Woops, forgot about the /etc/ssl directory: ``` root@BrutusBjare isak]# ls -l /etc/ | grep ssl drwxr-xr-x 5 root root 4096 Feb 17 03:19 ssl ```
Cheers! On Tue, Feb 18, 2014 at 1:04 PM, Isak Andersson <[email protected]>wrote: > Hi Eriik and Jason! > > It sounds very much like it could be an issue with permissions. I have > been trying to change the permissions around a little bit and making the > owner the smtpd (which is the user that systemd starts it as) user (there > is also an smtpq user which I guess does the sendning? q for queue?). I > still get the same error and an additional warning that the certificate is > not owned by uid 0. Here is the errors and permissions: > > ``` > [root@BrutusBjare isak]# systemctl restart smtpd > Job for smtpd.service failed. See 'systemctl status smtpd.service' and > 'journalctl -xn' for details. > [root@BrutusBjare isak]# journalctl -xn > -- Logs begin at Fri 2013-03-29 01:07:20 UTC, end at Tue 2014-02-18 > 12:03:16 UTC. -- > Feb 18 12:00:28 BrutusBjare systemd[1]: Unit smtpd.service entered failed > state. > Feb 18 12:02:17 BrutusBjare sshd[5738]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost= > ns215641.ovh.net user=root > Feb 18 12:02:18 BrutusBjare sshd[5738]: Failed password for root from > 94.23.247.130 port 44229 ssh2 > Feb 18 12:02:18 BrutusBjare sshd[5738]: Received disconnect from > 94.23.247.130: 11: Bye Bye [preauth] > Feb 18 12:03:16 BrutusBjare systemd[1]: Starting OpenSMTPD... > -- Subject: Unit smtpd.service has begun with start-up > -- Defined-By: systemd > -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel > -- > -- Unit smtpd.service has begun starting up. > Feb 18 12:03:16 BrutusBjare smtpd[5742]: warn: > /etc/ssl/certs/puffinmail.crt: not owned by uid 0 > Feb 18 12:03:16 BrutusBjare smtpd[5742]: fatal: load_ssl_tree: failed to > load certificate file > Feb 18 12:03:16 BrutusBjare systemd[1]: smtpd.service: control process > exited, code=exited status=1 > Feb 18 12:03:16 BrutusBjare systemd[1]: Failed to start OpenSMTPD. > -- Subject: Unit smtpd.service has failed > -- Defined-By: systemd > -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel > -- Documentation: > http://www.freedesktop.org/wiki/Software/systemd/catalog/be02cf6855d2428ba40df7e9d022f03d > -- > -- Unit smtpd.service has failed. > -- > -- The result is failed. > Feb 18 12:03:16 BrutusBjare systemd[1]: Unit smtpd.service entered failed > state. > [root@BrutusBjare isak]# smtpd -n > warn: /etc/ssl/certs/puffinmail.crt: not owned by uid 0 > > fatal: load_ssl_tree: failed to load certificate file > [root@BrutusBjare isak]# ls -l /etc/ssl/certs/puffinmail.crt > -rw-r--r-- 1 smtpd root 6335 Feb 18 02:02 /etc/ssl/certs/puffinmail.crt > [root@BrutusBjare isak]# ls -l /etc/ssl/private/puffinmail.key > -rw-r--r-- 1 smtpd root 12603 Feb 18 02:00 /etc/ssl/private/puffinmail.key > [root@BrutusBjare isak]# > ``` > > Thanks! > > > On Tue, Feb 18, 2014 at 12:36 PM, Jason Barbier <[email protected]>wrote: > >> On , Isak Andersson wrote: >> >>> Hello! >>> >>> >> HEY! >> >> *snip* >> >> Which is strange because the files are indeed there: >>> ```````````````````` >>> BrutusBjare% ls /etc/ssl/certs/puffinmail.crt >>> /etc/ssl/certs/puffinmail.crt >>> BrutusBjare% ls /etc/ssl/private >>> puffinmail.key >>> `````````````````````` >>> >>> *snip* >> Could you show us the permissions you have the certs set to, and your >> /etc/ssl directory. there may be a chance that OpenSMTPD can not transverse >> them or read the cert. >> > >
