1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20%5BRFC%5D%20msec%20%28nail%29%20can%27t%20send%20reports%20to%20local%0A%20users%20accounts%20-%20require%20an%20MTA%3F&In-Reply-To=%3C4E7B0BBC.4030604%40arcor.de%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="008298.html">
<LINK REL="Next" HREF="008307.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?</H1>
<B>Florian Hubold</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20%5BRFC%5D%20msec%20%28nail%29%20can%27t%20send%20reports%20to%20local%0A%20users%20accounts%20-%20require%20an%20MTA%3F&In-Reply-To=%3C4E7B0BBC.4030604%40arcor.de%3E"
TITLE="[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?">doktor5000 at arcor.de
</A><BR>
<I>Thu Sep 22 12:19:40 CEST 2011</I>
<P><UL>
<LI>Previous message: <A HREF="008298.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
</A></li>
<LI>Next message: <A HREF="008307.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#8306">[ date ]</a>
<a href="thread.html#8306">[ thread ]</a>
<a href="subject.html#8306">[ subject ]</a>
<a href="author.html#8306">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Am 21.09.2011 20:59, schrieb Mjules:
><i> Le Wed, 21 Sep 2011 20:35:38 +0200,
</I>><i> Florian Hubold<<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">doktor5000 at arcor.de</A>> a écrit :
</I>><i>
</I>>><i> Hello,
</I>>><i>
</I>>><i> during validation of validation of msec/sectool update candidates,
</I>>><i> a problem showed up: <A HREF="https://bugs.mageia.org/show_bug.cgi?id=1621">https://bugs.mageia.org/show_bug.cgi?id=1621</A>
</I>>><i> Seems mailx (on behalf of msec) can't send mails to local user
</I>>><i> accounts due to missing sendmail, citing one of the comments:
</I>>><i>
</I>>><i> <A HREF="https://bugs.mageia.org/show_bug.cgi?id=2255#c25">https://bugs.mageia.org/show_bug.cgi?id=2255#c25</A>
</I>>><i> But sendmail (or alternative) is required for local delivery.
</I>>><i> Try it out for yourself
</I>>><i>
</I>>><i> $ mailx -v -s "test mail" root
</I>>><i> EOT
</I>>><i> /usr/lib/sendmail: No such file or directory
</I>>><i> "/home/derek/dead.letter" 9/214
</I>>><i> . . . message not sent.
</I>>><i>
</I>>><i> This results in msec reports ending as /dead.letter and never being
</I>>><i> sent to the user who was specified in msec configuraion or during
</I>>><i> initial installation of Mageia.
</I>>><i>
</I>>><i> So i added a require on sendmail to msec. But sendmail conflicts
</I>>><i> with vacation, and more importantly with postfix.
</I>>><i> So how to solve this mess? Do we want the reports to not be sent
</I>>><i> to some local user account, we can leave it like it is and i'll
</I>>><i> remove the require on sendmail.
</I>>><i>
</I>>><i> But if we want security reports to be sent to local users if they
</I>>><i> specify so, how to proceed further?
</I>>><i>
</I>><i> Hi,
</I>><i>
</I>><i> IIRC mailx don't do local delivery alone. If we want to allow local
</I>><i> delivery but not require a full smtp server, we could use dma
</I>><i> (DragonFly Mail Agent [1]) which is a lightweight alternative.
</I>><i>
</I>><i> It seems sendmail-command is a provide of most of smtp package so maybe
</I>><i> you can add a require on it.
</I>><i>
</I>><i> regards
</I>><i> Julien
</I>><i>
</I>><i> [1] <A HREF="https://gitorious.org/dma&">https://gitorious.org/dma&</A> <A HREF="http://svnweb.mageia.org/packages/cauldron/dma/">http://svnweb.mageia.org/packages/cauldron/dma/</A>
</I>><i>
</I>The main problem when adding sendmail-command (or another MTA) is
that at least every default installation of Mageia 1 will get an MTA installed.
The question is, do we really want to force this on our users?
As Luc Menut already mentioned, msec works fine without an MTA, and
that all reports should be available under /var/log/security.
Also his proposal to change default msec config to not send reports
by email sounds sensible. So if nobody objects, i'll remove the require
on sendmail-command and change default msec config.
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="008298.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
</A></li>
<LI>Next message: <A HREF="008307.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#8306">[ date ]</a>
<a href="thread.html#8306">[ thread ]</a>
<a href="subject.html#8306">[ subject ]</a>
<a href="author.html#8306">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|