A fix for sendmail in 10.1.5

Jun 06, '02 09:53:52AM

Contributed by: mta

[Editor's note: Much of the following has been discussed in the comments to the 10.1.5 update article, but I thought it worth having the information in a standalone hint.]

I have a number of scripts that use the unix mail command (/usr/bin/mail, not the mail.app program) to send me messages when something interesting happens. These stopped working after I upgraded to 10.1.5 since the mail command failed with the message

can not chdir(/var/spool/clientmqueue/): Permission denied
Program mode requires special privileges, e.g., root or TrustedUser.
It turns out that the new version of sendmail in 10.1.5 has improved security and some of the files and directories in 10.1.5 don't have quite the right mode for sendmail to work right as a submission program, although it still works ok (I think) as a daemon.

I found a page on the sendmail.org web site that explained what had changed and how the modes should be set. In brief, the files and directories that matter and the desired modes are
-r-xr-sr-x	root   smmsp	... /PATH/TO/sendmail
drwxrwx--- smmsp smmsp ... /var/spool/clientmqueue
drwx------ root wheel ... /var/spool/mqueue
-r--r--r-- root wheel ... /etc/mail/sendmail.cf
-r--r--r-- root wheel ... /etc/mail/submit.cf
On my machine they were set as:
-r-sr-xr-x      root   smmsp    ... /usr/sbin/sendmail
drwxrwx--- root wheel ... /var/spool/clientmqueue
drwxr-x--- root wheel ... /var/spool/mqueue/
-rw-r--r-- root wheel ... /etc/mail/sendmail.cf
-r--r--r-- root bin ... /etc/mail/submit.cf
I think the important one that kept things from working was the incorrect owner and group for clientmqueue, but I fixed the others too. After that the mail command, as in
mail -s "Some subject" me@my.host
message text
^D
works again.

Comments (15)


Mac OS X Hints
http://hints.macworld.com/article.php?story=2002060609535245