| Summary: | cyrus-imapd cron script using illegal nologin switch "c" | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Frank Griffin <ftg> |
| Component: | RPM Packages | Assignee: | All Packagers <pkg-bugs> |
| Status: | NEW --- | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | cyrus-imapd | CVE: | |
| Status comment: | |||
|
Description
Frank Griffin
2017-06-07 15:49:23 CEST
Assigning to all packagers as cyrus-imapd has no registered maintainer. Assignee:
bugsquad =>
pkg-bugs Comes from the fact that the cyrus user has /sbin/nologin set as its shell, but /etc/cron.daily/cyrus-imapd (aka SOURCES/cyrus-imapd.cron-daily) runs this:
su - cyrus -c "umask 077 ; /usr/lib/cyrus-imapd/ctl_mboxlist -d | gzip > ${mboxlist}.gz"
which is not a working combination.
Often needed to be done is su - apache -c "commands" so the way this is handled there is the apache user has /bin/sh as its shell (but ! as its password hash in /etc/shadow so the account still can't be directly logged in to).
This package doesn't use our standard macro for creating the cyrus user, so that needs to be fixed, but the shell should also be changed. Unfortunately, this issue existed in Mageia 5 as well, so users upgrading will need to fix the cyrus user's shell manually (unless we want to risk a scriplet to fix it automatically).
Well, I don't use cyrus-imapd but I just installed it and it still uses nologin as its shell, so I imagine this hasn't been fixed. Ping ? |