FS#52119 - [opensmtpd] offline mail submission broken

Attached to Project: Community Packages
Opened by Brian De Wolf (bldewolf) - Sunday, 11 December 2016, 18:09 GMT
Last edited by Jelle van der Waa (jelly) - Sunday, 03 September 2023, 09:08 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Lukas Fleischer (lfleischer)
Bruno Pagani (ArchangeGabriel)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:

If the opensmtpd daemon isn't running, offline submissions might be accepted but will not be eventually sent. The underlying problem is that /usr/bin/smtpctl is intended to be setgid and group smtpq, as seen here:

https://github.com/OpenSMTPD/OpenSMTPD/blob/opensmtpd-6.0.2p1/mk/smtpctl/Makefile.am#L79
https://github.com/OpenSMTPD/OpenSMTPD/blob/opensmtpd-6.0.2p1/smtpd/smtpctl/Makefile#L7

This allows non-root users to submit, otherwise they will not be able to write files into the offline directory.

Note that even with these permissions, offline submission is still broken due to a bug in upstream that I just submitted an issue for:

https://github.com/OpenSMTPD/OpenSMTPD/issues/749

I'm not sure what the upstream fix will be, but I tested with a local build with the closefrom modified and offline submission worked (once permissions were restored to smtpctl).

Additional info:
* opensmtpd 6.0.2p1-1


Steps to reproduce:
1. stop smtpd: systemctl stop smtpd
2. send a mail: printf "Subject: test\nFrom: example@example.com\nTo: example@example.com\n\nexample" | sendmail -t
3. check if the file appears in: ls -l /var/spool/smtpd/offline/
3. Turn on smtpd: systemctl start smtpd
4. check if the file stays in: ls -l /var/spool/smtpd/offline/
This task depends upon

Closed by  Jelle van der Waa (jelly)
Sunday, 03 September 2023, 09:08 GMT
Reason for closing:  No response
Comment by Eduard Rozenberg (edrozenberg) - Wednesday, 07 March 2018, 16:25 GMT
Offline submission is still broken with opensmtpd-6.0.2p1-7 due to smtpctl group=root (should be group=smtpq). Same issue reported in the original posting here.

A Makefile fix is coming soon from the opensmtpd project (and hopefully we'll see a new release as well...):
https://github.com/OpenSMTPD/OpenSMTPD/issues/839#issuecomment-371171437

For now, a workaround is as follows:
# chgrp smtpq /usr/sbin/smtpctl
# chmod g+s /usr/sbin/smtpctl

Note: the reason the chmod is required is that the chgrp command causes the set gid flag to be lost, and so we need to add back setgid.
Comment by Eduard Rozenberg (edrozenberg) - Wednesday, 07 March 2018, 16:31 GMT
Also note that recent releases are also broken in this way: opensmtpd-201801101641p1 and opensmtpd-6.0.3p1

A fixed release, when it comes, will have a pubdate of March 7, 2018 or newer.
Comment by Buggy McBugFace (bugbot) - Tuesday, 08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2 years. Please reply if you still experience this bug otherwise this issue will be closed after 1 month.

Loading...