Running Ubuntu. After updating the /etc/aliases file, the newaliases command must be run to build an alias database /etc/aliases.db. I can successfully run sudo newaliases but when I created a shell script (named myscript.sh) that uses the newaliases command, I am getting postalias: fatal: open /etc/aliases.db: Permission denied error. I use sudo myscript.sh to start the script (whoami executed by the script prints out 'root') and the script successfully executes multiple commands that require root privileges (e.g. writes to /etc/aliases) prior to hitting the error with newaliases.
I attempted the following:
/etc/aliases and /etc/aliases.db commands - both are 755 root:rootmyscript.sh to 755 root:rootmyscript.sh to 4755 root:rootnewaliases, I tried postalias /etc/aliases as well as sendmail -bi as they seem to provide similar functionalitynewaliases:myuser ALL=(ALL) NOPASSWD: /etc/myscript.sh
myuser ALL=(ALL) NOPASSWD: /usr/bin/newaliases
myuser ALL=(ALL:ALL) NOPASSWD:ALL
sudo newaliases in the scriptsudo bash -c "newaliases" in the scriptAll the above attempts failed - always getting the same error.
Main question: how can I execute newaliases from a shell script? Any idea what is special about newaliases given the fact that the script performs other actions requiring root access without issues?
What I discovered during step 4 is that newaliases is just a symlink to sendmail:
ubuntu@mail:~$ ls -l /usr/bin/newaliases
lrwxrwxrwx 1 root root 16 Jan 29 2024 /usr/bin/newaliases -> ../sbin/sendmail
but when I simply run sendmail it does NOT perform the update of the alias database just like newaliases does (instead it needs the sendmail -bi command to do the same). This is the secondary question - if you can explain this mystery it may help.
Thanks! JJ
Minimize your-script while debugging to:
#!/bin/bash
/usr/bin/newliases
Then fix the permission on your /etc/aliases should be 644 (not 755):
# chmod 644 /etc/aliases
# rm /etc/aliases.db
$ sudo your-script