# ugidfw rules



## rusty (Nov 19, 2010)

Just started dabbling with MAC and am currently using the default rc.bsdextended to see how things work.
One thing I noticed was the inability to send mail to other users or via KMail, 

In /var/log/maillog

```
Nov 19 12:37:52 node15 sendmail[2073]: oAJCbqTO002073: SYSERR(test): collect: Cannot write ./dfoAJCbqTO002073 (bfcommit, uid=1003, gid=25): Permission denied
Nov 19 12:37:52 node15 sendmail[2073]: oAJCbqTO002073: from=test, size=44, class=0, nrcpts=1, relay=test@localhost
Nov 19 12:37:52 node15 sendmail[2073]: oAJCbqTO002073: SYSERR(test): queueup: cannot create queue file ./qfoAJCbqTO002073, euid=1003, fd=-1, fp=0x0: Permission denied
```

Looking at the above and the contents in /var/spool/clientqueue I see the gid is 25 which shows this is the rule that appears to be  prohibiting mail,

```
for x in `awk -F: '($3 >= 1001) && ($3 != 65534) { print $3 }' /etc/passwd`;
    do ${CMD} add subject not gid $x object uid $x mode n;
done;
```


Changing the rule to 

```
for x in `awk -F: '($3 >= 1001) && ($3 != 65534) { print $3 }' /etc/passwd`;
    do ${CMD} add subject not gid $x object uid $x [B]! gid 25[/B] mode n;
done;
```
allows mail to work correctly but is this acceptable or am I simply over-looking something?


----------



## SirDice (Nov 19, 2010)

What are you trying to achieve?

The change you made will allow any user on your system to mail. If that's intended it's fine.


----------



## rusty (Nov 19, 2010)

Yes, looking to allow mail out for users.


----------

