[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: setting proviledges in fqdnaliases
Followup to my own post:
On Wed, 2003-05-14 at 21:59, Eugene Crosser wrote:
> I am trying to get rid of .forward checking to eliminate extra NFS
> operations. But I still need to do "pipe" delivery for some users. I
> have a custom relation in fqdnaliases.cf that is almost completely
> modelled after fqdnaliasesldap. If I make it return a
> "|/pipe/to/program" for some user, messages are not delivered with
> diagnostic "mail to program disallowed". I guess that this has
> something to do with the line
>
> nattr=$(newattribute $A privilege $nobodypriv)
>
> (copied from fqdnaliasesldap portion). I could not find any
> comprehensible documentation for the "attributes" thing, so maybe you
> could give some advice, how to either
>
> A) make Zmailer accept pipe redirection address and just run the program
> with root uid (then I'll put a "/bin/su - joe -s /pipe/pgm" in the
> database),
>
> or
>
> B) Make Zmailer accept pipe redirection and run the program as user $uid
> that my lookup function would give.
Apparently a right(?) way to do it is the following:
- nattr=$(newattribute $A privilege $nobodypriv)
+ priv=$(login2uid "$user")
+ nattr=$(newattribute $A privilege $priv)
provided that getpwnam() does the right thing on "user@domain" names.
Mine does.
Eugene
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi