Hello,
Andi Vajda <o...@ovaltofu.org> wrote:
>
> Hi all,
>
> I'm working on migrating from NetBSD 9.3 to NetBSD 10.0 (RC5), and from
> amd64 to aarch64. Here are a few things I found regarding opensmtpd:
>
> - opensmtpd is available again via pkgsrc with the latest version,
> 7.4.0p1nb1, and it builds fine
that's nice to know :)
> - it doesn't run, however; it fails to start with setuid errors:
> (1012 == _smtpd, 1013 == _smtpq)
> $ sudo smtpd -d
> info: OpenSMTPD 7.4.0-portable starting
> crypto: setuid 1012: Operation not permitted: Operation not permitted
> lookup: setuid 1012: Operation not permitted: Operation not permitted
> scheduler: setuid 1012: Operation not permitted: Operation not permitted
> control: setuid 1012: Operation not permitted: Operation not permitted
> queue: setuid 1013: Operation not permitted: Operation not permitted
> warn: lost child: control exited abnormally
> warn: lost processor: dnsbl exited abnormally
> smtpd: setuid 1013: Operation not permitted: Operation not permitted
> dispatcher: setuid 1012: Operation not permitted: Operation not permitted
ouch! Don't know much of how pkgsrc works, but this seems strange. Can
you make sure the users were created? `grep smtp /etc/passwd' should be
enough.
> - giving up on the pkgsrc build and reverting back to my own build, like
> I've been running forever, I upgraded my own build of libressl to 3.8.2
> and ran configure on a fresh download of opensmtpd 7.4.0p1.
> Configure fails as follows:
> $ ./configure --prefix=`pwd`/local
> --with-libssl=/home/vajda/libressl-3.8.2/local --with-libevent=/usr/pkg
> --with-path-CAfile=/usr/pkg/share/mozilla-rootcerts/cacert.pem
> --with-path-queue=/var/spool/smtpd --with-path-empty=/var/empty
> --with-path-mbox=`pwd`/local/var/mbox --with-path-socket=/var/run
> --with-path-pidfile=/var/run
> checking whether LibreSSL's headers match the library... no
> configure: error: Your LibreSSL headers do not match your library.
Can you try passing explicitly CFLAGS and LDFLAGS instead of --with-libssl?
./configure CFLAGS='-I/home/vajda/libressl-3.8.2/local/ -I/usr/pkg' \
LDFLAGS='-L/home/vajda/libressl-3.8.2/local/lib
-Wl,-rpath,/home/vajda/libressl-3.8.2/local/lib -L/usr/pkg/lib' \
--prefix=`pwd`/local \
--with-path-queue=/var/spool/smtpd \
--with-path-empty=/var/empty \
--with-path-mbox=`pwd`/local/var/mbox \
--with-path-socket=/var/run \
--with-path-pidfile=/var/run
I'm not sure you need -Wl,-rpath,/home/vajda/... too.
> - reverting back to version 7.3.0p2 I get no errors, it builds as
> configured above and starts fine !
> $ sudo smtpd -f /usr/pkg/etc/smtpd/smtpd.conf -d
> info: OpenSMTPD 7.3.0-portable starting
> dnsbl: config|smtpd-version|7.3.0-portable
> dnsbl: config|smtp-session-timeout|300
> dnsbl: config|subsystem|smtp-in
> dnsbl: config|admd|olafpi.ovaltofu.org
> dnsbl: config|ready
>
> Andi..
Thanks,
Omar Polo
