Frank Elsner <[email protected]> (Wed Feb 9 13:15:20 2011): > On Wed, 9 Feb 2011 07:00:34 -0500 Phil Pennock wrote: > > [ ... ] > > > You didn't read README.UPDATING or the announcement for 4.73? > > Yes, maybe I misunderstand it :-( > > [ ... ] > > > See README.UPDATING for more. > > | * The Exim run-time user can no longer be root; this was always > | strongly discouraged, but is now prohibited both at build and > | run-time. If you need Exim to run routinely as root, you'll need to > | patch the source and accept the risk. Here be dragons. > > I have EXIM_USER=ref:exim in Local/Makefile. > User "exim" is uid 103 in /etc/passwd. > > But the binary is > > -rwsr-xr-x 1 root root 864428 Feb 9 11:27 exim-4.74 > Setuid to bind to port 25, I guess? Or should I remove it?
If started by root, it doesn't matter. Exim should change it's euid
after binding to the port.
How is your exim started? Using some -C oder -D option?
As far as I understand, the suid bit is used to change the euid/egid to
whatever for
local transports.
The config file is not owned by your exim user?
If you add the "pid" logselector, you should see, that a new process is
forked for delivery.
I did a short test (using 4.74)
MM_USER = 12
MM_GROUP = 12
---- router
mm:
driver = accept
domains = +vmail_domains
local_parts = xxx
transport = pipi
---- transport
pipi:
driver = pipe
command = /bin/sh -c "/bin/cat >/tmp/xxx"
current_directory = /tmp
home_directory = /tmp
log_fail_output
user = MM_USER
group = MM_GROUP
And it worked. The file created is owned by uid/gid 12.
--
Heiko
signature.asc
Description: Digital signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
