"Philip" == Philip Guenther <guenther(_at_)gac(_dot_)edu> writes:
Philip> "Charles Hines" <chuck_hines(_at_)vnet(_dot_)IBM(_dot_)COM> writes:
I've just started using procmail, and I'm having a minor problem. My
system mailbox is a symbolic link to another file, and procmail keeps
removing that symbolic link on me and creating a 0 length file.
I see in the man page that this is expected behavior, but I really
can't have it doing that nor can I really understand why it would want
to do that instead of trying to follow the symlink to the actual file
it's pointing to and work with that instead.
Philip> The reason for this is that symlinks break dotlocking: a
Philip> dotlock is a lock on a _name_, and links (hard or soft) give
Philip> the same underlying object two or more names.
Ok, for this I can understand not wanting hard links, but following a
symbolic link through to the actual file (to access & lock via the
actual name) would be less of a problem. Or perhaps dotlock both the
symlink name and the actual file?
Besides, isn't dot locking a non-manditory type of lock anyways?
Programs that don't recognize that type of locking could write to the
file regardless, no?
And I still don't want it to nuke that symlink. It's set up that way
for a reason, and I have no control over it. I was able to get it to
stop nuking the symlink by commenting out the S_ISLNK check in
screenmailbox() in misc.c. Haven't seen any detrimental side effects
yet, but I'm going to keep a close eye on it.
Philip> In addition following symlinks offers all kinds of security
Philip> holes (readlink() and lstat() cannot be combined into an
Philip> atomic operation).
I'm not sure I see how that could be a security problem, at least not
in this instance. Could you give me an example?
But anyways, is there any way for me to stop this behavior via the
.procmailrc or something similiar, or will I have to go in and muck
with the source code to stop this behavior?
Philip> The solution is to tell procmail to use the true filename. If this
Philip> symlinking is for all users, then you should just recompile procmail
Philip> to use the correct algorithim to set ORGMAIL and DEFAULT.
I could recompile it with this new algorithm, as the users in my area
all use the same symlink setup, but a lot of people from other areas
sometimes come to me for tools and they wouldn't be able to use it
then.
Philip> If it's just you, then you can just set DEFAULT and ORGMAIL at
Philip> the top of your .procmailrc to the same and correct value.
There didn't seem to be any way to change the value of the system
mailbox via the rc file (tried setting ORGMAIL, but that didn't work).
Philip> You need to set DEFAULT as well as ORGMAIL (procmail first
Philip> tries delivery to $DEFAULT, then to $ORGMAIL).
I actually did try setting both of them, but it still nukes the
symlink since the the /var/spool/mail/$USER is hardcoded and can't be
overridden.
I think that ORGMAIL, if set in the rc file, should override this
hardcoded value (at least I think that makes sense), but the code
isn't currently set up that way.
For now, my change I mentioned above is working ok for me, I think.
But if I get a chance I'll dig through the code some more to see if
it's feasable to have ORGMAIL override this internal value or if some
other solution may be required.
Thanks,
Chuck
--
*******************************************************************************
Charles K. Hines <chuck_hines(_at_)vnet(_dot_)ibm(_dot_)com>
IBM Logic Synthesis Developer [BooleDozer (TM)]
Martial Arts Instructor [Modern Arnis, Presas Style Filipino Martial Arts]
"Go back to sleep, Chuck. You're just havin' a nightmare
-- of course, we ARE still in Hell." (Gary Larson)
*******************************************************************************