BTW, you don't need to send directly to me if you also send to the list...

On Thursday, September 25, 2003, at 06:01 AM, Frank wrote:
I chmodded /vpopmail.mysql to 644, which got passed the Permission
denied error.
   # chmod 644 vpopmail.mysql

This is a bad idea. Now, anyone one your system can read the mysql username and password and gain access to your entire vpopmail database. It should be owned correctly, and the programs that need to access it should be running as the correct username.

Please look at a previous message I sent you about making sure qmail-smtpd is running as the vpopmail user.

After checking that it got past the error, I noticed that the permissions
were set to root on the ~/etc directory. (Root seems to be the default
after installation ~ bug??)

# pwd
# ls -l
total 6
drwxr-xr-x  2 root  vchkpw  512 Sep 10 11:39 bin
drwxr-xr-x  4 root  vchkpw  512 Sep  7 10:10 doc
drwx------  4 vpopmail  vchkpw  512 Sep 25 06:17 domains
drwxr-xr-x  2 root  vchkpw  512 Sep  7 10:11 etc
drwxr-xr-x  2 root  vchkpw  512 Sep 10 11:39 include
drwxr-xr-x  2 root  vchkpw  512 Sep 10 11:39 lib

This might be a problem for updating the tcp.smtp file, but not for reading the vpopmail.mysql file.

It is the result of a bug, and it's been fixed in the CVS repository for fresh installs, but users will have to manually fix the permissions on their existing installs.

Here are the proper permissions:

chown vpopmail.vchkpw ~vpopmail/bin ~vpopmail/doc ~vpopmail/etc ~vpopmail/include
chmod 0755 ~vpopmail/bin ~vpopmail/doc ~vpopmail/etc ~vpopmail/include

The etc directory is probably the only one that matters because of the tcp.smtp file and its locks. I'm open to input from others on who should own bin, doc, include and lib. Perhaps root should be the only user with write access to those directories, and everyone else should have read access...

Tom Collins
QmailAdmin:  Vpopmail:
Info on the Sniffter hand-held Network Tester:

Reply via email to