procmail as local MDA in cronjob - suid or not?

awagner · 2011-07-18 10:31:48

Hi board,

I am using (and maintaining) the logcheck package on AUR (http://aur.archlinux.org/packages.php?ID=8426). This periodically greps various logfiles for suspicious messages and, if it finds some, sends them (with mime-construct (http://aur.archlinux.org/packages.php?ID=34903)) to admin. Recently I am getting "insufficient privileges" errors from procmail in the process. I think - but I don't fully understand the code of the programs involved - that mime-constructs is trying to use procmail (or my esmtp's sendmail?) but procmail is run without the necessary privileges to deliver mail to admin's mailbox. (Or with insufficient privileges to pick up some temporary file?)

Now, on procmail's manpage it says that using procmail as an MDA requires procmail's suid bit set, which is not the case in our distribution. I was not able to find out if this has changed recently or has always been the case. (A possibly relevant bugreport (https://bugs.archlinux.org/task/14410) with 'works for me' status.) If I chmod u+s procmail, then the whole thing works. Now the question is: Is this at the core a general issue, calling for a bugreport in procmail, or is it a special case, and if so, should I perhaps be using another method of getting it to work?

Thanks for any comment.
Andreas

Arch Linux

#1 2011-07-18 10:31:48

procmail as local MDA in cronjob - suid or not?

Board footer