From owner-freebsd-questions Thu Nov 14 5:34:45 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 656AD37B401 for ; Thu, 14 Nov 2002 05:34:43 -0800 (PST) Received: from host185.dolanmedia.com (host185.dolanmedia.com [209.98.197.185]) by mx1.FreeBSD.org (Postfix) with SMTP id 9B74443E8A for ; Thu, 14 Nov 2002 05:34:42 -0800 (PST) (envelope-from greg.panula@dolaninformation.com) Received: (qmail 45282 invoked by uid 0); 14 Nov 2002 13:34:42 -0000 Received: from greg.panula@dolaninformation.com by proxy by uid 82 with qmail-scanner-1.15 ( Clear:. Processed in 0.482549 secs); 14 Nov 2002 13:34:42 -0000 X-Qmail-Scanner-Mail-From: greg.panula@dolaninformation.com via proxy X-Qmail-Scanner-Rcpt-To: idiot1@netzero.net,questions@freebsd.org X-Qmail-Scanner: 1.15 (Clear:. Processed in 0.482549 secs) Received: from unknown (HELO mail.dolanmedia.com) (10.1.1.23) by host185.dolanmedia.com with SMTP; 14 Nov 2002 13:34:41 -0000 Received: from dolaninformation.com (10.1.1.135) by mail.dolanmedia.com (Worldmail 1.3.167); 14 Nov 2002 07:34:41 -0600 Message-ID: <3DD3A670.9172EDBD@dolaninformation.com> Date: Thu, 14 Nov 2002 07:34:40 -0600 From: Greg Panula Reply-To: greg.panula@dolaninformation.com Organization: Dolan Information Center Inc X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Kirk Bailey Cc: questions@freebsd.org Subject: Re: list scripts, permissions, and ownerships. References: <3DD32C5A.9784D742@netzero.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Moved to questions@freebsd.org. Kirk Bailey wrote: > > I have a problem. I am writing a script to create lists, and another to destroy > them- that is, MAIL lists, such as mailman, majordomo, and mojomail and tinylist > all work with. (I write TinyList.) > > The aliases file must have certain permissions, and it appears to be 644 in my > freebsd box- hope that's correct, but it works fine. And the ownership is root, > and that works fine. > > well, apache in the box is nobody:wheel and runs scripts as such. I have the > scripts owned nobody:wheel also. They run, but it cannot access the aliases > file-permissions/ownerships. OK, changed the relevant scripts' ownerships to > root (gasp!) and tried to run things that way. still no luck. Scripts apparently > are running as nobody, even though owned by root. > > OK, a few questions. > > First, how to I get a script to discover what identity it is running as? Generally a script runs as/under the user-id that called it. The 'whoami' command will probably help you here. > > Second, how can I insure it runs as a particular identity(so as to be compatable > with the email system), when run by the web server? To run a script as the owner of that script/file, the sticky bit needs to be set. Try 'chmod 4755 script'. Now when the script is ran it will run as the owner of that script. Generally it is very poor practice to allow web-executables to run under the root id. Better to run things under the uid 'nobody' and adjust file permissions to allow the user 'nobody' to write to those specific files/directories. In your case there are two options: 1) change the owner of the alias files to 'nobody' 2) change the file permissions to allow the group to modify the file aka 'chmod 664' Additional note: I would remove the user nobody from the wheel group. Membership in the wheel group allows that id to switch users aka use the 'su' command. > > third, what are the correct ownerships and permissions for /etc/mail and for > aliases? Just want to make sure I have things right. > > -- > On a virgin freebsd system /etc/mail is owned by root:wheel and the permissions are 755. You might want to checkout webmin( http://www.webmin.com/ ) and see how they are doing their mail list management ( http://www.webmin.com/screens/edit_list.gif ). good luck, greg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message