[cyr]deliver, executed as <user>, should have <user>'s permissions

ms419 at freezone.co.uk ms419 at freezone.co.uk
Wed Apr 14 16:44:34 EDT 2004 

Bad indeed : /

First, I recompiled Cyrus according to instruction. I obtained an 
strace: "http://www.sfu.ca/~jdbates/cyrdeliver/strace" and ltrace: 
"http://www.sfu.ca/~jdbates/cyrdeliver/ltrace".

 From the ltrace, I gather:
---
sasl_setprop(0, 101, 0x80761a0, 0xbfffce74, 0x400083bf) = -7
---
Which, according to "sasl.h":
---
#define SASL_BADPARAM   -7   /* invalid parameter supplied */
---
Referring to the first parameter - sasl_conn_t *conn - which is 0?

Also:
---
sasl_client_new(0x806de97, 0x80817c0, 0, 0, 0)   = -12
---
And according to "sasl.h":
---
#define SASL_NOTINIT    -12  /* SASL library not initialized */
---
But here I am stuck. Why isn't SASL library initialized? Are these null 
values a problem? What's the cause?

No better luck running cyrdeliver as root.

I am certainly no expert - your help is VERY much appreciated! My goal 
is still to allow any user to deliver mail - to only those mailboxes 
whose ACLs give them permission.

Thanks again,

Jack

On Apr 9, 2004, at 12:58 PM, Henrique de Moraes Holschuh wrote:

> On Fri, 09 Apr 2004, ms419 at freezone.co.uk wrote:
>> admin at wum:~$ /usr/sbin/cyrdeliver admin < tmp/message
>> couldn't connect to lmtpd: Success
>
> yuck. bad error message :)
>
>> Apr  9 12:07:42 wum cyrus/deliver[11511]: lmtpengine do_auth: could 
>> not
>> sasl_setprop the security properties
>
> strace cyrdeliver, and see if it is trying to get sasl options from
> somewhere insane.  Also, ltrace it (recompile cyrus according to the 
> debug
> docs first so that you get better ltraces), and see if that gives any 
> clues.
>
> I don't know why it would fail to sasl_setprop :(
>
>> My goal is for a user's permission to deliver to a folder to agree 
>> with
>> that folder's ACL - so I can run cyrdeliver as an unprivileged user
>> (like from .procmailrc), w/o allowing the user to deliver to every
>> folder.
>
> Well, that should work, but I am not sure it will.  Try to deliver as
> user "postman" as well, just in case.
>
> -- 
>   "One disk to rule them all, One disk to find them. One disk to bring
>   them all and in the darkness grind them. In the Land of Redmond
>   where the shadows lie." -- The Silicon Valley Tarot
>   Henrique Holschuh

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list