From owner-freebsd-ports Tue Aug 13 7:44:52 2002 Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41E0E37B427; Tue, 13 Aug 2002 07:44:47 -0700 (PDT) Received: from sep.oldach.net (sep.oldach.net [194.180.25.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BE1743E6A; Tue, 13 Aug 2002 07:44:45 -0700 (PDT) (envelope-from hmo@sep.oldach.net) Received: from sep.oldach.net (localhost [127.0.0.1]) by sep.oldach.net (8.12.5/8.12.5/hmo29jun02) with ESMTP id g7DEigl6082157 (version=TLSv1/SSLv3 cipher=EDH-DSS-DES-CBC3-SHA bits=168 verify=NO); Tue, 13 Aug 2002 16:44:42 +0200 (CEST) (envelope-from hmo@sep.oldach.net) Received: (from hmo@localhost) by sep.oldach.net (8.12.5/8.12.5/Submit) id g7DEif0B082156; Tue, 13 Aug 2002 16:44:41 +0200 (CEST) (envelope-from hmo) Message-Id: <200208131444.g7DEif0B082156@sep.oldach.net> Subject: Re: ports/31684: ports/comms/hylafax fixes In-Reply-To: <200208122317.g7CNHmvx039066@freefall.freebsd.org> from Greg Lewis at "Aug 12, 2002 4:17:48 pm" To: glewis@FreeBSD.org (Greg Lewis) Date: Tue, 13 Aug 2002 16:44:41 +0200 (CEST) Cc: freebsd-ports@FreeBSD.org From: send-pr@oldach.net (Helge Oldach) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Greg Lewis: > State-Changed-From-To: open->closed > State-Changed-By: glewis > State-Changed-When: Mon Aug 12 16:16:40 PDT 2002 > State-Changed-Why: > I've implemented all of these changes except the last one. I don't > believe its required as you can specify a user (fax, uucp) to start > a process as in inetd.conf. Thank you very much for the commits. However the inetd issue doesn't work as you explained. I have | hylafax stream tcp nowait uucp /usr/local/sbin/hfaxd hfaxd -I -d | fax stream tcp nowait uucp /usr/local/sbin/hfaxd hfaxd -O -d | snpp stream tcp nowait uucp /usr/local/sbin/hfaxd hfaxd -S -d in my inetd.conf. But when I talk to the hylafax port I am lacking permissions: | hmo@sep /home/hmo > socket localhost hylafax | 220 sep.oldach.net server (HylaFAX (tm) Version 4.1) ready. | USER hmo | 550 Cannot set privileges. | quit | 221 Goodbye. | hmo@sep /home/hmo > It does work however when I change the "uucp" user to "root" in inetd.conf. I believe this has to do with Hylafax chrooting to /var/spool/hylafax which is only allowed by root or by a setuid binary. So when a non-setuid hfaxd is being started from inetd the only option is to run the daemon as root and not as uucp or fax. Probably less dangerous than having another setuid binary... Anyhow, how about a suggestion for the proper server configuration after "make install"? Kind regards, Helge To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message