netbsd-bugs: lib/3204: Crond wants sendmail insecure or can't send mail

Subject: lib/3204: Crond wants sendmail insecure or can't send mail
To: None <gnats-bugs@gnats.netbsd.org>
From: Heiko W.Rupp <hwr@pilhuhn.de>
List: netbsd-bugs
Date: 02/10/1997 13:00:27
>Number:         3204
>Category:       lib
>Synopsis:       Crond wants sendmail insecure or can't send mail
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    lib-bug-people (Library Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Feb 10 04:05:00 1997
>Last-Modified:
>Originator:     Heiko W.Rupp
>Organization:
	private
>Release:        1.1
>Environment:
	
System: NetBSD snert.pilhuhn.de 1.1 NetBSD 1.1 (SNERT+PPP) #11: Thu Jan 30 11:00:49 MET 1997 hwr@snert.pilhuhn.de:/usr/src/sys/arch/i386/compile/SNERT+PPP i386


>Description:

When crond wants to send mail about a executed command
it invokes /usr/sbin/sendmail with the following command line
options:

-F\"Cron Daemon\" -odi -oem -or0s -t    (from $src/crond/config.h)

-or0s wants to prevent read timeouts when the command that is run by
cron needs a long time to finish. 
Using that option for users other than root produces the following
message in maillog:

Feb 10 12:25:52 snert sendmail[3509]: NOQUEUE: SYSERR(uucp): queuename: Cannot create "qfMAA03509" in "/var/spool/mqueue" (euid=66): Permission denied


>From the Batbook:  "The r option is not safe. If specified from the command 
line,  it may cause sendmail to relinquish its root privilege."

So I either need to open /var/spool/mqueue wide open or don't get mails ..

>How-To-Repeat:

echo "To: uucp" > /tmp/gaga
echo "Subject: test" >> /tmp/gaga

su - uucp
uucp> /usr/sbin/sendmail -or0s -t < /tmp/gaga

>Fix:

This is not complete, as the timeout needs to be raised in sendmail.cf
perhaps by creating a netbsd.m4 that contains this higher timeout definition.

snert# diff -c config.h config.h,1
*** config.h    Mon Feb 10 12:54:16 1997
--- config.h,1  Mon Feb 10 12:53:51 1997
***************
*** 55,61 ****
                         */
  
  #define MAILCMD _PATH_SENDMAIL                                        /*-*/
! #define MAILARGS "%s -F\"Cron Daemon\" -odi -oem  -t" /*-*/
                        /* -Fx   = set full-name of sender
                         * -odi  = Option Deliverymode Interactive
                         * -oem  = Option Errors Mailedtosender
--- 55,61 ----
                         */
  
  #define MAILCMD _PATH_SENDMAIL                                        /*-*/
! #define MAILARGS "%s -F\"Cron Daemon\" -odi -oem -or0s -t"    /*-*/
                        /* -Fx   = set full-name of sender
                         * -odi  = Option Deliverymode Interactive
                         * -oem  = Option Errors Mailedtosender

>Audit-Trail:
>Unformatted: