Rt/qmail problems

Hi guys,

I have a problem with qmail delivering to the rt-mailgate program.
I’ve searched the web and can’t find anything relating to this.

This is the log entry I get. “Can’t_do_setuid”. I figured it was permissions on the rt-mailgate program, and the qmail-queue not having access to it.

@400000003e4cc6852add906c new msg 98740
@400000003e4cc6852adfb734 info msg 98740: bytes 1927 from kieran.barnes@stuartlawrence.com qp 26736 uid 506
@400000003e4cc6852fa5e234 starting delivery 231: msg 98740 to local rt@support.stuartlawrence.com
@400000003e4cc6852fa63054 status: local 1/10 remote 0/20
@400000003e4cc68535a8d2f4 delivery 231: deferral: Can’t_do_setuid/
@400000003e4cc68535a924fc status: local 0/10 remote 0/20

My .qmail file reads
| preline /opt/rt2/bin/rt-mailgate --queue general --action correspond

So I tried doing a setuidgid to various users, root, rt and some others, but I still get an error
“setuidgid:_fatal:_unable_to_setgid:_permission_denied/”

@400000003e4cc65c12cc7a24 new msg 98739
@400000003e4cc65c12cebc44 info msg 98739: bytes 1927 from kieran.barnes@stuartlawrence.com qp 26730 uid 506
@400000003e4cc65c18018bc4 starting delivery 230: msg 98739 to local rt@support.stuartlawrence.com
@400000003e4cc65c1801d9e4 status: local 1/10 remote 0/20
@400000003e4cc65c18a68df4 delivery 230: deferral: setuidgid:_fatal:_unable_to_setgid:_permission_denied/
@400000003e4cc65c18a6c4a4 status: local 0/10 remote 0/20

My qmail file was
| setuidgid root preline /opt/rt2/bin/rt-mailgate --queue general --action correspond

Is this something to do with the permissions on the rt-mailgate?
Any ideas on this?

(Apologies for the auto-disclaimer)!
Kieran Barnes
IT Services
Stuart Lawrence Group
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient please contact the sender immediately. Any disclosure, copying, distribution or any other use of this communication is strictly prohibitedand may be unlawful. Stuart Lawrence Marketing Communications Limited reserves the right to monitor and intercept communications for unlawful business purposes.

This also confirms that this message has been swept for viruses, although Stuart Lawrence Marketing Communications Limited accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or contents.

• Kieran Barnes kieran.barnes@stuartlawrence.com [20030214 13:39]: wrote:

Hi guys,

I have a problem with qmail delivering to the rt-mailgate program.
I’ve searched the web and can’t find anything relating to this.

This is the log entry I get. “Can’t_do_setuid”. I figured it was permissions on the rt-mailgate program, and the qmail-queue not having access to it.

@400000003e4cc65c12cc7a24 new msg 98739
@400000003e4cc65c12cebc44 info msg 98739: bytes 1927 from kieran.barnes@stuartlawrence.com qp 26730 uid 506
@400000003e4cc65c18018bc4 starting delivery 230: msg 98739 to local rt@support.stuartlawrence.com
@400000003e4cc65c1801d9e4 status: local 1/10 remote 0/20
@400000003e4cc65c18a68df4 delivery 230: deferral: setuidgid:_fatal:_unable_to_setgid:_permission_denied/
@400000003e4cc65c18a6c4a4 status: local 0/10 remote 0/20

My qmail file was
| setuidgid root preline /opt/rt2/bin/rt-mailgate --queue general --action correspond

Is this something to do with the permissions on the rt-mailgate?
Any ideas on this?

rt-mailgate for rt2 is setgid (chmod g+s rt-mailgate if it is not).
The other important thing would be to verify that you have suidperl and
that it is also setgid:

beastie# cd /opt/rt2/bin/
beastie# ls -al
total 85
drwxr-xr-x 2 root rt 512 Oct 5 13:26 .
drwxr-xr-x 10 root wheel 512 Jan 14 18:52 …
-rwxr-xr-x 1 root rt 2395 Sep 21 10:39 escalator
-rwxr-sr-x 1 root rt 5545 Oct 5 13:26 mason_handler.fcgi
-rwxr-sr-x 1 root rt 4633 Oct 5 13:26 mason_handler.scgi
-rwxr-sr-x 1 root rt 31395 Nov 18 14:09 rt
-rwxr-sr-x 1 root rt 9122 Oct 5 13:26 rt-mailgate
-rwxr-sr-x 1 root rt 23823 Oct 5 13:26 rtadmin
-rwxr-xr-x 1 root rt 4736 Oct 5 13:26 webmux.pl

    cheers
   - wash 

Odhiambo Washington, wash@wananchi.com . WANANCHI ONLINE LTD (Nairobi, KE) |
http://ns2.wananchi.com/~wash/ . 1ere Etage, Loita Hse, Loita St., |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
“Oh My God! They killed init! You Bastards!”
–from a /. post

Hi,

Thanks for your response.
I’ve checked all my permissions again, they seem to fine,

drwxr-xr-x 2 root rt 4096 Feb 12 15:04 .
drwxr-xr-x 9 httpd rt 4096 Feb 11 11:58 …
-rwxr-sr-x 1 root rt 5545 Feb 12 15:04 mason_handler.fcgi
-rwxr-sr-x 1 root rt 4633 Feb 12 15:04 mason_handler.scgi
-rwxr-sr-x 1 root rt 31392 Feb 12 15:04 rt
-rwxr-sr-x 1 root rt 23823 Feb 12 15:04 rtadmin
-rwxr-sr-x 1 root rt 9122 Feb 12 15:04 rt-mailgate
-rwxr-xr-x 1 root rt 4736 Feb 12 15:04 webmux.pl

One thing I have noticed, is that suidperl isn’t available.
I am running Redhat 8 which ships with perl 5.8.0, from doing some research on the web, suidperl is deprecated in this release.
Is suidperl a requirement for rt2/qmail to work?From: Odhiambo Washington [mailto:wash@wananchi.biz]
Sent: 14 February 2003 16:05
To: Kieran Barnes
Cc: rt-users@lists.fsck.com
Subject: Re: [rt-users] rt/qmail problems

• Kieran Barnes kieran.barnes@stuartlawrence.com [20030214 13:39]: wrote:

Hi guys,

I have a problem with qmail delivering to the rt-mailgate program.
I’ve searched the web and can’t find anything relating to this.

This is the log entry I get. “Can’t_do_setuid”. I figured it was permissions on the rt-mailgate program, and the qmail-queue not having access to it.

@400000003e4cc65c12cc7a24 new msg 98739
@400000003e4cc65c12cebc44 info msg 98739: bytes 1927 from kieran.barnes@stuartlawrence.com qp 26730 uid 506
@400000003e4cc65c18018bc4 starting delivery 230: msg 98739 to local rt@support.stuartlawrence.com
@400000003e4cc65c1801d9e4 status: local 1/10 remote 0/20
@400000003e4cc65c18a68df4 delivery 230: deferral: setuidgid:_fatal:_unable_to_setgid:_permission_denied/
@400000003e4cc65c18a6c4a4 status: local 0/10 remote 0/20

My qmail file was
| setuidgid root preline /opt/rt2/bin/rt-mailgate --queue general --action correspond

Is this something to do with the permissions on the rt-mailgate?
Any ideas on this?

rt-mailgate for rt2 is setgid (chmod g+s rt-mailgate if it is not).
The other important thing would be to verify that you have suidperl and
that it is also setgid:

beastie# cd /opt/rt2/bin/
beastie# ls -al
total 85
drwxr-xr-x 2 root rt 512 Oct 5 13:26 .
drwxr-xr-x 10 root wheel 512 Jan 14 18:52 …
-rwxr-xr-x 1 root rt 2395 Sep 21 10:39 escalator
-rwxr-sr-x 1 root rt 5545 Oct 5 13:26 mason_handler.fcgi
-rwxr-sr-x 1 root rt 4633 Oct 5 13:26 mason_handler.scgi
-rwxr-sr-x 1 root rt 31395 Nov 18 14:09 rt
-rwxr-sr-x 1 root rt 9122 Oct 5 13:26 rt-mailgate
-rwxr-sr-x 1 root rt 23823 Oct 5 13:26 rtadmin
-rwxr-xr-x 1 root rt 4736 Oct 5 13:26 webmux.pl

    cheers
   - wash 

Odhiambo Washington, wash@wananchi.com . WANANCHI ONLINE LTD (Nairobi, KE) |
http://ns2.wananchi.com/~wash/ . 1ere Etage, Loita Hse, Loita St., |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
“Oh My God! They killed init! You Bastards!”
–from a /. post
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient please contact the sender immediately. Any disclosure, copying, distribution or any other use of this communication is strictly prohibitedand may be unlawful. Stuart Lawrence Marketing Communications Limited reserves the right to monitor and intercept communications for unlawful business purposes.

This also confirms that this message has been swept for viruses, although Stuart Lawrence Marketing Communications Limited accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or contents.