Solved

mail ok in command line, not in scripts

Posted on 1998-03-27
19
228 Views
Last Modified: 2010-04-21
I set up tcpwrapper on a linux machine.
It works fine (non-authorized hosts are banned), but in the deny file, I put the shell command (echo "sthing" | mail me@home.com). I know that this command line is executed with sh shell, which works fine on the linux machine.
If someone is banned I must receive the mail (It works perfectly on IRIX 6.3, exactly with the same shell command) and I receive nothing.
If I enter echo "sthing" | mail me@home.com under command line mode, I receive the mail.
Any suggestion?? Thanks.
0
Comment
Question by:steph84
  • 6
  • 5
  • 2
  • +6
19 Comments
 
LVL 84

Expert Comment

by:ozo
Comment Utility
Is mail in your PATH?  What if you give an absolute path name?
0
 
LVL 1

Expert Comment

by:Tuff
Comment Utility
I'm still kinda new to UNIX but in a perl script when you put in an email address it has to be written as such

anyname\@yourdomain.com

could this be possible?


0
 
LVL 84

Expert Comment

by:ozo
Comment Utility
It doesn't have to be written as such.  It could also be written as
q(anyname@yourdomain.com)
But it sounds like steph84 is talking about a script for sh, not perl.
0
 
LVL 2

Expert Comment

by:eckspurt
Comment Utility
What ozo suggests is probably correct.  Give the absolute path to the mail program (/bin/mail or /usr/bin/Mail).  System shell scripts should have a very restricted PATH set up so that there's minimal opportunity for a trojan horse to slip in.

0
 

Author Comment

by:steph84
Comment Utility
I could try it today, it sounded nice but unfortunately, it didn't work....
Quite strange.
0
 
LVL 3

Expert Comment

by:percyn
Comment Utility
Lets see the script.
What shell is it, tcsh or csh ?
0
 

Author Comment

by:steph84
Comment Utility
(echo "client info: " %c "\nserver info: " %s "\ndate: " `date`) | /usr/bin/mail security@imaginet.fr

The %c and %s values are obtained by the wrapper and work fine.
According tcpwrapper man page, the shell command is interpreted by sh....

0
 
LVL 84

Expert Comment

by:ozo
Comment Utility
How about using thr full path to `date`?

0
 

Author Comment

by:steph84
Comment Utility
just as before,arghh!!!!
It's not very very very important if it doesn't work, but I'd like to understand...
I've increase to 150!

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 84

Expert Comment

by:ozo
Comment Utility
How about:
(/usr/bin/echo "client info: " %c; /usr/bin/echo "server info: " %s ; /usr/bin/echo "date: "; /usr/bin/date) | /usr/bin/mailsecurity@imaginet.fr

Do you get any error messages?
0
 

Author Comment

by:steph84
Comment Utility
I tried! Nothing, no mail,no error message, nothing.
I even tried (/usr/bin/echo "foo")|/usr/bin/mail security@imaginet.fr
I'm tired of this....
0
 
LVL 1

Expert Comment

by:mzito
Comment Utility
I'm going to make two possible answers for this:
1) Are your permissions set on your mail program properly (i.e.  world executable)?
TCP Wrappers run shell commands as nobody, so that could cause a problem

2) Did you use the proper syntax if you're using the extended options?    
Tcp Wrappers can be compiled to use either the standard options or a much more flexible extended options.  If the second case is true, the following is an example hosts.deny:
ALL:ALL: twist echo "sthing" | mail  root@localhost

That will cause that command to be executed in place of the service daemon. I tried this example on my machine, and it worked fine.

Hope this helps.
Matt Zito
0
 
LVL 2

Expert Comment

by:António Sargento
Comment Utility
I had tried the following script and work just fine in a SUN Solaris 2.5.1.

#!/bin/sh

echo "sthing" | mail antonio@leia

0
 
LVL 2

Expert Comment

by:António Sargento
Comment Utility
I had tried the following script and work just fine in a SUN Solaris 2.5.1.

#!/bin/sh

echo "sthing" | mail me@machine

0
 
LVL 84

Expert Comment

by:ozo
Comment Utility
That may even be an answer to the original question if you can get your tcpwrapper to call the script.
0
 

Author Comment

by:steph84
Comment Utility
Sorry but this script work fine, even on my Irix 6.3, but not under tcpwrapper on the linux machine, That's my problem!
I've not enough time right now to try other things.....

0
 

Author Comment

by:steph84
Comment Utility
Try others things recently, nothing worked.
mail work correctly, tried with whole path, with just echo "smthing" | mail, all rights are ok, ans exactly the same commans works under Irix.
Perhaps a bug from tcpwrapper under my version of linux.....

0
 
LVL 1

Expert Comment

by:hajek
Comment Utility
if you are not sure if tcpwrapper call the script at all, try to do something what 100% does not need tty in the script (cp something_existing /tmp). If the file appears in /tmp, the script was called.

BTW, I do not know tcpwrapper, but if it runs under "nobody", what are permissions on the script you want to be run ??
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 150 total points
Comment Utility
(echo "client info: " %c "\nserver info: " %s "\ndate: " `date`) | /usr/bin/mail  security@imaginet.fr

is this the "server program" you specified in /etc/inetd.conf ?
Have you tried to call a script in /etc/inetd.conf which executes
your commands? Like:
      /your_path/your_script %c %s

your_script:
(echo "client info: " $1 "\nserver info: " $2 "\ndate: " `date`) | /usr/bin/mail security@imaginet.fr

Probably some still mentioned suggestios about full pathnames are
usefull too :-)
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now