Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

check-permissions(1m) [opensolaris man page]

check-permissions(1M)					  System Administration Commands				     check-permissions(1M)

NAME
check-permissions - check permissions on mail rerouting files SYNOPSIS
/usr/sbin/check-permissions [login] DESCRIPTION
The check-permissions script is intended as a migration aid for sendmail(1M). It checks the /etc/mail/sendmail.cf file for all configured alias files, and checks the alias files for :include: files. It also checks for certain .forward files. For each file that check-permis- sions checks, it verifies that none of the parent directories are group- or world-writable. If any directories are overly permissive, it is reported. Otherwise it reports that no unsafe directories were found. As to which .forward files are checked, it depends on the arguments included on the command line. If no argument is given, the current user's home directory is checked for the presence of a .forward file. If any arguments are given, they are assumed to be valid logins, and the home directory of each one is checked. If the special argument ALL is given, the passwd entry in the /etc/nsswitch.conf file is checked, and all password entries that can be obtained through the switch file are checked. In large domains, this can be time-consuming. OPERANDS
The following operands are supported: login Where login is a valid user name, checks the home directory for login. ALL Checks the home directory of all users. FILES
/etc/mail/sendmail.cf Defines environment for sendmail /etc/mail/aliases Ascii mail aliases file ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWsndmu | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
getent(1M), sendmail(1M), aliases(4), attributes(5) SunOS 5.11 10 Nov 2003 check-permissions(1M)

Check Out this Related Man Page

aliascheck(1)							Mail Avenger 0.8.3						     aliascheck(1)

NAME
aliascheck - check for existence of mail alias SYNOPSIS
aliascheck [--nopwd] name [alias-file] aliascheck --map [--case] name map-file aliascheck --qmail [--nopwd] name [alias-user] DESCRIPTION
aliascheck checks whether name is a valid email alias or a user in the password file. It converts name to lower-case before performing any of the checks. If the alias or user exists, aliascheck exits with status 0 and outputs what the address resolves to. If the alias does not exist, aliascheck exits with status 1. If aliascheck cannot determine the validity of name because of some system error, it exits with status 2. aliascheck can run in three different modes--sendmail alias mode (the default), sendmail map mode, and qmail mode. In sendmail alias mode the second argument, alias-file, is the name of the sendmail alias file, typically /etc/mail/aliases.db. If no second argument is supplied, aliascheck first checks for the existence of /etc/mail/aliases.db, then for the existence of /etc/aliases.db, then finally exits with status 2 if neither file exists. When an alias is found, aliascheck outputs the value of that alias in the alias database. When aliascheck is invoked with --map, it looks up name in map-file, which should be a database created with sendmail's makemap(8) utility. Note that maps have a slightly different and incompatible format from that of alias files. Use the --case argument to prevent name from being folded to lower-case before it is looked up in the database. Note that --map implies the --nopwd option. When aliascheck is given the argument --qmail, it runs in qmail mode. In this case, the second argument, alias-user, specifies the user under which qmail processes mail aliases. aliascheck will check this user's home directory for files named .qmail-XXX for various appropriate suffixes XXX. On success, it outputs the full pathname of the appropriate file. If aliascheck cannot find an alias, it also checks the password file, and exits 0 if it can find name there. If name is found, aliascheck also outputs name (in lower-case) to standard output before exiting. (This is useful for Mail Avenger, because asmtpd does not recognize users with invalid shells or UID 0, while MTAs typically do.) To suppress password file checking, supply the --nopwd argument to aliascheck. EXAMPLES
If you are using Mail Avenger in conjunction with a sendmail installation, you might want to put the following code in your /etc/avenger/unknown file to reject mail for unknown users who do not show up in the alias file. aliascheck "$RECIPIENT_LOCAL" /etc/mail/aliases.db > /dev/null case "$?" in 0) # Fall through to default checks ;; 1) reject unknown user ;; *) # Probably safest to do nothing, but could also # defer the mail with the following command: # #defer Temporary error processing alias file ;; esac If you have qmail instead of sendmail, assuming the qmail alias user is called "alias", you would change the first line in the previous example to: aliascheck --qmail "$RECIPIENT_LOCAL" alias > /dev/null FILES
/etc/avenger/unknown Mail Avenger rules for local email addresses that do not correspond to local users, or correspond to local users without valid shells, or local users with uid 0 (i.e., root). Note the location may be different if you set EtcDir in your asmtpd.conf file. /etc/mail/aliases.db /etc/aliases.db Default locations of sendmail alias file /etc/mail/virtusertable.db Default location of the sendmail virtual user table map, when this feature is in use. ~alias/.qmail-* Default locations of qmail alias files /etc/password System password file. (Note, however, that aliascheck uses the getpwnam function, and will thus be compatible with schemes such as NIS that do not keep all users in the local password file.) SEE ALSO
avenger(1), asmtpd.conf(5), makemap(8), The Mail Avenger home page: <http://www.mailavenger.org/>. BUGS
aliascheck doesn't necessarily know how to parse the particular database format your sendmail installation uses for aliases. Make sure you test it before using it in an avenger script. In some sendmail installations, the alias database is not world readable, which can obviously prevent aliascheck from working properly if run under the wrong user identity (such as the AvengerUser). It is quite possible for aliascheck to return a system error (exit code 2), particularly if you run it while you are rebuilding a large alias database. (aliascheck checks for the existence of special key "@" in the database.) Make sure you differentiate between error code 1 (no user) and error code 2 (system error). aliascheck may not do the right thing if you installed qmail with conf-break set to a character other than "-". Remember that aliascheck does not read your qmail users/assign or users/cdb files--it only checks for .qmail files in the alias user's home directory. AUTHOR
David Mazieres Mail Avenger 0.8.3 2012-04-05 aliascheck(1)
Man Page