Groups | Search | Server Info | Login | Register

Groups > comp.mail.sendmail > #8242

Re: praliases file permission check

From Hugo Villeneuve-Lapointe <hugo_villap@email.invalid>
Newsgroups comp.mail.sendmail
Subject Re: praliases file permission check
Date 2026-01-31 22:42 +0000
Organization A noiseless patient Spider
Message-ID <10lm0h0$386gr$1@dont-email.me> (permalink)
References <20260130125150.06f0bcd0@ryz.dorfdsl.de> <87343mj4j8.fsf@atr2.ath.cx> <20260130205331.0b8b1ae5@ryz.dorfdsl.de> <87wm0xwxxk.fsf@atr2.ath.cx> <20260131221012.376e526c@ryz.dorfdsl.de>

Show all headers | View raw

On Sat, 31 Jan 2026 22:10:12 +0100, Marco Moock wrote:

> On 31.01.2026 11:26 Uhr jayjwa wrote:
> 
>> This is looking Debian-specific. What does the listener and the queue
>> runner run as?
> 
> Daemon is running as root.

Yeah, It looks to be Debian-specific.

# egrep "RunAsUser|TrustedUser" *.cf
sendmail.cf:#O RunAsUser=sendmail
sendmail.cf:O TrustedUser=smmta
submit.cf:O RunAsUser=smmsp
submit.cf:O TrustedUser=smmsp

Debian is happy to run the daemon as root but enforce files to be owned by 
"smmta". This is why the ownership of files in /etc/mail is more complex 
than other installations.

(Mind you, Debian have been doing more than a decade by now. Just not a 
lot of folks using sendmail or praliases with a non-public readable 
aliases.db I guess.)


OpenBSD package sendmail with RunAsUser and TrustedUser commented in 
sendmail.cf. So files in /etc/mail are happily owned by root and it works.

Slackware 15 (released 2024-07) is now using Postfix as default MTA. But 
the sendmail in "extras" is still like that (no TrustedUser option for the 
daemon).

Others I don't know.


-- 
Hugo Villeneuve-Lapointe

Back to comp.mail.sendmail | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

praliases file permission check Marco Moock <mm@dorfdsl.de> - 2026-01-30 12:51 +0100
  Re: praliases file permission check jayjwa <jayjwa@atr2.ath.cx.invalid> - 2026-01-30 14:15 -0500
    Re: praliases file permission check Marco Moock <mm@dorfdsl.de> - 2026-01-30 20:53 +0100
      Re: praliases file permission check jayjwa <jayjwa@atr2.ath.cx.invalid> - 2026-01-31 11:26 -0500
        Re: praliases file permission check Marco Moock <mm@dorfdsl.de> - 2026-01-31 22:10 +0100
          Re: praliases file permission check Hugo Villeneuve-Lapointe <hugo_villap@email.invalid> - 2026-01-31 22:42 +0000
  Re: praliases file permission check Hugo Villeneuve-Lapointe <hugo_villap@email.invalid> - 2026-01-31 14:29 +0000
    Re: praliases file permission check kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-01-31 19:28 +0000
      Re: praliases file permission check Marco Moock <mm@dorfdsl.de> - 2026-01-31 22:06 +0100
        Re: praliases file permission check kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-01-31 23:24 +0000
          Re: praliases file permission check kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-01-31 23:30 +0000
    Re: praliases file permission check Hugo Villeneuve-Lapointe <hugo_villap@email.invalid> - 2026-01-31 22:55 +0000

csiph-web