search

liuch / dmarc-srg

A php parser, viewer and summary report generator for incoming DMARC reports.
GNU General Public License v3.0
223 stars 33 forks source link

Check on write access of config is incorrect #122

Open olaf7 opened 6 months ago

olaf7 commented 6 months ago 
/usr/local/share/dmarc-srg# php utils/check_config.php 
=== GENERAL INFORMATION ===
  * OS information: Linux 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64
  * PHP version:    8.2.7

=== EXTENSIONS ===
  * pdo_mysql...................... Ok
  * xmlreader...................... Ok
  * zip............................ Ok
  * json........................... Ok

=== CONFIG FILE ===
  * Checking if the file exists.... Ok
  * Checking read permission....... Ok
  * Checking write permission...... Warning
    Message: The configuration file is writable
  * Checking access by other users. Ok
  * Checking the output buffer..... Ok

=== DATABASE ===
  * Accessibility check............ Ok
  * Checking for integrity......... Ok

=== MAILBOXES ===
  * Checking mailboxes config...... Ok
    Message: 1 mailbox found
  * Imap extension................. Ok
  * Checking mailboxes (1)
    - Dmarc-Rua
      * Accessibility.............. dmarc-srg [error]: imap_getacl: ACL not available on this IMAP server
Ok

=== DIRECTORIES ===
  * Checking directories config.... Ok
    Message: 1 directory found
  * Checking directories (1)
    - Rua-Dir
      * Accessibility.............. Ok
      * Security................... Ok

=== REMOTE FILESYSTEMS ===
  * Getting configuration.......... Skipped
    Message: Configuration not found

=== REPORT MAILER ===
  * Getting configuration.......... Ok
  * Checking mailer/method......... Ok
  * Checking mailer/library........ Ok
  * Checking mailer/default........ Ok
  * Checking mailer/from........... Ok

===
There is 1 warning!

ls -slah config/
total 28K
4.0K drwxr-xr-x 2 root     root 4.0K Apr  4 21:00 .
4.0K drwxr-xr-x 9 root     root 4.0K Apr  4 20:59 ..
8.0K -r--r----- 1 www-data root 5.2K Jan 12  2023 conf.php
 12K -r--r----- 1 root     root  12K Apr  4 20:59 conf.sample.php
liuch commented 6 months ago

Hi @olaf7, That's because you ran the script as root. Try running it sometime like this: sudo -u www-data php utils/check_config.php.

Nevertheless, I see your point. I'll try to change this check so that the script doesn't make a mistake at least in such obvious cases.