XMailforum is a readonly knowledge archive now.

Registering as a new user or answering posts is not possible anymore.

Might the force be with you, to find here what you are looking for.

2019-09-20 - hschneider, Admin

Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.

XMail Forum -> Chrooted Xmail Howto


 
Reply to this topicStart new topicStart Poll

> Chrooted Xmail Howto, Run XMail in a non-root context ....
Track this topic | Email this topic | Print this topic
hschneider
Posted: Nov 24 2004, 07:39 AM
Quote Post


No - I'm not an answering script ...
Group Icon

Group: Admin
Posts: 6631
Member No.: 195
Joined: 19-June 02
QUOTE

As mentioned, XMail runs as root. The following steps make XMail run as a non-root uid/gid on a Unix-like host.

» Create group 'xmail' and user 'xmail'.

» Change the permissions of /var/MailRoot:

# chown root:xmail /var/MailRoot
# chmod 750 /var/MailRoot

» Change ownership of the following files and directories in /var/MailRoot to 'xmail:xmail'; for directories, the ownership changes apply recursively:

dnscache/
domains/
logs/
message.id
pop3locks/
spool/
tabindex/

» The file 'mailusers.tab' contains "encrypted" passwords; it must be readable by uid/gid 'xmail' although it can be owned by root, e.g.,

-rw-r-----  1 root  xmail    1118 Oct  5 08:17 mailusers.tab

» Since XMail no longer runs as root, it is unable to bind to ports 25 (smtp), 79 (finger) and 110 (pop3). The command line options for these ports are "-Sp", "-Pp" and "-Fp", respectively. XMail comes with a sample startup script: modify the line XMAIL_CMD_LINE in this file to incorporate the above command line options, e.g.:

XMAIL_CMD_LINE="-Sp 50025 -Pp 50110 -Fp 50079"

Because the script is run by root, another modification further down that file is needed to add the requisite "su - xmail -c ..." command to start XMail as the uid 'xmail'.

» The final step is to add firewall rules to redirect traffic hitting the standard ports to the non-privileged ports that XMail is running on.


Original here:
http://sandbox.rulemaker.net/ngps/132


--------------------
Bye,
Harald

-- Download XMail Queue Manager 1.46 NOW: XMail Server Tools
-- Cross platform remote queue management!
-- Message analyzing on the fly!
-- Builtin diagnostics knowledge base!
-- Manages multiple mail queues!

Sponsored by
CD-Produktion und DVD-Produktion and Homestaging Saarland - Immobilien schneller verkaufen in der Region Saarland, Rheinland-Pfalz und Luxembourg
PMEmail PosterUsers Website
Top
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:
« Next Oldest | Announcements | Next Newest »

Topic Options
Reply to this topicStart new topicStart Poll

 

Powered by Invision Power Board(U) v1.3.1 Final © 2003  IPS, Inc.