Date: Tue, 13 Aug 2002 16:44:41 +0200 (CEST) From: send-pr@oldach.net (Helge Oldach) To: glewis@FreeBSD.org (Greg Lewis) Cc: freebsd-ports@FreeBSD.org Subject: Re: ports/31684: ports/comms/hylafax fixes Message-ID: <200208131444.g7DEif0B082156@sep.oldach.net> In-Reply-To: <200208122317.g7CNHmvx039066@freefall.freebsd.org> from Greg Lewis at "Aug 12, 2002 4:17:48 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Greg Lewis: > State-Changed-From-To: open->closed > State-Changed-By: glewis > State-Changed-When: Mon Aug 12 16:16:40 PDT 2002 > State-Changed-Why: > I've implemented all of these changes except the last one. I don't > believe its required as you can specify a user (fax, uucp) to start > a process as in inetd.conf. Thank you very much for the commits. However the inetd issue doesn't work as you explained. I have | hylafax stream tcp nowait uucp /usr/local/sbin/hfaxd hfaxd -I -d | fax stream tcp nowait uucp /usr/local/sbin/hfaxd hfaxd -O -d | snpp stream tcp nowait uucp /usr/local/sbin/hfaxd hfaxd -S -d in my inetd.conf. But when I talk to the hylafax port I am lacking permissions: | hmo@sep /home/hmo > socket localhost hylafax | 220 sep.oldach.net server (HylaFAX (tm) Version 4.1) ready. | USER hmo | 550 Cannot set privileges. | quit | 221 Goodbye. | hmo@sep /home/hmo > It does work however when I change the "uucp" user to "root" in inetd.conf. I believe this has to do with Hylafax chrooting to /var/spool/hylafax which is only allowed by root or by a setuid binary. So when a non-setuid hfaxd is being started from inetd the only option is to run the daemon as root and not as uucp or fax. Probably less dangerous than having another setuid binary... Anyhow, how about a suggestion for the proper server configuration after "make install"? Kind regards, Helge To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208131444.g7DEif0B082156>