root@polymer.che.clarkson.edu (System PRIVILEGED Account) (10/20/90)
After much additional poking around, a number of my previous 'conclusions' were wrong re: the Sendmail problem I'm having under V4.0. What has come up as the difference between the one system that works and the others is that the one mounts its /usr via NFS, instead of having a local /usr. I have tried this on another 'client' and it works there too. It only seems to fail on the systems which have /usr local. I have removed all differences between the systems' local roots and /var and I'm running out of clues. They are all running the same copy of mail and sendmail, they are using the same sendmail.cf, etc... Anyone have any ideas what would be different for a system which mounts /usr remote instead of having it local? art stine sr network engineer clarkson u abstine@polymer.che.clarkson.edu
vixie@wrl.dec.com (Paul Vixie) (10/21/90)
If you run one sendmail from a remote-mounted /usr, is that /usr mounted with "nosuid" ? That would cause the kind of trouble you are seeing. -- Paul Vixie DEC Western Research Lab <vixie@wrl.dec.com> Palo Alto, California ...!decwrl!vixie
mf@ircam.ircam.fr (Michel Fingerhut) (10/22/90)
In re the problem with a remote /usr: sendmail uses /usr/tmp. Since your /usr/tmp is from a remote machine (which uses that area too) it might possibly be mangled. Another thing you might look into is where the actual place of your sendmail.fc file is (the frozen config of sendmail). In ultrix, there is a SOFT link in /usr/lib/sendmail.fc -> ../../etc/sendmail.fc, hence if you THINK your local machine has the same one than the remote it may not be true, unless the local and remote copies of the source (/etc/sendmail.cf) are identical.
jch@dyfed.rdg.dec.com (John Haxby) (11/02/90)
The ULTRIX V4.0 sendmail includes a fix for a rather interesting security hole that, among other things, involves changing the definition of the local mailer. This is important. If you don't make the change, then all mail appears to come from daemon, which is what you are seeing. I don't believe that the sun version of sendmail that you are running includes the fix so it isn't surprising that the config file works for the sun machine but not for the dec machine. The fix was posted a while back; you can also find it if you look in the sendmail config file that comes with ULTRIX out of the box. For what it's worth; the fix got out to you lot in record time: the total elapsed time between getting the notification of the bug through news and shipping the fix to customers was something like three weeks -- more luck than judgement, it should be said, but for once we got (ever so slightly) ahead of the game. -- -- John Haxby, Definitively Wrong. Digital <jch@wessex.rdg.dec.com> Reading, England <...!ukc!wessex!jch>
jch@dyfed.rdg.dec.com (John Haxby) (11/07/90)
In article <1990Nov2.145406.1449@hollie.rdg.dec.com>, jch@dyfed.rdg.dec.com (John Haxby) writes: |> |> The ULTRIX V4.0 sendmail includes a fix for a rather interesting |> security hole that, among other things, involves changing the |> definition of the local mailer. This is important. If you don't |> make the change, then all mail appears to come from daemon, which |> is what you are seeing. I don't believe that the sun version of |> sendmail that you are running includes the fix so it isn't |> surprising that the config file works for the sun machine but |> not for the dec machine. This is a the solution to a problem that isn't the topic of discussion, sorry. -- -- John Haxby, Definitively Wrong. Digital <jch@wessex.rdg.dec.com> Reading, England <...!ukc!wessex!jch>
elsen@esat.kuleuven.ac.be (11/11/90)
In article <1990Nov7.140131.2909@hollie.rdg.dec.com>, jch@dyfed.rdg.dec.com (John Haxby) writes: > > In article <1990Nov2.145406.1449@hollie.rdg.dec.com>, jch@dyfed.rdg.dec.com (John Haxby) writes: > |> > |> The ULTRIX V4.0 sendmail includes a fix for a rather interesting > |> security hole that, among other things, involves changing the > |> definition of the local mailer. This is important. If you don't > |> make the change, then all mail appears to come from daemon, which > |> is what you are seeing. I don't believe that the sun version of > |> sendmail that you are running includes the fix so it isn't > |> surprising that the config file works for the sun machine but > |> not for the dec machine. > > This is a the solution to a problem that isn't the topic of > discussion, sorry. Excuse me gentlemen but let's return to a more basis issue here : Does this mean that it is advisable NOT to take one's SENDMAIL source from Ultrix V3.n when upgrading to V4.0 ? Should one instead take DEC's skeleton sendmail.cf file from V4 distribution and reinsert 'site specific' rewrite rules ? What's the comment of the net on this , did you follow this path ? Is it documented somewhere that that's the way to go ? -- Marc Elsen (System Manager/Software Engineer) Katholieke Universiteit Leuven Dep. E.S.A.T. Kard. Mercierlaan 94 3030 HEVERLEE Belgium tel. 32(0)16220931(ext. 1080) EMAIL : elsen@esat.kuleuven.ac.be