[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: exim4: Permissions for mail spool, mail queue, configuration files, account and group names

On Wed, 29 Oct 2003 10:52:19 +0100, Bernd Eckenfels
<lists@lina.inka.de> wrote:
>On Wed, Oct 29, 2003 at 07:46:02AM +0100, Marc Haber wrote:
>> (a) Create a uid/gid for exim on installation of the package.
>Yes sounds fine. The role of the exim group could be defined. Does exim need
>the group if he runs as uid=exim?

If group is not given, exim assumes the primary group of the exim uid.
I'd say that we need the group.

>If net that group can be used as
>mailadmin, which will also allow spool access automatically.

Are you talking about spool or queue access?

I think this should be handled separately, with people being exim
admin and not having direct queue access.

>> (c) Create a group "postmaster" (or should it be called mailadmin?) on
>>     package installation.
>> (d) Either declare admin_groups=postmaster or allow postmaster members
>>     to sudo to exim (which approach is preferable?)
>I would not do the sudo setting on package installation at all, and I am not
>sure if we need to set up a trusted group. On small systems users will do
>this as root, on larger systems or users with more understanding for exim
>will add their own policy.

Yes, that option will be local to my systems. At the moment, I
primarily think about the installations I am directly in charge of,
where I'd like to have that feature, and would like to have Debian
package that easily supports the scheme that I choose to use locally.

Having an admin group would have the advantage exim's configuration
wouldn't need to be changed if new admin users are added, which
greatly eases updates.

>> (e) Create a group "exim_trusted" on package installation.
>> (f) Declare trusted_groups=exim_trusted.
>Not sure about this, also. This has nothing to do with the spool

But it also concens user and group ids.

> I think this is also local policy.

Having a trusted group would have the advantage that packages that
need to be trusted won't have to modify exim's configuration, but they
can simply add themselves to the trusted group.

>> (ii)  If an admin-user only command line option is invoked by a 
>>       non-admin user, does exim give a dedicated return value, so that
>>       it would be possible to re-try the invocation with a sudo clause
>>       in a wrapper automagically?
>I would not do that, it is confusing. But a neat idea.

Not for the package, but having a wrapper like that locally would be
nice, I think. The wrapper could be called suexim ;)

>> (iv)  Can I use the postmaster group? To me, that name sounds
>>       straightforward, but am I probably occupying a place in
>>       namespace I am not supposed to take?
>Well, I am not aware of any usage of it. I guess it is to simply pair up
>with the postmaster uid.

Some people could consider it confusing because it simply pairs up
with the postmaster mail address, which usually does not map to a uid
on the system. I am currently more inclined to use mailadmin, mailadm
or mailmaster.


-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Reply to: