Gossamer Forum
Home : Products : Gossamer Mail : Discussion :

shared mode mbox & symlinks

Quote Reply
shared mode mbox & symlinks
Hi

I have set up GMail in shared mode mbox, and I am running incoming.pl as root. I tried making the symlink, but that wouldn't realy work: every time a new message is sent to /var/spool/mail/gmail the link is renamed to BOGUS.gmail and a new file /var/spool/mail/gmail is created. So my question is: are there any security issues with running incoming.pl as root?

Thanks.

Ivan
-----
Iyengar Yoga Resources / GT Plugins
Quote Reply
Re: [yogi] shared mode mbox & symlinks In reply to
Hi,

What mail server are you using?

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] shared mode mbox & symlinks In reply to
The mailserver is postfix, local delivery is done by procmail.

Ivan
-----
Iyengar Yoga Resources / GT Plugins
Quote Reply
Re: [yogi] shared mode mbox & symlinks In reply to
I don't know that much about Postfix, and a quick search on Google didn't turn up anything relevant. It seems Postfix doesn't allow you to symlink out a users mbox file. You may want to ask your ISP if there is an option to enable this.

If not, then look at what user owns the /var/spool/mbox directory and that's what user incoming.pl needs to run as.

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] shared mode mbox & symlinks In reply to
Thanks for the reply.

For the time being, I am my own ISP....

The /var/spool/mail directory is owned by root.root, and I am running incoming.pl as root at the moment.

Ivan
-----
Iyengar Yoga Resources / GT Plugins
Quote Reply
Re: [yogi] shared mode mbox & symlinks In reply to
What user owns '/var/spool/mail/gmail'. If it's not root, then you could modify incoming.pl and change where it renames the file to. You just need to make sure it renames it to something on the same partition.

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] shared mode mbox & symlinks In reply to
/var/spool/mail/gmail is owned by gmail.root

So I will try to run incoming.pl as gmail, and change line 352 (that's where I get the error at the moment), so that it renames the file to the gmail home directory.

Ivan
-----
Iyengar Yoga Resources / GT Plugins
Quote Reply
Re: [yogi] shared mode mbox & symlinks In reply to
Depends on your server setup. Do a `df`. You should only rename it to /home if it is in the same partition as /var/spool/mbox (as you can't rename across partitions). You may want to put it in /var/tmp as that is usually world writeable.

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] shared mode mbox & symlinks In reply to
Good point, /home and /var are different partitions, and /var/tmp is indeed world writeable, I'll just try this now.

Thanks.

Ivan
-----
Iyengar Yoga Resources / GT Plugins
Quote Reply
Re: [Alex] shared mode mbox & symlinks In reply to
This doesn't work, I still get a "permission denied, could not rename to /var/tmp/gmail.bak" when I run incoming.pl as the gmail user.

Ivan
-----
Iyengar Yoga Resources / GT Plugins
Quote Reply
Re: [yogi] shared mode mbox & symlinks In reply to
Oops, that's right. If a directory is owned by someone else and is 755, you aren't going to be able to remove a file in it. Hmm, it seems that unless you can configure Postfix to allow symlinks in the mbox, then you'll need to run it as root.

Cheers,

Alex
--
Gossamer Threads Inc.