FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum » How To » /etc/smrsh and maillist.php
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
/etc/smrsh and maillist.php [message #19543] Tue, 03 August 2004 07:55 Go to next message
newnumbertwo is currently offline  newnumbertwo   United States
Messages: 38
Registered: June 2004
Karma: 0
Member
i was wondering if anyone had had success piping messages into maillist.php via the sendmail restricted shell (/etc/smrsh).

i'm using fudforum 2.6.4, php 4.3.7 and sendmail 8.12.11 with a fedora core2 OS. i'm using mailman 2.1.5 for my mailing list manager, and attempting to integrate a forum with a mailing list using the maillist.php script.

the maillist.php script works great when i pipe messages into it manually. my web server is running using the same uid/gid that owns all the fudforum files. when i run the maillist.php script as this uid, i have no problems importing messages into the forums and have done this for over 40,000 messages in our archives.

my problems arise when i attempt to pipe incoming emails through the maillist.php script. at first, i followed smrsh tradition and added a symbolic link to the maillist.php script in /etc/smrsh. additionally, i set the maillist.php to be suid/sgid so the incoming email process wouldn't clobber the permissions on message_1, something that in previous testing with another smtp server caused me problems.

the user account running the web server and owning the FUDforum files is the email account i'm using to pipe the messages into maillist.php with. i don't have any problems running other programs suid/sgid in /etc/smrsh, but whenever i attempt to import a message using maillist.php, i'll get a '255 unknown mailer error' in my maillog.

i'm about to give up on trying to pipe messages directly into the forum from a .forward file and use a cron job to pick them up instead, but i wanted to ask on here first to see if anyone has gotten this mechanism to work.
Re: /etc/smrsh and maillist.php [message #19551 is a reply to message #19543] Wed, 04 August 2004 15:43 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
You probably need to unlock the forum to ensure that the use who the script is running has permission to access forum's files.

FUDforum Core Developer
Re: /etc/smrsh and maillist.php [message #19583 is a reply to message #19551] Fri, 06 August 2004 20:48 Go to previous messageGo to next message
newnumbertwo is currently offline  newnumbertwo   United States
Messages: 38
Registered: June 2004
Karma: 0
Member
You probably need to unlock the forum to ensure that the use who the script is running has permission to access forum's files.

I suppose this was the purpose of using suid/sgid on the scripts; they're owned by the uid/gid who owns the rest of the site's files; apache runs with this same uid/gid as well.

Irregardless, I did go the admin panel and chose the lock/unlock forum files. That page told me that:

The forum's files appear to be: UNLOCKED.

I went ahead anyway to try and lock them and generated hundreds of these errors:

Warning: opendir(/websites/blah.com/htdocs/forums/./././././././. ...
in /websites/blah.com/htdocs/forums/adm/admlock.php on line 20
ERROR: Unable to open "/websites/blah.com/htdocs/forums/././. ...
directory


Dunno if these problems are related or not...

[Updated on: Fri, 06 August 2004 20:49]

Report message to a moderator

Re: /etc/smrsh and maillist.php [message #19584 is a reply to message #19583] Sat, 07 August 2004 18:49 Go to previous messageGo to next message
newnumbertwo is currently offline  newnumbertwo   United States
Messages: 38
Registered: June 2004
Karma: 0
Member
I'll also note "unlocking the forum" not only changed the permissions on every FUDforum file the web server uid had access to, it also recursed into the httpd and htdocs directory, and changed all the permissions there as well. It is likely it would have continued to recurse and change permissions on everything that was writable by that uid/gid had i not stopped it before it managed to recurse out of the main directory where my fudforum, httpd and htdocs live.

This is very bad behavior. You should immediately disable that "feature" until you can keep it from changing non-FUDforum files. As our web server runs more applications than just FUDforum, and is dependent upon a somewhat delicate permissions structure, following the instructions here basically screwed a large portion of our web site. The lock/unlock feature is broken in a very big way.

Re: /etc/smrsh and maillist.php [message #19596 is a reply to message #19584] Mon, 09 August 2004 11:01 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
The permission modifier has been adjusted, although based on the path you gave me it seems like you have come across a bug Fedora Core.

FUDforum Core Developer
Re: /etc/smrsh and maillist.php [message #19613 is a reply to message #19596] Tue, 10 August 2004 04:11 Go to previous messageGo to next message
newnumbertwo is currently offline  newnumbertwo   United States
Messages: 38
Registered: June 2004
Karma: 0
Member
Thanks for your attention to this. We were able to recover and get all the permissions re-set to what they were before the forum unlock/lock.

In what was the permission modifier adjusted?

Re: /etc/smrsh and maillist.php [message #19616 is a reply to message #19613] Tue, 10 August 2004 13:08 Go to previous message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
Well, I made sure that things like symlinks won't allow the permission change to exit outside of forum directories. I also added a work-around of a bug in fedora cora.

FUDforum Core Developer
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: new themes
Next Topic: Import Datadump
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Dec 04 09:06:24 GMT 2024

Total time taken to generate the page: 0.02159 seconds