Hallo,
ich verwendet seit ettlichen Suse-Versionen cyrus imapd um meine Mails lokal zu speichern.
Bei Suse 12.3 scheitert mein erprobtes Setup aber an einem erstaunlichen Effekt:
cyrus scheint beim Start die Permissions so zu ändern, dass er selbst einen Socket (/var/lib/imap/socket/lmtp) nicht mehr schreiben kann.
Details:
Versuche ich Mail zuzustellen, so bekomme ich:
cat ~/mail/backup_mail/msg.0yDE | /usr/lib/cyrus/bin/deliver -mai jost
couldn't connect to lmtpd: Permission denied
421 4.3.0 deliver: couldn't connect to lmtpd
Ok, also strace:
godot.site:> cat ~/mail/backup_mail/msg.0yDE |strace /usr/lib/cyrus/bin/deliver -mai jost
...]
connect(3, {sa_family=AF_FILE, sun_path="**/var/lib/imap/socket/lmtp"}, 28) = -1 EACCES (Permission denied)**
close(3) = 0
alarm(0) = 10
rt_sigaction(SIGALRM, {SIG_IGN, [ALRM], SA_RESTORER|SA_RESTART, 0x7fbb8579a450}, {0x7fbb87010330, ], SA_RESTORER, 0x7fbb8579a450}, 8) = 0
open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2309, ...}) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=2309, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fbb86f84000
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10\0\0\0\10\0\0\0\0"..., 4096) = 2309
lseek(3, -1467, SEEK_CUR) = 842
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0 \0\0\0 \0\0\0\0"..., 4096) = 1467
close(3) = 0
munmap(0x7fbb86f84000, 4096) = 0
socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
connect(3, {sa_family=AF_FILE, sun_path="/dev/log"}, 110) = 0
sendto(3, "<27>Mar 16 17:36:38 deliver[2265"..., 96, MSG_NOSIGNAL, NULL, 0) = 96
[b]write(2, "couldn't connect to lmtpd", 25couldn't connect to lmtpd) = 25
write(2, ": ", 2: ) = 2
write(2, "Permission denied", 17Permission denied) = 17
ioctl(2, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(2, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
write(2, "
", 1
) = 1
write(1, "421 4.3.0 deliver: couldn't conn"..., 46421 4.3.0 deliver: couldn't connect to lmtpd
) = 46
exit_group(75) = ?
+++ exited with 75 +++
Ok so etwas kannte ich schon, also…
> /bin/systemctl stop cyrus.service
godot.site:/var/lib/imap/socket> ll
...
srwxrwxrwx 1 root root 0 15. Mär 22:17 lmtp
...
Ok, das sollte (nach meinen bisherigen Notizen) cyrus:mail gehören.
godot.site:/var/lib/imap/socket> chown cyrus:mail lmtp
godot.site:/var/lib/imap/socket> ll
...
srwxrwxrwx 1 cyrus mail 0 15. Mär 22:17 lmtp
... ==========
Ok, jetzt passt es…
godot.site:/var/lib/imap/socket> /bin/systemctl start cyrus.service
godot.site:/var/lib/imap/socket> ll
...
srwxrwxrwx 1 root root 0 16. Mär 17:40 lmtp
... ==========
Oh Mist… cyrus fummelt das selbst anscheinend zurück - woher kommt das ?
Und was tue ich dagegen ?
Oder benötige ich andere Users/groups dafür ?
Grüße
Martin