FS#52119 - [opensmtpd] offline mail submission broken
Attached to Project:
Community Packages
Opened by Brian De Wolf (bldewolf) - Sunday, 11 December 2016, 18:09 GMT
Last edited by Jelle van der Waa (jelly) - Sunday, 03 September 2023, 09:08 GMT
Opened by Brian De Wolf (bldewolf) - Sunday, 11 December 2016, 18:09 GMT
Last edited by Jelle van der Waa (jelly) - Sunday, 03 September 2023, 09:08 GMT
|
Details
Description:
If the opensmtpd daemon isn't running, offline submissions might be accepted but will not be eventually sent. The underlying problem is that /usr/bin/smtpctl is intended to be setgid and group smtpq, as seen here: https://github.com/OpenSMTPD/OpenSMTPD/blob/opensmtpd-6.0.2p1/mk/smtpctl/Makefile.am#L79 https://github.com/OpenSMTPD/OpenSMTPD/blob/opensmtpd-6.0.2p1/smtpd/smtpctl/Makefile#L7 This allows non-root users to submit, otherwise they will not be able to write files into the offline directory. Note that even with these permissions, offline submission is still broken due to a bug in upstream that I just submitted an issue for: https://github.com/OpenSMTPD/OpenSMTPD/issues/749 I'm not sure what the upstream fix will be, but I tested with a local build with the closefrom modified and offline submission worked (once permissions were restored to smtpctl). Additional info: * opensmtpd 6.0.2p1-1 Steps to reproduce: 1. stop smtpd: systemctl stop smtpd 2. send a mail: printf "Subject: test\nFrom: example@example.com\nTo: example@example.com\n\nexample" | sendmail -t 3. check if the file appears in: ls -l /var/spool/smtpd/offline/ 3. Turn on smtpd: systemctl start smtpd 4. check if the file stays in: ls -l /var/spool/smtpd/offline/ |
This task depends upon
Closed by Jelle van der Waa (jelly)
Sunday, 03 September 2023, 09:08 GMT
Reason for closing: No response
Sunday, 03 September 2023, 09:08 GMT
Reason for closing: No response
A Makefile fix is coming soon from the opensmtpd project (and hopefully we'll see a new release as well...):
https://github.com/OpenSMTPD/OpenSMTPD/issues/839#issuecomment-371171437
For now, a workaround is as follows:
# chgrp smtpq /usr/sbin/smtpctl
# chmod g+s /usr/sbin/smtpctl
Note: the reason the chmod is required is that the chgrp command causes the set gid flag to be lost, and so we need to add back setgid.
A fixed release, when it comes, will have a pubdate of March 7, 2018 or newer.