From owner-freebsd-questions@freebsd.org  Sun Aug 25 14:31:05 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id BE6D4E0F60
 for <freebsd-questions@mailman.nyi.freebsd.org>;
 Sun, 25 Aug 2019 14:31:05 +0000 (UTC)
 (envelope-from wfdudley@gmail.com)
Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com
 [IPv6:2607:f8b0:4864:20::d36])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46Gcy10SMyz41cd
 for <freebsd-questions@freebsd.org>; Sun, 25 Aug 2019 14:31:04 +0000 (UTC)
 (envelope-from wfdudley@gmail.com)
Received: by mail-io1-xd36.google.com with SMTP id p12so31243965iog.5
 for <freebsd-questions@freebsd.org>; Sun, 25 Aug 2019 07:31:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=h956KG0v8LV+SGYzO9qL06IbLQb0FhE5c1pyesz5Uiw=;
 b=Iexw3Q6EIZBYEISOY1S0WXGkYXrTKOAM2TQeIoae9B9mF1b8g8wNv5u954CRlC+s/T
 vPYkJ7IKhSw6gw+VyKEHswslHBcaYawvJKfQgLtttBRKkezQ2Cx1599DrGacdJM9aFuV
 U4j7sWGKZDCHwrybdmv7tzBpHadJMc/sD4Nzr7peKTjSpcfHlofGDwHHnkYmXnA1Tszi
 0qd9wX0TNUYkiI+sKTuvrMyTMmToYRz0pgovNoinROuQ3iGG9DBpibnRgKzvkTDnELJI
 diey/2/ZWIVIOM9qakX19KCTSCf69Hv2tlP+z9fWD49ZPdEc5TE9pJJ43jRZ78DDsaV4
 WeEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=h956KG0v8LV+SGYzO9qL06IbLQb0FhE5c1pyesz5Uiw=;
 b=ffoLQg/OHStr6DbjslGoS24hbye07MLU4ZB9fx52VWIVQAq4ESZbfLWqyWw68oXVti
 rT4I08Bm4pBZ903kBaooO2+Ivz6yxN+h9AmA3fwZxbPbrevKPbQ5bRNxZ+TkmNVsdq8T
 0GH8a8CPdjL4ZRCmD/2Y52Nd/9Yqyw5dvePVpPIaCG8ppkz3Nckb+7+a6iKiFWRr3Cyr
 D1Ti+zARtKepaWrqkKy5XUERF7g2bzyiyrixwzGF1JtMAXz21t/DwwEAHCEYm3iKrmeK
 D60YKOqG7Du1GX06wvYGk6yOUQCqjTkHvjepOjkpYyb5/ImnXI64qvGsmbJVHcdrdltj
 O5VQ==
X-Gm-Message-State: APjAAAXBZ51hb95wuBcCNH0eDqZqQPGfs3okaXrw2XO6eK0L/AUubMbS
 8dymyquLdMhu4Tcl1xTQ4Fh/BCboulZ2asYSRTA=
X-Google-Smtp-Source: APXvYqw0zlcoxcI3ginQiXhtbu4Yzm4qvz4SRhDlFNFuwfEBnflILvPg1Jj5/bAC4SZBPyWSDUHIZIDy/tYx9q0yx30=
X-Received: by 2002:a6b:8b0b:: with SMTP id n11mr14800804iod.101.1566743463603; 
 Sun, 25 Aug 2019 07:31:03 -0700 (PDT)
MIME-Version: 1.0
References: <CAFsnNZKhm97zBjKi1VHSx0ZWzm_W-qKkJZwuTTte3s7etfmquA@mail.gmail.com>
 <ae843fb4-8a24-f19b-0f00-6670fe01f46e@gmail.com>
In-Reply-To: <ae843fb4-8a24-f19b-0f00-6670fe01f46e@gmail.com>
From: William Dudley <wfdudley@gmail.com>
Date: Sun, 25 Aug 2019 10:30:51 -0400
Message-ID: <CAFsnNZKZDxGBZoW9kaUgNJuJsnjKEcqWnWo9vOkV4+DLWh4SXg@mail.gmail.com>
Subject: Re: openwebmail broke with latest update
To: MJ <mafsys1234@gmail.com>
Cc: freebsd-questions <freebsd-questions@freebsd.org>
X-Rspamd-Queue-Id: 46Gcy10SMyz41cd
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=Iexw3Q6E;
 dmarc=pass (policy=none) header.from=gmail.com;
 spf=pass (mx1.freebsd.org: domain of wfdudley@gmail.com designates
 2607:f8b0:4864:20::d36 as permitted sender) smtp.mailfrom=wfdudley@gmail.com
X-Spamd-Result: default: False [-2.99 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com];
 R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c];
 URI_COUNT_ODD(1.00)[3]; TO_DN_ALL(0.00)[];
 DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 NEURAL_HAM_SHORT(-0.99)[-0.995,0];
 FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[];
 IP_SCORE(0.00)[ip: (-5.29), ipnet: 2607:f8b0::/32(-2.87), asn: 15169(-2.34),
 country: US(-0.05)]; MIME_TRACE(0.00)[0:+,1:+,2:~];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
 DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0];
 ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.10)[multipart/alternative,text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
 IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[6.3.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org
 : 127.0.5.0]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Aug 2019 14:31:05 -0000

Mark,

Thanks for your suggestions.

I left my debugging attempts out of my email to the list.

I checked the permissions, and they are as they should be: 4755 for
openwebmail.pl, owned by root:mail.

What I guess I need to do is write a small perl test program to see if the
setuid stuff works; perhaps
the FreeBSD Perl maintainer decided/forgot about the setuid Perl feature.

Since I haven't played with that Perl feature in a long while, that means a
bit of research . . .

Bill Dudley

This email is free of malware because I run Linux.


On Sun, Aug 25, 2019 at 10:09 AM MJ <mafsys1234@gmail.com> wrote:

> Hello Bill,
>
> On 25/08/2019 2:36 am, William Dudley wrote:
> > Hi,
> >
> > Running 11.2-RELEASE-p11
> > and also openwebmail-2.53_4
> >
> > All software is installed using pkg; I try to keep things mostly "stock"
> to
> > make
> > maintenence easy.  This is a mail and web server that I use to supply
> > mailing
> > lists to a bunch of non-profits
> >
> > I just did pkg upgrade to openwebmail (and a bunch of other things) and
> > now openwebmail "fails" with the following message when I login to check
> > my mail:
> >
> > Set effective gid to mail(6) failed!
>
> -- DISCLAIMER - I don't use openwebmail and I'm a old user of Perl that
> stopped using it years
> ago. --
>
> I had a quick look in the code and where it could fail it suggests two
> things:
>
> a) perl has no idea of setuid (I think that's a compile option?)
>
> b) the script that runs (openwebmail.pl) is not setuid itself. That is,
> it should be permissions 4555 or 4755 or it's
> not owned by root or running under the mail group.
>
> But as you said you install from packages, I'd expect perl to be compiled
> with setuid (eg ENABLE_SUIDPERL=yes
> used to be the setting when making from ports)
>
> So my best guess would be permissions or ownership of the perl scripts?
>
> If you do a search within /usr/local/www/apacheNN/cgi-bin/openwebmail (I'm
> guessing the path here), you might find
> other references to your error:
> cd /usr/local/www/apacheNN/cgi-bin/openwebmail
> find . -type f -exec grep "Set effective gid to mail" {} \; -print
>
> and see what turns up. There was another script with the same error when I
> checked it. Make sure that one also has
> the correct permissions and ownership.
>
> I hope this is more of a help than a hindrance! :-)
>
> Cheers,
> Mark
>