Pledge issue with opensmtpd-extras

Wed, 23 Dec 2015 15:50:26 -0800

I'm running an installation of today's snapshot (23-Dec-2015), and can't seem to get smtpd to launch when it is set to query a sqlite database. This is the complete output to /var/log/maillog from launch to crash: 

info: OpenSMTPD master starting
warn: lost child: lookup terminated; signal 6
info: control process exiting
info: scheduler handler exiting
info: queue handler exiting
warn: ca -> control: pipe closed
warn: pony -> lka: pipe closed
warn: parent terminating

and in dmesg, I see this:

smtpd(29857): syscall 2 "proc"
It looks like smtpd pledges proc during initialization (smtpd.c:704). Running a ktrace/kdump on smtpd -d shows only one call to pledge(), with proc and exec included. Also, 

# smtpd -d &
[1] 4597
# info: OpenSMTPD master starting
warn: lost child: lookup terminated; signal 6
info: queue handler exiting
info: control process exiting
info: scheduler handler exiting
warn: pony -> lka: pipe closed
warn: parent terminating

[1] + Done (1)             smtpd -d
# dmesg | tail -n 1
smtpd(31636): syscall 2 "proc"
The master process (pid 4597 in this instance) is not the process which tries to step outside its pledge boundary (pid 31636 is the offender here). 

Maybe a worker process needs to have proc added to its pledge in some cases?

For reference, my config files look like this:

#### smtpd.conf

# Tables
table aliases   file:/etc/mail/aliases
table passwd    sqlite:/etc/mail/sqlite.conf
table users     sqlite:/etc/mail/sqlite.conf
table domains   sqlite:/etc/mail/sqlite.conf

# Ports
listen on       lo0
listen on       lo0     port 10028      tag DKIM
listen on       egress  port smtp       tls
listen on       egress  smtps           auth <passwd>

# Incoming
accept from local for local alias <aliases> \
        deliver to lmtp "/var/dovecot/lmtp" rcpt-to

accept from any for domain <domains> virtual <users> \
        deliver to lmtp "/var/dovecot/lmtp" rcpt-to

# Outgoing
accept tagged DKIM for any relay
accept for any relay via smtp://127.0.0.1:10027

#### sqlite.conf

dbpath                  /etc/mail/users.db
query_credentials SELECT username||'@'||domain, password FROM users WHERE (username||'@'||domain)=?; 

query_domain            SELECT domain FROM users WHERE domain=? LIMIT 1;
query_alias SELECT 'vmail' FROM users WHERE ? LIKE (username||'@'||domain); 

####

Thanks,
Simon

--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]

Reply via email to