Ok, that clears up some confusing.

So changing the perms of /var/qmail/plugins worked

Now I need to debug my plugin :/

Thanks for the help

On 10/23/07, Adam James <atj@...> wrote:
> On Tue, 23 Oct 2007 01:15:05 -0600
> "Matt Poletiek" <chill550@...> wrote:
>
> > Hey guys, I was attempting to write a plugin for my qmail-spp enabled
> > netqmail package when I ran into the following issue...
> >
> > hackdmz control # nc localhost 25
> > 220 hackdmz.net ESMTP
> > ehlo test
> > 250-hackdmz.net
> > 250-STARTTLS
> > 250-PIPELINING
> > 250-8BITMIME
> > 250-SIZE 0
> > 250 AUTH LOGIN PLAIN
> > mail from test@...
> > 250 ok
> > rcpt to test@...
> > 451 qmail-spp failure: plugins/validuser.pl: can't execute (#4.3.0)
> >
> > This shows up in dmesg
> >
> > grsec: From ***.***.***.***: denied untrusted exec of
> > /var/qmail/plugins/validuser.pl by
> > /var/qmail/bin/qmail-smtpd[qmail-smtpd:7451] uid/euid:201/201
> > gid/egid:200/200, parent /var/qmail/bin/qmail-smtpd[qmail-smtpd:7438]
> > uid/euid:201/201 gid/egid:200/200
> > grsec: From ***.***.***.***: denied untrusted exec of
> > /var/qmail/plugins/validuser.pl by
> > /var/qmail/bin/qmail-smtpd[qmail-smtpd:7861] uid/euid:201/201
> > gid/egid:200/200, parent /var/qmail/bin/qmail-smtpd[qmail-smtpd:7860]
> > uid/euid:201/201 gid/egid:200/200
>
> This is nothing to do with PaX, as you can see from the log messages.
> Grsecurity is denying the execution attempt because you have
> TPE enabled and the qmail user is not trusted.
>
> See `Executable Protections' under Grsecurity in your kernel
> configuration, or `sysctl -a |grep tpe` if you have Grsec sysctl
> functionality enabled and unlocked.
>
> --atj
>
> --
> gentoo-hardened@g.o mailing list
>
>


-- 
Matthew Poletiek
www.chill-fu.net
-- 
gentoo-hardened@g.o mailing list