General Thankyou (still diagnosing fault)
Julian Field
MailScanner at ecs.soton.ac.uk
Mon Jan 12 10:39:06 GMT 2009
On 12/1/09 04:27, Dave Filchak wrote:
> Dave Filchak wrote:
>> Julian
>>
>> Dave Filchak wrote:
>>> Julian,
>>>
>>> Julian Field wrote:
>>>>
>>>>
>>>> On 11/1/09 21:17, Dave Filchak wrote:
>>>>> Jules,
>>>>>
>>>>> Julian Field wrote:
>>>>>>
>>>>>>
>>>>>> On 11/1/09 20:16, Dave Filchak wrote:
>>>>>>> Jules
>>>>>>>
>>>>>>> Julian Field wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>> On 11/1/09 19:03, Dave Filchak wrote:
>>>>>>>>> Kai,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Dave Filchak wrote:
>>>>>>>>>> Kai,
>>>>>>>>>>
>>>>>>>>>> Kai Schaetzl wrote:
>>>>>>>>>>> Dave Filchak wrote on Fri, 09 Jan 2009 14:06:02 -0500:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> So I checked the permissions there and the Locks directory
>>>>>>>>>>>> is owned by postfix.root and the locks inside are all owned
>>>>>>>>>>>> by root.root.
>>>>>>>>>>>
>>>>>>>>>>> That is *all* wrong. Reread the tutorials for MS+postfix and
>>>>>>>>>>> for MS+clamd (you are using clamd, right).
>>>>>>>>>>>
>>>>>>>>>>> /var/spool/MailScanner/incoming/Locks l
>>>>>>>>>>> total 16
>>>>>>>>>>> drwxr-x--- 2 root postfix 4096 Jan 9 23:03 .
>>>>>>>>>>> drwxr-xr-x 5 postfix clamav 4096 Jan 9 23:04 ..
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 antivirBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 avastBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 avgBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31
>>>>>>>>>>> bitdefenderBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 100 Jan 9 23:05 clamavBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 cssBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 esetsBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 etrustBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31
>>>>>>>>>>> f-prot-6Busy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 f-protBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31
>>>>>>>>>>> f-secureBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 genericBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31
>>>>>>>>>>> inoculanBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31
>>>>>>>>>>> kasperskyBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 mcafeeBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Jan 7 16:51
>>>>>>>>>>> MS.bayes.rebuild.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Jan 9 23:03
>>>>>>>>>>> MS.bayes.starting.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 nod32Busy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 normanBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 pandaBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 ravBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 sophosBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31
>>>>>>>>>>> symscanengineBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 trendBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 vba32Busy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix 0 Dec 11 17:31 vexiraBusy.lock
>>>>>>>>>>>
>>>>>>>>>>> Kai
>>>>>>>>>>>
>>>>>>>>>> Well I will definitely reread these. I never specifically set
>>>>>>>>>> these permissions anywhere. One would thing that these would
>>>>>>>>>> be created by the settings in MailScanner.conf .. wouldn't
>>>>>>>>>> you? There is no specific alternate user settings in
>>>>>>>>>> spamassassin so .... something is setting these permissions
>>>>>>>>>> this way.
>>>>>>>>>>
>>>>>>>>> I have gone through the tutorials a few times and I seem to
>>>>>>>>> have everything set up correctly yet .... something keeps
>>>>>>>>> reseting the permissions in the Locks directory back to the
>>>>>>>>> following:
>>>>>>>> It will be being clobbered by the update_virus_scanners cron
>>>>>>>> job which is run once per hour. Please can you mail me an exact
>>>>>>>> copy (preferably gzipped) of your MailScanner.conf file. Have
>>>>>>>> you moved that file from its default location or anything like
>>>>>>>> that? It should pull out the "Run As User" and "Run As Group"
>>>>>>>> from MailScanner.conf and use those values to set the ownership
>>>>>>>> of the lock files. Clearly something is going wrong there.
>>>>>>>>
>>>>>>>> Copy and paste the following commands into a shell running as
>>>>>>>> root. Beware of extra line-breaks that my mail program or your
>>>>>>>> mail program may add into the following, hopefully they'll be
>>>>>>>> okay.
>>>>>>>>
>>>>>>>> LOCKDIR=`perl -n -e 'print "$_" if chomp &&
>>>>>>>> s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i'
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> RUNASU=`perl -n -e 'print "$_" if chomp &&
>>>>>>>> s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i'
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> RUNASG=`perl -n -e 'print "$_" if chomp &&
>>>>>>>> s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i'
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> echo $LOCKDIR
>>>>>>>> echo $RUNASU
>>>>>>>> echo $RUNASG
>>>>>>>> /usr/sbin/mailscanner_create_locks "$LOCKDIR" "$RUNASU" "$RUNASG"
>>>>>>>>
>>>>>>>> Then show me what you get from
>>>>>>>> ls -al $LOCKDIR
>>>>>>>> assuming that the "echo $LOCKDIR" command printed out the
>>>>>>>> directory where your lock files are stored (i.e. normally
>>>>>>>> /var/spool/MailScanner/incoming/Locks).
>>>>>>>
>>>>>>> I have emailed you my conf file.
>>>> That looks fine.
>>>>>>> Here is the output from your scripts:
>>>>>>>
>>>>>>> [root at rosewood MailScanner]# LOCKDIR=`perl -n -e 'print "$_" if
>>>>>>> chomp && s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i'
>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>> [root at rosewood MailScanner]# RUNASU=`perl -n -e 'print "$_" if
>>>>>>> chomp && s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i'
>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>> [root at rosewood MailScanner]# RUNASG=`perl -n -e 'print "$_" if
>>>>>>> chomp && s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i'
>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>> [root at rosewood MailScanner]# echo $LOCKDIR
>>>>>>> /var/spool/MailScanner/incoming/Locks
>>>>>>> [root at rosewood MailScanner]# echo $RUNASU
>>>>>>> postfix
>>>>>>> [root at rosewood MailScanner]# echo $RUNASG
>>>>>>> postfix
>>>>>> That all looks good. As root,
>>>>>> rm -rf /var/spool/MailScanner/incoming/Locks
>>>>>> and then
>>>>>> /usr/sbin/update_virus_scanners
>>>>>> and then show me an
>>>>>> ls -al /var/spool/MailScanner/incoming/Locks
>>>>>>
>>>>>> The files in there should be owned by postfix. Let's see if
>>>>>> that's true.
>>>>>>
>>>>> OK .. deleted the Locks directory, ran update_virus_scanners and got:
>>>>>
>>>>> ls -al /var/spool/MailScanner/incoming/Locks/
>>>>> total 8
>>>>> drwxr-x--- 2 root root 4096 Jan 11 16:13 .
>>>>> drwxrwx--- 7 postfix clamav 4096 Jan 11 16:14 ..
>>>>> -rw------- 1 root root 0 Jan 11 16:13 antivirBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 avastBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 avgBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 bitdefenderBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 clamavBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 cssBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 esetsBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 etrustBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 f-prot-6Busy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 f-protBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 f-secureBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 genericBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 inoculanBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 kasperskyBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 mcafeeBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 MS.bayes.rebuild.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 MS.bayes.starting.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 nod32Busy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 normanBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 pandaBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 ravBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 sophosBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 symscanengineBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 trendBusy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 vba32Busy.lock
>>>>> -rw------- 1 root root 0 Jan 11 16:13 vexiraBusy.lock
>>>>>
>>>>>
>>>>> Still root.
>>>> Hmmm...
>>>>
>>>> 1
>>>> I want to be sure there are no weird options for the mount that
>>>> supplies this directory. Do this:
>>>> cd /var/spool/MailScanner/incoming
>>>> df -h .
>>>> mount
>>>> ls -ld Locks
>>>> (all as root).
>>>> Also, paste the contents of your /etc/fstab file into your reply to
>>>> this mail.
>>>>
>>>> 2
>>>> Also, please can you make a little edit to your
>>>> /usr/sbin/mailscanner_create_locks script.
>>>> Near the top you will see a line that says this:
>>>> my $ldgid = getgrnam($ldgname);
>>>> That's about line 17. Immediately after that line, add this line:
>>>> print STDERR "lduid = $lduid, ldgid = $ldgid\n";
>>>> and let's just check that it is getting the UID and GID correctly,
>>>> as failure to do that would cause your symptoms.
>>>> Run
>>>> /usr/sbin/mailscanner_create_locks
>>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>>> (all of that on 1 line) and include the output in your reply,
>>>> and do another
>>>> ls -al /var/spool/MailScanner/incoming/Locks
>>>> to see if anything has improved.
>>>>
>>>> 3
>>>> If that still isn't working, right at the end of the script there
>>>> are a couple of "chown" lines. Change the first one to read
>>>> chown -1, $ldgid, $locksdirname or warn "Chown1: $!";
>>>> and the second one to read
>>>> chown $lduid, $ldgid, @locknames or warn "Chown2: $!";
>>>> and then run the mailscanner_create_locks command I gave above. Let
>>>> me know if it prints anything, and what it says if it does.
>>>>
>>>> 4
>>>> That lot should give me a better idea of what's going on.
>>>
>>> cd /var/spool/MailScanner/incoming/
>>> [root at rosewood incoming]# df -h .
>>> Filesystem Size Used Avail Use% Mounted on
>>> /dev/hdb1 111G 15G 91G 14% /var
>>> [root at rosewood incoming]# mount
>>> /dev/sda5 on / type ext3 (rw)
>>> none on /proc type proc (rw)
>>> none on /sys type sysfs (rw)
>>> none on /dev/pts type devpts (rw,gid=5,mode=620)
>>> usbfs on /proc/bus/usb type usbfs (rw)
>>> /dev/sda1 on /boot type ext3 (rw)
>>> none on /dev/shm type tmpfs (rw)
>>> /dev/sda2 on /home type ext3 (rw)
>>> /dev/sdb1 on /usr type ext3 (rw)
>>> /dev/hdb1 on /var type ext3 (rw)
>>> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
>>> [root at rosewood incoming]# ls -ld Locks
>>> drwxr-x--- 2 root root 4096 Jan 11 16:13 Locks
>>>
>>> FSTAB:
>>>
>>> LABEL=/ / ext3
>>> defaults 1 1
>>> LABEL=/boot /boot ext3
>>> defaults 1 2
>>> none /dev/pts devpts
>>> gid=5,mode=620 0 0
>>> none /dev/shm tmpfs
>>> defaults 0 0
>>> LABEL=/home /home ext3
>>> defaults 1 2
>>> none /proc proc
>>> defaults 0 0
>>> none /sys sysfs
>>> defaults 0 0
>>> LABEL=/usr /usr ext3
>>> defaults 1 2
>>> LABEL=/var /var ext3
>>> defaults 1 2
>>> LABEL=SWAP-sda3 swap swap
>>> defaults 0 0
>>> /dev/hda /media/cdrecorder auto
>>> pamconsole,exec,noauto,managed 0 0
>>>
>>> /usr/sbin/mailscanner_create_locks
>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>> lduid = 80, ldgid = 80
>>> [root at rosewood sbin]# ls -al /var/spool/MailScanner/incoming/Locks
>>> total 8
>>> drwxr-x--- 2 root postfix 4096 Jan 11 16:13 .
>>> drwxrwx--- 7 postfix clamav 4096 Jan 11 22:18 ..
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 antivirBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 avastBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 avgBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 bitdefenderBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 clamavBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 cssBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 esetsBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 etrustBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 f-prot-6Busy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 f-protBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 f-secureBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 genericBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 inoculanBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 kasperskyBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 mcafeeBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 MS.bayes.rebuild.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 MS.bayes.starting.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 nod32Busy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 normanBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 pandaBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 ravBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 sophosBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 symscanengineBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 trendBusy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 vba32Busy.lock
>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 vexiraBusy.lock
>>>
>>> I did not do your last request as this shows the proper ownership.
>>> The questions is: will it hold?
>>>
>>> Let me know if you still want me to do that last bit.
>>>
>>> Sorry it took a while to get back to you. I had to run out for a bit.
>>>
>>> Dave
>>>
>> Just so you know ... it all went back to being owned by root when
>> update_virus_scanner ran from cron again. This is the email I received:
>>
>> /etc/cron.hourly/update_virus_scanners:
>>
>> lduid = , ldgid =
> Given the above, I made the last little change you suggested and ran
> it again, like so:
>
> /usr/sbin/mailscanner_create_locks
> /var/spool/MailScanner/incoming/Locks postfix postfix
> lduid = 80, ldgid = 80
>
> The second line is what it output. After that, all the permissions in
> the Locks directory went back to postfix. Again, will it hold?
The cron job will probably put it back. Okay, next let's find if it is
the script run by cron that is causing the problem, or the environment
in which it is run.
/usr/sbin/update_virus_scanners
ls -al /var/spool/MailScanner/incoming/Locks
and show me the output of those two. I want to see if the
update_virus_scanners script successfully finds the uid and gid or not.
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list