On Mon, Oct 14, 2019 at 03:17:52AM +0200, Tim Tassonis via blfs-dev wrote:
> On 10/14/19 2:17 AM, Ken Moffat via blfs-dev wrote:
> > For a long time, fetchmail has warned about running as root. For
> > 6.4.1 I'm inclined to try running it as user fetchmail and group
> > nogroup. But that raises the question of which uid to assign.
> >
[...]
>
> Haven't really thought about that, I'm running fetchmail per cron job every
> three minutes, doing an su to the relevant mail user, so never as root.
>
> But as getting mails by pop3/imap and forwarding them per smtp could be done
> by a single user for multiple users, having a separate fetchmail user might
> be a good idea. I'd go for nobody/nogroup, as this is already present and I
> don't really see the point in having a seperate user for every single
> program.
>
> I will however keep my "su $USER -c fetchmail" mode, as that seems to be
> the proper way to get mails and allows for a fallback to procmail, if an
> smtp daemon is not available.
>
Since I've had to wait around for a delivery, I've been playing
with a test account and chowning the fetchmail prog to a fetchmail
user.
For system-wide it is possibly working with /etc/fetchmailrc owned
by that user and mode 600 : 'possibly' because I got a load of old
stuff, but tests since then have not got a new mail I sent to that
address. And the log file seems to need to be owned by that user
(the successful test dumped the log output to the screen which is of
course not wanted).
For running as a local user, again 'possibly' working, but with one
problem : user log needs to exist and be writable by the user - any
ideas on how that fits with logrotate ?
ĸen
--
Truth, in front of her huge walk-in wardrobe, selected black leather
boots with stiletto heels for such a barefaced truth.
- Unseen Academicals
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
