You are not logged in.
Pages: 1
Hi!
I ran to the same problem as some other Arch Linux users: in order to use qmail-scanner, I need to have perl-suid installed - or Perl compiled with SUID enabled to be exact. Now I would not like to compile Perl from scratch, as that means I won't be able to upgrade it using pacman -Syu later.
Many distributions seem to have a separate perl-suid package. I'm hoping someone would see the trouble of creating one for Arch Linux. I would do it myself if I only had the time to learn how, but my schedule is already 200% full so...
Any volunteers..?
- Jyri
Offline
Hi again!
I did some more googling, and it turns out that the whole perl-suid thing is probably going to go away, as it's proven out to be an endless source of security problem.
Good news is that I found a way to make qmail-scanner work without perl-suid. Actually the instructions can be found from qmail-scanner FAQ, but here's a quick-and-dirty version just in case somebody is looking for a solution from this forum.
What you have to do is compile and install a C setuid wrapper program, which handles the setuid part and launches qmail-scanner-queue.pl.
I'm assuming that:
- your qmail-scanner source code is located at /usr/local/src/qmail-scanner-x.xx
- /var/qmail/bin is your qmail binary directory
- /var/qmail/bin/qmail-scanner-queue.pl is already installed
Here's what you have to do:
1. cd /usr/local/src/qmail-scanner-x.xx/contrib
2. make
3. make install
4. chmod 0755 /var/qmail/bin/qmail-scanner-queue.pl
5. make sure your qmail-scanner-queue.pl begins with a line "#!/usr/bin/perl" instead of "#!/usr/bin/suidperl"
6. modify QMAILQUEUE variable so that it's set to "/var/qmail/bin/qmail-scanner-queue" instead of "/var/qmail/bin/qmail-scanner-queue.pl"
7. restart daemontools, inetd, xinetd - or whichever superdaemon you use to launch qmail
These steps worked at least for me.
- Jyri
Offline
Pages: 1