Bug#871688: exim4-base: using su in cronjob invokes a full pam-session. use runuser instead

Jakobus Schürz wertstoffe at nurfuerspam.de
Thu Aug 10 17:19:14 UTC 2017 

Package: exim4-base
Version: 4.89-2+deb9u1
Severity: normal

Dear Maintainer,

I have some systemd --user services from other packages.
The units are located in /etc/systemd/user/ or /usr/lib/systemd/user/
and enabled on installing.

When a daemon uses su or sudo on debian, it starts a service
user@$UID.service which is a systemd-daemon for the user-session. This
sessions are normally not started for Daemons with UID below 1000
(except Debian-gdm).

I asked on the systemd-mailinglist, whats the problem, because sometimes
exim starts an user-session (and with this the user-services which are
thought for login-users with UID greater-equal 1000).
They told me, there must be the use of su or sudo in some scripts from
the daemon.
I looked around and found, that there is su used in
/etc/cron.daily/exim4-base 

You find my changes below to use runuser instead of su, which solves the
problems comming from the su-command.

Best regards

Jakob


-- Package-specific info:
Exim version 4.89 #1 built 14-Jun-2017 05:03:07
Copyright (c) University of Cambridge, 1995 - 2017
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2017
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM DNSSEC Event OCSP PRDR PROXY SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite
Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa tls
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='smarthost'
dc_other_hostnames='aldebaran.xundeenergie.at;aldebaran;aldebaran.local;localhost'
dc_local_interfaces='127.0.0.1 ; ::1'
dc_readhost='xundeenergie.at'
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost='mail.xundeenergie.at::587'
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname='true'
dc_mailname_in_oh='true'
dc_localdelivery='dovecot_delivery'
mailname:xundeenergie.at
# /etc/default/exim4
EX4DEF_VERSION=''

# 'combined' -	 one daemon running queue and listening on SMTP port
# 'no'       -	 no daemon running the queue
# 'separate' -	 two separate daemons
# 'ppp'      -   only run queue with /etc/ppp/ip-up.d/exim4.
# 'nodaemon' - no daemon is started at all.
# 'queueonly' - only a queue running daemon is started, no SMTP listener.
# setting this to 'no' will also disable queueruns from /etc/ppp/ip-up.d/exim4
QUEUERUNNER='combined'
# how often should we run the queue
QUEUEINTERVAL='30m'
# options common to quez-runner and listening daemon
COMMONOPTIONS=''
# more options for the daemon/process running the queue (applies to the one
# started in /etc/ppp/ip-up.d/exim4, too.
QUEUERUNNEROPTIONS=''
# special flags given to exim directly after the -q. See exim(8)
QFLAGS=''
# Options for the SMTP listener daemon. By default, it is listening on
# port 25 only. To listen on more ports, it is recommended to use
# -oX 25:587:10025 -oP /run/exim4/exim.pid
SMTPLISTENEROPTIONS=''

-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (990, 'stable'), (700, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.12.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages exim4-base depends on:
ii  adduser                        3.115
ii  debconf [debconf-2.0]          1.5.61
ii  exim4-config [exim4-config-2]  4.89-2+deb9u1
ii  libc6                          2.24-11+deb9u1
ii  libdb5.3                       5.3.28-12+b1
ii  lsb-base                       9.20161125
ii  netbase                        5.4
ii  systemd-cron [cron-daemon]     1.5.8-1

Versions of packages exim4-base recommends:
ii  mailutils [mailx]  1:3.1.1-1
ii  psmisc             22.21-2.1+b2

Versions of packages exim4-base suggests:
ii  evolution [mail-reader]          3.22.6-1
pn  exim4-doc-html | exim4-doc-info  <none>
pn  eximon4                          <none>
ii  file                             1:5.30-1
ii  gnutls-bin                       3.5.8-5+deb9u2
ii  mailutils [mail-reader]          1:3.1.1-1
ii  mutt [mail-reader]               1.7.2-1
ii  openssl                          1.1.0f-3
ii  spf-tools-perl                   2.9.0-4
ii  swaks                            20170101.0-1
ii  thunderbird [mail-reader]        1:52.2.1-4~deb9u1

-- Configuration Files:
/etc/cron.daily/exim4-base changed:
if [ -n "$EX4DEBUG" ]; then
  echo "now debugging $0 $@"
  set -x
fi
E4BCD_DAILY_REPORT_TO=""
E4BCD_DAILY_REPORT_OPTIONS=""
E4BCD_WATCH_PANICLOG="yes"
E4BCD_PANICLOG_LINES="10"
E4BCD_PANICLOG_NOISE=""
if [ ! -x /usr/lib/exim4/exim4 ]; then
  exit 0
fi
[ -f /etc/default/exim4 ] && . /etc/default/exim4
SPOOLDIR="$(exim4 -bP spool_directory | sed 's/.*=[[:space:]]\(.*\)/\1/')"
E4BCD_MAINLOG_NOISE="^[[:digit:][:space:]:-]\{20\}\(\(Start\|End\) queue run: pid=[[:digit:]]\+\|exim [[:digit:]\.]\+ daemon started: pid=[[:digit:]]\+, .*\)$"
if [ -n "$E4BCD_DAILY_REPORT_TO" ]; then
  if [ -x "$(command -v eximstats)" ] && [ -x "$(command -v mail)" ]; then
    if [ "$(< /var/log/exim4/mainlog grep -v "$E4BCD_MAINLOG_NOISE" | wc -l)" -gt "0" ]; then
      < /var/log/exim4/mainlog grep -v "$E4BCD_MAINLOG_NOISE" \
                | eximstats $E4BCD_DAILY_REPORT_OPTIONS \
                | mail -s"$(hostname --fqdn) Daily e-mail activity report" \
		    $E4BCD_DAILY_REPORT_TO
    else
      echo "no mail activity in this interval" \
                | mail -s"$(hostname --fqdn) Daily e-mail activity report" \
		    $E4BCD_DAILY_REPORT_TO
    fi
  else
    echo "The exim4 cron job is configured to send a daily report, but eximstats"
    echo "and/or mail cannot be found. Please check and make sure that these two"
    echo "binaries are available"
  fi
fi
log_this() {
  TEXT="$@"
  if ! logger -t exim4 -p mail.alert $TEXT; then
    RET="$?"
    echo >&2 "ALERT: could not syslog $TEXT, logger return value $RET"
  fi
}
if [ "$E4BCD_WATCH_PANICLOG" != "no" ]; then
  if [ -s "/var/log/exim4/paniclog" ]; then
    if [ -x "/usr/local/lib/exim4/nonzero_paniclog_hook" ]; then
      /usr/local/lib/exim4/nonzero_paniclog_hook
    fi
    if [ -z "$E4BCD_PANICLOG_NOISE" ] || grep -vq "$E4BCD_PANICLOG_NOISE" /var/log/exim4/paniclog; then
      log_this "ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken"
      if ! printf "Subject: exim paniclog on %s has non-zero size\nTo: root\n\nexim paniclog /var/log/exim4/paniclog on %s has non-zero size, mail system might be broken. The last ${E4BCD_PANICLOG_LINES} lines are quoted below.\n\n%s\n" \
      "$(hostname --fqdn)" "$(hostname --fqdn)" \
      "$(tail -n "${E4BCD_PANICLOG_LINES}" /var/log/exim4/paniclog)" \
      | exim4 root; then
        log_this "PANIC: sending out e-mail warning has failed, exim has non-zero return code"
      fi
      if [ "$E4BCD_WATCH_PANICLOG" = "once" ]; then
        logrotate -f /etc/logrotate.d/exim4-paniclog
      fi
    fi
  fi
fi
if [ -x /usr/sbin/exim_tidydb ]; then
  cd $SPOOLDIR/db || exit 1
  if ! find $SPOOLDIR/db -maxdepth 1 -name '*.lockfile' -or -name 'log.*' \
    -or -type f -printf '%f\0' | \
      xargs -0r -n 1 \
      start-stop-daemon --start --exec /usr/sbin/exim_tidydb \
      --chuid Debian-exim:Debian-exim -- $SPOOLDIR > /dev/null; then
    # if we reach this, invoking exim_tidydb from start-stop-daemon has
    # failed, most probably because of libpam-tmpdir being in use
    # (see #373786 and #376165)
    find $SPOOLDIR/db -maxdepth 1 -name '*.lockfile' -or -name 'log.*' \
    -or -type f -printf '%f\0' | \
    runuser --shell=/bin/bash \
         Debian-exim \
         --session-command="xargs -0r -n 1 /usr/sbin/exim_tidydb $SPOOLDIR > /dev/null"
         
  fi
fi


-- debconf information:
  exim4-base/drec:
  exim4/purge_spool: false

More information about the Pkg-exim4-maintainers mailing list