From: Alexander Marx <alexander.marx@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] BUG12403: Change group permission of dma.conf
Date: Wed, 13 May 2020 06:57:41 +0200 [thread overview]
Message-ID: <20200513045741.21469-1-alexander.marx@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 1097 bytes --]
Because other services that run as other users than nobody should be
able to send mails, this patch changes the permissions
from
nobody.root
to
nobody.mail
When another user wants to send mails via DMA, the user has to be put into the group "mail".
FIXES: #12403
Arne: Please take care of update script, so these changes affect normal update procedure.
---
lfs/dma | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lfs/dma b/lfs/dma
index 6b5d9bfbf..7f0c2cc0e 100644
--- a/lfs/dma
+++ b/lfs/dma
@@ -79,8 +79,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && make install mailq-link install-spool-dirs install-etc
install -v -m 755 $(DIR_SRC)/config/dma/dma-cleanup-spool /usr/sbin
chown -R nobody.nobody /var/ipfire/dma
- chown nobody.root /var/ipfire/dma/auth.conf
- chmod 644 /var/ipfire/dma/auth.conf
+ chown nobody.mail /var/ipfire/dma/auth.conf
ln -svf dma /usr/sbin/sendmail.dma
/usr/sbin/alternatives --install /usr/sbin/sendmail sendmail /usr/sbin/sendmail.dma 20
@rm -rf $(DIR_APP)
--
2.17.1
next reply other threads:[~2020-05-13 4:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-13 4:57 Alexander Marx [this message]
2020-05-13 8:29 ` Michael Tremer
2020-05-18 20:25 ` Arne Fitzenreiter
[not found] <027b8020-3a7e-5615-97b6-fc4101cc6335@ipfire.org>
2020-05-13 9:59 ` Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200513045741.21469-1-alexander.marx@ipfire.org \
--to=alexander.marx@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox