Re: [Efw-user] How is postfix restarted nightly?

Heinrich Moser jun. Mon, 05 Sep 2011 00:41:52 -0700

On Mon, 5 Sep 2011, Farzan Qureshi wrote:
> According to your email it seems postfix script is stopping the services and
> not the endian firewall.


I thought that postfix-script is not a service, but that these log 
messages rather indicate that "/usr/sbin/postfix stop" was called either 
manually or by some other script.

Now that I checked the logs again, it doesn't happen *every* night, but 
rather every now and then:

root@EFWmoser:~ # zcat /var/log/maillog-*.gz | grep "postfix-script: stopping"
[...]
Aug  1 00:53:58 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug  5 00:54:43 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug  7 00:54:41 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug  9 00:54:30 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 10 00:54:17 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 12 00:54:05 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 14 00:54:07 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 15 00:52:45 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 16 00:54:04 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 26 00:50:57 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 27 00:50:32 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 30 00:50:46 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Aug 31 00:51:47 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Sep  2 00:49:33 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Sep  2 00:50:33 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Sep  2 00:51:38 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Sep  2 00:52:43 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Sep  2 00:53:48 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system
Sep  3 00:51:49 EFWmoser postfix/postfix-script: stopping the Postfix mail 
system

Strange. (Sep 2 is where it hung. Apparently, the script that's calling 
"postfix stop" is calling it multiple times if the process does not want 
to stop.)

> Would you please send me:
>
> Tail -f /var/log/messages

root@EFWmoser:~ # tail -f /var/log/messages
Sep  5 08:50:30 EFWmoser sudo:   nobody : TTY=unknown ; PWD=/home/httpd/cgi-bin 
; USER=root ; COMMAND=/usr/bin/openvpn-user list
Sep  5 08:59:47 EFWmoser fcron[13519]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/anacron.daily started for user root (pid 13520)
Sep  5 08:59:47 EFWmoser fcron[13522]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/anacron.hourly started for user root (pid 13523)
Sep  5 08:59:49 EFWmoser fcron[13522]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/anacron.hourly completed
Sep  5 08:59:59 EFWmoser fcron[13519]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/anacron.daily completed
Sep  5 09:01:00 EFWmoser fcron[13889]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/cron.hourly started for user root (pid 13890)
Sep  5 09:01:02 EFWmoser fcron[13889]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/cron.hourly completed
Sep  5 09:01:25 EFWmoser sshd[13910]: Accepted password for root from 
::ffff:<ip-address-removed> port 51904 ssh2
Sep  5 09:01:25 EFWmoser sshd(pam_unix)[13910]: session opened for user root by 
(uid=0)
Sep  5 09:01:26 EFWmoser mailfile[13914]: Mail sent to 
'<email-address-removed>'. Mail caller: 'EFW-20200018'

Are you sure that you're only interested in the tail of todays logfile? 
Here's a snippet of Sep 2's messages:

root@EFWmoser:~ # zcat /var/log/messages-20110902.gz
[...]
Sep  2 00:01:00 EFWmoser fcron[6963]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/cron.hourly started for user root (pid 6964)
Sep  2 00:01:02 EFWmoser fcron[6963]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/cron.hourly completed
Sep  2 00:59:47 EFWmoser fcron[11131]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/anacron.hourly started for user root (pid 11132)
Sep  2 00:59:49 EFWmoser fcron[11131]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/anacron.hourly completed
Sep  2 01:01:00 EFWmoser fcron[11473]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/cron.hourly started for user root (pid 11474)
Sep  2 01:01:02 EFWmoser fcron[11473]: Job [ -x /bin/run-parts ] && run-parts 
--report /etc/cron.hourly completed
[...]

Unfortunately, there's nothing interesting happening at 00:49.

> Are u running postfix on separate server? Might be a stupid question :-)

I don't understand what you mean by this. I'm running an Endian firewall 
in a hosted environment, i.e., on a virtual machine. Mails are scanned and 
virus checked and then forwarded to the internal mail server (an Exchange 
server machine).

Thanks,
     Heinzi


------------------------------------------------------------------------------
Special Offer -- Download ArcSight Logger for FREE!
Finally, a world-class log management solution at an even better 
price-free! And you'll get a free "Love Thy Logs" t-shirt when you
download Logger. Secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsisghtdev2dev
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user

Re: [Efw-user] How is postfix restarted nightly?

Reply via email to