Skip to Content.
Sympa Menu

en - Re: [sympa-users] archived.pl fails to run mhonarc on Mac OS X (setuid problem)

Subject: The mailing list for listmasters using Sympa

List archive

Re: [sympa-users] archived.pl fails to run mhonarc on Mac OS X (setuid problem)

Chronological Thread  
    < Chronological >       < Thread >
  • From: Olivier Salaün - CRU <address@concealed>
  • To: Peter Farmer <address@concealed>
  • Cc: address@concealed
  • Subject: Re: [sympa-users] archived.pl fails to run mhonarc on Mac OS X (setuid problem)
  • Date: Wed, 14 Jun 2006 11:53:11 +0200
Hi Peter,

Could you please copy/paste your mail in our bug tracking system :
https://sourcesup.cru.fr/tracker/?atid=167&group_id=23&func=browse

We will fix things the following way :
  1. use a different method to change the UID/GID and catch errors
  2. add documentation on how to configure Sudo for archived.pl (similar to http://www.sympa.org/doc/html/node10.html#SECTION001021000000000000000)
Thanks.

Peter Farmer wrote: 
Has anyone been successfully run archiving (using mhonarc) via the archived daemon on OSX, using the default Perl installation ? 

Archived is run by the root user via the startup script, and it attempts to
change its real uid to the sympa user. Howver on OS X 10.3 mhonarc is failing
to run when a message is queued for archiving. As it turn out this is because
mhonarc refuses to be invoked with as setuid to sympa user - for various good
reasons. This was supposedly fixed for BSDish systems by the execution of
POSIX::setuid .

However, Mac OS X's standard perl install has a known 'bug' that prevents you
from changing the real uid of a script - at all .

Hence all the perl scripts (archived, bounced etc)  that try to use the 
    $< = $> = $newuid ;  
style methodology to set up the process to owned by the sympa user are
currently silently failing - which is not a good thing in itself as they should
check whether the request to change a uid/gid actually succeeds, and log the
failure if they fail to achieve such a critical state change. It took me a
while to figure out what was going on because there was no indication in the
logs of the failure to change the real uid.

Anyhow, to forewarn any other OS X users :
you'll need to work around this problem on OS X via one of two options :

1. install another version of perl that works - either from source or via the
excellent darwinports  facility - and use that in preference to
/System/Library/Perl/

2. run scripts like archived via sudo, which is easily set up in the system
startup scripts

I went the 2nd path as I want to try to work with the standard system perl
install at the moment. So far it is working well. 

I couldnt find this issue mentioned in the archives so I thought I log it for
posterity 8-)
Hope this note helps any others who go down this path in the future.


Archive powered by MHonArc 2.6.19+.

Top of Page