#####################Chmod 755 mkdir problem#########################
Ok enabling "virtual -v" and nuking /website/vuser with chmod 755 on it we
have:
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: deliver_mailbox[2]:
recip te...@test2.com deliver te...@test2.com
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_get_active:
attempting to connect to host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful
connection to host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful
query from host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_lookup:
retrieved 1 rows
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: maps_find:
virtual_mailbox_maps:
mysql:/usr/local/etc/postfix/mysql_mailbox.cf(0,lock|no_regsub|no_proxy|no_unauth):
te...@test2.com = test2.com/test2/Maildir/
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: mail_addr_find:
te...@test2.com -> test2.com/test2/Maildir/
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_get_active:
attempting to connect to host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful
connection to host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful
query from host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_lookup:
retrieved 1 rows
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: maps_find:
virtual_uid_maps:
mysql:/usr/local/etc/postfix/mysql_uids.cf(0,lock|no_regsub|no_proxy|no_unauth):
te...@test2.com = 2003
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: mail_addr_find:
te...@test2.com -> 2003
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_get_active:
attempting to connect to host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful
connection to host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful
query from host unix:/tmp/mysql.sock
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_lookup:
retrieved 1 rows
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: maps_find:
virtual_gid_maps:
mysql:/usr/local/etc/postfix/mysql_gids.cf(0,lock|no_regsub|no_proxy|no_unauth):
te...@test2.com = 2001
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: mail_addr_find:
te...@test2.com -> 2001
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: deliver_mailbox[2]: set
user_attr: /website/vuser/test2.com/test2/Maildir/, uid = 2003, gid = 2001
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: deliver_maildir[3]:
recip te...@test2.com deliver te...@test2.com
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: set_eugid: euid 2003
egid 2001
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: set_eugid: euid 125 egid
125
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: warning: maildir access
problem for UID/GID=2003/2001: create maildir file
/website/vuser/test2.com/test2/Maildir/tmp/1291172927.P25625.sunsaturn.com:
Permission denied
Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: warning: perhaps you
need to create the maildirs in advance
#####################Chmod 777 GID problem#########################
lets go back to chmod 777 /website/vuser and check GID issues:
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_mailbox[2]:
recip te...@test2.com deliver te...@test2.com
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_get_active:
attempting to connect to host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful
connection to host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful
query from host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_lookup:
retrieved 1 rows
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: maps_find:
virtual_mailbox_maps:
mysql:/usr/local/etc/postfix/mysql_mailbox.cf(0,lock|no_regsub|no_proxy|no_unauth):
te...@test2.com = test2.com/test2/Maildir/
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: mail_addr_find:
te...@test2.com -> test2.com/test2/Maildir/
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_get_active:
attempting to connect to host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful
connection to host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful
query from host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_lookup:
retrieved 1 rows
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: maps_find:
virtual_uid_maps:
mysql:/usr/local/etc/postfix/mysql_uids.cf(0,lock|no_regsub|no_proxy|no_unauth):
te...@test2.com = 2003
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: mail_addr_find:
te...@test2.com -> 2003
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_get_active:
attempting to connect to host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful
connection to host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful
query from host unix:/tmp/mysql.sock
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_lookup:
retrieved 1 rows
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: maps_find:
virtual_gid_maps:
mysql:/usr/local/etc/postfix/mysql_gids.cf(0,lock|no_regsub|no_proxy|no_unauth):
te...@test2.com = 2001
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: mail_addr_find:
te...@test2.com -> 2001
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_mailbox[2]: set
user_attr: /website/vuser/test2.com/test2/Maildir/, uid = 2003, gid = 2001
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_maildir[3]:
recip te...@test2.com deliver te...@test2.com
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: set_eugid: euid 2003
egid 2001
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: set_eugid: euid 125 egid
125
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: 6FE80119C5B:
to=<te...@test2.com>, relay=virtual, delay=0.06, delays=0.03/0.02/0/0.01,
dsn=2.0.0, status=sent (delivered to maildir)
Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_request_final:
send: "" 0
src/virtual/mailbox.c:deliver_maildir():
set_eugid(usr_attr.uid, usr_attr.gid);
/* Creates files, writes data, ... */
I can only think there is an issue here with usr_attr.gid for GID problem.
For creating initial directory it should set_eugid(0,0); create
directory then change permissions on it because how are we suppose to not
777 the directory if everytime it creates a new file in there its owned by
uid 2002 then 2003 then 2004 and so on...
Code is fine way it is except for initial creation.
Another note: I beleive you made a typo?
src/virtual/mailbox.c:deliver_maildir():
should be src/virtual/maildir.c:deliver_maildir():
Lets modify src/virtual/maildir.c to just touch a /tmp/file after
set_eugid(usr_attr.uid, usr_attr.gid);
by placing
system("/usr/bin/touch /tmp/gid_debug.txt");
right after and see what /tmp/gid_debug.txt looks like.
sunsaturn:/usr/ports/mail/postfix-current# echo test|mail te...@test2.com
sunsaturn:/usr/ports/mail/postfix-current# ls -al /tmp/gid*
-rw------- 1 2003 wheel 0 Nov 30 21:54 /tmp/gid_debug.txt
sunsaturn:/usr/ports/mail/postfix-current#
so we definately have an issue with usr_attr.gid here somewhere.
for your own reference:
sunsaturn:/website/vuser# tmp=$(mktemp /tmp/test.XXXXXX)
sunsaturn:/website/vuser# chown 2003:2001 "$tmp"
sunsaturn:/website/vuser# ls -l "$tmp"
-rw------- 1 2003 vuser 0 Nov 30 21:19 /tmp/test.Kev8V1
sunsaturn:/website/vuser# rm "$tmp"
Dan.
On Tue, 30 Nov 2010, Victor Duchovni wrote:
On Tue, Nov 30, 2010 at 07:39:39PM -0600, Dan wrote:
virtual_gid_maps = mysql:$config_directory/mysql_gids.cf
virtual_minimum_uid = 2002
virtual_uid_maps = mysql:$config_directory/mysql_uids.cf
Mysql relevant table entries:
email domain maildir
te...@test.com test2.com test2.com/test2/Maildir/
uid gid
2003 2001
And in /etc/group, what is group 2001?
Now lets chmod 777 /website/vuser so that it can create directories under
UID/GID=2003/2001 as it wants but in fact see that gid never is 2001.
Gid 2001 under my system is vuser:
sunsaturn:~# grep 2001 /etc/group
vuser:*:2001:
Prove this by posting the output of:
# tmp=$(mktemp /tmp/test.XXXXXX)
# chown 2003:2001 "$tmp"
# ls -l "$tmp"
# rm "$tmp"
sunsaturn:~# chmod 777 /website/vuser; cd /website/vuser
Never use world-writable directories in this context.
Nov 30 19:28:03 sunsaturn postfix/virtual[23237]: DC276119C60:
to=<te...@test2.com>, relay=virtual, delay=0.01, delays=0.01/0/0/0,
dsn=2.0.0, status=sent (delivered to maildir)
Nov 30 19:29:03 sunsaturn postfix/virtual[23237]: 3EA8C119C56:
to=<te...@test2.com>, relay=virtual, delay=372, delays=372/0/0/0,
dsn=2.0.0, status=sent (delivered to maildir)
-rw------- 1 2003 postfix 347 Nov 30 19:28
test2.com/test2/Maildir/new/1291166883.V59Ib97008M906598.sunsaturn.com
-rw------- 1 2003 postfix 347 Nov 30 19:29
test2.com/test2/Maildir/new/1291166943.V59Ib97001M911353.sunsaturn.com
Well Postfix asks the operating system nicely by setting its effective
uid and gid. If the operating system does not cooperate, you need to
find out why.
src/virtual/mailbox.c:deliver_mailbox():
/* Look up the mailbox owner rights. Defer in case of trouble. */
uid_res = mail_addr_find(virtual_uid_maps, state.msg_attr.user,
IGNORE_EXTENSION);
if (uid_res == 0) { /* error handling */ }
if ((n = atol(uid_res)) < var_virt_minimum_uid) { /* error handling */ }
usr_attr.uid = (uid_t) n;
/* Look up the mailbox group rights. Defer in case of trouble. */
gid_res = mail_addr_find(virtual_gid_maps, state.msg_attr.user,
IGNORE_EXTENSION);
if (gid_res == 0) { /* error handling */ }
if ((n = atol(gid_res)) <= 0) { /* error handling */ }
usr_attr.gid = (gid_t) n;
if (msg_verbose)
msg_info("%s[%d]: set user_attr: %s, uid = %u, gid = %u",
myname, state.level, usr_attr.mailbox,
(unsigned) usr_attr.uid, (unsigned) usr_attr.gid);
You can configure "virtual -v" in master.cf to see the uid/gid logged.
/* Deliver to mailbox or to maildir. */
#define LAST_CHAR(s) (s[strlen(s) - 1])
if (LAST_CHAR(usr_attr.mailbox) == '/')
*statusp = deliver_maildir(state, usr_attr);
else
*statusp = deliver_mailbox_file(state, usr_attr);
src/virtual/mailbox.c:deliver_maildir():
set_eugid(usr_attr.uid, usr_attr.gid);
/* Creates files, writes data, ... */
set_eugid(var_owner_uid, var_owner_gid);
--
Viktor.
