sendmail/setuid
Brian Inglis
Brian.Inglis@SystematicSw.ab.ca
Sun Dec 27 17:34:13 GMT 2020
On 2020-12-27 07:53, Tomas By wrote:
> On Thu, 24 Dec 2020 20:12:17 +0100, Brian Inglis wrote:
>> On 2020-12-24 04:17, Tomas By wrote:
>>> I'm using the Cygwin Sendmail (8.14), and am getting this in the log
>>> file of a program that is supposed to send an email.
>>>
>>> | 451 4.0.0 drop_privileges: setuid(18) failed: Operation not permitted
>>> | RSET
>>> | 250 2.0.0 Reset state
>>>
>>> Does this come from Cygwin? It would be odd if it is from the program.
>>>
>>> There is no user 18. The Windows user id's (I think) are 500, 501,
>>> 1000, 1002, 1003.
>>
>> $ getent passwd 18
>> SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
>>> What is the simplest solution?
>>>
>>> I had it working before I reinstalled, but I tried many things, most
>>> of which I do not want to repeat.
>> Process or program may need to be run elevated with admin privileges,
>> or configured to not require them if that is even possible.
>> The easiest way to do that I have found is to create a Windows task to
>> run elevated (with highest privileges) under user SYSTEM and run a
>> shell invoking a shell script.
>> The task may then start up Cygwin services to run elevated under user
>> SYSTEM or however each is configured.
> Ok, thanks. I have now got to the point where it works if I start it
> from a "run as administrator" command shell.
>
> I start Sendmail by "sendmail start" in /etc/rc.d/init.d/".
>
> What is the easiest way to automate this without interaction? Ideally
> from a normal account (which is also an "administrator" if that matters).
>
> I want to have a .bat file in the Startup folder that starts Sendmail.
The easiest way to do that I have found is to create a Windows task to run
elevated (with highest privileges) under user SYSTEM and run a shell invoking a
shell script.
The task is normally run at system startup, and the shell script uses cygrunsrv
to start all services, but could be run at user login instead I believe, or
whatever other approach you have to execute scripts as elevated admin processes.
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
More information about the Cygwin
mailing list