Permission denied on "Feed to program" alias

Joe's picture
Submitted by Joe on Sun, 03/08/2015 - 16:19 Pro Licensee

Hey Jamie,

I think there's something bug-like in the "Feed to program" option for aliases. I'm getting this:

Mar 8 16:59:19 joe2 postfix/local[2794]: 5C62D20BF: to=testfeed-austinlinuxguy.com@joe2.cloud.virtualmin.com, orig_to=testfeed@austinlinuxguy.com, relay=local, delay=0.18, delays=0.16/0/0/0.02, dsn=4.3.0, status=deferred (temporary failure. Command output: local: fatal: execvp /home/austinlinuxguy/testfeed.php: Permission denied )

I was testing to try to answer this question over on stackoverflow:

http://stackoverflow.com/questions/28923771/virtualmin-feed-to-program-c...

I figured he was just doing something wrong, but everything looks legit, to me. I'm getting the same error even with the script owned by the domain own, in the domain owner home directory, and executable.

I'm guessing the su to user bit isn't working as expected here? Maybe because it is an alias with no user attached it isn't correctly becoming the domain owner user to execute the script? I'm not sure how to troubleshoot this one.

Status: 
Active

Comments

Submitted by JamieCameron on Sun, 03/08/2015 - 18:11

Are you creating this alias in Virtualmin, or Usermin? Because if it is in Virtualmin, any alias command are run by Postfix as the user nobody which probably can't even access domains' home directories.

However, forwards created in Usermin have their commands run via procmail as the receiving user, which should have the permissions needed.

Joe's picture
Submitted by Joe on Sun, 03/08/2015 - 18:51 Pro Licensee

This is in Virtualmin on the Edit Aliases page. Again, seems bug-like. The option is there, but it would simply never work in any circumstance I can imagine (i.e. what good is a pipe if you can't have it write out to a file or something in the users home?).

Submitted by JamieCameron on Sun, 03/08/2015 - 19:25

Yeah, it's pretty limited - the only case it will work is when running a command in some common directory, like /usr/local. Because of it's limited usefulness, the option is hidden in the "Advanced" tab when creating an alias in a default Virtualmin install.

I'd be open to removing it completely though.