[OpenAFS] PAG's and MTA's

Derek Atkins warlord@MIT.EDU
27 Nov 2002 19:36:26 -0500


Is the mailer trying to _Insert_ files into the directory?
You may need to add the 'i' permission.

-derek

Nathan Ward <nward@esphion.com> writes:

> I am attempting to get the courier mta running on a server, storing mail into afs in Maildirs.
> I have LDAP for nss.
> Kerberos for authentication.
> linux 2.4
> 
> I get permission denied errors when trying to drop mail into maildirs.
> Courier is getting the correct home dir (/afs/alb-nz.esphion.com/user/nward) and uids.
> I have run the courier startup script inside a pagsh, with the "mailerd/deliver" krb ticket and the mailerd.deliver AFS token.
> mailerd.deliver has "l" perms on all home dirs, and rlw on Maildirs and below.
> I have tried setting perms to "all" also. No effect.
> I have changed "maildrop" to rename() and not link().
> 
> My different theorys are:
> - Courier is trying setuid itself to "nward" (the user i'm delivering to) and not getting the afs tokens. Is that possible? I am logged in as nward on the machine, shouldn't afs use that user's tokens?
> - Courier doesnt have the tokens for the mailerd.deliver afs user once it forks or something.
> 
> Thoughts?
> 
> -- 
> 
> Nathan Ward
> System Administrator
> Esphion Ltd.
> 
> PH:    +64 9 4142060      | EMail: nward@esphion.com
> MOB:   +64 9 21 431675    | Web:   www.esphion.com
> 
> --
> 
> This message is provided "AS IS" with no warranties, and confers no rights.
> Any opinions or policies stated within are my own and do not necessarily constitute those of my employer.
> Harvesting of this address for purposes of bulk email (spam and UCE) is expressly prohibited unless by my explicit prior request.  I retaliate viciously against spammers and spam sites.
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available