RT - Critical problem with mailgate

Hello everyone,

I’ve been happily using RT for some time but now I have a problem that has
caught me off-guard. The first thing I am suspecting is an update that I
did to my FreeBSD 4.5-STABLE yesterday. I get the error below when I send
mail to RT:

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

pipe to |/opt/rt2/bin/rt-mailgate --queue cs --action correspond
generated by cs@wananchi.com
Child process of address_pipe transport returned 255 (could mean shell command ended by signal 127 (unrecognized signal number)) from command:
/opt/rt2/bin/rt-mailgate

The following text was generated during the delivery attempt:

------ pipe to |/opt/rt2/bin/rt-mailgate --queue cs --action correspond
generated by cs@wananchi.com ------

Can’t do setuid

It’s important to point out that I have made no changes at all to config.pm

Thanks

-Wash

S y s t e m s A d m i n i s t r a t o r

Odhiambo Washington Wananchi Online Ltd
E: WASH@wananchi.com www.wananchi.com
P: (254)2 313 985-9 1st Floor Loita Hse
F: (254)2 313 922 Loita St., NAIROBI
It is not enough to succeed. Others must fail.
– Gore Vidal

----- End forwarded message -----

    cheers
   - wash 

Odhiambo Washington, wash@wananchi.com . WANANCHI ONLINE LTD (Nairobi, KE)
http://ns2.wananchi.com/~wash/ . 1ere Etage, Loita Hse, Loita St.,
GSM: (254) 722 743 223 . # 10286, 00100 NAIROBI
"Oh My God! They killed init! You Bastards!"
–from a /. post

Hello everyone,

I’ve been happily using RT for some time but now I have a problem that has
caught me off-guard. The first thing I am suspecting is an update that I
did to my FreeBSD 4.5-STABLE yesterday. I get the error below when I send
mail to RT:

chmod u+s which suidperl

Should do the trick.

FreeBSD suidperl doesn’t have the +s bit set by default - and you probably
just installed a new version of it :slight_smile:

- Justin

Justin Hawkins
Internode Professional Access

I had a similar problem with SuSE 7.0 …

The main thing to do is in the FAQ :

http://fsck.com/rtfm/article.html?id=5#61

Another thing is that SuSE keeps a list of SUID-programs
(I had to change the /etc/permissions.easy to correct it)

I don’t know FreeBSD, but perhaps it is something similar …

Frederic Gobin

Odhiambo Washington wrote:

Hello everyone,

I’ve been happily using RT for some time but now I have a problem that has
caught me off-guard. The first thing I am suspecting is an update that I
did to my FreeBSD 4.5-STABLE yesterday. I get the error below when I send
mail to RT:

chmod u+s which suidperl

Should do the trick.

FreeBSD suidperl doesn’t have the +s bit set by default - and you probably
just installed a new version of it :slight_smile:

And don’t forget to :

echo “ENABLE_SUIDPERL= true” >> /etc/make.conf

so you don’t get burned again. :wink:

Greg White

Hello everyone,

I’ve been happily using RT for some time but now I have a problem that has
caught me off-guard. The first thing I am suspecting is an update that I
did to my FreeBSD 4.5-STABLE yesterday. I get the error below when I send
mail to RT:

chmod u+s which suidperl

Should do the trick.

FreeBSD suidperl doesn’t have the +s bit set by default - and you probably
just installed a new version of it :slight_smile:

I remember I did this even the first time I installed RT. That’s why I was
suspecting the update. Thank you for the quick response.

-Wash

Odhiambo Washington wash@wananchi.com "The box said 'Requires
Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,'
Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD."
GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :slight_smile:

Don’t suspect your friends – turn them in!
– “Brazil”

“OW” == Odhiambo Washington wash@wananchi.com writes:

FreeBSD suidperl doesn’t have the +s bit set by default - and you probably
just installed a new version of it :slight_smile:

OW> I remember I did this even the first time I installed RT. That’s why I was
OW> suspecting the update. Thank you for the quick response.

Then add this line to your /etc/make.cof file, so you don’t have to
remember next time you upgrade your FreeBSD from sources:

ENABLE_SUIDPERL= true

Vivek Khera, Ph.D. Khera Communications, Inc.
Internet: khera@kciLink.com Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/