[Lurker-users] Fetchmail and lurker was Re: Permissions err…

Gerald Livingston ha scritto:
> On Fri, 18 Sep 2009 20:42:03 +0200
> legolas558 <legolas558@email.it> wrote:
>
>> Gerald Livingston ha scritto:
>>> I am having GREAT difficulty getting lurker to automagically add new
>>> messages to the archive on my Debian system.
>>>
>>> Every time I send a message to the archive address I get this in my
>>> mail logs:
>>>
>>> input/output error. Command output: /var/lib/lurker/db: Permission
>>> denied
>>>
>>>
>>> Just a permission error, right? But, here are the methods I've
>>> tried to use:
>>>
>>>
>>> 1. alias bska-archive: "| /usr/bin/lurker-index -l buskatiers -m"
>>>
>>> 2. .forward with "| /usr/bin/lurker-index -l buskatiers -m"
>>>
>>> They both fail. bska-archive *IS* a real user on the system that is
>>> a member of the lurker group. If I 'su - bska-archive' then run
>>> lurker-index manually on a mbox file it imports the message just
>>> fine so bska-archive *DOES* have correct permissions.
>>>

>>> /var/lib/lurker drwxrwsr-x 2 root    lurker  4096 2009-09-18 11:18

>>>
>>> from /etc/group:
>>> lurker:x:106:mail,postfix,www-data,ecartis,bska-archive
>>>
>>> I'm not using procmail or maildrop on this system.
>>>
>> Hi Gerald,
>>
>> question here is: *WHO* is sending data through a pipe to
>> lurker-index? Can you check that?
>>
>> I remember I had many similar issues and fixed them by creating a
>> simple MDA.
>>
>> Best regards,
>> --
>> Daniele
>
> I created a simple pipe shell script:
>
> #!/bin/bash
> echo $LOGNAME >> /home/testlogname
>
> I made it 777
>
> I made /home/testlogname 666
>
> I changed my aliases file to
>
> bska-archive: "| /home/bska-archive/elogname"
>
> I sent a message. It caused the script to write
>
> bska-archive
>
> into the log file./home/bska-archive/elogname
> I then created another alias
>
> supertest: "| /home/bska-archive/elogname"
>
> supertest does not exist as a real user on the system.
>
> It still wrote "supertest" into /home/testlogname so it is calling the
> script as the user to whom the message is sent.
>
> So, I chowned /home/bska-archive/elogname to root:lurker and chmod 770
> the script and 660 the file it writes to.
>
> Now I get a permission denied message again even though the
> bska-archive user is a member of the lurker group and both files are
> 660 so they should be writable by the group members.
>
> I made the writable file 666 again and it still fails. The script
> MUST be 777 world writable for postfix to deliver to it.
>
> That's ugly and shouldn't be happening.
>
> I'm going to try one or two more things then I need to wipe the lurker
> install completely and start fresh (I've hosed my database with test
> entries anyway).
>
> I was trying hard to avoid having to use yet another delivery option
> like procmail. I wanted to be able to just add an alias and go.
>
Hi Gerald,

it has elapsed quite some time but I remember I also tried this approach, then had to abandon it because it simply did not work. I am no linux/mail guru but I will tell you how I got the job done (it took a week to me).
Forget about the standard mail program and/or the mail aliases, I couldn't get it working with lurker.

1) install lurker, once its user/group is created also create a home directory for him, and set such home directory to owner lurker/lurker mode 0755
2) install fetchmail http://fetchmail.berlios.de/ version 6.3.8 (or the latest one you can get)
3) create /home/lurker/.fetchmailrc mode 0600 with this content:

poll mail.example.com:
    # server options
    with nodns,
    with protocol pop3,
    # user options
    user mailbox@example.com there, is, lurker here,
        with nokeep,
        with mda '/usr/bin/lurker-index -l buskatiers -m',
#       with fetchall,
    with stripcr,
    with password 'yourpasswordhere';

4) now create a cron job, run every 15 minutes for example, and have it run this script (lurker-fetch.sh)

#!/bin/bash
## Update lurker mailing lists archives
## @author legolas558
##
#

## TODO: check that this script is not already running, exit if yes

LISTS_USER=lurker
APACHE_USER=www-data

LURKER_DATA=/var/lib/lurker
LURKER_WWW=/var/www/lurker

chown -R $LISTS_USER.$APACHE_USER $LURKER_DATA $LURKER_WWW && \
echo "/usr/bin/fetchmail -s | sed '/^$/d'
/usr/bin/lurker-prune
" | su - $LISTS_USER
RV=$?

chown -R $APACHE_USER.$APACHE_USER $LURKER_DATA $LURKER_WWW
exit $RV

I know that in this approach lurker-fetch.sh is run by root, but it uses 'su' to run as the proper lurker user.

Yes, all this looks like bad hackery and sorcery, but it was the only way I could get it working and I am sharing it with you hoping that it will be useful. If you think something is not clear just ask me, I made the thing some time ago but I can go check the live system for some detail.

P.S. in my experience, fetchmail *works*, the others deserve the trash can

Best reards,
--
Daniele C. (aka legolas558)


> Thanks,
>
> Gerald
>
> ------------------------------------------------------------------------------
> Come build with us! The BlackBerry&reg; Developer Conference in SF, CA
> is the only developer event you need to attend this year. Jumpstart your
> developing skills, take BlackBerry mobile applications to market and stay
> ahead of the curve. Join us from November 9&#45;12, 2009. Register now&#33;
> http://p.sf.net/sfu/devconf
> _______________________________________________
> Lurker-users mailing list
> Lurker-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lurker-users
>