Sorry for the delayed response - I read that: "centos does not allow apache
to use perl's setuid/setgid commands" from the main www root.

So I reinstalled as a virtual domain.  Unfortunately, it didn't fix the
problem.

 

Here's the log entries after adding a user with qmailadmin:

 

# tail emailrd_error_log

[Fri Jun 17 22:11:28 2011] [error] [client 71.83.80.18] cp: , referer:
http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112&

[Fri Jun 17 22:11:28 2011] [error] [client 71.83.80.18] accessing `setuid',
referer:
http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112&

[Fri Jun 17 22:11:28 2011] [error] [client 71.83.80.18] : Permission denied,
referer:
http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112&

[Fri Jun 17 22:11:28 2011] [error] [client 71.83.80.18] , referer:
http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112&

[Fri Jun 17 22:11:28 2011] [error] [client 71.83.80.18] cp: accessing
`setuid': Permission denied, referer:
http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112&

[Fri Jun 17 22:11:28 2011] [error] [client 71.83.80.18] cp: accessing
`setuid': Permission denied, referer:
http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112&

 

 

# tail emailrd_access_log

71.83.80.18 - - [17/Jun/2011:22:10:45 +0000] "GET
/cgi-bin/qmailadmin/com/adduser?user=postmaster&dom=emailrd.com&time=1308343
112& HTTP/1.1" 200 1089

71.83.80.18 - - [17/Jun/2011:22:11:08 +0000] "POST
/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom=emailrd.com&time=1308
343112& HTTP/1.1" 200 1103

71.83.80.18 - - [17/Jun/2011:22:11:28 +0000] "POST
/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom=emailrd.com&time=1308
343112& HTTP/1.1" 200 1659

71.83.80.18 - - [17/Jun/2011:22:11:28 +0000] "GET /images/modify.png
HTTP/1.1" 200 703

71.83.80.18 - - [17/Jun/2011:22:11:28 +0000] "GET /images/trash.png
HTTP/1.1" 200 1225

71.83.80.18 - - [17/Jun/2011:22:11:28 +0000] "GET /images/radio-off.png
HTTP/1.1" 200 1218

 

# tail emailrd_referer_log

http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112& -> /cgi-bin/qmailadmin/com/adduser

http://ms1.emailrd.com/cgi-bin/qmailadmin/com/adduser?user=postmaster&dom=em
ailrd.com&time=1308343112& -> /cgi-bin/qmailadmin/com/addusernow

http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112& -> /cgi-bin/qmailadmin/com/addusernow

http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112& -> /images/modify.png

http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112& -> /images/trash.png

http://ms1.emailrd.com/cgi-bin/qmailadmin/com/addusernow?user=postmaster&dom
=emailrd.com&time=1308343112& -> /images/radio-off.png

 

 

 

One more thing: I added this line to the onchange script:

echo $1 > /tmp/onchange.txt

Here's the result after adding a user with qmailadmin: 

-rw------- 1 apache   apache    9 Jun 17 22:11 onchange.txt

 

Vadduser creates the file with root.root ownership.

 

And before anyone asks:

-r-s--x--- 1 root apache 14264 May  4 10:54 /usr/sbin/suexec

 

Thanks

Mark

 

From: Salman Riaz [mailto:salmanriaz...@hotmail.com] 
Sent: Tuesday, June 14, 2011 9:15 PM
To: vchkpw@inter7.com
Subject: RE: [vchkpw] vQregister not same as vadduser

 

Can you please share the apache, audit and messages logs...

Regards,
Salman...





  _____  

From: m...@denntech.net
To: vchkpw@inter7.com
Date: Tue, 14 Jun 2011 08:51:22 -0700
Subject: RE: [vchkpw] vQregister not same as vadduser

It certainly sounds like a selinux issue, but all this testing has been done
with it disabled:

/etc/selinux/config: SELINUX=disabled

/selinux/enforce: 0

 

Mark

 

From: Salman Riaz [mailto:salmanriaz...@hotmail.com] 
Sent: Monday, June 13, 2011 9:43 PM
To: vchkpw@inter7.com
Subject: RE: [vchkpw] vQregister not same as vadduser

 

Kindly disable the selinux.... I think it will resolve the problem... I also
get the same error with vqadmin....

Kindly check it through /etc/selinux or using setup command. You can also
disable via the following command...

echo 0 >/selinux/enforce

Hope your problem will be solved after this....

Regards,
Salman...






 



!DSPAM:4dfbdd6232711288044243!

Reply via email to