RE: [vchkpw] Re: Ucspi-ssl? --> test
Peter Palmreuther wrote: > Execute > > chown vpopmail.vchkpw /home/vpopmail/etc > > and test again. If this succeeds you /can/ further search for > the cause of 'setuid' vchkpw is run as, or you can live with > the fact you need 'write permissions for vpopmail on ~vpopmail/etc'. Now the etc dir is vpopmail:vchkpw. But, after the pop3-ssl download, I see that in my /home/vpopmail/etc: observe# ls -la total 10 drwxr-xr-x 2 vpopmail vchkpw 512 Jan 16 02:12 . drwxr-xr-x 8 root wheel512 Jan 12 01:10 .. -rw-r--r-- 1 root wheel 25 Jan 12 12:13 inc_deps -rw-r--r-- 1 root wheel 34 Jan 12 12:13 lib_deps -rw-r--r-- 1 vpopmail vchkpw 0 Jan 16 01:40 open-smtp -rw-r--r-- 1 vpopmail vchkpw 0 Jan 16 02:12 open-smtp.lock -rw-r--r-- 1 vpopmail vchkpw 0 Jan 16 02:12 open-smtp.tmp.4179 -rw-r--r-- 1 root wheel454 Jan 12 01:07 tcp.smtp -rw-r--r-- 1 root vchkpw 2352 Jan 16 01:56 tcp.smtp.cdb -rw-r--r-- 1 vpopmail vchkpw 1107 Jan 12 01:09 vlimits.default This is a piece of my kdump.out: 4179 vchkpw CALL chown(0x16000,0x59,0x59) 4179 vchkpw NAMI "/home/vpopmail/domains/nesys.it/test/lastauth" 4179 vchkpw RET chown 0 4179 vchkpw CALL gettimeofday(0xcfbfd784,0) 4179 vchkpw RET gettimeofday 0 4179 vchkpw CALL open(0x833c,0x602,0x1b6) 4179 vchkpw NAMI "/home/vpopmail/etc/open-smtp.lock" 4179 vchkpw RET open 3 4179 vchkpw CALL fcntl(0x3,0x8,0xcfbfd734) 4179 vchkpw RET fcntl 0 4179 vchkpw CALL open(0x835e,0x2,0x1b6) 4179 vchkpw NAMI "/home/vpopmail/etc/open-smtp" 4179 vchkpw RET open 4 4179 vchkpw CALL getpid 4179 vchkpw RET getpid 4179/0x1053 4179 vchkpw CALL open(0xcfbfd9d8,0x602,0x1b6) 4179 vchkpw NAMI "/home/vpopmail/etc/open-smtp.tmp.4179" 4179 vchkpw RET open 5 4179 vchkpw CALL fcntl(0x3,0x8,0xcfbfd764) 4179 vchkpw RET fcntl 0 4179 vchkpw CALL close(0x3) 4179 vchkpw RET close 0 4179 vchkpw CALL setgid(0x59) 4179 vchkpw RET setgid 0 4179 vchkpw CALL setuid(0x59) 4179 vchkpw RET setuid 0 4179 vchkpw CALL chdir(0x12c22) 4179 vchkpw NAMI "/home/vpopmail/domains/nesys.it/test" 4179 vchkpw RET chdir 0 4179 vchkpw CALL close(0x) 4179 vchkpw RET close -1 errno 9 Bad file descriptor 4179 vchkpw CALL execve(0xcfbfdbca,0xcfbfdb74,0x16000) 4179 vchkpw NAMI "/var/qmail/bin/qmail-pop3d" 4179 qmail-pop3d EMUL "native" 4179 qmail-pop3d RET execve 0 4179 qmail-pop3d CALL open(0x10e5,0,0) Well, my /home/vpopmail/domains/nesys.it/test is: drwx-- 3 vpopmail vchkpw 512 Jan 14 11:36 test Question: the /home dir needs the nosuid in "fstab" file, or not? My fstab: /dev/wd0a / ffs rw 1 1 /dev/wd0h /home ffs rw,nodev,nosuid 1 2 /dev/wd0n /logs ffs rw,nodev,nosuid 1 2 /dev/wd0m /src ffs rw,nodev,nosuid 1 2 /dev/wd0d /tmp ffs rw,nodev,nosuid 1 2 /dev/wd0g /usr ffs rw,nodev 1 2 /dev/wd0e /var ffs rw,nodev 1 2 #/dev/wd0e /var ffs rw,nodev,nosuid 1 2 /dev/wd0l /web ffs rw,nodev 1 2 #/dev/wd0l /web ffs rw,nodev,nosuid 1 2 Thanks for all Regards Andrea
[vchkpw] Re: Ucspi-ssl? --> test
Hello Andrea, On Thursday, January 15, 2004 at 5:28:30 PM you wrote (at least in part): > The etc directory is the problem, I think. Right? Execute chown vpopmail.vchkpw /home/vpopmail/etc and test again. If this succeeds you /can/ further search for the cause of 'setuid' vchkpw is run as, or you can live with the fact you need 'write permissions for vpopmail on ~vpopmail/etc'. -- Best regards Peter Palmreuther Dolby of Borg - "They blinded me with irrelevance."
RE: [vchkpw] Re: Ucspi-ssl? --> test
Peter Palmreuther wrote: > Not 'probably', for sure. vchpw ain't able to open a lock > file and therefore refuses to continue writing IP to open-smtp. > >> -rw-r--r-- 1 vpopmail vchkpw 0 Jan 15 15:40 open-smtp >> -rw-r--r-- 1 root wheel 0 Jan 15 01:22 open-smtp.lock > Returning to your problem: in line 188 of your dump I see: > >> 16072 vchkpw CALL geteuid >> 16072 vchkpw RET geteuid 89/0x59 > > So your vchkpw is run as 'vpopmail'. But the lock file is > owned by (and write restricted to) root. I don't see a setuid > call in your run script, so: any of vpopmail binaries set the > setuid bit? What's the output of > > ls -l /home/vpopmail/bin/* > > Any '-u 89' anywhere in your startup script? Any other > possible 'change user ID' mechanism? Vpopmail: -u 89 Vchkpw: -g 89 observe# ls -l /home/vpopmail/bin/* -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/clearopensmtp -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vaddaliasdomain -rwx--x--x 1 vpopmail vchkpw 69632 Jan 12 12:13 /home/vpopmail/bin/vadddomain -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vadduser -rwx--x--x 1 vpopmail vchkpw 69632 Jan 12 12:13 /home/vpopmail/bin/valias -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vchangepw -rwx--x--x 1 vpopmail vchkpw 73728 Jan 12 12:13 /home/vpopmail/bin/vchkpw -rwx--x--x 1 vpopmail vchkpw 208734 Jan 12 01:08 /home/vpopmail/bin/vchkpw-noroaming -rwx--x--x 1 vpopmail vchkpw 69632 Jan 12 12:13 /home/vpopmail/bin/vconvert -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vdeldomain -rwx--x--x 1 vpopmail vchkpw 73728 Jan 12 12:13 /home/vpopmail/bin/vdelivermail -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vdeloldusers -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vdeluser -rwx--x--x 1 vpopmail vchkpw 69632 Jan 12 12:13 /home/vpopmail/bin/vdominfo -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vipmap -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vkill -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vmkpasswd -rwx--x--x 1 vpopmail vchkpw 77824 Jan 12 12:13 /home/vpopmail/bin/vmoddomlimits -rwx--x--x 1 vpopmail vchkpw 69632 Jan 12 12:13 /home/vpopmail/bin/vmoduser -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vpasswd -rwx--x--x 1 vpopmail vchkpw 69632 Jan 12 12:13 /home/vpopmail/bin/vpopbull -rwx--x--x 1 vpopmail vchkpw 73728 Jan 12 12:13 /home/vpopmail/bin/vqmaillocal -rwx--x--x 1 vpopmail vchkpw 65536 Jan 12 12:13 /home/vpopmail/bin/vsetuserquota -rwx--x--x 1 vpopmail vchkpw 69632 Jan 12 12:13 /home/vpopmail/bin/vuserinfo > Nonetheless you can try to delete open-smtp.lock, maybe (if > '/home/vpopmail/etc' permits UID 89 to create a new file) > this already solves your problem. I've deleted my open-smtp.lock, and I've tried to download emails from pop3-ssl, but my ktrace says the same: [...] 29540 vchkpw NAMI "/home/vpopmail/domains/nesys.it/test/lastauth" 29540 vchkpw RET chown 0 29540 vchkpw CALL gettimeofday(0xcfbfd58c,0) 29540 vchkpw RET gettimeofday 0 29540 vchkpw CALL open(0x833c,0x602,0x1b6) 29540 vchkpw NAMI "/home/vpopmail/etc/open-smtp.lock" 29540 vchkpw RET open -1 errno 13 Permission denied 29540 vchkpw CALL setgid(0x59) 29540 vchkpw RET setgid 0 29540 vchkpw CALL setuid(0x59) 29540 vchkpw RET setuid 0 29540 vchkpw CALL chdir(0x12c22) 29540 vchkpw NAMI "/home/vpopmail/domains/nesys.it/test" 29540 vchkpw RET chdir 0 29540 vchkpw CALL close(0x) 29540 vchkpw RET close -1 errno 9 Bad file descriptor 29540 vchkpw CALL execve(0xcfbfd9d2,0xcfbfd97c,0x16000) 29540 vchkpw NAMI "/var/qmail/bin/qmail-pop3d" 29540 qmail-pop3d EMUL "native" 29540 qmail-pop3d RET execve 0 29540 qmail-pop3d CALL open(0x10e5,0,0) 29540 qmail-pop3d NAMI "/usr/libexec/ld.so" 29540 qmail-pop3d RET open 3 29540 qmail-pop3d CALL read(0x3,0xcfbfd984,0x20) [...] ... Ooopss ... I've seen now the problem! observe# ls -la total 8 drwxr-xr-x 8 root wheel512 Jan 12 01:10 . drwxr-xr-x 5 root wheel512 Dec 11 09:23 .. drwxr-xr-x 2 vpopmail vchkpw 1024 Jan 12 12:13 bin drwxr-xr-x 4 vpopmail vchkpw 512 Jul 15 2003 doc drwx-- 8 vpopmail vchkpw 512 Dec 23 00:45 domains drwxr-xr-x 2 root wheel512 Jan 15 17:10 etc drwxr-xr-x 2 vpopmail vchkpw 512 Jan 12 12:13 include drwxr-xr-x 2 vpopmail vchkpw 512 Jan 12 12:13 lib The etc directory is the problem, I think. Right? What the right permission? My etc dir: observe# ls -la total 10 drwxr-xr-x 2 root wheel512 Jan 15 17:10 . drwxr-xr-x 8 root wheel512 Jan 12 01:10 .. -rw-r--r-- 1 root wheel 25 Jan 12 12:13 inc_deps -rw-r--r-- 1 root wheel 34 Jan 12 12:13 lib_deps -rw-r--r--
[vchkpw] Re: Ucspi-ssl? --> test
Hello Andrea, On Thursday, January 15, 2004 at 4:21:09 PM you wrote (at least in part): >> What we need is why 'vchkpw' fails to write 'open-smtp' (or >> if it even tries to). [...] > 16072 vchkpw NAMI "/etc/malloc.conf" > 16072 vchkpw RET readlink -1 errno 2 No such file or directory > < what's the malloc.conf file? > Don't know. But don't care. Not every 'No such file ...' is a fatal error. I'd guess it's OK it ain't there, any function from 'ld.so' probabyl simply tries to look for the file and /IF/ it's there it's evaluated. If not default values are used. I wouldn't worry. [...] > < I've the passwords > That's OK. [...] > 16072 vchkpw CALL open(0x833c,0x602,0x1b6) > 16072 vchkpw NAMI "/home/vpopmail/etc/open-smtp.lock" > 16072 vchkpw RET open -1 errno 13 Permission denied > < probably the problem is here? Not 'probably', for sure. vchpw ain't able to open a lock file and therefore refuses to continue writing IP to open-smtp. > -rw-r--r-- 1 vpopmail vchkpw 0 Jan 15 15:40 open-smtp > -rw-r--r-- 1 root wheel 0 Jan 15 01:22 open-smtp.lock > What's open-smtp.lock file ? > It's used to indicate "I'm currently writing open-smtp. Please wait one moment before writing." when two vchkpw try to access the file nearly simultaneously. Without this the two would probably overwrite each others information (instead of only appending to existing data). Returning to your problem: in line 188 of your dump I see: > 16072 vchkpw CALL geteuid > 16072 vchkpw RET geteuid 89/0x59 So your vchkpw is run as 'vpopmail'. But the lock file is owned by (and write restricted to) root. I don't see a setuid call in your run script, so: any of vpopmail binaries set the setuid bit? What's the output of ls -l /home/vpopmail/bin/* Any '-u 89' anywhere in your startup script? Any other possible 'change user ID' mechanism? Nonetheless you can try to delete open-smtp.lock, maybe (if '/home/vpopmail/etc' permits UID 89 to create a new file) this already solves your problem. -- Best regards Peter Palmreuther Nothing is illegal if one hundred businessmen decide to do it. - Andrew Young -
RE: [vchkpw] Re: Ucspi-ssl? --> test
Tom Collins wrote: > Yep, delete the lock file. ok > > Is /home/vpopmail/domains/nesys.it/test a valid directory? > If not, why > not? What are its permissions. drwx-- 3 vpopmail vchkpw 512 Jan 14 11:36 test It's right? > In the vpopmail source directory, type `make fix-priv` to set the > proper permissions on the domains directory. Then I've to make install-strip and recompile qmailadmin/vqadmin/courier-imap? Thanks Andrea
Re: [vchkpw] Re: Ucspi-ssl? --> test
On Jan 15, 2004, at 8:21 AM, Andrea Riela wrote: 16072 vchkpw NAMI "/home/vpopmail/etc/open-smtp.lock" 16072 vchkpw RET open -1 errno 13 Permission denied < probably the problem is here? -rw-r--r-- 1 vpopmail vchkpw 0 Jan 15 15:40 open-smtp -rw-r--r-- 1 root wheel 0 Jan 15 01:22 open-smtp.lock What's open-smtp.lock file ? > Yep, delete the lock file. 16072 vchkpw CALL setgid(0x59) 16072 vchkpw RET setgid 0 16072 vchkpw CALL setuid(0x59) 16072 vchkpw RET setuid 0 16072 vchkpw CALL chdir(0x12c22) 16072 vchkpw NAMI "/home/vpopmail/domains/nesys.it/test" 16072 vchkpw RET chdir 0 16072 vchkpw CALL close(0x) 16072 vchkpw RET close -1 errno 9 Bad file descriptor < another problem? > Is /home/vpopmail/domains/nesys.it/test a valid directory? If not, why not? What are its permissions. In the vpopmail source directory, type `make fix-priv` to set the proper permissions on the domains directory. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
RE: [vchkpw] Re: Ucspi-ssl? --> test
Peter Palmreuther wrote: > What we need is why 'vchkpw' fails to write 'open-smtp' (or > if it even tries to). My < notes > are as follows: 16072 ktrace RET ktrace 0 16072 ktrace CALL execve(0xcfbfd8f2,0xcfbfd898,0xcfbfd8a8) 16072 ktrace NAMI "/home/vpopmail/bin/vchkpw" 16072 vchkpw EMUL "native" 16072 vchkpw RET execve 0 16072 vchkpw CALL open(0x10e5,0,0) 16072 vchkpw NAMI "/usr/libexec/ld.so" 16072 vchkpw RET open 4 16072 vchkpw CALL read(0x4,0xcfbfd93c,0x20) 16072 vchkpw GIO fd 4 read 32 bytes "[EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0 \0\0\0\0\0\0\0\0\0\0\0" 16072 vchkpw RET read 32/0x20 16072 vchkpw CALL mmap(0,0xf000,0x5,0x2,0x4,0,0,0) 16072 vchkpw RET mmap 1073819648/0x40013000 16072 vchkpw CALL mmap(0x4002,0x2000,0x7,0x12,0x4,0,0xd000,0) 16072 vchkpw RET mmap 1073872896/0x4002 16072 vchkpw CALL issetugid 16072 vchkpw RET issetugid 0 16072 vchkpw CALL __sysctl(0xcfbfd7ac,0x2,0x40021a08,0xcfbfd7a8,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL mmap(0,0x8000,0x3,0x1004,0x,0,0,0) 16072 vchkpw RET mmap 1073881088/0x40022000 16072 vchkpw CALL open(0x40014b74,0,0) 16072 vchkpw NAMI "/var/run/ld.so.hints" 16072 vchkpw RET open 5 16072 vchkpw CALL fstat(0x5,0xcfbfd754) 16072 vchkpw RET fstat 0 16072 vchkpw CALL mmap(0,0x1bcb,0x1,0x4,0x5,0,0,0) 16072 vchkpw RET mmap 1073913856/0x4002a000 16072 vchkpw CALL open(0x4002b093,0,0) 16072 vchkpw NAMI "/usr/lib/libc.so.29.0" 16072 vchkpw RET open 6 16072 vchkpw CALL read(0x6,0xcfbfd834,0x20) 16072 vchkpw GIO fd 6 read 32 bytes "[EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0\0" 16072 vchkpw RET read 32/0x20 16072 vchkpw CALL mmap(0,0xbd6f0,0x5,0x4,0x6,0,0,0) 16072 vchkpw RET mmap 1073922048/0x4002c000 16072 vchkpw CALL mprotect(0x400b2000,0x9000,0x7) 16072 vchkpw RET mprotect 0 16072 vchkpw CALL mmap(0x400bb000,0x2e6f0,0x3,0x1014,0x,0,0,0) 16072 vchkpw RET mmap 1074507776/0x400bb000 16072 vchkpw CALL close(0x6) 16072 vchkpw RET close 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145d0,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145d4,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145d8,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145dc,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145e0,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145e4,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145e8,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL __sysctl(0xcfbfd75c,0x2,0x145ec,0xcfbfd758,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL munmap(0x4002a000,0x1bcb) 16072 vchkpw RET munmap 0 16072 vchkpw CALL close(0x5) 16072 vchkpw RET close 0 16072 vchkpw CALL close(0x4) 16072 vchkpw RET close 0 16072 vchkpw CALL __sysctl(0xcfbfd8e4,0x2,0x400e96e8,0xcfbfd8e0,0,0) 16072 vchkpw RET __sysctl 0 16072 vchkpw CALL readlink(0x400735f6,0xcfbfd83c,0x3f) 16072 vchkpw NAMI "/etc/malloc.conf" 16072 vchkpw RET readlink -1 errno 2 No such file or directory < what's the malloc.conf file? > 16072 vchkpw CALL issetugid 16072 vchkpw RET issetugid 0 16072 vchkpw CALL mmap(0,0x1000,0x3,0x1002,0x,0,0,0) 16072 vchkpw RET mmap 1073913856/0x4002a000 16072 vchkpw CALL break(0x14f3c) 16072 vchkpw RET break 0 16072 vchkpw CALL break(0x14f3c) 16072 vchkpw RET break 0 16072 vchkpw CALL break(0x16000) 16072 vchkpw RET break 0 16072 vchkpw CALL break(0x16000) 16072 vchkpw RET break 0 16072 vchkpw CALL break(0x17000) 16072 vchkpw RET break 0 16072 vchkpw CALL mmap(0,0x1000,0x3,0x1002,0x,0,0,0) 16072 vchkpw RET mmap 1073917952/0x4002b000 16072 vchkpw CALL mprotect(0x4002b000,0x1000,0x1) 16072 vchkpw RET mprotect 0 16072 vchkpw CALL mprotect(0x4002b000,0x1000,0x3) 16072 vchkpw RET mprotect 0 16072 vchkpw CALL mprotect(0x4002b000,0x1000,0x1) 16072 vchkpw RET mprotect 0 16072 vchkpw CALL read(0x3,0x14d30,0x9b) 16072 vchkpw GIO fd 3 read 46 bytes "[EMAIL PROTECTED]<[EMAIL PROTECTED]>\0" 16072 vchkpw RET read 46/0x2e 16072 vchkpw CALL read(0x3,0x14d5e,0x6d) 16072 vchkpw RET read 0 16072 vchkpw CALL close(0x3) 16072 vchkpw RET close 0 16072 vchkpw CALL mprotect(0x4002b000,0x1000,0x3) 16072 vchkpw RET mprotect 0 16072 vchkpw CALL mprotect(0x4002b000,0x1000,0x1) 16072 vchkpw RET mprotect 0 16072 vchkpw CALL open(0xcfbfd61c,0,0x1b6) 16072 vchkpw NAMI "/var/qmail/users/cdb" 16072 vchkpw RET open 3 16072 vchkpw CALL lseek(0x3,0,0x740,
[vchkpw] Re: Ucspi-ssl? --> test
Hello Andrea, On Thursday, January 15, 2004 at 1:20:50 AM you wrote (at least in part): > This is my test: [ktrace call and results] This ktrace dump does not contain content of vchkpw work. I'd suggest you - either find a way to tell ktrace to "follow", i.e. to observe and log processes created by 'fork()' & Co. as well (If I found the correct man-page this it should be '-i' switch). - or alter your startup line to someting like /usr/local/bin/sslserver -v -R -H -l 0 0 995 /var/qmail/bin/qmail-popup \ nesys.it ktrace -f /tmp/ktrace.out \ /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1 What we need is why 'vchkpw' fails to write 'open-smtp' (or if it even tries to). -- Best regards Peter Palmreuther Gotta run, the cat's caught in the printer.
RE: [vchkpw] Re: Ucspi-ssl? --> test [2]
Another test, with: exec /usr/local/bin/softlimit -m 380 \ /usr/local/bin/sslserver -u 89 -g 89 -v -R -H -l 0 0 995 ktrace -f /tmp/ktrace.out /var/qmail/bin/qmail-popup \ nesys.it /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1 Now I've resolved the .tmp files problem. Now I haven't the open-smtp.tmp. But my open-smtp is blank. It's fine that directory (as permissions)? observe# ls -la total 10 drwxr-xr-x 2 root wheel 1024 Jan 15 01:24 . drwxr-xr-x 8 root wheel512 Jan 12 01:10 .. -rw-r--r-- 1 root wheel 25 Jan 12 12:13 inc_deps -rw-r--r-- 1 root wheel 34 Jan 12 12:13 lib_deps -rw-r--r-- 1 vpopmail vchkpw 0 Jan 15 00:40 open-smtp -rw-r--r-- 1 root wheel 0 Jan 15 01:22 open-smtp.lock -rw-r--r-- 1 root wheel454 Jan 12 01:07 tcp.smtp -rw-r--r-- 1 root wheel 2352 Jan 15 00:59 tcp.smtp.cdb -rw-r--r-- 1 vpopmail vchkpw 1107 Jan 12 01:09 vlimits.default My test --- Connect with Outlook --> 995, user [EMAIL PROTECTED], pass test There's an email, I've downloaded that. But no roaming enabled. Result -- 31443 ktrace RET ktrace 0 31443 ktrace CALL execve(0xcfbfd862,0xcfbfd800,0xcfbfd818) 31443 ktrace NAMI "/var/qmail/bin/qmail-popup" 31443 qmail-popup EMUL "native" 31443 qmail-popup RET execve 0 31443 qmail-popup CALL open(0x10e5,0,0) 31443 qmail-popup NAMI "/usr/libexec/ld.so" 31443 qmail-popup RET open 3 31443 qmail-popup CALL read(0x3,0xcfbfda34,0x20) 31443 qmail-popup GIO fd 3 read 32 bytes "[EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0 \0\0\0\0\0\0\0\0\0\0\0" 31443 qmail-popup RET read 32/0x20 31443 qmail-popup CALL mmap(0,0xf000,0x5,0x2,0x3,0,0,0) 31443 qmail-popup RET mmap 1073762304/0x40005000 31443 qmail-popup CALL mmap(0x40012000,0x2000,0x7,0x12,0x3,0,0xd000,0) 31443 qmail-popup RET mmap 1073815552/0x40012000 31443 qmail-popup CALL issetugid 31443 qmail-popup RET issetugid 0 31443 qmail-popup CALL __sysctl(0xcfbfd8a4,0x2,0x40013a08,0xcfbfd8a0,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL mmap(0,0x8000,0x3,0x1004,0x,0,0,0) 31443 qmail-popup RET mmap 1073823744/0x40014000 31443 qmail-popup CALL open(0x40006b74,0,0) 31443 qmail-popup NAMI "/var/run/ld.so.hints" 31443 qmail-popup RET open 4 31443 qmail-popup CALL fstat(0x4,0xcfbfd84c) 31443 qmail-popup RET fstat 0 31443 qmail-popup CALL mmap(0,0x1bcb,0x1,0x4,0x4,0,0,0) 31443 qmail-popup RET mmap 1073856512/0x4001c000 31443 qmail-popup CALL open(0x4001d093,0,0) 31443 qmail-popup NAMI "/usr/lib/libc.so.29.0" 31443 qmail-popup RET open 5 31443 qmail-popup CALL read(0x5,0xcfbfd92c,0x20) 31443 qmail-popup GIO fd 5 read 32 bytes "[EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0\0" 31443 qmail-popup RET read 32/0x20 31443 qmail-popup CALL mmap(0,0xbd6f0,0x5,0x4,0x5,0,0,0) 31443 qmail-popup RET mmap 1073864704/0x4001e000 31443 qmail-popup CALL mprotect(0x400a4000,0x9000,0x7) 31443 qmail-popup RET mprotect 0 31443 qmail-popup CALL mmap(0x400ad000,0x2e6f0,0x3,0x1014,0x,0,0,0) 31443 qmail-popup RET mmap 1074450432/0x400ad000 31443 qmail-popup CALL close(0x5) 31443 qmail-popup RET close 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb6c,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb70,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb74,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb78,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb7c,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb80,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb84,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL __sysctl(0xcfbfd854,0x2,0x400abb88,0xcfbfd850,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL munmap(0x4001c000,0x1bcb) 31443 qmail-popup RET munmap 0 31443 qmail-popup CALL close(0x4) 31443 qmail-popup RET close 0 31443 qmail-popup CALL close(0x3) 31443 qmail-popup RET close 0 31443 qmail-popup CALL __sysctl(0xcfbfd9dc,0x2,0x400db6e8,0xcfbfd9d8,0,0) 31443 qmail-popup RET __sysctl 0 31443 qmail-popup CALL readlink(0x400655f6,0xcfbfd934,0x3f) 31443 qmail-popup NAMI "/etc/malloc.conf" 31443 qmail-popup RET readlink -1 errno 2 No such file or directory 31443 qmail-popup CALL issetugid 31443 qmail-popup RET issetugid 0 31443 qmail-popup CALL mmap(0,0x1000,0x3,0x1002,0x,0,0,0) 31443 qmail-popup RET mmap 1073856512/0x4001c000 31443 qmail-popup CALL break(0x5558) 31443 qmail-popup RET break 0 31443 qmail-popup CALL break(0x5558) 31443 qmail-popup RET break 0 31443 qmail-popup CALL break(0
RE: [vchkpw] Re: Ucspi-ssl? --> test
This is my test: The runscript - #!/bin/sh CAFILE="/usr/local/ssl/certs/pop3s.cert" CERTFILE="/usr/local/ssl/certs/pop3s.cert" KEYFILE="/usr/local/ssl/certs/pop3s.key" DHFILE="/usr/local/ssl/certs/dh1024.pem" export CAFILE CERTFILE KEYFILE DHFILE exec /usr/local/bin/softlimit -m 380 \ /usr/local/bin/sslserver -v -R -H -l 0 0 995 ktrace -f /tmp/ktrace.out /var/qmail/bin/qmail-popup \ nesys.it /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1 Test observe# openssl s_client -connect 127.0.0.1:995 CONNECTED(0004) --- +OK <[EMAIL PROTECTED]> USER [EMAIL PROTECTED] +OK PASS test +OK LIST +OK . QUIT DONE observe# kdump -f ktrace.out > kdump.out The result --- 5752 ktrace RET ktrace 0 5752 ktrace CALL execve(0xcfbfd8e6,0xcfbfd884,0xcfbfd89c) 5752 ktrace NAMI "/var/qmail/bin/qmail-popup" 5752 qmail-popup EMUL "native" 5752 qmail-popup RET execve 0 5752 qmail-popup CALL open(0x10e5,0,0) 5752 qmail-popup NAMI "/usr/libexec/ld.so" 5752 qmail-popup RET open 3 5752 qmail-popup CALL read(0x3,0xcfbfd90c,0x20) 5752 qmail-popup GIO fd 3 read 32 bytes "[EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0 \0\0\0\0\0\0\0\0\0\0\0" 5752 qmail-popup RET read 32/0x20 5752 qmail-popup CALL mmap(0,0xf000,0x5,0x2,0x3,0,0,0) 5752 qmail-popup RET mmap 1073762304/0x40005000 5752 qmail-popup CALL mmap(0x40012000,0x2000,0x7,0x12,0x3,0,0xd000,0) 5752 qmail-popup RET mmap 1073815552/0x40012000 5752 qmail-popup CALL issetugid 5752 qmail-popup RET issetugid 0 5752 qmail-popup CALL __sysctl(0xcfbfd77c,0x2,0x40013a08,0xcfbfd778,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL mmap(0,0x8000,0x3,0x1004,0x,0,0,0) 5752 qmail-popup RET mmap 1073823744/0x40014000 5752 qmail-popup CALL open(0x40006b74,0,0) 5752 qmail-popup NAMI "/var/run/ld.so.hints" 5752 qmail-popup RET open 4 5752 qmail-popup CALL fstat(0x4,0xcfbfd724) 5752 qmail-popup RET fstat 0 5752 qmail-popup CALL mmap(0,0x1bcb,0x1,0x4,0x4,0,0,0) 5752 qmail-popup RET mmap 1073856512/0x4001c000 5752 qmail-popup CALL open(0x4001d093,0,0) 5752 qmail-popup NAMI "/usr/lib/libc.so.29.0" 5752 qmail-popup RET open 5 5752 qmail-popup CALL read(0x5,0xcfbfd804,0x20) 5752 qmail-popup GIO fd 5 read 32 bytes "[EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0\0" 5752 qmail-popup RET read 32/0x20 5752 qmail-popup CALL mmap(0,0xbd6f0,0x5,0x4,0x5,0,0,0) 5752 qmail-popup RET mmap 1073864704/0x4001e000 5752 qmail-popup CALL mprotect(0x400a4000,0x9000,0x7) 5752 qmail-popup RET mprotect 0 5752 qmail-popup CALL mmap(0x400ad000,0x2e6f0,0x3,0x1014,0x,0,0,0) 5752 qmail-popup RET mmap 1074450432/0x400ad000 5752 qmail-popup CALL close(0x5) 5752 qmail-popup RET close 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb6c,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb70,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb74,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb78,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb7c,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb80,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb84,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL __sysctl(0xcfbfd72c,0x2,0x400abb88,0xcfbfd728,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL munmap(0x4001c000,0x1bcb) 5752 qmail-popup RET munmap 0 5752 qmail-popup CALL close(0x4) 5752 qmail-popup RET close 0 5752 qmail-popup CALL close(0x3) 5752 qmail-popup RET close 0 5752 qmail-popup CALL __sysctl(0xcfbfd8b4,0x2,0x400db6e8,0xcfbfd8b0,0,0) 5752 qmail-popup RET __sysctl 0 5752 qmail-popup CALL readlink(0x400655f6,0xcfbfd80c,0x3f) 5752 qmail-popup NAMI "/etc/malloc.conf" 5752 qmail-popup RET readlink -1 errno 2 No such file or directory 5752 qmail-popup CALL issetugid 5752 qmail-popup RET issetugid 0 5752 qmail-popup CALL mmap(0,0x1000,0x3,0x1002,0x,0,0,0) 5752 qmail-popup RET mmap 1073856512/0x4001c000 5752 qmail-popup CALL break(0x5558) 5752 qmail-popup RET break 0 5752 qmail-popup CALL break(0x5558) 5752 qmail-popup RET break 0 5752 qmail-popup CALL break(0x7000) 5752 qmail-popup RET break 0 5752 qmail-popup CALL break(0x7000) 5752 qmail-popup RET break 0 5752 qmail-popup CALL break(0x8000) 5752 qmail-popup RET break 0 5752 qmail-popup CALL mmap(0,0x1000,0x3,0x1002,0x,0,0,0) 5752 qmail-popup RET mmap 1073860608/0x4001d000 5752 qmail-popup CALL mprotect(0x4001d000,0x1000,0x1) 5752 qmail-popup RET mprotect 0 575