Well, I don't undestand.
Wich are the right permissions?
In my 'bin' dir all's vpopmail:vchkpw
In my 'domains' dir all's vpopmail:vchkpw
In my 'include' dir all's root:vchkpw
In my 'lib' dir the libvpopmail.a is root:vchkpw
And in my 'etc'? What about?
And my tcpserver/sslserver has to run as '-u
Peter Palmreuther wrote:
> Execute
>
> chown vpopmail.vchkpw /home/vpopmail/etc
>
> and test again. If this succeeds you /can/ further search for
> the cause of 'setuid' vchkpw is run as, or you can live with
> the fact you need 'write permissions for vpopmail on ~vpopmail/etc'.
Now the etc dir
Peter Palmreuther wrote:
> Not 'probably', for sure. vchpw ain't able to open a lock
> file and therefore refuses to continue writing IP to open-smtp.
>
>> -rw-r--r-- 1 vpopmail vchkpw 0 Jan 15 15:40 open-smtp
>> -rw-r--r-- 1 root wheel 0 Jan 15 01:22 open-smtp.lock
> Returning to
Tom Collins wrote:
> Yep, delete the lock file.
ok
>
> Is /home/vpopmail/domains/nesys.it/test a valid directory?
> If not, why
> not? What are its permissions.
drwx-- 3 vpopmail vchkpw 512 Jan 14 11:36 test
It's right?
> In the vpopmail source directory, type `make fix-priv` to set
On Jan 15, 2004, at 8:21 AM, Andrea Riela wrote:
16072 vchkpw NAMI "/home/vpopmail/etc/open-smtp.lock"
16072 vchkpw RET open -1 errno 13 Permission denied
< probably the problem is here?
-rw-r--r-- 1 vpopmail vchkpw 0 Jan 15 15:40 open-smtp
-rw-r--r-- 1 root wheel 0 Jan 1
Peter Palmreuther wrote:
> What we need is why 'vchkpw' fails to write 'open-smtp' (or
> if it even tries to).
My < notes > are as follows:
16072 ktrace RET ktrace 0
16072 ktrace CALL execve(0xcfbfd8f2,0xcfbfd898,0xcfbfd8a8)
16072 ktrace NAMI "/home/vpopmail/bin/vchkpw"
16072 vchkp
Another test, with:
exec /usr/local/bin/softlimit -m 380 \ /usr/local/bin/sslserver -u 89 -g
89 -v -R -H -l 0 0 995 ktrace -f /tmp/ktrace.out /var/qmail/bin/qmail-popup
\ nesys.it /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1
Now I've resolved the .tmp files problem. Now I
This is my test:
The runscript
-
#!/bin/sh
CAFILE="/usr/local/ssl/certs/pop3s.cert"
CERTFILE="/usr/local/ssl/certs/pop3s.cert"
KEYFILE="/usr/local/ssl/certs/pop3s.key"
DHFILE="/usr/local/ssl/certs/dh1024.pem"
export CAFILE CERTFILE KEYFILE DHFILE
exec /usr/local/bin/softlimit -m 38
Peter Palmreuther wrote:
> [...]
> /usr/local/bin/sslserver -v -R -H -l 0 0 995 \
> strace -f -s 4096 -o /tmp/ssl-pop3.log \
/var/qmail/bin/qmail-popup \ [...]
>
> Don't let this run when "real" users try to log in, the
> password will be in '/tmp/ssl-pop3.log'. Use this only with
> test accounts,
Peter Palmreuther wrote:
> If you don't find any error logs about vchkpw failed to write
> data to 'open-smtp' insert a 'strace' or similar behind
> ssl-listener and let it log all file open/read/write actions.
> You should see the error code, and maybe even a short note
> printed by vchkpw, why it
10 matches
Mail list logo