Date: Thu, 14 Nov 2002 07:34:40 -0600 From: Greg Panula <greg.panula@dolaninformation.com> To: Kirk Bailey <idiot1@netzero.net> Cc: questions@freebsd.org Subject: Re: list scripts, permissions, and ownerships. Message-ID: <3DD3A670.9172EDBD@dolaninformation.com> References: <3DD32C5A.9784D742@netzero.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Moved to questions@freebsd.org. Kirk Bailey<idiot1@netzero.net> wrote: > > I have a problem. I am writing a script to create lists, and another to destroy > them- that is, MAIL lists, such as mailman, majordomo, and mojomail and tinylist > all work with. (I write TinyList.) > > The aliases file must have certain permissions, and it appears to be 644 in my > freebsd box- hope that's correct, but it works fine. And the ownership is root, > and that works fine. > > well, apache in the box is nobody:wheel and runs scripts as such. I have the > scripts owned nobody:wheel also. They run, but it cannot access the aliases > file-permissions/ownerships. OK, changed the relevant scripts' ownerships to > root (gasp!) and tried to run things that way. still no luck. Scripts apparently > are running as nobody, even though owned by root. > > OK, a few questions. > > First, how to I get a script to discover what identity it is running as? Generally a script runs as/under the user-id that called it. The 'whoami' command will probably help you here. > > Second, how can I insure it runs as a particular identity(so as to be compatable > with the email system), when run by the web server? To run a script as the owner of that script/file, the sticky bit needs to be set. Try 'chmod 4755 script'. Now when the script is ran it will run as the owner of that script. Generally it is very poor practice to allow web-executables to run under the root id. Better to run things under the uid 'nobody' and adjust file permissions to allow the user 'nobody' to write to those specific files/directories. In your case there are two options: 1) change the owner of the alias files to 'nobody' 2) change the file permissions to allow the group to modify the file aka 'chmod 664' Additional note: I would remove the user nobody from the wheel group. Membership in the wheel group allows that id to switch users aka use the 'su' command. > > third, what are the correct ownerships and permissions for /etc/mail and for > aliases? Just want to make sure I have things right. > > -- > On a virgin freebsd system /etc/mail is owned by root:wheel and the permissions are 755. You might want to checkout webmin( http://www.webmin.com/ ) and see how they are doing their mail list management ( http://www.webmin.com/screens/edit_list.gif ). good luck, greg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DD3A670.9172EDBD>