Re: [courier-users] Courier sourcing during test
David Niklas writes: It also says that courier is installed under /usr/lib/courier/sbin/courier which does not exist. This should be the default installation directory. The installation directory is configurable, based on configure options. I had to choose which piece of info was wrong, I choose the name. Bad choice. /usr/sbin/courier works fine, the ENV is cleaned and id is correct. Problems solved. If I submitted a few extra paragraphs for the courier docs to make it more clear, do you think they'd accept, or is my experience to exceptional/silly? You're more than welcome to submit a contribution to improve any documentation. For small changes and brief excerpts, plain text is fine. For large wholesale changes, its preferred to check out the git repo, and update the original html or Docbook XML source. pgpVRi3sUUXcV.pgp Description: PGP signature -- Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier sourcing during test
On Fri, 03 Jun 2016 17:34:57 -0400 Sam Varshavchik wrote: > do...@mail.com writes: > > > Nope. ENV and BASH_ENV are still set to /root/.profile. > > > > Ok. Time for strace. > > strace -o oud -ff /usr/lib64/courier/courier/courierd start & > > http://www.courier-mta.org/install.html#checks says to execute "courier > start" not "courierd start". > > Use "courier start", not "courierd start". > > It also says that courier is installed under /usr/lib/courier/sbin/courier which does not exist. I had to choose which piece of info was wrong, I choose the name. Bad choice. /usr/sbin/courier works fine, the ENV is cleaned and id is correct. Problems solved. If I submitted a few extra paragraphs for the courier docs to make it more clear, do you think they'd accept, or is my experience to exceptional/silly? Thanks, David -- Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier sourcing during test
On 02.06.16 21:19, do...@mail.com wrote: >Ok, your right, this is strange. >less wants to read /root/.profile but the ID file is blank. maybe LESSOPEN variable causes less execute a sh script. maybe your shell tries to source ~/.profile >Soruced /etc/profile. Now less does not try to read /root/.profile, ID is >still blank. So su probably did not fully clean the enviroment (that's >how I got into the test account). there may be bunch of mess in your users' or system bashrc ... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe. -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier sourcing during test
do...@mail.com writes: Nope. ENV and BASH_ENV are still set to /root/.profile. Ok. Time for strace. strace -o oud -ff /usr/lib64/courier/courier/courierd start & http://www.courier-mta.org/install.html#checks says to execute "courier start" not "courierd start". Use "courier start", not "courierd start". pgpRtTJIIxqvZ.pgp Description: PGP signature -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier sourcing during test
Warn: This is a bit long. I'm trying to be through. End result, courier does not clean it's environment when starting, and adds 4 unmentioned variables to the environment. On Wed, 25 May 2016 23:00:54 wrote: > David Niklas writes: > > > Hello, > > I've successfully run the tests of courier 0.75.0 up to the part where > > the msg writes info into the ID and ENV files. > > Strangely, id output no info into the ID file though sh wrote > > "/root/.profile" Permission denied. The env command output many > > variables all from /etc/profile, thought the docs say that courier > > should have a sanatized environment. All the files in /etc are > > default for courier with the exception that I removed the database > > modules from courier's authdaemond so that they would not load. > > I imagine that courierd is sourcing /etc/profile as root and then > > trying to read the user's (root's) .profile file. > > The docs do not specify a method of solving this, what do I do? > > The short, blunt answer is "figure it out". Something is definitely > borked in your environment. You need to figure out why supposedly a new > shell started under your userid wants to read /root/.profile. That's > obviously wrong. Ok, your right, this is strange. less wants to read /root/.profile but the ID file is blank. Soruced /etc/profile. Now less does not try to read /root/.profile, ID is still blank. So su probably did not fully clean the enviroment (that's how I got into the test account). > courierd does not source anything. It is a binary executable. "courier > start" runs the courierctl.start script that reads the courierd > configuration file with the -a flag, which imports its contents as > environment variables, then starts courierd. > > One of the sections in the courierd config file, named "SYSLOCALE" > sources what the configure script detected as the system configuration > file that sets the default system locale. It's a config file that's > picked from a fixed list of known system config files. At this time, > it's the first file from the following list which exists: SYSLOCALE is located in /etc/courier/couried an /etc/courier/couried.dist. In both cases it's commented out. In a previous mail I found that courier tried to use /etc/environment and was told that I might create it as it did not exist. I was also told that I should talk to the maintainer about locating an existing file for reading in the environment. The /etc/environment file contains only a comment. > /etc/environment > /etc/default/locale > /etc/sysconfig/i18n /etc/sysconfig/language > /etc/locale.conf The first on I created the others don't exist. > If none of these are found, that section in the courierd file is blank. > If found, the contents are read. > > I think that courier is not getting started correctly, if you see stuff > in your /etc/profile. That shouldn't happen. courierctl.start should be > executing 'env -i', to wipe out all traces of your login shell's > environment. > Hmm. I set in /etc/profile the ENV and BASH_ENV variables to "$USER/.profile" so that my GPGHOME variable would be read in by clawsmail when using the gpg add-on plugin. However, it seems that clawsmail does not read in the environment, it probably uses execv(3) or similar ): So, this would seem to me that courier, or a process thereof, is reading in /etc/profile. Comment those lines in /etc/profile. Source /etc/profile. Restart courier and authdaemond. Delete old ID and ENV. Send new mail. Nope. ENV and BASH_ENV are still set to /root/.profile. Ok. Time for strace. strace -o oud -ff /usr/lib64/courier/courier/courierd start & strace -o oug -ff /usr/lib/courier/courier-authlib/authdaemond Send new mail. grep open oug* oud* | sort -k2 -t":" | less -S Ok, it still tries to open /root/.profile but not /etc/profile seems to me this means that the environment is not clean. authdaemond and courierd are running as root... grep -e system -e exe oud* oug* > /home/me/courier.txt chown me /home/me/courier.txt oud.24686:execve("/usr/lib64/courier/courier/courierd", ["/usr/lib64/courier/courier/couri"..., "start"], [/* 86 vars */]) = 0 oud.24706:execve("/bin/bash", ["/bin/bash", "-c", "./courieruucp"], [/* 90 vars */]) = 0 oud.24706:execve("./courieruucp", ["./courieruucp"], [/* 90 vars */]) = 0 oud.24708:execve("/bin/bash", ["/bin/bash", "-c", "./courierlocal"], [/* 90 vars */]) = 0 oud.24708:execve("./courierlocal", ["./courierlocal"], [/* 90 vars */]) = 0 oud.24708:rt_sigreturn() = -1 EINTR (Interrupted system call) oud.24710:execve("/bin/bash", ["/bin/bash", "-c", "./courierfax"], [/* 90 vars */]) = 0 oud.24710:execve("./courierfax", ["./courierfax"], [/* 90 vars */]) = 0 oud.24712:execve("/bin/bash", ["/bin/bash", "-c", "./courieresmtp"], [/* 90 vars */]) = 0 oud.24712:execve("./courieresmtp", ["./courieresmtp"], [/* 90 vars */]) = 0 oud.24714:execve("/bin/bash", ["/bin/bash", "-c", "./courierdsn"], [/* 90 vars */]) = 0 oud.24714:execve
Re: [courier-users] Courier sourcing during test
On 05/24/2016 12:30 PM, David Niklas wrote: > I've successfully run the tests of courier 0.75.0 up to the part where > the msg writes info into the ID and ENV files. > Strangely, id output no info into the ID file though sh wrote > "/root/.profile" Permission denied. You're talking about the user/group ID check at the end of the post-install check section? http://www.courier-mta.org/install.html#checks To what user are you delivering mail? Does that user receive mail if there are no .courier files in its home directory? (Note that, below, the install document also says: "The Courier mail server does NOT deliver any mail to root.") -- Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier sourcing during test
David Niklas writes: Hello, I've successfully run the tests of courier 0.75.0 up to the part where the msg writes info into the ID and ENV files. Strangely, id output no info into the ID file though sh wrote "/root/.profile" Permission denied. The env command output many variables all from /etc/profile, thought the docs say that courier should have a sanatized environment. All the files in /etc are default for courier with the exception that I removed the database modules from courier's authdaemond so that they would not load. I imagine that courierd is sourcing /etc/profile as root and then trying to read the user's (root's) .profile file. The docs do not specify a method of solving this, what do I do? The short, blunt answer is "figure it out". Something is definitely borked in your environment. You need to figure out why supposedly a new shell started under your userid wants to read /root/.profile. That's obviously wrong. courierd does not source anything. It is a binary executable. "courier start" runs the courierctl.start script that reads the courierd configuration file with the -a flag, which imports its contents as environment variables, then starts courierd. One of the sections in the courierd config file, named "SYSLOCALE" sources what the configure script detected as the system configuration file that sets the default system locale. It's a config file that's picked from a fixed list of known system config files. At this time, it's the first file from the following list which exists: /etc/environment /etc/default/locale /etc/sysconfig/i18n /etc/sysconfig/language /etc/locale.conf If none of these are found, that section in the courierd file is blank. If found, the contents are read. I think that courier is not getting started correctly, if you see stuff in your /etc/profile. That shouldn't happen. courierctl.start should be executing 'env -i', to wipe out all traces of your login shell's environment. pgpZTserjDjn3.pgp Description: PGP signature -- Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Courier sourcing during test
Hello, I've successfully run the tests of courier 0.75.0 up to the part where the msg writes info into the ID and ENV files. Strangely, id output no info into the ID file though sh wrote "/root/.profile" Permission denied. The env command output many variables all from /etc/profile, thought the docs say that courier should have a sanatized environment. All the files in /etc are default for courier with the exception that I removed the database modules from courier's authdaemond so that they would not load. I imagine that courierd is sourcing /etc/profile as root and then trying to read the user's (root's) .profile file. The docs do not specify a method of solving this, what do I do? Thanks, David -- Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users