ACL for exim
Posted: Mon Oct 06, 2008 4:47 am
Hello , I have problem with exim4 , I try to send mail to local mailbox with command
mail -s test root
and see in log next msgs:
Oct 6 10:18:47 host2 kernel: grsec: From 192.168.191.13: (root:U:/usr/sbin/exim4) change to uid 5007 denied for /usr/sbin/exim4[exim4:14774] uid/euid:0/0 gid/egid:8/8, parent /usr/sbin/exim4[exim4:14773] uid/euid:0/0 gid/egid:102/102
Oct 6 10:18:47 host2 kernel: grsec: From 192.168.191.13: (root:U:/usr/sbin/exim4) change to uid 5007 denied for /usr/sbin/exim4[exim4:14777] uid/euid:0/0 gid/egid:8/8, parent /usr/sbin/exim4[exim4:14776] uid/euid:0/0 gid/egid:102/102
here is my policy config for subject /usr/bin/exim4 for role root
I had set
+CAP_SETUID
+CAP_SETGID
so , what else is wrong ?
mail -s test root
and see in log next msgs:
Oct 6 10:18:47 host2 kernel: grsec: From 192.168.191.13: (root:U:/usr/sbin/exim4) change to uid 5007 denied for /usr/sbin/exim4[exim4:14774] uid/euid:0/0 gid/egid:8/8, parent /usr/sbin/exim4[exim4:14773] uid/euid:0/0 gid/egid:102/102
Oct 6 10:18:47 host2 kernel: grsec: From 192.168.191.13: (root:U:/usr/sbin/exim4) change to uid 5007 denied for /usr/sbin/exim4[exim4:14777] uid/euid:0/0 gid/egid:8/8, parent /usr/sbin/exim4[exim4:14776] uid/euid:0/0 gid/egid:102/102
here is my policy config for subject /usr/bin/exim4 for role root
- Code: Select all
subject /usr/sbin/exim4 o {
user_transition_allow Debian-exim
/ h
/etc h
/etc/aliases r
/etc/mtab r
/etc/resolv.conf r
/proc h
/proc/stat r
/proc/sys/kernel/ngroups_max r
/usr h
/usr/share/zoneinfo r
/var h
/var/lib/exim4/config.autogenerated r
/var/log/exim4/mainlog a
/var/run/nscd/socket rw
/var/log/exim4/paniclog a
/var/spool/exim4 rwc
/var/tmp
/var/mail rwcd
-CAP_ALL
+CAP_CHOWN
+CAP_FOWNER
+CAP_SETUID
+CAP_SETGID
+CAP_DAC_OVERRIDE
bind 0.0.0.0/32:25 stream dgram ip tcp
}
I had set
+CAP_SETUID
+CAP_SETGID
so , what else is wrong ?