[rt-users] rt-mailgate: Permission denied

Jeff Melton jeff at ifworld.com
Tue Jun 16 15:00:28 EDT 2015

On Tue, Jun 16, 2015 at 11:54:52AM -0400, Matt Brennan wrote:
>On my system, the application is world executable. I don't recall if that's
>the default or I changed it. I'm sure someone here will say that's a bad
>idea, security wise.
>At a minimum, it needs to be executable by whatever user ID postfix is
>running as. If you want to lock down the executable, you'd need to check
>what user ID you have postfix running as and set the group to one which
>contains that user ID (you'd also need to make sure it's group executable).
Thanks! The whole of /opt/rt4 is 755 right now, with everything executed by root. The postfix master process is owned by root; qmgr and pickup are owned by postfix. /opt/rt4 is root:www-data right now, but I've tried it root:root as well. I've tried adding the postfix user to the root and www-data groups, and that has no effect.

>On Tue, Jun 16, 2015 at 11:33 AM, Jeff Melton <jeff at ifworld.com> wrote:
>> I'm setting up a new RT server, and I'm having some trouble getting
>> rt-mailgate to accept email piped from postfix.
>>         `Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
>> Permission denied`
>> Best I can tell, it's likely to be a permissions issue. What owner, group
>> and mode should RT be using? Are there any other gotchas I need to be
>> looking at? (I've configured role, group and user permissions in the RT
>> GUI.)
>> JM

More information about the rt-users mailing list