[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: minor (major) fetchmail problem

On Sunday 09 April 2006 02:54, Ron Johnson wrote:
>On Sun, 2006-04-09 at 16:40 +1000, Lloyd Bayley - Berowra PC Services
>
>wrote:
>> Yes, I realise that...been thinking of it but when I change the cron
>> job to run as another user, that user has to be logged in.
>
>Ummmm...
>
>> I log on locally as root....maybe I should log on as myself and 'su
>> -' if I need to do anything system-ish...
>
>Oh.  Gee, I just assumed that's what everyone does.

Chuckle, not all of us have drank the koolaid.  I run as root here about 
99% of the time.  But stuff like fetchmail runs as me, gene, an 
unpriviledged user.  Its a matter of security IMO.

>> Lloyd Bayley
>> Berowra PC Services
>> P.O. Box 270
>> Berowra Heights NSW 2082
>>
>> Ph:     (02) 9456-0292
>> Mob:    0411-541-007
>> Email:  lloyd@berowrapc.com
>> Web:    www.berowrapc.com
>>
>> -----Original Message-----
>> From: Ron Johnson [mailto:ron.l.johnson@cox.net]
>> Sent: Sunday, 9 April 2006 2:37 PM
>> To: debian-user@lists.debian.org
>> Subject: RE: minor (major) fetchmail problem
>>
>> But that's just it.  Running fetchmail as root is a security risk.
>> There's no reason to run it as root, since it works well from
>> a user account.
>>
>> On Sun, 2006-04-09 at 12:49 +1000, Lloyd Bayley - Berowra PC
>> Services
>>
>> wrote:
>> > Ron,
>> >
>> > Thanks for your input!
>> > Yes, that's how I have it....both accounts in one rc file.
>> >
>> > I am ok with it running as root but was wanting to stop it
>> > reporting in my mail about the warning as running as root...
>> >
>> > I shall give what you have sent me below a try and see how I fare!
>> >
>> > Kind Regards,
>> >
>> >
>> > Lloyd Bayley
>> > Berowra PC Services
>> > P.O. Box 270
>> > Berowra Heights NSW 2082
>> >
>> > Ph:     (02) 9456-0292
>> > Mob:    0411-541-007
>> > Email:  lloyd@berowrapc.com
>> > Web:    www.berowrapc.com
>> >
>> > -----Original Message-----
>> > From: Ron Johnson [mailto:ron.l.johnson@cox.net]
>> > Sent: Sunday, 9 April 2006 12:29 PM
>> > To: debian-user@lists.debian.org
>> > Subject: RE: minor (major) fetchmail problem
>> >
>> > On Sun, 2006-04-09 at 12:05 +1000, Lloyd Bayley - Berowra PC
>> > Services
>> >
>> > wrote:
>> > > Yes, true...
>> > > I just run the thing as root and have a .fetchmailrc file in the
>> > > /root
>> >
>> > dir..
>> >
>> > > It collects mail for all users in the one file (as all 2 users
>> > > are me!)
>> > >
>> > > Stupid cron keeps emailing me saying fetchmail said:
>> > >
>> > > Warning: Running as root is discouraged
>> >
>> > What if you put both accounts in the same fetchmailrc file?
>> >
>> > When I evactuated for Katrina, I kept this cox.net address,
>> > got a secondary comcast.net address from my father in Dallas,
>> > and put them both in ~/fetchmailrc, thus fetching from both
>> > accounts in the same pass.
>> >
>> > BTW, I run it out of cron:
>> >     #!/bin/sh
>> >     MAILTO=""
>> >     # m h  dom mon dow   command
>> >     */5 * * * * /usr/local/bin/run_fetchmail.sh
>> >     exit
>> >
>> > The fetchmail script can be blocked while I backup my data.
>> >     $ cat /usr/local/bin/run_fetchmail.sh
>> >     #!/bin/sh
>> >
>> >     if [ -e /tmp/.backup.LOCK ]; then exit 0; fi
>> >
>> >     /usr/bin/fetchmail -S haggis $1
>> >
>> > > Every 5 flipping minutes....
>> > > Am trying to find a way of turning it's user-checking off. :-)
>> > >
>> > > This didn't happen before....Kernels and packages are getting
>> > > pickier!
>> :
>> :-)
>> :
>> > > Lloyd Bayley
>> > > Berowra PC Services
>> > > P.O. Box 270
>> > > Berowra Heights NSW 2082
>> > >
>> > > Ph:     (02) 9456-0292
>> > > Mob:    0411-541-007
>> > > Email:  lloyd@berowrapc.com
>> > > Web:    www.berowrapc.com
>> > >
>> > > -----Original Message-----
>> > > From: 'Clive Menzies' [mailto:clive@clivemenzies.co.uk]
>> > > Sent: Sunday, 9 April 2006 10:58 AM
>> > > To: debian-user@lists.debian.org
>> > > Subject: Re: minor (major) fetchmail problem
>> > >
>> > > On (09/04/06 08:40), Lloyd Bayley - Berowra PC Services wrote:
>> > > > I slept on it and found the problem this morning.
>> > > > For some reason I have the command running as 'fetchmail
>> > > > fetchmail -v'
>> > >
>> > > took
>> > >
>> > > > out the first 'fetchmail' and it all came to life.
>> > > >
>> > > > I haven't touched the crontab for ages so perhaps there was
>> > > > that bug
>>
>> all
>>
>> > > > along that the last install was ignoring and this one picked
>> > > > up.
>> > > >
>> > > > Dear me, the tiredness-factor plays a big part sometimes! :-)
>> > > >
>> > > > Kind Regards,
>> > >
>> > > Hehe :)
>> > >
>> > > Glad you sorted it out.
>> > >
>> > > FWIW I run fetchmail as a daemon (no cron); you set the interval
>> > > in /etc/fetchmailrc.  For a single user, it's probably not worth
>> > > doing but if you're collecting mail for multiple users, it saves
>> > > configuring individual .fetchmailrc files.
>
>--
>-----------------------------------------------------------------
>Ron Johnson, Jr.
>Jefferson, LA USA
>
>"It's a great country, where anybody can grow up to be president
>. . . except me."
>Senator Barry Goldwater (R-AZ)

-- 
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules.  I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
Reply to: