Site Navigation

Date:      Mon, 7 Jan 2008 01:48:02 -0800
From:      Gary Kline <kline@magnesium.net>
To:        Matthew Seaman <m.seaman@infracaninophile.co.uk>
Cc:        FreeBSD Mailing List <freebsd-questions@freebsd.org>, Gary Kline <kline@magnesium.net>, Bill Moran <wmoran@potentialtech.com>
Subject:   Re: outgoing mail STOPPED.
Message-ID:  <20080107094802.GA12416@thought.org>
In-Reply-To: <477F60D2.2090901@infracaninophile.co.uk>
References:  <20080103213534.GA43665@magnesium.net> <20080103170649.be4d1493.wmoran@potentialtech.com> <20080103224103.GD46061@magnesium.net> <20080103174806.3d6c1237.wmoran@potentialtech.com> <20080104213451.GA97154@magnesium.net> <477F60D2.2090901@infracaninophile.co.uk>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

	Hi gang,

	first a public, up-front *thanks* to Bill Swingle and 
	everyone else here at magnesium.net. If not for this site
	AND my networking (at least)  working, I would be severely
	SOL and sans oar.  At least this acct lets me tell a few 
	people that i'm still hrer; havent given up....  

	So: again: i'm exceptionally grateful.   ..... [volumes left 
	unsaid.]


On Sat, Jan 05, 2008 at 10:49:54AM +0000, Matthew Seaman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Gary Kline wrote:
> 
> > 	Anybody know how I messed up? ---This is no excuse, but because 
> > 	of the recent build problems I did wholesale ``portupgrades -af''
> > 	(**sigh**)
> > 
> > 	Why cannot creat the queue files??
> 
> At a guess, either the queue directories for either or both the MSP
> and MTA sendmail instances have the wrong permissions or one or other
> of MSP, MTA sendmail instances is running with the wrong user credentials.
> You shouldn't get that by doing portupgrade -- certainly I've done a few
> 'portupgrade -af' jobs as part of 6.x -> 7.0 upgrading and not seen
> anything similar.
> 
> Anyhow, you can check that files and directories have the correct
> ownership etc. by:
> 
>    # mtree -p / -ef /etc/mtree/BSD.sendmail.dist
>    # mtree -p /var -ef /etc/mtree/BSD.var.dist
> 
> You can fix any problems by:
> 
>    # mtree -p / -U /etc/mtree/BSD.sendmail.dist
>    # mtree -p /var -U /etc/mtree/BSD.var.dist

	I found out on my own that my clientqueue was 755. my doing.
	it was set (not by me to something bizarre like 740.  i thought 
	i had opened it up to 777 as a test.  i fixed that by hand.
	no diff.

	long-story-short, i ran into worse problems of "Connection refused"
	for tao==10.0.0.250, then after a bollixed mergemaster, 
	"Connection refused" with tao only be recognized as 127.0.0.1.
	I knew that / I had blown away my working /etc/hosts file.  I check,
	yup, all my 10.* hosts were gone.  After I added back my private 
	network, sendmail went back to the better failure, seeing Tao
	as 10.250, oldtao|tao2 at 100.247, etc.

	Then I checked my /etc/namedb/s/db.thought.org to see id anything there 
	could conceivably be hanging port 25.  Zip.  (I still updated the
	date and re-exed. I checked with ps and grep to find something new:

                   ~
624  ??  Ss     0:01.16 /usr/sbin/syslogd -l /var/run/log -l /var/named/var/r
p0 0:27 <sage> [5005]

	In theory I know pretty much what bind9does, &c; but why this
	change?  (Part of my gnome (2.20) is missing so I cannot max
	enlarge the konsole; ps -alx does not wrap so I cant see the 
	entire string.)  I can pimg ns1.thought.org--obviously.  But if you
	see anything here,  Matthew, would you please let me know?
			  

> 
> The other thing to check is that you are running sendmail using the
> correct users and groups.  You should see something like this:
> 
>    # ps -o ruser,rgroup,svuid,svgid,command -p `head -1 /var/run/sendmail.pid` -p `head -1 /var/spool/clientmqueue/sm-client.pid`
>    RUSER RGROUP SVUID SVGID COMMAND
>    root  wheel      0    25 sendmail: accepting connections (sendmail)
>    smmsp smmsp     25    25 sendmail: Queue runner@00:30:00 for /var/spool/clientm


	Yep; this works.

> 
> And that you have the following lines somewhere in /etc/master.passwd:
> 
> smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
> mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
> 
> and the following in /etc/group:
> 
> smmsp:*:25:
> mailnull:*:26:


	PING::::: i'm missing "mailnull". how long has sendmail had this
	and if it is more than 6, 8 months, how ever was 6.2 sendmaiil
	working????

	I just pasted in to master.passwd.   EERp; it is in /etc/group.
	I never touch these files.   I did use vipw on tao last week but
	not on ns1 (aka "sage").   Got to check my backups of /etc for sage
	and see.  

Proof:

staff:*:20:root
sshd:*:22:root
smmsp:*:25:root,kline
mailnull:*:26:

	id anybody can come up with a SWAG, I'Ll buy you a beer next time
	you're in seattle.   ...this is worse than who killed
	jack-the-ripper.   could-- well... [[?? (bar)]]

> 
> and that the actual sendmail binary (assuming you're using the base system
> sendmail and not one from ports) has the following ownership and permissions:
> 
> # ls -l /usr/libexec/sendmail/
> total 688
> - -r-xr-sr-x  1 root  smmsp  686268 Dec 30 13:50 sendmail*
> 

	Ouch; things are getting stranger and stranger; on tuesdayi did a make
	buildworld (plus a make kernel); then rebooted  and after four
	hours of getty problems was finally able to get in an installworld.
	Does this make any sense?  is this perhaps the 5.5 or 5,4 
	sendmail...?

total 592
-r-xr-sr-x  1 root  smmsp  583680 Jan  4 19:25 sendmail
root@sage:/etc#                                              


	i thought i had grabbed 6.3, but eviidently not.  maybe things got
	fouled up in the build of the install.   --foo.



> 	Cheers,
> 
> 	Matthew


	Finally, thanks to this site a gentleman in TX, Jonathon
	Horne will be helping me add at least a firewall using one ancient
	sever with twin nics.  Plus upgrading to 7.0-rc1.....

	one last point before i catch a few hours sleep:: *this* is the
	reason I've used FBSD since 2.0.5/.   the OS itself, naturally,
	and equally, the calibre of people onlist.

	best!!

	gary

> 
> - -- 
> Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
>                                                   Flat 3
> PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
>                                                   Kent, CT11 9PW
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.4 (FreeBSD)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFHf2DR8Mjk52CukIwRCCdDAJ97dbwlBhHeL8s+97C3dGy5DI7KwQCeKA9L
> cBqEBEfLO5hHwq65cDvZrYI=
> =DKg1
> -----END PGP SIGNATURE-----

-- 
Gary Kline  Seattle BSD Users' Group (seabug)      | kline@magnesium.net
            Thought Unlimited Org's Alternate Email Site
	    http://www.magnesium.net/~kline
   To live is not a necessity; but to live honorably...is a necessity. -Kant

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080107094802.GA12416>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact