General Thankyou (still diagnosing fault)
Dave Filchak
submit at zuka.net
Mon Jan 12 16:41:12 GMT 2009
Julian Field wrote:
> <snip>
>>>>>>>>> It will be being clobbered by the update_virus_scanners cron
>>>>>>>>> job which is run once per hour. Please can you mail me an
>>>>>>>>> exact copy (preferably gzipped) of your MailScanner.conf file.
>>>>>>>>> Have you moved that file from its default location or anything
>>>>>>>>> like that? It should pull out the "Run As User" and "Run As
>>>>>>>>> Group" from MailScanner.conf and use those values to set the
>>>>>>>>> ownership of the lock files. Clearly something is going wrong
>>>>>>>>> there.
>>>>>>>>>
>>>>>>>>> Copy and paste the following commands into a shell running as
>>>>>>>>> root. Beware of extra line-breaks that my mail program or your
>>>>>>>>> mail program may add into the following, hopefully they'll be
>>>>>>>>> okay.
>>>>>>>>>
>>>>>>>>> LOCKDIR=`perl -n -e 'print "$_" if chomp &&
>>>>>>>>> s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i'
>>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>>> RUNASU=`perl -n -e 'print "$_" if chomp &&
>>>>>>>>> s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i'
>>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>>> RUNASG=`perl -n -e 'print "$_" if chomp &&
>>>>>>>>> s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i'
>>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>>> echo $LOCKDIR
>>>>>>>>> echo $RUNASU
>>>>>>>>> echo $RUNASG
>>>>>>>>> /usr/sbin/mailscanner_create_locks "$LOCKDIR" "$RUNASU" "$RUNASG"
>>>>>>>>>
>>>>>>>>> Then show me what you get from
>>>>>>>>> ls -al $LOCKDIR
>>>>>>>>> assuming that the "echo $LOCKDIR" command printed out the
>>>>>>>>> directory where your lock files are stored (i.e. normally
>>>>>>>>> /var/spool/MailScanner/incoming/Locks).
>>>>>>>>
>>>>>>>> I have emailed you my conf file.
>>>>> That looks fine.
>>>>>>>> Here is the output from your scripts:
>>>>>>>>
>>>>>>>> [root at rosewood MailScanner]# LOCKDIR=`perl -n -e 'print "$_" if
>>>>>>>> chomp && s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i'
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> [root at rosewood MailScanner]# RUNASU=`perl -n -e 'print "$_" if
>>>>>>>> chomp && s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i'
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> [root at rosewood MailScanner]# RUNASG=`perl -n -e 'print "$_" if
>>>>>>>> chomp && s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i'
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> [root at rosewood MailScanner]# echo $LOCKDIR
>>>>>>>> /var/spool/MailScanner/incoming/Locks
>>>>>>>> [root at rosewood MailScanner]# echo $RUNASU
>>>>>>>> postfix
>>>>>>>> [root at rosewood MailScanner]# echo $RUNASG
>>>>>>>> postfix
>>>>>>> That all looks good. As root,
>>>>>>> rm -rf /var/spool/MailScanner/incoming/Locks
>>>>>>> and then
>>>>>>> /usr/sbin/update_virus_scanners
>>>>>>> and then show me an
>>>>>>> ls -al /var/spool/MailScanner/incoming/Locks
>>>>>>>
>>>>>>> The files in there should be owned by postfix. Let's see if
>>>>>>> that's true.
>>>>>>>
>>>>>> OK .. deleted the Locks directory, ran update_virus_scanners and
>>>>>> got:
>>>>>>
>>>>>> ls -al /var/spool/MailScanner/incoming/Locks/
>>>>>> total 8
>>>>>> drwxr-x--- 2 root root 4096 Jan 11 16:13 .
>>>>>> drwxrwx--- 7 postfix clamav 4096 Jan 11 16:14 ..
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 antivirBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 avastBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 avgBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 bitdefenderBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 clamavBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 cssBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 esetsBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 etrustBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 f-prot-6Busy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 f-protBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 f-secureBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 genericBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 inoculanBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 kasperskyBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 mcafeeBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 MS.bayes.rebuild.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13
>>>>>> MS.bayes.starting.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 nod32Busy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 normanBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 pandaBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 ravBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 sophosBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13
>>>>>> symscanengineBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 trendBusy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 vba32Busy.lock
>>>>>> -rw------- 1 root root 0 Jan 11 16:13 vexiraBusy.lock
>>>>>>
>>>>>>
>>>>>> Still root.
>>>>> Hmmm...
>>>>>
>>>>> 1
>>>>> I want to be sure there are no weird options for the mount that
>>>>> supplies this directory. Do this:
>>>>> cd /var/spool/MailScanner/incoming
>>>>> df -h .
>>>>> mount
>>>>> ls -ld Locks
>>>>> (all as root).
>>>>> Also, paste the contents of your /etc/fstab file into your reply
>>>>> to this mail.
>>>>>
>>>>> 2
>>>>> Also, please can you make a little edit to your
>>>>> /usr/sbin/mailscanner_create_locks script.
>>>>> Near the top you will see a line that says this:
>>>>> my $ldgid = getgrnam($ldgname);
>>>>> That's about line 17. Immediately after that line, add this line:
>>>>> print STDERR "lduid = $lduid, ldgid = $ldgid\n";
>>>>> and let's just check that it is getting the UID and GID correctly,
>>>>> as failure to do that would cause your symptoms.
>>>>> Run
>>>>> /usr/sbin/mailscanner_create_locks
>>>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>>>> (all of that on 1 line) and include the output in your reply,
>>>>> and do another
>>>>> ls -al /var/spool/MailScanner/incoming/Locks
>>>>> to see if anything has improved.
>>>>>
>>>>> 3
>>>>> If that still isn't working, right at the end of the script there
>>>>> are a couple of "chown" lines. Change the first one to read
>>>>> chown -1, $ldgid, $locksdirname or warn "Chown1: $!";
>>>>> and the second one to read
>>>>> chown $lduid, $ldgid, @locknames or warn "Chown2: $!";
>>>>> and then run the mailscanner_create_locks command I gave above.
>>>>> Let me know if it prints anything, and what it says if it does.
>>>>>
>>>>> 4
>>>>> That lot should give me a better idea of what's going on.
>>>>
>>>> cd /var/spool/MailScanner/incoming/
>>>> [root at rosewood incoming]# df -h .
>>>> Filesystem Size Used Avail Use% Mounted on
>>>> /dev/hdb1 111G 15G 91G 14% /var
>>>> [root at rosewood incoming]# mount
>>>> /dev/sda5 on / type ext3 (rw)
>>>> none on /proc type proc (rw)
>>>> none on /sys type sysfs (rw)
>>>> none on /dev/pts type devpts (rw,gid=5,mode=620)
>>>> usbfs on /proc/bus/usb type usbfs (rw)
>>>> /dev/sda1 on /boot type ext3 (rw)
>>>> none on /dev/shm type tmpfs (rw)
>>>> /dev/sda2 on /home type ext3 (rw)
>>>> /dev/sdb1 on /usr type ext3 (rw)
>>>> /dev/hdb1 on /var type ext3 (rw)
>>>> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
>>>> [root at rosewood incoming]# ls -ld Locks
>>>> drwxr-x--- 2 root root 4096 Jan 11 16:13 Locks
>>>>
>>>> FSTAB:
>>>>
>>>> LABEL=/ / ext3
>>>> defaults 1 1
>>>> LABEL=/boot /boot ext3
>>>> defaults 1 2
>>>> none /dev/pts devpts
>>>> gid=5,mode=620 0 0
>>>> none /dev/shm tmpfs
>>>> defaults 0 0
>>>> LABEL=/home /home ext3
>>>> defaults 1 2
>>>> none /proc proc
>>>> defaults 0 0
>>>> none /sys sysfs
>>>> defaults 0 0
>>>> LABEL=/usr /usr ext3
>>>> defaults 1 2
>>>> LABEL=/var /var ext3
>>>> defaults 1 2
>>>> LABEL=SWAP-sda3 swap swap
>>>> defaults 0 0
>>>> /dev/hda /media/cdrecorder auto
>>>> pamconsole,exec,noauto,managed 0 0
>>>>
>>>> /usr/sbin/mailscanner_create_locks
>>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>>> lduid = 80, ldgid = 80
>>>> [root at rosewood sbin]# ls -al /var/spool/MailScanner/incoming/Locks
>>>> total 8
>>>> drwxr-x--- 2 root postfix 4096 Jan 11 16:13 .
>>>> drwxrwx--- 7 postfix clamav 4096 Jan 11 22:18 ..
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 antivirBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 avastBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 avgBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 bitdefenderBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 clamavBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 cssBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 esetsBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 etrustBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 f-prot-6Busy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 f-protBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 f-secureBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 genericBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 inoculanBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 kasperskyBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 mcafeeBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 MS.bayes.rebuild.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 MS.bayes.starting.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 nod32Busy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 normanBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 pandaBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 ravBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 sophosBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 symscanengineBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 trendBusy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 vba32Busy.lock
>>>> -rw------- 1 postfix postfix 0 Jan 11 16:13 vexiraBusy.lock
>>>>
>>>> I did not do your last request as this shows the proper ownership.
>>>> The questions is: will it hold?
>>>>
>>>> Let me know if you still want me to do that last bit.
>>>>
>>>> Sorry it took a while to get back to you. I had to run out for a bit.
>>>>
>>>> Dave
>>>>
>>> Just so you know ... it all went back to being owned by root when
>>> update_virus_scanner ran from cron again. This is the email I received:
>>>
>>> /etc/cron.hourly/update_virus_scanners:
>>>
>>> lduid = , ldgid =
>> Given the above, I made the last little change you suggested and ran
>> it again, like so:
>>
>> /usr/sbin/mailscanner_create_locks
>> /var/spool/MailScanner/incoming/Locks postfix postfix
>> lduid = 80, ldgid = 80
>>
>> The second line is what it output. After that, all the permissions in
>> the Locks directory went back to postfix. Again, will it hold?
> The cron job will probably put it back. Okay, next let's find if it is
> the script run by cron that is causing the problem, or the environment
> in which it is run.
>
> /usr/sbin/update_virus_scanners
> ls -al /var/spool/MailScanner/incoming/Locks
>
> and show me the output of those two. I want to see if the
> update_virus_scanners script successfully finds the uid and gid or not.
/usr/sbin/update_virus_scanners
lduid = , ldgid =
Does not appear to.
ls -al /var/spool/MailScanner/incoming/Locks
total 12
drwxr-x--- 2 root root 4096 Jan 11 16:13 .
drwxrwx--- 7 postfix clamav 4096 Jan 12 11:34 ..
-rw------- 1 root root 0 Jan 11 16:13 antivirBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 avastBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 avgBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 bitdefenderBusy.lock
-rw------- 1 root root 48 Jan 12 00:15 clamavBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 cssBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 esetsBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 etrustBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 f-prot-6Busy.lock
-rw------- 1 root root 0 Jan 11 16:13 f-protBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 f-secureBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 genericBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 inoculanBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 kasperskyBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 mcafeeBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 MS.bayes.rebuild.lock
-rw------- 1 root root 0 Jan 11 16:13 MS.bayes.starting.lock
-rw------- 1 root root 0 Jan 11 16:13 nod32Busy.lock
-rw------- 1 root root 0 Jan 11 16:13 normanBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 pandaBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 ravBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 sophosBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 symscanengineBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 trendBusy.lock
-rw------- 1 root root 0 Jan 11 16:13 vba32Busy.lock
-rw------- 1 root root 0 Jan 11 16:13 vexiraBusy.lock
Dave
More information about the MailScanner
mailing list