From Newsgroup: comp.mail.sendmail
Marco Moock <
mm@dorfdsl.de> writes:
That is interesting. Can you show the ls -la of the files?
ls -la /etc/mail
total 424
drwxr-xr-x 2 root root 4096 Dec 29 10:29 ./
drwxr-xr-x 162 root root 16384 Jan 28 10:41 ../
-rw-r--r-- 1 root root 4297 Nov 15 2024 access
-rw-r----- 1 root root 12288 Nov 15 2024 access.db
-rw-r--r-- 1 root root 800 Oct 17 2023 aliases
-rw-r----- 1 root root 12288 Oct 17 2023 aliases.db
-rw-r--r-- 1 root root 69465 Oct 29 12:34 atr2-smtp.cf
-r--r--r-- 1 root smmsp 5882 Apr 14 2022 atr2-smtp-client-cert.pem -r--r----- 1 root smmsp 1679 Apr 14 2022 atr2-smtp-client-key.pem -rw-r--r-- 1 root root 2422 Oct 29 12:33 atr2-smtp.m4
-r--r--r-- 1 root smmsp 5904 Apr 14 2022 atr2-smtp-srv-cert.pem
-r--r----- 1 root smmsp 1675 Apr 14 2022 atr2-smtp-srv-key.pem
-rw-r--r-- 1 root root 41917 Oct 29 11:14 atr2-submit.cf
-rw-r--r-- 1 root root 977 Oct 29 11:14 atr2-submit.m4
-rw-r----- 1 root root 113 Mar 19 2022 authinfo
-rw-r----- 1 root root 12288 Mar 19 2022 authinfo.db
lrwxrwxrwx 1 root root 22 Jan 5 2018 cf -> /usr/share/sendmail/cf/ -rw-r--r-- 1 root root 0 Jan 9 2018 domaintable
-rw-r----- 1 root root 12288 Apr 14 2022 domaintable.db
-rw-r--r-- 1 root root 5988 Dec 27 14:58 helpfile
-rw-r--r-- 1 root root 30 Aug 4 2023 local-host-names
-rw-r--r-- 1 root root 140 Apr 25 2024 mailertable
-rw-r----- 1 root root 12288 Apr 25 2024 mailertable.db
-rw-r--r-- 1 root root 644 Apr 14 2022 Makefile
-rw-r--r-- 1 root root 4095 Feb 23 2025 milter-regex.conf
-rw-r--r-- 1 root root 1 Nov 13 2017 relay-domains
lrwxrwxrwx 1 root root 12 May 14 2021 sendmail.cf -> atr2-smtp.cf -rw-r--r-- 1 root root 2425 Aug 31 2022 site.config.m4
-rw-r--r-- 1 root root 1448 Jan 31 09:28 statistics
lrwxrwxrwx 1 root root 14 May 14 2021 submit.cf -> atr2-submit.cf -rw-r--r-- 1 root root 11 Dec 19 2009 trusted-users
-rw-r--r-- 1 root root 48 Apr 25 2024 uudomain
-rw-r----- 1 root root 12288 Apr 25 2024 uudomain.db
-rw-r--r-- 1 root root 65630 Nov 2 2020 vdrl-smtp.cf
-rw-r--r-- 1 root root 2248 Nov 2 2020 vdrl-smtp.m4
-rw-r--r-- 1 root root 41329 Nov 2 2020 vdrl-submit.cf
-rw-r--r-- 1 root root 1306 Nov 2 2020 vdrl-submit.m4
-rw-r--r-- 1 root root 1 Jan 9 2018 virtusertable
-rw-r----- 1 root root 12288 Jan 9 2018 virtusertable.db
What happens if you remove the world readability?
Then only root reads it.
IIRC sendmail can use text-only files without the DBs, can you check
with strace if it falls back to this?
Maybe Sendmail can be built like that, but it won't use the plain text
files here.
mv aliases.db hide-aliases.db
root@atr2 /etc/mail # praliases
praliases: /etc/mail/aliases: open: Unknown database type
It's rather long, but here is the relavent part:
openat(AT_FDCWD, "/etc/mail/sendmail.cf", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=69465, ...}) = 0
read(3, "\n#\n# Copyright (c) 1998-2004, 20"..., 4096) = 4096
read(3, "C[[\n\n# access_db acceptance clas"..., 4096) = 4096 newfstatat(AT_FDCWD, "/etc/mail/aliases.db", 0x7fffffffaf00, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid() = 0
newfstatat(AT_FDCWD, "/etc", {st_mode=S_IFDIR|0755, st_size=16384, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid() = 0
newfstatat(AT_FDCWD, "/etc/mail", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid() = 0
newfstatat(AT_FDCWD, "/etc/mail/aliases.db", 0x7fffffffaf00, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid() = 0
newfstatat(AT_FDCWD, "/etc", {st_mode=S_IFDIR|0755, st_size=16384, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid() = 0
newfstatat(AT_FDCWD, "/etc/mail", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid() = 0
write(2, "praliases: /etc/mail/aliases: op"..., 58praliases: /etc/mail/aliases: open: Unknown database type
) = 58
m@deb-test:~$ ls -la /usr/libexec/sendmail/praliases
-rwxr-xr-x 1 root root 99600 26. Okt 02:00 /usr/libexec/sendmail/praliases
This is looking Debian-specific. What does the listener and the queue
runner run as? Here it's root and smmsp. Maybe Debian runs those as
something else. The running processes and the files it needs to read
must match up.
ls -l /usr/bin/praliases
-rwxr-xr-x 1 root root 91760 Dec 27 14:58 /usr/bin/praliases*
ls -l /usr/sbin/sendmail
-r-xr-sr-x 1 root smmsp 906560 Dec 27 14:58 /usr/sbin/sendmail*
Slackware's is like when I built Sendmail myself. Looks like Debian
moves things around and maybe adds users/changes permissions.
--
PGP Key ID: 781C A3E2 C6ED 70A6 B356 7AF5 B510 542E D460 5CAE
"The Internet should always be the Wild West!"
--- Synchronet 3.21b-Linux NewsLink 1.2