Hey guys! I guess I said that it works too early. sudo smtpd -n outputs "Configuration ok" but when I try to start it, it dies immediately. First I got the error that the ssl tree is out of sync but I am not seeing that anymore after a reboot. However running it as root with the option -d does show the error:
``` [root@BrutusBjare isak]# smtpd -n configuration OK [root@BrutusBjare isak]# smtpd -d info: OpenSMTPD 5.4.1p1 starting info: startup fatal: smtp: ssltree out of sync warn: lost child: smtp exited abnormally info: scheduler handler exiting info: mail filter exiting info: mail transfer agent exiting info: mail delivery agent exiting info: lookup agent exiting warn: control -> smtp: pipe closed warn: parent terminating ``` Any ideas? Maybe I wasn't supposed to just copy the certs to the directories, perhaps I also need to run some command to update some kind of cache? On Wed, Feb 19, 2014 at 1:40 PM, Isak Andersson <[email protected]>wrote: > Hi Herbert! > > That is the way I initially did it actually. But after giving it another > shot, it suddenly says configuration ok. Which leaves me happy but still > scratching my noodle. Maybe it was that I shouldn't chmod 600 on the cert > file but only the kep file. Because that's the only thing I can think of > that is different. Either way now the configuration is ok. So I _should_ be > able to use this cert now! I just need to try and see how far I can get > from here and if I can't solve the other issues I had I will continue this > topic! > > Thanks so much everyone, opensmtpd is awesome! :) > > > On Wed, Feb 19, 2014 at 1:05 AM, Herbert J. Skuhra <[email protected]>wrote: > >> On Tue, 18 Feb 2014 13:04:24 +0100 >> Isak Andersson wrote: >> >> > Hi Eriik and Jason! >> > >> > It sounds very much like it could be an issue with permissions. I have >> been >> > trying to change the permissions around a little bit and making the >> owner >> > the smtpd (which is the user that systemd starts it as) user (there is >> also >> > an smtpq user which I guess does the sendning? q for queue?). I still >> get >> > the same error and an additional warning that the certificate is not >> owned >> > by uid 0. Here is the errors and permissions: >> > >> > ``` >> > [root@BrutusBjare isak]# systemctl restart smtpd >> > Job for smtpd.service failed. See 'systemctl status smtpd.service' and >> > 'journalctl -xn' for details. >> > [root@BrutusBjare isak]# journalctl -xn >> > -- Logs begin at Fri 2013-03-29 01:07:20 UTC, end at Tue 2014-02-18 >> > 12:03:16 UTC. -- >> > Feb 18 12:00:28 BrutusBjare systemd[1]: Unit smtpd.service entered >> failed >> > state. >> > Feb 18 12:02:17 BrutusBjare sshd[5738]: pam_unix(sshd:auth): >> authentication >> > failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns215641.ovh.net >> > user=root >> > Feb 18 12:02:18 BrutusBjare sshd[5738]: Failed password for root from >> > 94.23.247.130 port 44229 ssh2 >> > Feb 18 12:02:18 BrutusBjare sshd[5738]: Received disconnect from >> > 94.23.247.130: 11: Bye Bye [preauth] >> > Feb 18 12:03:16 BrutusBjare systemd[1]: Starting OpenSMTPD... >> > -- Subject: Unit smtpd.service has begun with start-up >> > -- Defined-By: systemd >> > -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel >> > -- >> > -- Unit smtpd.service has begun starting up. >> > Feb 18 12:03:16 BrutusBjare smtpd[5742]: warn: >> > /etc/ssl/certs/puffinmail.crt: not owned by uid 0 >> > Feb 18 12:03:16 BrutusBjare smtpd[5742]: fatal: load_ssl_tree: failed to >> > load certificate file >> > Feb 18 12:03:16 BrutusBjare systemd[1]: smtpd.service: control process >> > exited, code=exited status=1 >> > Feb 18 12:03:16 BrutusBjare systemd[1]: Failed to start OpenSMTPD. >> > -- Subject: Unit smtpd.service has failed >> > -- Defined-By: systemd >> > -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel >> > -- Documentation: >> > >> http://www.freedesktop.org/wiki/Software/systemd/catalog/be02cf6855d2428ba40df7e9d022f03d >> > -- >> > -- Unit smtpd.service has failed. >> > -- >> > -- The result is failed. >> > Feb 18 12:03:16 BrutusBjare systemd[1]: Unit smtpd.service entered >> failed >> > state. >> > [root@BrutusBjare isak]# smtpd -n >> > warn: /etc/ssl/certs/puffinmail.crt: not owned by uid 0 >> > fatal: load_ssl_tree: failed to load certificate file >> > [root@BrutusBjare isak]# ls -l /etc/ssl/certs/puffinmail.crt >> > -rw-r--r-- 1 smtpd root 6335 Feb 18 02:02 /etc/ssl/certs/puffinmail.crt >> > [root@BrutusBjare isak]# ls -l /etc/ssl/private/puffinmail.key >> > -rw-r--r-- 1 smtpd root 12603 Feb 18 02:00 >> /etc/ssl/private/puffinmail.key >> > [root@BrutusBjare isak]# >> >> What happens if you change owner to root (crt and key file) and chmod >> 600 at least the key file? >> >> -- >> Herbert >> > >
