1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#265421: sendmail dysfunctional

    From Rainer Weikusat@1:229/2 to All on Fri Aug 13 10:20:06 2004
    From: [email protected]

    Package: sendmail
    Version: 8.13.1-6
    Severity: grave

    Upgrading to the abovementioned version of sendmail rendered my
    mail system unable to send mail due to the fact that the MTA
    queue directory was owned by user smmta, while the daemon was
    running as root, causing 'safefile' (libsmutils/safefile.c)
    to return EACCESS both when attempting to queue files to the
    MTA queue and on startup, there preventing creation of the
    control socket and the pid file. An easy workaround is
    to chown both directories back to 'root'.


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Richard A Nelson@1:229/2 to Rainer Weikusat on Fri Aug 13 11:00:24 2004
    From: [email protected]

    severity 265421 normal
    thanks,

    On Fri, 13 Aug 2004, Rainer Weikusat wrote:

    Upgrading to the abovementioned version of sendmail rendered my
    mail system unable to send mail due to the fact that the MTA
    queue directory was owned by user smmta, while the daemon was
    running as root, causing 'safefile' (libsmutils/safefile.c)
    to return EACCESS both when attempting to queue files to the
    MTA queue and on startup, there preventing creation of the
    control socket and the pid file. An easy workaround is
    to chown both directories back to 'root'.

    Nope, sorry - not gonna happen... there are many boxes happily
    running that version with the aforementioned permissions.

    Most likely what you saw was an errant earlier daemon that didn't
    properly get shutdown...

    please do:
    0) ps aux | grep sendmail - check for start times earlier
    than when you upgraded
    2) /etc/init.d/sendmail stop
    3) killall sendmail sendmail-mta
    4) /etc/init.d/sendmail start

    and let me know how it goes.

    --
    Rick Nelson
    <Electro> my computer was once one of the building blocks of a great
    pyramid


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Patrick Koppen@1:229/2 to All on Fri Aug 13 16:30:16 2004
    From: [email protected]

    Hi,

    I have the same problem. Add the following line to your sendmail.mc:

    define(`confTRUSTED_USER',`smmta')

    Patrick
    --
    Patrick Koppen GPG-Key: http://www.unix-ag.uni-kl.de/~koppen/gpg.txt Email: [email protected] Tel: +49-631-205-2166 Fax: +49-631-205-3056


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Richard A Nelson@1:229/2 to Patrick Koppen on Fri Aug 13 21:00:22 2004
    From: [email protected]

    On Fri, 13 Aug 2004, Patrick Koppen wrote:

    I have the same problem. Add the following line to your sendmail.mc:

    define(`confTRUSTED_USER',`smmta')

    Ahh... interesting - one of the hard things with sendmail is that there
    are *so* many ways to set things up !

    I'm curious as to the contents of your(both of you) sendmail.mc files...

    The current DOMAIN(`debian-mta') macro has this:
    dnl #
    dnl # Define trusted user to be the new mta uid (smmta)
    dnl #
    ifdef(`confTRUSTED_USER',,`define(`confTRUSTED_USER',`smmta')dnl')

    and the eventual expansion of cf/m4/proto.m4 has:
    # Trusted user for file ownership and starting the daemon
    _OPTION(TrustedUser, `confTRUSTED_USER', `root')

    So, in theory, unless you already had a definition TRUSTED_USER
    before the DOMAIN macro, or overwrote it later, you should wind
    up with TRUSTED_USER=smmta.

    This is definitely an item worthy of a debian/sendmail faq.
    --
    Rick Nelson
    * wichert_ imagines master without a MTA
    <james> wichert: ehm? that might hinder peformance of the BTS :p


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Patrick Koppen@1:229/2 to Richard A Nelson on Sat Aug 14 13:00:11 2004
    From: [email protected]

    Hi,

    On Fri, Aug 13, 2004 at 09:58:15AM -0700, Richard A Nelson wrote:
    [...]
    I'm curious as to the contents of your(both of you) sendmail.mc files...

    OSTYPE(`linux')
    no DOMAIN statement...

    The sendmail.mc is at least 5 years old am from our non-debian times. So
    it's no package bug;)

    Patrick
    --
    Patrick Koppen GPG-Key: http://www.unix-ag.uni-kl.de/~koppen/gpg.txt Email: [email protected] Tel: +49-631-205-2166 Fax: +49-631-205-3056


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Rainer Weikusat@1:229/2 to Richard A Nelson on Sat Aug 14 14:00:10 2004
    From: [email protected]

    Richard A Nelson <[email protected]> writes:
    On Fri, 13 Aug 2004, Patrick Koppen wrote:

    I have the same problem. Add the following line to your sendmail.mc:

    define(`confTRUSTED_USER',`smmta')

    Ahh... interesting - one of the hard things with sendmail is that there
    are *so* many ways to set things up !

    I'm curious as to the contents of your(both of you) sendmail.mc
    files...

    In my case, the sendmail.mc is not the culprit, because I am routing
    my mail over an ssh tunnel to a machine in Germany, because so many
    idiots refuse to accept mail from random sets of addresses under
    assumption that this will hurt spammers and not annoy the hell out of
    perfectly honest people that just want to communicate. This
    configuration is utilizing a specific mailer which is just hacked into sendmail.cf.

    Your scripts most certainly should not assume that the contents of the
    sendmail configuration file are under their control.


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Richard A Nelson@1:229/2 to Rainer Weikusat on Sun Aug 15 08:40:07 2004
    From: [email protected]

    On Sat, 14 Aug 2004, Rainer Weikusat wrote:

    In my case, the sendmail.mc is not the culprit, because I am routing
    my mail over an ssh tunnel to a machine in Germany, because so many
    idiots refuse to accept mail from random sets of addresses under
    assumption that this will hurt spammers and not annoy the hell out of perfectly honest people that just want to communicate. This
    configuration is utilizing a specific mailer which is just hacked into sendmail.cf.

    Ouch... been there, now my only problem is lack of proper R DNS.

    Your scripts most certainly should not assume that the contents of the sendmail configuration file are under their control.

    To allow for migration, fixes, etc. they have to be at least in a form understandable by the scripts ! I've got sendmail.mc files that've been updated automagically since before 8.9.3 - through the MSP split and
    everything else... Some of new changes have been postitioning for
    ability to enable RunAsUser - for futher security.

    There doesn't seem to te any middle ground here, but I could something
    to sendmail.conf, like HANDS_OFF, which would keep *all* the scripts
    from doing *anything* at all to the environment, or files... If, say
    a new db with incompatible data format came out - you'd have to catch
    that from the changelogs and rebuild any databases yourself(asuming I
    noticed - I rebuild the dbs every time just to be on the safe side).

    --
    Rick Nelson
    <Knghtbrd> Even with overbrights, Quake's color palette is full of dull,
    flat colors
    <LordHavoc> knghtbrd: quake's palette is very vibrant unless you use gamma
    correction
    <LordHavoc> well actually I agree, it's nowhere near as vibrant as Unreal <Deek> Q3 on the other hand...NEON.
    <LordHavoc> Q3 is just ridiculous
    <Deek> Q3 takes the medieval church-dungeon and puts it in Vegas.


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)