General Thankyou (still diagnosing fault)

Dave Filchak submit at zuka.net
Mon Jan 12 16:41:12 GMT 2009


Julian Field wrote:
> <snip>
>>>>>>>>> It will be being clobbered by the update_virus_scanners cron 
>>>>>>>>> job which is run once per hour. Please can you mail me an 
>>>>>>>>> exact copy (preferably gzipped) of your MailScanner.conf file. 
>>>>>>>>> Have you moved that file from its default location or anything 
>>>>>>>>> like that? It should pull out the "Run As User" and "Run As 
>>>>>>>>> Group" from MailScanner.conf and use those values to set the 
>>>>>>>>> ownership of the lock files. Clearly something is going wrong 
>>>>>>>>> there.
>>>>>>>>>
>>>>>>>>> Copy and paste the following commands into a shell running as 
>>>>>>>>> root. Beware of extra line-breaks that my mail program or your 
>>>>>>>>> mail program may add into the following, hopefully they'll be 
>>>>>>>>> okay.
>>>>>>>>>
>>>>>>>>> LOCKDIR=`perl -n -e 'print "$_" if chomp && 
>>>>>>>>> s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i' 
>>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>>> RUNASU=`perl -n -e 'print "$_" if chomp && 
>>>>>>>>> s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i' 
>>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>>> RUNASG=`perl -n -e 'print "$_" if chomp && 
>>>>>>>>> s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i' 
>>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>>> echo $LOCKDIR
>>>>>>>>> echo $RUNASU
>>>>>>>>> echo $RUNASG
>>>>>>>>> /usr/sbin/mailscanner_create_locks "$LOCKDIR" "$RUNASU" "$RUNASG"
>>>>>>>>>
>>>>>>>>> Then show me what you get from
>>>>>>>>>     ls -al $LOCKDIR
>>>>>>>>> assuming that the "echo $LOCKDIR" command printed out the 
>>>>>>>>> directory where your lock files are stored (i.e. normally 
>>>>>>>>> /var/spool/MailScanner/incoming/Locks).
>>>>>>>>
>>>>>>>> I have emailed you my conf file. 
>>>>> That looks fine.
>>>>>>>> Here is the output from your scripts:
>>>>>>>>
>>>>>>>> [root at rosewood MailScanner]# LOCKDIR=`perl -n -e 'print "$_" if 
>>>>>>>> chomp && s/^\s*Lock\s*file\s*Dir\s*=\s*(\S+)/$1/i' 
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> [root at rosewood MailScanner]# RUNASU=`perl -n -e 'print "$_" if 
>>>>>>>> chomp && s/^\s*Run\s*As\s*User\s*=\s*(\S+)/$1/i' 
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> [root at rosewood MailScanner]# RUNASG=`perl -n -e 'print "$_" if 
>>>>>>>> chomp && s/^\s*Run\s*As\s*Group\s*=\s*(\S+)/$1/i' 
>>>>>>>> /etc/MailScanner/MailScanner.conf`
>>>>>>>> [root at rosewood MailScanner]# echo $LOCKDIR
>>>>>>>> /var/spool/MailScanner/incoming/Locks
>>>>>>>> [root at rosewood MailScanner]# echo $RUNASU
>>>>>>>> postfix
>>>>>>>> [root at rosewood MailScanner]# echo $RUNASG
>>>>>>>> postfix
>>>>>>> That all looks good. As root,
>>>>>>>     rm -rf /var/spool/MailScanner/incoming/Locks
>>>>>>> and then
>>>>>>>     /usr/sbin/update_virus_scanners
>>>>>>> and then show me an
>>>>>>>     ls -al /var/spool/MailScanner/incoming/Locks
>>>>>>>
>>>>>>> The files in there should be owned by postfix. Let's see if 
>>>>>>> that's true.
>>>>>>>
>>>>>> OK .. deleted the Locks directory, ran update_virus_scanners and 
>>>>>> got:
>>>>>>
>>>>>> ls -al /var/spool/MailScanner/incoming/Locks/
>>>>>> total 8
>>>>>> drwxr-x---  2 root    root   4096 Jan 11 16:13 .
>>>>>> drwxrwx---  7 postfix clamav 4096 Jan 11 16:14 ..
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 antivirBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 avastBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 avgBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 bitdefenderBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 clamavBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 cssBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 esetsBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 etrustBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 f-prot-6Busy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 f-protBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 f-secureBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 genericBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 inoculanBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 kasperskyBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 mcafeeBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 MS.bayes.rebuild.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 
>>>>>> MS.bayes.starting.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 nod32Busy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 normanBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 pandaBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 ravBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 sophosBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 
>>>>>> symscanengineBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 trendBusy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 vba32Busy.lock
>>>>>> -rw-------  1 root    root      0 Jan 11 16:13 vexiraBusy.lock
>>>>>>
>>>>>>
>>>>>> Still root.
>>>>> Hmmm...
>>>>>
>>>>> 1
>>>>> I want to be sure there are no weird options for the mount that 
>>>>> supplies this directory. Do this:
>>>>>     cd /var/spool/MailScanner/incoming
>>>>>     df -h .
>>>>>     mount
>>>>>     ls -ld Locks
>>>>> (all as root).
>>>>> Also, paste the contents of your /etc/fstab file into your reply 
>>>>> to this mail.
>>>>>
>>>>> 2
>>>>> Also, please can you make a little edit to your 
>>>>> /usr/sbin/mailscanner_create_locks script.
>>>>> Near the top you will see a line that says this:
>>>>> my $ldgid = getgrnam($ldgname);
>>>>> That's about line 17. Immediately after that line, add this line:
>>>>> print STDERR "lduid = $lduid, ldgid = $ldgid\n";
>>>>> and let's just check that it is getting the UID and GID correctly, 
>>>>> as failure to do that would cause your symptoms.
>>>>> Run
>>>>> /usr/sbin/mailscanner_create_locks 
>>>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>>>> (all of that on 1 line) and include the output in your reply,
>>>>> and do another
>>>>>     ls -al /var/spool/MailScanner/incoming/Locks
>>>>> to see if anything has improved.
>>>>>
>>>>> 3
>>>>> If that still isn't working, right at the end of the script there 
>>>>> are a couple of "chown" lines. Change the first one to read
>>>>> chown -1, $ldgid, $locksdirname or warn "Chown1: $!";
>>>>> and the second one to read
>>>>> chown $lduid, $ldgid, @locknames or warn "Chown2: $!";
>>>>> and then run the mailscanner_create_locks command I gave above. 
>>>>> Let me know if it prints anything, and what it says if it does.
>>>>>
>>>>> 4
>>>>> That lot should give me a better idea of what's going on.
>>>>
>>>> cd /var/spool/MailScanner/incoming/
>>>> [root at rosewood incoming]#  df -h .
>>>> Filesystem            Size  Used Avail Use% Mounted on
>>>> /dev/hdb1             111G   15G   91G  14% /var
>>>> [root at rosewood incoming]# mount
>>>> /dev/sda5 on / type ext3 (rw)
>>>> none on /proc type proc (rw)
>>>> none on /sys type sysfs (rw)
>>>> none on /dev/pts type devpts (rw,gid=5,mode=620)
>>>> usbfs on /proc/bus/usb type usbfs (rw)
>>>> /dev/sda1 on /boot type ext3 (rw)
>>>> none on /dev/shm type tmpfs (rw)
>>>> /dev/sda2 on /home type ext3 (rw)
>>>> /dev/sdb1 on /usr type ext3 (rw)
>>>> /dev/hdb1 on /var type ext3 (rw)
>>>> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
>>>> [root at rosewood incoming]# ls -ld Locks
>>>> drwxr-x---  2 root root 4096 Jan 11 16:13 Locks
>>>>
>>>> FSTAB:
>>>>
>>>> LABEL=/                 /                       ext3    
>>>> defaults        1 1
>>>> LABEL=/boot             /boot                   ext3    
>>>> defaults        1 2
>>>> none                    /dev/pts                devpts  
>>>> gid=5,mode=620  0 0
>>>> none                    /dev/shm                tmpfs   
>>>> defaults        0 0
>>>> LABEL=/home             /home                   ext3    
>>>> defaults        1 2
>>>> none                    /proc                   proc    
>>>> defaults        0 0
>>>> none                    /sys                    sysfs   
>>>> defaults        0 0
>>>> LABEL=/usr              /usr                    ext3    
>>>> defaults        1 2
>>>> LABEL=/var              /var                    ext3    
>>>> defaults        1 2
>>>> LABEL=SWAP-sda3         swap                    swap    
>>>> defaults        0 0
>>>> /dev/hda                /media/cdrecorder       auto    
>>>> pamconsole,exec,noauto,managed 0 0
>>>>
>>>> /usr/sbin/mailscanner_create_locks 
>>>> /var/spool/MailScanner/incoming/Locks postfix postfix
>>>> lduid = 80, ldgid = 80
>>>> [root at rosewood sbin]# ls -al /var/spool/MailScanner/incoming/Locks
>>>> total 8
>>>> drwxr-x---  2 root    postfix 4096 Jan 11 16:13 .
>>>> drwxrwx---  7 postfix clamav  4096 Jan 11 22:18 ..
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 antivirBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 avastBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 avgBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 bitdefenderBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 clamavBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 cssBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 esetsBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 etrustBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 f-prot-6Busy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 f-protBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 f-secureBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 genericBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 inoculanBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 kasperskyBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 mcafeeBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 MS.bayes.rebuild.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 MS.bayes.starting.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 nod32Busy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 normanBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 pandaBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 ravBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 sophosBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 symscanengineBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 trendBusy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 vba32Busy.lock
>>>> -rw-------  1 postfix postfix    0 Jan 11 16:13 vexiraBusy.lock
>>>>
>>>> I did not do your last request as this shows the proper ownership. 
>>>> The questions is: will it hold?
>>>>
>>>> Let me know if you still want me to do that last bit.
>>>>
>>>> Sorry it took a while to get back to you. I had to run out for a bit.
>>>>
>>>> Dave
>>>>
>>> Just so you know ... it all went back to being owned by root when 
>>> update_virus_scanner ran from cron again. This is the email I received:
>>>
>>> /etc/cron.hourly/update_virus_scanners:
>>>
>>> lduid = , ldgid =
>> Given the above, I made the last little change you suggested and ran 
>> it again, like so:
>>
>> /usr/sbin/mailscanner_create_locks 
>> /var/spool/MailScanner/incoming/Locks postfix postfix
>> lduid = 80, ldgid = 80
>>
>> The second line is what it output. After that, all the permissions in 
>> the Locks directory went back to postfix. Again, will it hold?
> The cron job will probably put it back. Okay, next let's find if it is 
> the script run by cron that is causing the problem, or the environment 
> in which it is run.
>
> /usr/sbin/update_virus_scanners
> ls -al /var/spool/MailScanner/incoming/Locks
>
> and show me the output of those two. I want to see if the 
> update_virus_scanners script successfully finds the uid and gid or not.
/usr/sbin/update_virus_scanners
lduid = , ldgid =

Does not appear to.

ls -al /var/spool/MailScanner/incoming/Locks
total 12
drwxr-x---  2 root    root   4096 Jan 11 16:13 .
drwxrwx---  7 postfix clamav 4096 Jan 12 11:34 ..
-rw-------  1 root    root      0 Jan 11 16:13 antivirBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 avastBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 avgBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 bitdefenderBusy.lock
-rw-------  1 root    root     48 Jan 12 00:15 clamavBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 cssBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 esetsBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 etrustBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 f-prot-6Busy.lock
-rw-------  1 root    root      0 Jan 11 16:13 f-protBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 f-secureBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 genericBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 inoculanBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 kasperskyBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 mcafeeBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 MS.bayes.rebuild.lock
-rw-------  1 root    root      0 Jan 11 16:13 MS.bayes.starting.lock
-rw-------  1 root    root      0 Jan 11 16:13 nod32Busy.lock
-rw-------  1 root    root      0 Jan 11 16:13 normanBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 pandaBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 ravBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 sophosBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 symscanengineBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 trendBusy.lock
-rw-------  1 root    root      0 Jan 11 16:13 vba32Busy.lock
-rw-------  1 root    root      0 Jan 11 16:13 vexiraBusy.lock


Dave


More information about the MailScanner mailing list