• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Apache sendmail issue

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

engjohn

Senior Member
Joined
Dec 18, 2000
Location
SoCal
I have a Mandrake server (7.2) running apache and a cgi perl script (formmail.pl) to send mail to a user using info entered into the webpage...
etc..etc..etc...

The issue is that the user apache does not have priv's to send mail using the command "sendmail -i -t < html.file"
I get an error that cannot create trascript file ./randomname.

I have made the apache user a member of the mail group, so it has read and write priv's to the mail and mqueue directorys.

What am I doing wrong...
If I su to apache and sun it manually, I get the same error...

[apache@revolver apache]$ sendmail root
Can't create transcript file ./xfj2BHMtw11887: Permission denied
[apache@revolver apache]$
 
sendmail running SUID then? Cause those two things (write perms or SUID) could be the only reasons this error is happening. Can you "ls -al" from this "apache" directory and paste the results for us?
 
Apache Home dir.
[root@revolver apache]# ls -al
total 60
drwx------ 6 apache apache 4096 Mar 12 00:48 ./
drwxr-xr-x 21 root root 4096 Mar 12 09:08 ../
-rw-r--r-- 1 apache apache 2049 Mar 3 09:39 .Xdefaults
-rw------- 1 apache apache 2132 Mar 12 09:28 .bash_history
-rw-r--r-- 1 apache apache 24 Mar 3 09:39 .bash_logout
-rw-r--r-- 1 apache apache 267 Mar 3 09:39 .bash_profile
-rw-r--r-- 1 apache apache 559 Mar 3 09:39 .bashrc
drwxr-xr-x 7 apache apache 4096 Mar 3 09:39 .kde/
-rw-r--r-- 1 apache apache 435 Mar 3 09:39 .kderc
-rw-r--r-- 1 apache apache 141 Mar 3 09:39 .mailcap
drwxr-xr-x 4 apache apache 4096 Mar 3 09:39 .netscape/
-rw-r--r-- 1 apache apache 3394 Mar 3 09:39 .screenrc
drwxr-xr-x 2 apache apache 4096 Mar 3 09:39 Desktop/
-rw-r--r-- 1 apache apache 64 Mar 10 22:13 test.mail
drwx------ 2 apache apache 4096 Mar 3 09:39 tmp/

/home/www/ <- webroot
[root@revolver www]# ls -al
total 28
drwxrwxr-x 7 ftpadmin apache 4096 Jan 18 2002 ./
drwxr-xr-x 21 root root 4096 Mar 12 09:08 ../
drwxrwxr-x 2 ftpadmin apache 4096 Mar 10 22:31 cgi-bin/
drwxrwxr-x 13 ftpadmin apache 4096 Mar 3 09:21 html/
drwxrwxr-x 4 ftpadmin apache 4096 Jan 17 2002 icons/
drwxrwxr-x 3 ftpadmin apache 4096 Jan 18 2002 old/
drwxrwxr-x 2 ftpadmin apache 4096 Jan 17 2002 perl/

Ftpadmin is the ftpuser for the client to upload the webpage.

/var/spool/
[root@revolver spool]# ll
total 48
drwxr-xr-x 2 root root 4096 Feb 1 2002 anacron/
drwx------ 3 daemon daemon 4096 Jan 17 2002 at/
drwx------ 2 root root 4096 Oct 3 2000 cron/
drwx------ 3 lp root 4096 Jan 17 2002 cups/
-rw-r--r-- 1 root root 775 Mar 3 09:33 defaultpermissions.txt
drwxrwxr-x 2 root mail 4096 Mar 12 09:06 mail/
drwxrwxr-x 2 root mail 4096 Mar 12 09:17 mqueue/
drwxrwxr-x 9 news news 4096 Jan 17 2002 news/
drwxr-xr-x 2 root root 4096 Oct 3 2000 rwho/
drwxrwxrwt 2 root root 4096 Oct 9 2000 samba/
drwxr-x--- 2 squid squid 4096 Oct 2 2000 squid/
drwxr-xr-x 2 root root 4096 Oct 3 2000 vbox/

I have made apache a member of the mail group so it has access to the mail and mqueue dirs...

???
 
I'm not an expert on linux. Is there a particular reason that you actually have a user account of 'apache' I have apache installed on my SuSe box. I don't use it for anything, yet and I don't have an 'apache' user account/login. The default path for apache is /srv/www. (unless you changed it) I dunno,
 
and it's not really secure if the user apache can log in either. My lines from /etc/passwd and /etc/shadow:

www-data:x:33:33:www-data:/var/www:/bin/sh
www-data:*:12737:0:99999:7:::



a) apache doesn't need to be member of mail, it's the other way around: mail needs to be member of apache
b) never ever use sendmail unless you REALLY REALLY need it (which is basically never). Use postfix, exim or qmail, whatever you want. They all have a /usr/bin/sendmail so don't worry btw.

Set /home/www as your apache homedir, make the user mail a member of group apache. Then it should work. And really change your MTA to something else.
 
here are the same lines from my passwd and shadow files

apache:x:48:104:Apache:/home/apache:/bin/bash
apache:!!:11705:0:99999:7:::

I have now made mail a member of the apache group...

The MTA is postfix, just calling /usr/lib/sendmail from a "formmail.pl" script.

/home/www is the apache home dir.
there was also an apache dir under the home dir.

Apache cannot logon, I am logging on as root and su ing to apache to test.

i am stumped. :(
 
Check your syslog/mail.log, usually postfix verbosely tells you what it does. What happens if you call sendmail as a normal user from the users home dir?
 
I think that I am going to upgrade them to a new Debian box and get rid of that OLD 7.2 Mandrake box. It will make it a lot easier for me to manage, and keep secure.
 
Back