Skip to content
Vladimir Panteleev edited this page Sep 7, 2013 · 4 revisions

Q0066

Question

What does the message unable to set gid=xxx or uid=xxx mean?

Answer

This message is given when an Exim process is unable to change uid or gid when it needs to, because it does not have root privilege. This is a serious problem that prevents Exim from carrying on with what it is doing. The two most common situations where Exim needs to change uid/gid are doing local deliveries and processing users' filter files. There are two common causes of this error:

  1. You have forgotten to make the exim binary setuid to root. This means that it can never change uid/gid in any situation. Also, the setuid binary must reside on a disk partition that does not have the nosuid mount option set.

  2. The exim binary is setuid, but you have configured Exim so that, while trying to verify an address at SMTP time, it runs a router that needs to change uid/gid. Because Exim runs as exim and not root while receiving messages, the router is unable to change uid and therefore it cannot operate. The usual example of this is a redirect router for users' filter files.

Setting the user or check_local_user options on a redirect router causes this to happen (except in the special case when the redirection list is provided by the data option and does not contain :include:). The solution is to set no_verify on the router that is causing the problem. This means that it is skipped when an address is being verified. In normal configurations where the router is indeed handling users' filter files, this is quite acceptable, because you do not usually need to process a filter file in order to verify that the local part is valid. See, for example, the userforward router in the default configuration.


Clone this wiki locally