[SOLVED] $HOME/.procmailrc won't run unless $HOME has 755 permissions
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
$HOME/.procmailrc won't run unless $HOME has 755 permissions
Our company has always set our home directories with 750 permissions. We've just updated our internal email server to ubuntu 12.04/sendmail/dovecot/ESET antivirus (from slackware/sendmail/POP3a/ASSP) and now our .procmailrc files won't execute unless the home directory they live in is 755.
Any ideas? I don't see why I should have to use 755. I thought that procmail ran as the user for whom it was delivering mail(?)
barb
ETA: turns out 751 works as well. Still want to know why.
Your home directory should have octal 0750 to shield its contents. And .procmailrc is a resource file. It gets read and interpreted by procmail, not executed like a file with the executable bit set. Set the VERBOSE variable in your ~/.procmailrc, make it use a log file and test.
I do understand that we don't manually execute the .procmailrc file, that it is used by procmail. The problem I'm having is that unless I set those directory permissions at 755 or 751, the .procmailrc file is completely ignored. I have LOGFILE, VERBOSE, and LOGABSTRACT all set in the $HOME/.procmailrc file and absolutely nothing is written unless I open up the permissions on the $HOME directory. I can also set up an /etc/procmailrc file that works, but just can't get the $HOME/.procmailrc working for any of my users.
Thanks for the follow-up. I probably can't do the strace -- tomorrow is actually my last day at this job and I'm swamped with other issues. I just *really* wanted to understand this. Maybe I can get my heir to do it
My guess would be that the test for the existence of .procmailrc might be done before switching to the user's UID for processing it. Frankly, that sounds like it would be a bug. Trying to get an strace of a process spawned by the mail delivery agent might be a challenge.
Yup, unSpawn, I definitely will. Actually, I looked at it with someone else last night and we determined this:
-- some process needs to check if the $HOME/.procmailrc file exists before trying to run it (hence needing the execute permission)
-- let's assume (for lack of anything better) that this process is run by root
-- the HOME directories are NFS mounted, so let's mount them no_root_squash to the mail server (running procmail)
-- voila!! It works now
-- set home dir permissions back to 750
I would definitely report that as a bug against procmail. It should not be necessary to use no_root_squash or to open up the permissions on the home directory in order to use a user's .procmailrc in an NFS-mounted directory.
Likewise thanks for researching it and posting your findings and that on the last day of your current job.
Good luck with your new job, I hope it will prove to be profitable in many ways.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.