attacks for virtual.com domain
>> (understandably)
>>
>> should there not be some sort of check and balance against this... as the
>> sysadmin with wheel access it wasn't too difficult to determine what the
>> problem
>> was, but from a user perspective, it seems too easy to delete out of
>order and
>> cripple the domain.
>>
>> comments?
>
>I'm not sure what versions you are running, but vadduser (called) lowers the
>case for usernames. Also, the mailing list directory is made upper case.
>This in itself should prevent the scenario described above.
sorry, caps was for seperation in viewing only and not indicative of the actual
name
vpopmail version 4.9.8 and both the user directory and the mailing list files
(.qmail-user... files) are in lower case.
>Incidentally, I've added a check (in qmailadmin) for the presence of the pop
>user in check_local_user(). Before it only checked for
><domaindir>/.qmail-<user> and <domaindir>/<user>/ when testing if a local
>user existed. I've added it to my 0.76ac version.
again, i can only surmise what the user did from logs and his comments. I
suspect that (given that this system has the lists as lower case) that he
created the pop user, then created the list within that pop user (all the
symlinks were pointing to the non existant user directory), then deleted the pop
account (and the directory for the now orphaned list as well).
am completing some other patches on a test server prior to upgrading some
production servers... will try and recreate myself to get a better idea of what
may have happened.
Dave
