Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sendmail config error: Warning: program unsafe
Top Forums UNIX for Advanced & Expert Users Sendmail config error: Warning: program unsafe Post 302229287 by Mariognarly on Tuesday 26th of August 2008 04:43:04 PM
Old 08-26-2008
Error Sendmail config error: Warning: program unsafe
I trying to to run RT 3.6.7 on Solaris 10. I am using Sendmail v. 8.13.8. I'm using this guide from Sun:

http://www.sun.com/bigadmin/features...q_track_1.html
http://www.sun.com/bigadmin/features...q_track_2.html

uname -a
SunOS vpd1tst1no 5.10 Generic_127111-11 sun4u sparc SUNW,Sun-Fire-V215

I have RT installed and running, using Apache, MySQL, OpenSSL. rt-mailgate basically is setup as an alias for sendmail. Sendmail accepts mail, pipes it to rt-mailgate(RT), and that parses it to an httpd process using perl, which ultimately creates a trouble ticket in the RT application. However my problem lies with 'RT' receiving mail from Sendmail. I believe I have a sendmail configuration problem.

I send mail via the command line:

"sendmail -v General" (General is the name of an alias in /etc/mail/aliases)

and the mail piped to RT shows this (/var/adm/messages):

Aug 21 14:26:16 vpd1tst1no sm-mta[8091]: [ID 801593 mail.info] m7LKQGhW008090: Warning: program /usr/lib/smrsh unsafe: No such file or directory
Aug 21 14:26:16 vpd1tst1no last message repeated 1 time
Aug 21 14:26:16 vpd1tst1no sm-mta[8091]: [ID 801593 mail.crit] m7LKQGhW008090: SYSERR(root): Cannot exec /usr/lib/smrsh : No such file or directory
Aug 21 14:26:16 vpd1tst1no last message repeated 1 time


Now I understand sendmail uses its restricted shell when an alias instructs it to pipe to a program. Sendmail is configured to use smrsh, and I have placed a symlink and/or copy of rt-mailgate in /var/adm/sm.bin.... which is sendmail's authorized programs directory. But still the above error occurs.

I've reconfigured sendmail.cf to use /bin/bash instead of /usr/lib/smrsh instead, without success. Permissions on smrsh look okay as far as I know. I still get the same result...just now with the different shell reference:

Aug 21 15:15:43 vpd1tst1no sm-mta[8171]: [ID 801593 mail.info] m7LLFgpJ008170: Warning: program /bin/bash unsafe: No such file or directory
Aug 21 15:15:43 vpd1tst1no last message repeated 1 time
Aug 21 15:15:43 vpd1tst1no sm-mta[8171]: [ID 801593 mail.crit] m7LLFgpJ008170: SYSERR(root): Cannot exec /bin/bash : No such file or directory
Aug 21 15:15:43 vpd1tst1no last message repeated 1 time


I've checked my $PATH to make sure it can find /usr/lib/smrsh or /bin/bash (even though its pretty hard to miss those). I've tried sending mail as root, and both as a regular user. I've also included the DontBlameSendmail flags, in the sendmail config, to ease up on the security configuration parameters of sendmail itself. Still no luck.

I am able to send mail successfully to local users.

Also, when I run the RT program with sendmail's shell outside of sending an email with sendmail, it runs properly, however doesn't have any flags to pass an email to it via STDIN.

# smrsh -c | /usr/local/rt3/bin/rt-mailgate --queue General --action correspond --url https://localhost/
Usage: smrsh -c command
/usr/local/rt3/bin/rt-mailgate: no message passed on STDIN!
#



Any thoughts on the warning: program unsafe errors sendmail is throwing?
 

10 More Discussions You Might Find Interesting

1. Solaris

sendmail - config help?

Hi, I need to configure sendmail to use an external mail server for internet mail's... Anyone help me at all? (6 Replies)
Discussion started by: frustrated1
6 Replies

2. UNIX for Dummies Questions & Answers

Sendmail config on AIX 5.3

Hi, I've looked through the posts here and tried everything and cannot get sendmail to work properly. The server only needs to send and not receive mail. I need it to be routed through an open relay which has ip address of 10.126.35.8. Here's what I've done so far: I have amended... (1 Reply)
Discussion started by: johnbrickell
1 Replies

3. Solaris

Sendmail Config Question

Hi, I have sendmail configured on my SOLARIS 10 server. But right now, it uses by default root@mysun.localdomain. I wanted to change the default from field to a outside ISP address, so that I can send email to any outside internet email address without changing the FROM field...... because... (5 Replies)
Discussion started by: callingrohit
5 Replies

4. Solaris

Sendmail Config - Open Relay

Puzzled; I have two Solaris systems, both running Solaris 5.8 and Sendmail version 8.11.7p1. One of the machines will not allow relaying (via anonymous connection to port 25). The other will allow relaying from anywhere to anywhere with impunity. I can not find any fundemental difference in the... (1 Reply)
Discussion started by: fosteria
1 Replies

5. Linux

sendmail client config

Hi All, I have a mail server A and a DNS Server B. I am trying to send mail from client C. I have configured the DNS entry in client in the file /etc/resolv.conf and restarted sendmail. My issues : Send mail is working for sending mails to external domain like gmail or yahoo. But the... (0 Replies)
Discussion started by: jegaraman
0 Replies

6. Solaris

sendmail pipe to a program.

Hello, I recently upgraded our server from Solaris 8 to 9. The sendmail is unabled to pipe the email to a perl script. I can send and received email to local and external mail, but the script did not get the email. There is no error in the log and I could not find any thing on the web. Here... (0 Replies)
Discussion started by: ld98
0 Replies

7. UNIX for Advanced & Expert Users

sendmail config question

I configured Solaris 10 server to send all mails to our exchange server via D{MTAHost} in submit.cf. but now I don't get internal messages like cron output. what can I do? (2 Replies)
Discussion started by: amozofer
2 Replies

8. Shell Programming and Scripting

Read from config file and use it in perl program

Hi, I want to configure some values in config file like below work_dir /home/work csv_dir /home/csv sql_dir /home/sqls reportfirst yes and i want to store each value in variable to use it further in my my perl program ?? any thought on this(i am new to perl) ? ... (2 Replies)
Discussion started by: raghavendra.nsn
2 Replies

9. Debian

Program compile problem (glib pkg-config)

I need to compile a program which uses glib-2.0. I installed the package libglib2.0-0 but the configure script can't find it because the libglib package doesn't provide a .pc file which pkg-config looks for. How can I resolve this? Debian 6.0 (SPARC) (3 Replies)
Discussion started by: snorkack59
3 Replies

10. Ubuntu

Memory card partition table corrupted after unsafe removal

Memory card partition table got corrupted after unsafe removal. Is there any possible recovery ?.. If i list using fdisk fdisk -l root@ubuntu:/usr/arm-fsl-linux-gnueabi/arm-fsl-linux-gnueabi/multi-libs# fdisk -l /dev/sdc Disk /dev/sdc: 3965 MB, 3965190144 bytes 122 heads, 62... (2 Replies)
Discussion started by: roonie
2 Replies

LEARN ABOUT REDHAT

smrsh

SMRSH(8)						      System Manager's Manual							  SMRSH(8)

NAME

       smrsh - restricted shell for sendmail

SYNOPSIS

       smrsh -c command

DESCRIPTION

       The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files.  It sharply limits
       the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all security of your system.   Briefly,
       even  if  a  ``bad guy'' can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs
       that he or she can execute.

       Briefly, smrsh limits programs to be in a single directory, by default /etc/smrsh, allowing the system administrator to choose the  set	of
       acceptable  commands, and to the shell builtin commands ``exec'', ``exit'', and ``echo''.  It also rejects any commands with the characters
       ``', `<', `>', `;', `$', `(', `)', `
' (carriage return), or `
' (newline) on the command line to prevent ``end run'' attacks.  It allows
       ``||'' and ``&&'' to enable commands like: ``"|exec /usr/local/bin/procmail -f- /etc/procmailrcs/user || exit 75"''

       Initial	pathnames  on programs are stripped, so forwarding to ``/usr/ucb/vacation'', ``/usr/bin/vacation'', ``/home/server/mydir/bin/vaca-
       tion'', and ``vacation'' all actually forward to ``/etc/smrsh/vacation''.

       System administrators should be conservative about populating the /etc/smrsh directory.	Reasonable additions are vacation(1), procmail(1),
       and  the  like.	 No  matter  how brow-beaten you may be, never include any shell or shell-like program (such as perl(1)) in the /etc/smrsh
       directory.  Note that this does not restrict the use of shell or perl scripts in the sm.bin directory (using the ``#!'' syntax); it  simply
       disallows execution of arbitrary programs.

FILES

       /etc/smrsh - directory for restricted programs

SEE ALSO

       sendmail(8)

							   $Date: 2002/04/25 13:33:40 $ 						  SMRSH(8)
All times are GMT -4. The time now is 02:01 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy