Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

More RH6.2 wierdness.

Posted on 2000-05-17
9
197 Views
Last Modified: 2013-12-15
May 17 21:19:59 gatekeeper ipop3d[5222]: Mailbox vulnerable - directory /var/spool/mail must have 1777 protection

Resetting the perms to 1777 works, but after a random time, this error is back. With no clue in the logs as to what has changed :-/
0
Comment
Question by:j2
  • 5
  • 4
9 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2819965
When the warning shows up again, what are the perms on /var/spool/mail?
0
 
LVL 12

Author Comment

by:j2
ID: 2839074
[root@gatekeeper /root]# ls -la /var/spool/                
total 44
drwxr-xr-x   11 root     root         4096 May 10 12:39 .
drwxr-xr-x   18 root     root         4096 Mar 31 15:34 ..
drwxr-xr-x    2 root     root         4096 May  1 04:42 anacron
drwx------    3 daemon   daemon       4096 Mar 31 15:29 at
drwx------    2 root     root         4096 May 17 22:01 cron
drwxrwxr-x    2 root     daemon       4096 Mar 31 15:40 lpd
drwxrwxr-x    2 root     mail         4096 May 23 18:03 mail
drwxr-xr-x    2 root     root         4096 May 23 18:03 mqueue
drwxr-xr-x    2 root     root         4096 Feb  7 21:20 rwho
drwxr--r--   18 squid    squid        4096 May 21 04:02 squid
drwxr-xr-x    5 root     root         4096 May 10 12:39 vmail
[root@gatekeeper /root]# ls -la /var/spool/mail/
total 76
drwxrwxr-x    2 root     mail         4096 May 23 18:03 .
drwxr-xr-x   11 root     root         4096 May 10 12:39 ..
-rw-------    1 aslin    popusers     2051 May 23 16:32 aslin
-rwxrwxrwt    1 chand    popusers      559 May 23 14:41 chand
-rwxrwxrwt    1 hajan    popusers      559 May 19 12:10 hajan
-rw-rw----    1 lebun    mail          559 May 23 16:46 lebun
-rwxrwxrwt    1 makje    mail          559 May 23 13:30 makje
-rwxrwxrwt    1 mikje    popusers      559 May 23 15:28 mikje
-rw-------    1 mikoh    popusers      559 May 23 10:55 mikoh
-rw-------    1 motho    popusers     3805 May 23 18:03 motho
-rwxrwxrwt    1 padah    popusers     1820 May 19 09:29 padah
-rw-------    1 root     root         3522 May 23 04:00 root
-rw-------    1 stgus    popusers      559 May 22 08:54 stgus
-rwxrwxrwt    1 vatim    popusers      559 May 18 14:29 vatim
-rwxrwxrwt    1 wmjajoa  wmjajoa     16853 May 17 22:00 wmjajoa
[root@gatekeeper /root]#


Found something, the perms goes to heck when a new spoolfile is created, AND it looks related to using the "stock" linuxconf on a RH system, will compare the Two linuxconfs configs and see if i can see something
0
 
LVL 12

Author Comment

by:j2
ID: 2864541
Found it. Its because i am using the "stock" Linuxconf and not the RH version. Whats the mask 1777 when expressing it as:
[X] May read                  xx        
                            x       x[X] May write                 xx        
                            x       x[X] May execute               xx        
                            xGroup  x[X] May read                  xx        
                            x       x[X] May write                 xx        
                            x       x[X] May execute               xx        
                            xOthers x[X] May read                  xx        
                            x       x[ ] May write                 xx        
                            x       x[X] May execute               xx        
                            x       xqqqqqqqqSpecial flagsqqqqqqqqqxx        
                            x       x[ ] Setuid flag               xx        
                            x       x[ ] Setgid flag               xx        
                            x       x[X] Restriction on directory  xx        
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 40

Accepted Solution

by:
jlevie earned 10 total points
ID: 2868124
The "sticky bit" 1000 would be the "Restriction on directory" setting above. Having all options except "Setuid flag" and "Setgid flag" selected should yield a mode of 1777.
0
 
LVL 12

Author Comment

by:j2
ID: 2868151
And right you are :)

Ive been over every manpage on chmod et. al. to find a bitmaping over the permissions but came up blank.
0
 
LVL 12

Author Comment

by:j2
ID: 2868158
Comment accepted as answer
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2871561
The man page you need is "man 2 chmod" and the bit of interest is S_ISVTX (01000 sticky bit).
0
 
LVL 12

Author Comment

by:j2
ID: 2871574
Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you.

THAT is something i did not know :)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2872597
You're welcome... Glad to add to the general knowledge base...
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question