[EMAIL PROTECTED] (Mark Devin) writes: > I would like to make fetchmail run as a user rather than root when run > via my /etc/ppp/ip-up.d/fetchmail-up script > > Here is what I tried to do to get fetchmail to run as user "mail": > > Make a home directory for user mail - /home/mail > set the owner and group for this directory to "mail" > chown mail /usr/bin/fetchmail chgrp mail /usr/bin/fetchmail > chmod 4755 /usr/bin/fetchmail > This makes the binary run as user mail despite who calls it (including > root) > create a .fetchmailrc file in the home directory of user "mail" > Edit the /etc/ppp/ip-up.d/fetchmail-up script > Edit the /etc/ppp/ip-down.d/fetchmail-down script > > This didn't work. > I also tried calling fetchmail with the --fetchmailrc and --idfile > options set appropriately. And this didn't work either. > > I wanted to do it this way 'cause I thought it would be more secure - ie > less things running as root the better. But I guess its not possible to > be cracked via fetchmail since it doesn't accept connections, it makes > them itself. > > Any ideas 'cause it would be useful to know how to do it anyway.
Forget all that (except the ".fetchmailrc"), just do this -- #!/bin/bash # /etc/ppp/ip-up.d/fetchmail-up # Check the mail. cd /home/mail su mail -c "/usr/bin/fetchmail -d 900 -t 90 --silent --syslog" # end /etc/ppp/ip-up.d/fetchmail-down #!/bin/bash # /etc/ppp/ip-down.d/fetchmail-down # Terminate fetching mail cd /home/mail su mail -c "/usr/bin/fetchmail --quit" # end /etc/ppp/ip-down.d/fetchmail-down -- * For God so loved the world that He gave his only begotten Son, * * that whoever believes in Him should not perish... John 3:16 *
