You are following one set of directions, but another set has
something different to say. When testing the majordomo installation
you first run wrapper config-test as root, checking for errors, then
you run it again as majordomo, and finally again as any other user.
After all these tests pass, then you worry about sendmail security.
I see that you still have the group write bit enabled on the digests
directory.
755 is more than open enough when your owner and group are both
majordomo. I would add daemon to the majordomo line in /etc/group
though.
Try `chmod go-w / /usr; chmod -R go-w /usr/majordomo`
Dan Liston
> Mike Bobbitt wrote:
>
> Hello,
>
> I'm trying to set the permissions on my majordomo installation
> correctly, but I just keep running in a loop. Here's the apparently
> conflicting info I have:
>
> 1. Do NOT run "./wrapper config-test" as 'root' or your 'majordom'
> user.
>
> 2. The new security features of sendmail don't allow :include:
> directories to be group writable. ...remove the group-write bit on the
> lists directory and any list files.
>
> So when I set my permissions as follows:
>
> drwxr-xr-x 7 majordom majordom 1024 Aug 10 21:13 .
> drwxr-xr-x 18 root root 1024 May 25 1999 ..
> -rw-rw-r-- 1 majordom majordom 6 Aug 4 15:08
> .majordomo_registration
> -rw-rw-rw- 1 majordom majordom 48615 Aug 10 15:11 Log
> drwxr-xr-x 2 majordom majordom 1024 May 23 1999 Tools
> -rwxr-xr-x 1 majordom majordom 5267 Aug 4 15:07 archive2.pl
> drwxr-xr-x 2 majordom majordom 1024 Aug 4 15:07 bin
> -rwxr-xr-x 1 majordom majordom 2795 Aug 5 1999 bounce-remind
> -rwxr-xr-x 1 majordom majordom 10671 Aug 5 1999 config-test
> -rwxr-xr-x 1 majordom majordom 51130 Aug 4 15:07 config_parse.pl
>
> -rwxr-xr-x 1 majordom majordom 14201 Aug 4 15:07 digest
> drwxrwxr-x 4 majordom majordom 1024 Aug 3 1999 digests
> drwxr-xr-x 6 majordom majordom 1024 Aug 10 21:24 lists
> -rwxr-xr-x 1 majordom majordom 62511 Aug 4 15:07 majordomo
> lrwxrwxrwx 1 majordom majordom 27 Aug 9 08:56
> majordomo.aliases -> /etc
> /mail/majordomo.aliases
> -rw-rw-r-- 1 majordom majordom 10501 Aug 3 09:07 majordomo.cf
> -rwxr-xr-x 1 majordom majordom 64251 Aug 5 1999 majordomo.orig
> -rwxr-xr-x 1 majordom majordom 24381 Aug 4 15:07 majordomo.pl
> -rwxr-xr-x 1 majordom majordom 137 Aug 4 15:07
> majordomo_version.pl
> drwxr-xr-x 4 majordom majordom 1024 May 23 1999 man
> -rwxr-xr-x 1 majordom majordom 3791 Aug 4 15:07 request-answer
> -rwxr-xr-x 1 majordom majordom 29919 Aug 4 15:07 resend
> -rwxr-xr-x 1 majordom majordom 29520 Aug 5 1999 resend.orig
> -rw-r--r-- 1 majordom majordom 10462 Aug 5 1999 sample.cf
> -rwxr-xr-x 1 majordom majordom 8060 Aug 5 1999 shlock.pl
> -rwxr-xr-x 1 majordom majordom 6494 Aug 5 1999 wrapper
>
> running ./wrapper config-test yeilds:
>
> BAD: Couldn't create a mock lock file.
> $homedir (/usr/majordomo) needs to be writable.
> ---------------------- list directory ----------------------
> BAD: list directory /usr/majordomo/lists has bad permissions
>
> If I open things up (I.E. 777 for /usr/majordomo and lists) then
> sendmail complains.
>
> Help!
References:
|
|
