On Thursday, June 7 at 04:06 AM, quoth Michael Pheasant:
I maintain a Dive club website on a hosted server and need to
maintain a mailing list.
The server runs sendmail and accepts smtp mail to our domain.
Incoming mail can be piped through unix commands, eg.
|/path/to/qmail-inject
Wow. So subversive.
I don't suppose you have an actual reason for wanting qmail, other
than inherent geek points?
I should point out that sendmail will deliver malformed messages; if
possible, you probably want to use new-inject instead.
Also we only have a single unix userid and group 'unidive'.
I mean, by using a single group, you're foregoing most of qmail's
security architecture.
I would like to use qmail for the mailing list - easy with a single file
eg. '.qmail-members' listing our member emails.
All mail will be remote deliveries.
... I think you can achieve the same with the .forward file in
sendmail.
Now I want to deliver the mail:
- When I try and run qmail-start, the process just silently exits.
So, qmail-start does several things right away:
1. chdir to /
2. runs setgroups() (requires CAP_SETGID capability)
3. runs setgid() (requires CAP_SETGID capability)
4. copies a bunch of file descriptors (requires free file descriptors)
5. runs setuid() (requires CAP_SETUID)
Then it does a bunch more things that should all work. Any one of
those things failing can kill it.
- When I try and run qmail-send, the process just stops (but doesnt exit).
It's probably waiting for qmail-lspawn and qmail-rspawn to read from
their appropriate file descriptors. There's a reason you're supposed
to use qmail-start rather than running qmail-send directly.
Any advice on how I can run a 'send-only' qmail without root would be
appreciated.
If you don't have permissions to run setgid/setgroups/setuid, then you
may be kinda screwed. You may be able to hack qmail to remove that
kind of stuff from qmail-start and friends...
~Kyle
--
In all matters of opinion, our adversaries are insane.
-- Oscar Wilde
pgpvyLYMpxroA.pgp
Description: PGP signature
|