Your message dated Sun, 01 Dec 2019 15:22:34 +0000
with message-id <[email protected]>
and subject line Bug#945910: fixed in opensmtpd 6.6.1p1-3
has caused the Debian Bug report #945910,
regarding opensmtpd: Never sends out email submitted via /usr/sbin/sendmail
while smtpd was not running
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
945910: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945910
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: opensmtpd
Version: 6.6.1p1-1
Severity: important
Dear Maintainer,
I was surprised that OpenSMTPD lost a cron mail that cron managed to submit
while smtpd was not running (stopped temporarily for maintenance). I
expected smtpd to send it later, when I start it, but the message just kept
sitting in /var/spool/smtpd/offline.
So, to reproduce:
1. Install OpenSMTPD. The issue is reproducible both in Debian Stable
and Unstable and needs to be fixed in both.
2. It starts up and creates the hierarchy under /var/spool/smtpd.
3. Stop it, just to pretend that it was stopped and forgotten by accident.
4. Create a "mail.txt" file with mail headers, blank line, and body.
5. Send it: sendmail -f [email protected] -t < mail.txt
6. At this point, /usr/sbin/sendmail returns 75 and puts the message into
/var/spool/smtpd/offline, as expected.
7. systemctl restart opensmtpd
Expectation: smtpd should pick up the file from the offline queue.
Actual result:
# ls -l /var/spool/smtpd/offline
-rw------- 1 root root 237 Nov 30 18:08 1575137330.XXXXMwS8bP
The file just sits there, and smtpd ignores it.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
This has been traced to the permission differences between OpenSMTPD
expectations (based on how it is shipped on OpenBSD) and the reality on
Debian systems.
First of all, OpenSMTPD contains code that checks permissions on the files
in the offline queue:
https://github.com/OpenSMTPD/OpenSMTPD/blob/c139eb1610e931739d6cde4194c9560124b08165/smtpd/smtpd.c#L1604
The directory is owned by root:opensmtpdq, and the file by root:root. The
mismatch can be attributed to two things:
1. Difference between the directory group semantics between BSD (where
OpenSMTPD comes from) and Linux. On BSD, all directories behave like
they do on Linux with the (Linux) setgid bit.
# ls -ld /var/spool/smtpd/offline
drwxrwx--- 2 root opensmtpq 6 Nov 30 21:40 /var/spool/smtpd/offline
2. Difference between the ownership of /usr/sbin/smtpctl:
OpenBSD: it is setgid.
# ls -l /usr/sbin/smtpctl
-r-xr-sr-x 1 root _smtpq 217736 Oct 12 21:34 /usr/sbin/smtpctl
Linux: it is just a regular binary.
# ls -l /usr/sbin/smtpctl
-rwxr-xr-x 1 root root 211896 Nov 19 17:06 /usr/sbin/smtpctl
Therefore, it cannot create offline messages with the correct ownership.
In fact, fixing (1) makes offline mail work for root. Fixing (2) alone
makes it work for everyone.
-- System Information:
Debian Release: 10.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.3.12-arch1-1 (SMP w/8 CPU cores; PREEMPT) # LXC container
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE # wireguard
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages opensmtpd depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.71
ii ed 1.15-1
ii init-system-helpers 1.56+nmu1
ii libasr0 1.0.2-2
ii libc6 2.28-10
ii libdb5.3 5.3.28+dfsg1-0.5
ii libevent-2.1-7 2.1.11-stable-1
ii libpam0g 1.3.1-5
ii libssl1.1 1.1.1d-0+deb10u2
ii lsb-base 10.2019051400
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages opensmtpd recommends:
pn opensmtpd-extras <none>
Versions of packages opensmtpd suggests:
ii ca-certificates 20190110
-- Configuration Files:
/etc/smtpd.conf changed [not included]
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: opensmtpd
Source-Version: 6.6.1p1-3
We believe that the bug you reported is fixed in the latest version of
opensmtpd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ryan Kavanagh <[email protected]> (supplier of updated opensmtpd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 01 Dec 2019 09:50:39 -0500
Source: opensmtpd
Architecture: source
Version: 6.6.1p1-3
Distribution: unstable
Urgency: medium
Maintainer: Ryan Kavanagh <[email protected]>
Changed-By: Ryan Kavanagh <[email protected]>
Closes: 945910
Changes:
opensmtpd (6.6.1p1-3) unstable; urgency=medium
.
* Install smtpctl setgid opensmtpq (Closes: #945910)
Checksums-Sha1:
ee9e48ec9e5d1dbb097bd10ec83f95ac48eac08e 3053 opensmtpd_6.6.1p1-3.dsc
f70799536938d6dc5357715d692af7218f6e3aef 25624
opensmtpd_6.6.1p1-3.debian.tar.xz
6022262250f1964f5f4d6eacde2ab776e7c71ac0 7344
opensmtpd_6.6.1p1-3_amd64.buildinfo
Checksums-Sha256:
8b0275876c320ea7bf60aa03d67262f59a3bb99cebba5aaa547754ecb4636af1 3053
opensmtpd_6.6.1p1-3.dsc
ec971c887f770baf1e27004249860b79a59d2fecb16d6fda49aca5a3d986bdeb 25624
opensmtpd_6.6.1p1-3.debian.tar.xz
5aba49d495b48dee599ab966ce588ab0bc12cca793ce88e267afcf07f59281bf 7344
opensmtpd_6.6.1p1-3_amd64.buildinfo
Files:
08a56deda590def1ff6cc6ce2736dc4e 3053 mail optional opensmtpd_6.6.1p1-3.dsc
3e145891f09a7cd5511727564537c48e 25624 mail optional
opensmtpd_6.6.1p1-3.debian.tar.xz
f088b9ad2063117b7a895a368453d078 7344 mail optional
opensmtpd_6.6.1p1-3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQVDBAEBCgAtFiEETkaVGe1ndzQmj72Vj3v4/EoRyXoFAl3j1UYPHHJha0BkZWJp
YW4ub3JnAAoJEI97+PxKEcl6GEon/jQ70ceYwOB4uUBa92pAxkCLWBykQTJo1jBM
y3oG0t4Sdd5HbCZC9E4CoLwQYR00SKsI4PWV5+M1JFbSeL6wfi1ira5xeFdNcSAq
S7BJhcvGv5sfXGe6sxu2WecOmJyf/gtC1qABhHDb4vYDQnf+pDJKwnkmGX3y1F1C
u16Tq+fOWbbSNvus2TEl4mdsEBB7Jb+hTZspT9zMNCb2wNvajtdTBRQ7MhP3ye2U
24NZy0pDYh1F5JKxofM5/gaUmeAYhfxpvqkDIbcvN/bvG6beWFN3593xKXHhGjkW
aqcCvVUOejdrh2965fnwHBua7GqockrTw2HncOMQqFS1YO6BTq+eOestUt1TwuiY
ZEIAsgdJ+cmTnxU320tgI9RjzQyUHdC0zb4tfcfq860Aszs7WW+G+Tm86vhTvUf/
BeX0I0quZicrNrnK0Fk/nCt/LMWsw6psY/gtLhJBigLkJsBSPQL2IDW/dVVWU3+2
9ptWuAr8Q1G9gLQ34lUdislE2iqsL9PSr90VZ+JdMb3v2/fV8bT/JHWkylK9+frN
9jvEvcnWqnfr84OLJBJsf8lUwtNLG86j9pTFZ30IYwEBkkfJjueecjIjv2TLQd9X
JjZV378bf09/KJJddcXO9aoiBy9krLVEjDtdTtDNsOgnT7fOKSnOG2cL1j0Cjd37
fH6JJGaDxVTtHuyNjceltMlSKYLsnxGoRcwGoFI2IuLUr+10GsJ34njXUmxvXPLW
U3MRHidBa2T9qpn/cZTGmRmyMbm8P1U10Hb5gv4gJiNnfFS9GcnYOfandOSGRAj6
7JEGPEeQ4memFgfwl+Bo80RpoIL08BWBpQHWSBVbb62zEZVM3oOBNUVd5AqcEfEL
G2DXhdmQTIgVOVRy7dCIg+zR7pKuCb1RrQ6uQ/M06lLRDOTuxSkyG/cvInPB8fbM
lvkPPA4FiHfIZLB2w1zqflRvJ6YM60tNZGboyUNt4PlM3ANOS83bBv/RPPrTVsF1
w5st+Zw4cT1PWGkeiqkGAxF9cioJiU134u7/+9g5ESU+5GTQLT+aZibdiKRONViP
zXxzc+F5ZDv4gx8A/SQc/4E7XQiiugKtGvrt8QnmAyY2iRw8nwb2sLJ2e68wiC/N
+krzjTykx5Ty/Ph7WpcMU9cmUIV4eouwW4ORllXeN/fIc7nwNmsyTpa8BaXaFy6Z
Gdz5BHyCIN+ittJjvO8PRtKroHJ0xlNAy7F9/4CQgSBvOyMFFfqkrZpkxAD7Tr77
18HiTBv58JnKstS0UV42khY6BP4CPZD/C7X15antaiJD5SGat9b63fgo5UG1v9KA
i8Oa+hy+VWDmvEhYFeYsnLPsWBEbnmfC8kLYh1BrAEHDls6HdagBkDpEK2TbNFO8
BDq2T8j58NMlc2NWf6PppKo1++2kve/87ro3wcdiH5tW9A+qsAgeRGFGWCN6plDC
dIquInYhnlIlKRhTZuff9tuZ174A/mlF57TlIM3mcVTDxvf6LW68IWs821B1MjCk
cxqyk9tqdgW61QTVy1jxmvxlZozhW5yv5JgfjcI2ydp3YMwXRcK7e2bbftmgwoT+
Wm1Rp8UFefTtG+T3esW0TLL/80O8hUKc897AYqbXnN0malKyjb5Qpk4XL9ABdcym
zmz1UneKPtg/KChy8Ut1gjoDu+eIpw+2tnQ4wa6hqyKUVtUuoVgrGQOMilP08kh+
1Rzxxbwo
=733B
-----END PGP SIGNATURE-----
--- End Message ---
