Procmail not removing lockfiles before setuid() call

G'day,

I just recently wrote a little /etc/procmailrc recipe to store all incoming
emails to a backup file (sendmail, local_procmail feature).  I've come across 
an unusual problem in that procmail seems to create a lockfile owned as root
but it switches uid to the local user to continue mail delivery before it 
unlinks
the lockfile.  This causes procmail to hang on all subsequent deliveries unless
the lockfile is manually removed.  

The following should show the problem, it's a truss log (Solaris 8 x86).  This
shows an existing stale lockfile locking up procmail from writing to 
/tmp/mail-knox.  This was the only way I could truss -p the procmail process
to see why it was not unlinking the lockfile.  

Any advice would be appreciated. :-)


Brendan
knox(_at_)snout(_dot_)net


# cat /etc/procmailrc 
VERBOSE=yes
LOGFILE=/tmp/logfile

:0c:
/tmp/mail-$LOGNAME
# mail knox
testing
.
# mailq
                /var/spool/mqueue (1 request)
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
f9IDWdPe005591*       9 Thu Oct 18 06:32 
<knox(_at_)sloth(_dot_)xxxxxxxx(_dot_)xxx>
                                         
<knox(_at_)sloth(_dot_)xxxxxxxx(_dot_)xxx>
                Total requests: 1
# ls -l
total 120
-rw-------   1 root     mail       11158 Oct 18 06:32 logfile
-rw-------   1 root     mail        4542 Oct 18 06:31 mail-knox
-r--------   1 root     mail           1 Oct 18 06:31 mail-knox.lock
# ps -elf | grep procmail
 8 S     root  5593  5592  0  41 20 e17a20b0    418 e17a22dc 06:32:39 ?        
0:00 procmail -f knox(_at_)xxxxxxxx(_dot_)xxx -Y -a  -
# truss -p 5593
    *** SGID: rgid/egid/sgid = 0 / 6 / 6  ***
sigsuspend(0x08047C04)          (sleeping...)
    Received signal #14, SIGALRM, in sigsuspend() [caught]
sigsuspend(0x08047C04)                          Err#4 EINTR
setcontext(0x080479F0)
alarm(0)                                        = 0
sigprocmask(SIG_UNBLOCK, 0x08047C24, 0x00000000) = 0
sigaction(SIGALRM, 0x08047BA8, 0x00000000)      = 0
time()                                          = 1003411983
write(2, " p r o c m a i l :   [ 5".., 42)      = 42
write(2, " p r o c m a i l :   L o".., 40)      = 40
lxstat(2, "/tmp/_ZXB%3ntz7.sloth", 0x08047B44)  Err#2 ENOENT
open("/tmp/_ZXB%3ntz7.sloth", O_WRONLY|O_CREAT|O_EXCL, 0444) = 6
write(6, " 0", 1)                               = 1
close(6)                                        = 0
xstat(2, "/tmp/_ZXB%3ntz7.sloth", 0x08047C14)   = 0
link("/tmp/_ZXB%3ntz7.sloth", "/tmp/mail-knox.lock") Err#17 EEXIST
lxstat(2, "/tmp/_ZXB%3ntz7.sloth", 0x08047A74)  = 0
lxstat(2, "/tmp/mail-knox.lock", 0x080479EC)    = 0
unlink("/tmp/_ZXB%3ntz7.sloth")                 = 0
lxstat(2, "/tmp/mail-knox.lock", 0x08047CE4)    = 0
lxstat(2, "/tmp/mail-knox.lock", 0x08047CE4)    = 0
alarm(0)                                        = 0
sigaction(SIGALRM, 0x08047BA8, 0x08047C34)      = 0
sigprocmask(SIG_BLOCK, 0x08047C24, 0x08047C14)  = 0
alarm(8)                                        = 0
sigsuspend(0x08047C04)          (sleeping...)
    Received signal #14, SIGALRM, in sigsuspend() [caught]
sigsuspend(0x08047C04)                          Err#4 EINTR
setcontext(0x080479F0)
alarm(0)                                        = 0
sigprocmask(SIG_UNBLOCK, 0x08047C24, 0x00000000) = 0
sigaction(SIGALRM, 0x08047BA8, 0x00000000)      = 0

 -------- another shell removes /tmp/mail-knox.lock --------

time()                                          = 1003411991
write(2, " p r o c m a i l :   [ 5".., 42)      = 42
write(2, " p r o c m a i l :   L o".., 40)      = 40
time()                                          = 1003411991
lxstat(2, "/tmp/_ZXB.Xotz7.sloth", 0x08047B44)  Err#2 ENOENT
open("/tmp/_ZXB.Xotz7.sloth", O_WRONLY|O_CREAT|O_EXCL, 0444) = 6
write(6, " 0", 1)                               = 1
close(6)                                        = 0
xstat(2, "/tmp/_ZXB.Xotz7.sloth", 0x08047C14)   = 0
link("/tmp/_ZXB.Xotz7.sloth", "/tmp/mail-knox.lock") = 0
unlink("/tmp/_ZXB.Xotz7.sloth")                 = 0
time()                                          = 1003411991
alarm(960)                                      = 0
xstat(2, "/tmp/mail-knox", 0x08047C34)          = 0
time()                                          = 1003411991
write(2, " p r o c m a i l :   A s".., 48)      = 48
time()                                          = 1003411991
write(2, " p r o c m a i l :   O p".., 35)      = 35
open("/tmp/mail-knox", O_WRONLY|O_APPEND|O_CREAT, 0667) = 6
lseek(6, 0, SEEK_END)                           = 4542
lseek(6, 0, SEEK_END)                           = 4542
write(6, " F", 1)                               = 1
fxstat(2, 6, 0x08047C34)                        = 0
alarm(0)                                        = 960
sigaction(SIGALRM, 0x08047AF8, 0x08047B84)      = 0
sigprocmask(SIG_BLOCK, 0x08047B74, 0x08047B64)  = 0
alarm(1)                                        = 0
    Received signal #14, SIGALRM, in sigsuspend() [caught]
sigsuspend(0x08047B54)                          Err#4 EINTR
setcontext(0x08047940)
alarm(0)                                        = 0
sigprocmask(SIG_UNBLOCK, 0x08047B74, 0x00000000) = 0
sigaction(SIGALRM, 0x08047AF8, 0x00000000)      = 0
alarm(959)                                      = 0
time()                                          = 1003411992
alarm(959)                                      = 959
write(6, " r o m   k n o x @ s n o".., 569)     = 569
fdsync(6, O_RDONLY|O_SYNC)                      = 0
close(6)                                        = 0
alarm(0)                                        = 959
lseek(5, 0, SEEK_CUR)                           = 58
read(5, 0x08059880, 1024)                       = 0
close(5)                                        = 0
time()                                          = 1003411992
write(2, " p r o c m a i l :   [ 5".., 42)      = 42
write(2, " p r o c m a i l :   A s".., 82)      = 82
xstat(2, "/home/knox/.procmailrc", 0x08047D74)  Err#2 ENOENT
open("/home/knox/.procmailrc", O_RDONLY)        Err#2 ENOENT
setuid(100)                                     = 0
xstat(2, "/var/mail/knox", 0x08047CA4)          = 0
waitid(P_ALL, 0, 0x08047BC4, WEXITED|WTRAPPED|WNOHANG) Err#10 ECHILD
time()                                          = 1003411992
write(2, " p r o c m a i l :   U n".., 42)      = 42
unlink("/tmp/mail-knox.lock")                   Err#13 EACCES
time()                                          = 1003411992
write(2, " p r o c m a i l :   C o".., 48)      = 48
setegid(6)                                      = 0
time()                                          = 1003411992
write(2, " p r o c m a i l :   L o".., 40)      = 40
lxstat(2, "/var/mail/_ZXB,Xotz7.sloth", 0x08047B04) Err#2 ENOENT
open("/var/mail/_ZXB,Xotz7.sloth", O_WRONLY|O_CREAT|O_EXCL, 0444) = 5
fxstat(2, 5, 0x08047A7C)                        = 0
lxstat(2, "/var/mail/_ZXB,Xotz7.sloth", 0x08047B04) = 0
write(5, " 0", 1)                               = 1
close(5)                                        = 0
xstat(2, "/var/mail/_ZXB,Xotz7.sloth", 0x08047BD4) = 0
link("/var/mail/_ZXB,Xotz7.sloth", "/var/mail/knox.lock") = 0
unlink("/var/mail/_ZXB,Xotz7.sloth")            = 0
time()                                          = 1003411992
write(2, " p r o c m a i l :   A s".., 48)      = 48
time()                                          = 1003411992
write(2, " p r o c m a i l :   O p".., 35)      = 35
open("/var/mail/knox", O_WRONLY|O_APPEND|O_CREAT, 0667) = 5
lseek(5, 0, SEEK_END)                           = 46591
lseek(5, 0, SEEK_END)                           = 46591
write(5, " F", 1)                               = 1
fxstat(2, 5, 0x08047CA4)                        = 0
write(5, " r o m   k n o x @ s n o".., 569)     = 569
fdsync(5, O_RDONLY|O_SYNC)                      = 0
close(5)                                        = 0
setegid(6)                                      = 0
time()                                          = 1003411992
write(2, " p r o c m a i l :   U n".., 42)      = 42
unlink("/var/mail/knox.lock")                   = 0
sigaction(SIGTERM, 0x08047D20, 0x08047D7C)      = 0
sigaction(SIGHUP, 0x08047D10, 0x08047D6C)       = 0
sigaction(SIGINT, 0x08047D20, 0x08047D7C)       = 0
sigaction(SIGQUIT, 0x08047D10, 0x08047D6C)      = 0
getpid()                                        = 5593 [5592]
so_socket(2, 1, 17, "", 1)                      = 5
sendto(5, " k n o x @ 4 6 5 9 1 : /".., 25, 0, 0x08059D64, 16) = 25
close(5)                                        = 0
time()                                          = 1003411992
write(2, " p r o c m a i l :   N o".., 55)      = 55
write(2, " F r o m   k n o x @ s n".., 46)      = 46
write(2, "     F o l d e r :   / v".., 38)      = 38
close(4)                                        = 0
fxstat(2, -1, 0x08047D34)                       Err#9 EBADF
_exit(0)
# procmail -v
procmail v3.21 2001/06/29
    Copyright (c) 1990-1999, Stephen R. van den Berg    <srb(_at_)cuci(_dot_)nl>
    Copyright (c) 1997-2001, Philip A. Guenther         
<guenther(_at_)sendmail(_dot_)com>

Submit questions/answers to the procmail-related mailinglist by sending to:
        <procmail-users(_at_)procmail(_dot_)org>

And of course, subscription and information requests for this list to:
        <procmail-users-request(_at_)procmail(_dot_)org>

Locking strategies:     dotlocking
Default rcfile:         $HOME/.procmailrc
Your system mailbox:    /var/mail/root
# 

_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail