General Thankyou (still diagnosing fault)

Julian Field MailScanner at ecs.soton.ac.uk
Mon Jan 12 10:39:06 GMT 2009



On 12/1/09 04:27, Dave Filchak wrote:
> Dave Filchak wrote:
>> Julian
>>
>> Dave Filchak wrote:
>>> Julian,
>>>
>>> Julian Field wrote:
>>>>
>>>>
>>>> On 11/1/09 21:17, Dave Filchak wrote:
>>>>> Jules,
>>>>>
>>>>> Julian Field wrote:
>>>>>>
>>>>>>
>>>>>> On 11/1/09 20:16, Dave Filchak wrote:
>>>>>>> Jules
>>>>>>>
>>>>>>> Julian Field wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>> On 11/1/09 19:03, Dave Filchak wrote:
>>>>>>>>> Kai,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Dave Filchak wrote:
>>>>>>>>>> Kai,
>>>>>>>>>>
>>>>>>>>>> Kai Schaetzl wrote:
>>>>>>>>>>> Dave Filchak wrote on Fri, 09 Jan 2009 14:06:02 -0500:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> So I checked the permissions there and the Locks directory 
>>>>>>>>>>>> is owned by postfix.root and the locks inside are all owned 
>>>>>>>>>>>> by root.root.
>>>>>>>>>>>
>>>>>>>>>>> That is *all* wrong. Reread the tutorials for MS+postfix and 
>>>>>>>>>>> for MS+clamd (you are using clamd, right).
>>>>>>>>>>>
>>>>>>>>>>> /var/spool/MailScanner/incoming/Locks l
>>>>>>>>>>> total 16
>>>>>>>>>>> drwxr-x--- 2 root    postfix 4096 Jan  9 23:03 .
>>>>>>>>>>> drwxr-xr-x 5 postfix clamav  4096 Jan  9 23:04 ..
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 antivirBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 avastBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 avgBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 
>>>>>>>>>>> bitdefenderBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix  100 Jan  9 23:05 clamavBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 cssBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 esetsBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 etrustBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 
>>>>>>>>>>> f-prot-6Busy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 f-protBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 
>>>>>>>>>>> f-secureBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 genericBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 
>>>>>>>>>>> inoculanBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 
>>>>>>>>>>> kasperskyBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 mcafeeBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Jan  7 16:51 
>>>>>>>>>>> MS.bayes.rebuild.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Jan  9 23:03 
>>>>>>>>>>> MS.bayes.starting.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 nod32Busy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 normanBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 pandaBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 ravBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 sophosBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 
>>>>>>>>>>> symscanengineBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 trendBusy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 vba32Busy.lock
>>>>>>>>>>> -rw------- 1 postfix postfix    0 Dec 11 17:31 vexiraBusy.lock
>>>>>>>>>>>
>>>>>>>>>>> Kai
>>>>>>>>>>>
>>>>>>>>>> Well I will definitely reread these. I never specifically set 
>>>>>>>>>> these permissions anywhere. One would thing that these would 
>>>>>>>>>> be created by the settings in MailScanner.conf .. wouldn't 
>>>>>>>>>> you? There is no specific alternate user settings in 
>>>>>>>>>> spamassassin so  .... something is setting these permissions 
>>>>>>>>>> this way.
>>>>>>>>>>
>>>>>>>>> I have gone through the tutorials a few times and I seem to 
>>>>>>>>> have everything set up correctly yet .... something keeps 
>>>>>>>>> reseting the permissions in the Locks directory back to the 
>>>>>>>>> following:
>>>>>>>> It will be being clobbered by the update_virus_scanners cron 
>>>>>>>> job which is run once per hour. Please can you mail me an exact 
>>>>>>>> copy (preferably gzipped) of your MailScanner.conf file. Have 
>>>>>>>> you moved that file from its default location or anything like 
>>>>>>>> that? It should pull out the "Run As User" and "Run As Group" 
>>>>>>>> from MailScanner.conf and use those values to set the ownership 
>>>>>>>> of the lock files. Clearly something is going wrong there.
>>>>>>>>
>>>>>>>> Copy and paste the following commands into a shell running as 
>>>>>>>> root. Beware of extra line-breaks that my mail program or your 
>>>>>>>> mail program may add into the following, hopefully they'll be 
>>>>>>>> okay.
>>>>>>>>
>>>>>>>> LOCKDIR=`perl -n -e 'print "$_" if chomp && 
>>>>>>>> s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i' 
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> RUNASU=`perl -n -e 'print "$_" if chomp && 
>>>>>>>> s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i' 
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> RUNASG=`perl -n -e 'print "$_" if chomp && 
>>>>>>>> s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i' 
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> echo $LOCKDIR
>>>>>>>> echo $RUNASU
>>>>>>>> echo $RUNASG
>>>>>>>> /usr/sbin/mailscanner_create_locks "$LOCKDIR" "$RUNASU" "$RUNASG"
>>>>>>>>
>>>>>>>> Then show me what you get from
>>>>>>>>     ls -al $LOCKDIR
>>>>>>>> assuming that the "echo $LOCKDIR" command printed out the 
>>>>>>>> directory where your lock files are stored (i.e. normally 
>>>>>>>> /var/spool/MailScanner/incoming/Locks).
>>>>>>>
>>>>>>> I have emailed you my conf file. 
>>>> That looks fine.
>>>>>>> Here is the output from your scripts:
>>>>>>>
>>>>>>> [root at rosewood MailScanner]# LOCKDIR=`perl -n -e 'print "$_" if 
>>>>>>> chomp && s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i' 
>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>> [root at rosewood MailScanner]# RUNASU=`perl -n -e 'print "$_" if 
>>>>>>> chomp && s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i' 
>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>> [root at rosewood MailScanner]# RUNASG=`perl -n -e 'print "$_" if 
>>>>>>> chomp && s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i' 
>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>> [root at rosewood MailScanner]# echo $LOCKDIR
>>>>>>> /var/spool/MailScanner/incoming/Locks
>>>>>>> [root at rosewood MailScanner]# echo $RUNASU
>>>>>>> postfix
>>>>>>> [root at rosewood MailScanner]# echo $RUNASG
>>>>>>> postfix
>>>>>> That all looks good. As root,
>>>>>>     rm -rf /var/spool/MailScanner/incoming/Locks
>>>>>> and then
>>>>>>     /usr/sbin/update_virus_scanners
>>>>>> and then show me an
>>>>>>     ls -al /var/spool/MailScanner/incoming/Locks
>>>>>>
>>>>>> The files in there should be owned by postfix. Let's see if 
>>>>>> that's true.
>>>>>>
>>>>> OK .. deleted the Locks directory, ran update_virus_scanners and got:
>>>>>
>>>>> ls -al /var/spool/MailScanner/incoming/Locks/
>>>>> total 8
>>>>> drwxr-x---  2 root    root   4096 Jan 11 16:13 .
>>>>> drwxrwx---  7 postfix clamav 4096 Jan 11 16:14 ..
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 antivirBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 avastBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 avgBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 bitdefenderBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 clamavBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 cssBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 esetsBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 etrustBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 f-prot-6Busy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 f-protBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 f-secureBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 genericBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 inoculanBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 kasperskyBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 mcafeeBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 MS.bayes.rebuild.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 MS.bayes.starting.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 nod32Busy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 normanBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 pandaBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 ravBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 sophosBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 symscanengineBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 trendBusy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 vba32Busy.lock
>>>>> -rw-------  1 root    root      0 Jan 11 16:13 vexiraBusy.lock
>>>>>
>>>>>
>>>>> Still root.
>>>> Hmmm...
>>>>
>>>> 1
>>>> I want to be sure there are no weird options for the mount that 
>>>> supplies this directory. Do this:
>>>>     cd /var/spool/MailScanner/incoming
>>>>     df -h .
>>>>     mount
>>>>     ls -ld Locks
>>>> (all as root).
>>>> Also, paste the contents of your /etc/fstab file into your reply to 
>>>> this mail.
>>>>
>>>> 2
>>>> Also, please can you make a little edit to your 
>>>> /usr/sbin/mailscanner_create_locks script.
>>>> Near the top you will see a line that says this:
>>>> my $ldgid = getgrnam($ldgname);
>>>> That's about line 17. Immediately after that line, add this line:
>>>> print STDERR "lduid = $lduid, ldgid = $ldgid\n";
>>>> and let's just check that it is getting the UID and GID correctly, 
>>>> as failure to do that would cause your symptoms.
>>>> Run
>>>> /usr/sbin/mailscanner_create_locks 
>>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>>> (all of that on 1 line) and include the output in your reply,
>>>> and do another
>>>>     ls -al /var/spool/MailScanner/incoming/Locks
>>>> to see if anything has improved.
>>>>
>>>> 3
>>>> If that still isn't working, right at the end of the script there 
>>>> are a couple of "chown" lines. Change the first one to read
>>>> chown -1, $ldgid, $locksdirname or warn "Chown1: $!";
>>>> and the second one to read
>>>> chown $lduid, $ldgid, @locknames or warn "Chown2: $!";
>>>> and then run the mailscanner_create_locks command I gave above. Let 
>>>> me know if it prints anything, and what it says if it does.
>>>>
>>>> 4
>>>> That lot should give me a better idea of what's going on.
>>>
>>> cd /var/spool/MailScanner/incoming/
>>> [root at rosewood incoming]#  df -h .
>>> Filesystem            Size  Used Avail Use% Mounted on
>>> /dev/hdb1             111G   15G   91G  14% /var
>>> [root at rosewood incoming]# mount
>>> /dev/sda5 on / type ext3 (rw)
>>> none on /proc type proc (rw)
>>> none on /sys type sysfs (rw)
>>> none on /dev/pts type devpts (rw,gid=5,mode=620)
>>> usbfs on /proc/bus/usb type usbfs (rw)
>>> /dev/sda1 on /boot type ext3 (rw)
>>> none on /dev/shm type tmpfs (rw)
>>> /dev/sda2 on /home type ext3 (rw)
>>> /dev/sdb1 on /usr type ext3 (rw)
>>> /dev/hdb1 on /var type ext3 (rw)
>>> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
>>> [root at rosewood incoming]# ls -ld Locks
>>> drwxr-x---  2 root root 4096 Jan 11 16:13 Locks
>>>
>>> FSTAB:
>>>
>>> LABEL=/                 /                       ext3    
>>> defaults        1 1
>>> LABEL=/boot             /boot                   ext3    
>>> defaults        1 2
>>> none                    /dev/pts                devpts  
>>> gid=5,mode=620  0 0
>>> none                    /dev/shm                tmpfs   
>>> defaults        0 0
>>> LABEL=/home             /home                   ext3    
>>> defaults        1 2
>>> none                    /proc                   proc    
>>> defaults        0 0
>>> none                    /sys                    sysfs   
>>> defaults        0 0
>>> LABEL=/usr              /usr                    ext3    
>>> defaults        1 2
>>> LABEL=/var              /var                    ext3    
>>> defaults        1 2
>>> LABEL=SWAP-sda3         swap                    swap    
>>> defaults        0 0
>>> /dev/hda                /media/cdrecorder       auto    
>>> pamconsole,exec,noauto,managed 0 0
>>>
>>> /usr/sbin/mailscanner_create_locks 
>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>> lduid = 80, ldgid = 80
>>> [root at rosewood sbin]# ls -al /var/spool/MailScanner/incoming/Locks
>>> total 8
>>> drwxr-x---  2 root    postfix 4096 Jan 11 16:13 .
>>> drwxrwx---  7 postfix clamav  4096 Jan 11 22:18 ..
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 antivirBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 avastBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 avgBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 bitdefenderBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 clamavBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 cssBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 esetsBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 etrustBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 f-prot-6Busy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 f-protBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 f-secureBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 genericBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 inoculanBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 kasperskyBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 mcafeeBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 MS.bayes.rebuild.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 MS.bayes.starting.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 nod32Busy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 normanBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 pandaBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 ravBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 sophosBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 symscanengineBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 trendBusy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 vba32Busy.lock
>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 vexiraBusy.lock
>>>
>>> I did not do your last request as this shows the proper ownership. 
>>> The questions is: will it hold?
>>>
>>> Let me know if you still want me to do that last bit.
>>>
>>> Sorry it took a while to get back to you. I had to run out for a bit.
>>>
>>> Dave
>>>
>> Just so you know ... it all went back to being owned by root when 
>> update_virus_scanner ran from cron again. This is the email I received:
>>
>> /etc/cron.hourly/update_virus_scanners:
>>
>> lduid = , ldgid =
> Given the above, I made the last little change you suggested and ran 
> it again, like so:
>
> /usr/sbin/mailscanner_create_locks 
> /var/spool/MailScanner/incoming/Locks postfix postfix
> lduid = 80, ldgid = 80
>
> The second line is what it output. After that, all the permissions in 
> the Locks directory went back to postfix. Again, will it hold?
The cron job will probably put it back. Okay, next let's find if it is 
the script run by cron that is causing the problem, or the environment 
in which it is run.

/usr/sbin/update_virus_scanners
ls -al /var/spool/MailScanner/incoming/Locks

and show me the output of those two. I want to see if the 
update_virus_scanners script successfully finds the uid and gid or not.

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list