Re: unable to start opendkim on Ubuntu

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Fri, 7 Mar 2014 02:56:15 -0800 (PST)

On Wed, 5 Mar 2014, Cole Tierney wrote:
> Starting OpenDKIM: opendkim: /etc/opendkim.conf: /etc/mail is writeable
> and owned by uid 107 which is not the executing uid (111) or the
> superuser opendkim.
>
> ls -ld /etc/mail
> drwxr-sr-x 7 smmta smmsp 4096 Feb 20 14:02 /etc/mail
>
> id smmta
> uid=107(smmta) gid=112(smmta) groups=112(smmta),45(sasl)
>
> id opendkim
> uid=111(opendkim) gid=117(opendkim) groups=117(opendkim)

This means opendkim (111) is relying on the security of keys stored in a
directory where a user other than itself and root (namely smmta, uid 107)
could replace the keys.

Could smmta run the filter, perhaps? Or could the keys live somewhere
other than /etc/mail?

-MSK
Received on Fri Mar 07 2014 - 10:56:35 PST

This archive was generated by hypermail 2.3.0 : Fri Mar 07 2014 - 11:00:01 PST