From owner-freebsd-questions Wed Aug 9 6:17: 5 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail2.wmptl.com (mail2.wmptl.com [216.221.73.131]) by hub.freebsd.org (Postfix) with ESMTP id 80DCD37B680 for ; Wed, 9 Aug 2000 06:17:01 -0700 (PDT) (envelope-from webmaster@wmptl.com) Received: from wmptl.com ([10.0.0.168]) by mail2.wmptl.com (8.9.3/8.9.3) with ESMTP id JAA71966; Wed, 9 Aug 2000 09:15:19 -0400 (EDT) (envelope-from webmaster@wmptl.com) Message-ID: <39915954.87BE2324@wmptl.com> Date: Wed, 09 Aug 2000 09:15:00 -0400 From: Nathan Vidican X-Mailer: Mozilla 4.72 [en] (Win95; I) X-Accept-Language: en MIME-Version: 1.0 To: Thomas Good Cc: questions@freebsd.org Subject: Re: Nobody versus FreeBSD References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thomas Good wrote: > > Hello! > > I have a (postgres) database accessed via apache and perl/CGI. > Nobody is my default user. The code that works on Linux (boo hiss) > is failing on FBSD in one minor area: mail delivery. > > The perl scripts generate email for diff purposes, however, whilst > running on an FBSD box, Nobody the postman runs into a problem. > He is unable to write to /var/spool/mqueue. > > Permissions are identical linux to bsd: 755 from /var to .../mqueue > Ownership is correct (root.daemon for the target dir) although diff > from Linux (root.mail). Is any of this pertinent? > > Also, the entry in /etc/passwd for nobody is similar across systems. > He is a member of his own (nonexistent ;-) group. Would adding a > group be advisable or is there a less insecure solution? > > Thanks very much! > Tom Good > > -------------------------------------------------------------------- > SVCMC - Center for Behavioral Health > -------------------------------------------------------------------- > Thomas Good tomg@ { admin | q8 } .nrnet.org > IS Coordinator / DBA Phone: 718-354-5528 > Fax: 718-354-5056 > -------------------------------------------------------------------- > Powered by: PostgreSQL s l a c k w a r e FreeBSD: > RDBMS |---------- linux The Power To Serve > -------------------------------------------------------------------- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message Change the group writeable permissions for /var/mqueue, and add the user nobody to said group. This is generally not a good idea if you are not the sole user (or customer) on the box. It should not adversly effect anything else, but it may allow other services (such as a webserver) running as nobody to write to said directory. Again, if you have total control over the machine, that shouldn't be a problem, but if you do virtual-hosting, or anything like that you may want to make sure your webserver isn't running as the user 'nobody'. chmod 775 /var/mqueue add user nobody to group 'daemon'. -- Nathan Vidican webmaster@wmptl.com Windsor Match Plate & Tool Ltd. http://www.wmptl.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message