[vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Peter Palmreuther
Hello Andrea,

On Thursday, January 15, 2004 at 1:20:50 AM you wrote (at least in
part):

 This is my test:
[ktrace call and results]

This ktrace dump does not contain content of vchkpw work. I'd suggest
you
- either find a way to tell ktrace to follow, i.e. to observe and
  log processes created by 'fork()'  Co. as well (If I found the
  correct man-page this it should be '-i' switch).
- or alter your startup line to someting like

/usr/local/bin/sslserver -v -R -H -l 0 0 995 /var/qmail/bin/qmail-popup \
nesys.it ktrace -f /tmp/ktrace.out \
/home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 21

What we need is why 'vchkpw' fails to write 'open-smtp' (or if it even
tries to).
-- 
Best regards
Peter Palmreuther

Gotta run, the cat's caught in the printer.



RE: [vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Andrea Riela
   lseek 1856/0x740
 16072 vchkpw   CALL  read(0x3,0xcfbfd5c4,0x8)
 16072 vchkpw   GIO   fd 3 read 8 bytes
   4
\0\0\^B\0\0\0
 16072 vchkpw   RET   read 8
 16072 vchkpw   CALL  lseek(0x3,0,0xa3c,0,0)
 16072 vchkpw   RET   lseek 2620/0xa3c
 16072 vchkpw   CALL  read(0x3,0xcfbfd5c4,0x8)
 16072 vchkpw   GIO   fd 3 read 8 bytes
   \M-hY\M-zE\0\b\0\0
 16072 vchkpw   RET   read 8
 16072 vchkpw   CALL  lseek(0x3,0,0x800,0,0)
 16072 vchkpw   RET   lseek 2048/0x800
 16072 vchkpw   CALL  read(0x3,0xcfbfd5c4,0x8)
 16072 vchkpw   GIO   fd 3 read 8 bytes
   
\0\0\0001\0\0\0
 16072 vchkpw   RET   read 8
 16072 vchkpw   CALL  read(0x3,0xcfbfd55c,0xa)
 16072 vchkpw   GIO   fd 3 read 10 bytes
   !nesys.it-
 16072 vchkpw   RET   read 10/0xa
 16072 vchkpw   CALL  fstat(0x3,0xcfbfd4a0)
 16072 vchkpw   RET   fstat 0
 16072 vchkpw   CALL  break(0x17000)
 16072 vchkpw   RET   break 0
 16072 vchkpw   CALL  break(0x19000)
 16072 vchkpw   RET   break 0
 16072 vchkpw   CALL  mprotect(0x4002b000,0x1000,0x3)
 16072 vchkpw   RET   mprotect 0
 16072 vchkpw   CALL  mprotect(0x4002b000,0x1000,0x1)
 16072 vchkpw   RET   mprotect 0
 16072 vchkpw   CALL  read(0x3,0x17000,0x2000)
 16072 vchkpw   GIO   fd 3 read 562 bytes
 
nesys.it\089\089\0/home/vpopmail/domains/nesys.it\0-\0\f\0\0\0005\0\0\0!nes
ys.info-nesys.info\089\089\0/home/vp\

opmail/domains/nesys.info\0-\0\v\0\0\0003\0\0\0!nesys.biz-nesys.biz\089\089\
0/home/vpopmail/domains/nesys.biz\0\

-\0\^T\0\0\0E\0\0\0!labotte.ravenna.it-labotte.ravenna.it\089\089\0/home/vpo
pmail/domains/labotte.ravenna.it\0-\

\0\f\0\0\0005\0\0\0!ladyman.tv-ladyman.tv\089\089\0/home/vpopmail/domains/la
dyman.tv\0-\0\^N\0\0\09\0\0\0!inetm\

ark.net-inetmark.net\089\089\0/home/vpopmail/domains/inetmark.net\0-\0\0\0\0
\0\^A\0\0\0-\0\0\0\0\0\0\0\0\^DyI\
\^E\M^L\b\0\0\0\0\0\0\0\0\0\0\^E\^U\0\0\M-K
\0\0\0\0\0\0\0\0\0\0\^W!\M-#\^U3\0\0\0\0\0\0\0\0\0\0;\
\M-_\M-J\M-b|
\0\0\0\0\0\0\0\0\0\0\M^[\M-+\a\M-.C\b\0\0\M-0\M^B\M-8I\M-R\b\0\0\0\0\0\0\0\0
\0\0\0\0\0\0\0\0\0\
\0\M-hY\M-zE\0\b\0\0

 my domains 

 16072 vchkpw   RET   read 562/0x232
 16072 vchkpw   CALL  break(0x19000)
 16072 vchkpw   RET   break 0
 16072 vchkpw   CALL  break(0x1a000)
 16072 vchkpw   RET   break 0
 16072 vchkpw   CALL  close(0x3)
 16072 vchkpw   RET   close 0
 16072 vchkpw   CALL  geteuid
 16072 vchkpw   RET   geteuid 89/0x59
 16072 vchkpw   CALL  getpid
 16072 vchkpw   RET   getpid 16072/0x3ec8
 16072 vchkpw   CALL  open(0x13fd4,0,0x1b6)
 16072 vchkpw   NAMI  /home/vpopmail/domains/nesys.it/vpasswd.cdb
 16072 vchkpw   RET   open 3
 16072 vchkpw   CALL  lseek(0x3,0,0x198,0,0)
 16072 vchkpw   RET   lseek 408/0x198
 16072 vchkpw   CALL  read(0x3,0xcfbfd824,0x8)
 16072 vchkpw   GIO   fd 3 read 8 bytes
   5\^W\0\0\^B\0\0\0
 16072 vchkpw   RET   read 8
 16072 vchkpw   CALL  lseek(0x3,0,0x173d,0,0)
 16072 vchkpw   RET   lseek 5949/0x173d
 16072 vchkpw   CALL  read(0x3,0xcfbfd824,0x8)
 16072 vchkpw   GIO   fd 3 read 8 bytes
   3\M-/s|\M^B\^U\0\0
 16072 vchkpw   RET   read 8
 16072 vchkpw   CALL  lseek(0x3,0,0x1582,0,0)
 16072 vchkpw   RET   lseek 5506/0x1582
 16072 vchkpw   CALL  read(0x3,0xcfbfd824,0x8)
 16072 vchkpw   GIO   fd 3 read 8 bytes
   \^D\0\0\0Z\0\0\0
 16072 vchkpw   RET   read 8
 16072 vchkpw   CALL  read(0x3,0xcfbfd7bc,0x4)
 16072 vchkpw   GIO   fd 3 read 4 bytes
   test
 16072 vchkpw   RET   read 4
 16072 vchkpw   CALL  fstat(0x3,0xcfbfd710)
 16072 vchkpw   RET   fstat 0
 16072 vchkpw   CALL  mprotect(0x4002b000,0x1000,0x3)
 16072 vchkpw   RET   mprotect 0
 16072 vchkpw   CALL  mprotect(0x4002b000,0x1000,0x1)
 16072 vchkpw   RET   mprotect 0
 16072 vchkpw   CALL  read(0x3,0x16000,0x2000)
 16072 vchkpw   GIO   fd 3 read 839 bytes
 
$1$49VYI$62tMz.raXMJhj.YYxmQx8/:1:0:Test:/home/vpopmail/domains/nesys.it/te
st:NOQUOTA:test\b\0\0\0t\0\0\0traini\
ng$1$G8UrJ$TExcn1dIDCiLxN3Gt5fzc/:1:0:Nesys Education
Center:/home/vpopmail/domains/nesys.it/training:NOQUOTA:x\
xxx
\0\0\0h\0\0\0webmaster$1$sTbHy$jxaJeKl6Em.ztyYQnTL6M/:1:0:Webmaster:/home/vp
opmail/domains/nesys.it/web\

master:NOQUOTA:\^A88T\M-\^R\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\^E!
A\M-c\M-Y
\0\0\0\0\0\0\0\0\0\0
\M-C+'l\^V\0\0\^Q\M-*(\M^P\M-%\^O\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\^X\M-7
%Ne \0\0\0\

\0\0\0\0\0\0\0003\M-/s|[EMAIL PROTECTED]
:2W\v\0\0\0\0\0\0\0\0\0\0GL\M^C\M^^\
\M-Y\f\0\0\0\0\0\0\0\0\0\0j\M-l\^\

\M-p\b\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0mY\M^G\v6\^N\0\0\0\0\0\0\0\0\0\0w\
M-QM\M-=\M-(\^N\0\0\0\0\0\0\0\0\0\0\

x\^Y0\v3\^P\0\0\M^An\M^A\M-g\M^G\^T\0\0\0\0\0\0\0\0\0\0\M^Ef\M^Z\M^S\M-1\^Q\
0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
\M^F5=m\M-\^P\0\0\0\0\0\0\0\0\0\0\M^W1\0O]

\0\0\M-$nY\0\M-G\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\M-%/\M-L\^_\M-h\^U\0\
[EMAIL PROTECTED]
\^R\0\0\0\0\0\0\0\0\0\0\M-.=W

c\f\0\0\0\0\0\0\0\0\0\0\M-A\M-QT\M-ML\r\0\0\0\0\0\0\0\0\0\0\M-H\^U\M^F\M-N

Re: [vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Tom Collins
On Jan 15, 2004, at 8:21 AM, Andrea Riela wrote:
 16072 vchkpw   NAMI  /home/vpopmail/etc/open-smtp.lock
 16072 vchkpw   RET   open -1 errno 13 Permission denied
 probably the problem is here?

-rw-r--r--  1 vpopmail  vchkpw 0 Jan 15 15:40 open-smtp
-rw-r--r--  1 root  wheel  0 Jan 15 01:22 open-smtp.lock
What's open-smtp.lock file ? 
Yep, delete the lock file.

 16072 vchkpw   CALL  setgid(0x59)
 16072 vchkpw   RET   setgid 0
 16072 vchkpw   CALL  setuid(0x59)
 16072 vchkpw   RET   setuid 0
 16072 vchkpw   CALL  chdir(0x12c22)
 16072 vchkpw   NAMI  /home/vpopmail/domains/nesys.it/test
 16072 vchkpw   RET   chdir 0
 16072 vchkpw   CALL  close(0x)
 16072 vchkpw   RET   close -1 errno 9 Bad file descriptor
 another problem? 

Is /home/vpopmail/domains/nesys.it/test a valid directory?  If not, why 
not?  What are its permissions.

In the vpopmail source directory, type `make fix-priv` to set the 
proper permissions on the domains directory.

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/


RE: [vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Andrea Riela
Tom Collins wrote:
 Yep, delete the lock file.

ok

 
 Is /home/vpopmail/domains/nesys.it/test a valid directory?
 If not, why
 not?  What are its permissions.

drwx--   3 vpopmail  vchkpw   512 Jan 14 11:36 test

It's right?

 In the vpopmail source directory, type `make fix-priv` to set the
 proper permissions on the domains directory.

Then I've to make install-strip and recompile
qmailadmin/vqadmin/courier-imap?

Thanks
Andrea



[vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Peter Palmreuther
Hello Andrea,

On Thursday, January 15, 2004 at 4:21:09 PM you wrote (at least in
part):

 What we need is why 'vchkpw' fails to write 'open-smtp' (or
 if it even tries to).

[...]
  16072 vchkpw   NAMI  /etc/malloc.conf
  16072 vchkpw   RET   readlink -1 errno 2 No such file or directory

  what's the malloc.conf file? 

Don't know. But don't care. Not every 'No such file ...' is a fatal
error. I'd guess it's OK it ain't there, any function from 'ld.so'
probabyl simply tries to look for the file and /IF/ it's there it's
evaluated. If not default values are used.
I wouldn't worry.

[...]
  I've  the passwords 

That's OK.

[...]
  16072 vchkpw   CALL  open(0x833c,0x602,0x1b6)
  16072 vchkpw   NAMI  /home/vpopmail/etc/open-smtp.lock
  16072 vchkpw   RET   open -1 errno 13 Permission denied
 
  probably the problem is here?

Not 'probably', for sure. vchpw ain't able to open a lock file and
therefore refuses to continue writing IP to open-smtp.

 -rw-r--r--  1 vpopmail  vchkpw 0 Jan 15 15:40 open-smtp
 -rw-r--r--  1 root  wheel  0 Jan 15 01:22 open-smtp.lock

 What's open-smtp.lock file ? 

It's used to indicate I'm currently writing open-smtp. Please wait
one moment before writing. when two vchkpw try to access the file nearly
simultaneously. Without this the two would probably overwrite each
others information (instead of only appending to existing data).

Returning to your problem: in line 188 of your dump I see:

  16072 vchkpw   CALL  geteuid
  16072 vchkpw   RET   geteuid 89/0x59

So your vchkpw is run as 'vpopmail'. But the lock file is owned by (and
write restricted to) root.
I don't see a setuid call in your run script, so: any of vpopmail
binaries set the setuid bit? What's the output of

ls -l /home/vpopmail/bin/*

Any '-u 89' anywhere in your startup script? Any other possible
'change user ID' mechanism?

Nonetheless you can try to delete open-smtp.lock, maybe (if
'/home/vpopmail/etc' permits UID 89 to create a new file) this already
solves your problem.
-- 
Best regards
Peter Palmreuther

Nothing is illegal if one hundred businessmen decide to do it.  -
Andrew Young -



RE: [vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Andrea Riela
Peter Palmreuther wrote:
 Not 'probably', for sure. vchpw ain't able to open a lock
 file and therefore refuses to continue writing IP to open-smtp.
 
 -rw-r--r--  1 vpopmail  vchkpw 0 Jan 15 15:40 open-smtp
 -rw-r--r--  1 root  wheel  0 Jan 15 01:22 open-smtp.lock
 Returning to your problem: in line 188 of your dump I see:
 
  16072 vchkpw   CALL  geteuid
  16072 vchkpw   RET   geteuid 89/0x59
 
 So your vchkpw is run as 'vpopmail'. But the lock file is
 owned by (and write restricted to) root. I don't see a setuid
 call in your run script, so: any of vpopmail binaries set the
 setuid bit? What's the output of
 
 ls -l /home/vpopmail/bin/*
 
 Any '-u 89' anywhere in your startup script? Any other
 possible 'change user ID' mechanism?

Vpopmail: -u 89
Vchkpw: -g 89

observe# ls -l /home/vpopmail/bin/*
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/clearopensmtp
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vaddaliasdomain
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan 12 12:13
/home/vpopmail/bin/vadddomain
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vadduser
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan 12 12:13
/home/vpopmail/bin/valias
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vchangepw
-rwx--x--x  1 vpopmail  vchkpw   73728 Jan 12 12:13
/home/vpopmail/bin/vchkpw
-rwx--x--x  1 vpopmail  vchkpw  208734 Jan 12 01:08
/home/vpopmail/bin/vchkpw-noroaming
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan 12 12:13
/home/vpopmail/bin/vconvert
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vdeldomain
-rwx--x--x  1 vpopmail  vchkpw   73728 Jan 12 12:13
/home/vpopmail/bin/vdelivermail
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vdeloldusers
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vdeluser
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan 12 12:13
/home/vpopmail/bin/vdominfo
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vipmap
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13 /home/vpopmail/bin/vkill
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vmkpasswd
-rwx--x--x  1 vpopmail  vchkpw   77824 Jan 12 12:13
/home/vpopmail/bin/vmoddomlimits
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan 12 12:13
/home/vpopmail/bin/vmoduser
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vpasswd
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan 12 12:13
/home/vpopmail/bin/vpopbull
-rwx--x--x  1 vpopmail  vchkpw   73728 Jan 12 12:13
/home/vpopmail/bin/vqmaillocal
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan 12 12:13
/home/vpopmail/bin/vsetuserquota
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan 12 12:13
/home/vpopmail/bin/vuserinfo

 Nonetheless you can try to delete open-smtp.lock, maybe (if
 '/home/vpopmail/etc' permits UID 89 to create a new file)
 this already solves your problem.

I've deleted my open-smtp.lock, and I've tried to download emails from
pop3-ssl, but my ktrace says the same:

[...]
 29540 vchkpw   NAMI  /home/vpopmail/domains/nesys.it/test/lastauth
 29540 vchkpw   RET   chown 0
 29540 vchkpw   CALL  gettimeofday(0xcfbfd58c,0)
 29540 vchkpw   RET   gettimeofday 0
 29540 vchkpw   CALL  open(0x833c,0x602,0x1b6)
 29540 vchkpw   NAMI  /home/vpopmail/etc/open-smtp.lock
 29540 vchkpw   RET   open -1 errno 13 Permission denied
 29540 vchkpw   CALL  setgid(0x59)
 29540 vchkpw   RET   setgid 0
 29540 vchkpw   CALL  setuid(0x59)
 29540 vchkpw   RET   setuid 0
 29540 vchkpw   CALL  chdir(0x12c22)
 29540 vchkpw   NAMI  /home/vpopmail/domains/nesys.it/test
 29540 vchkpw   RET   chdir 0
 29540 vchkpw   CALL  close(0x)
 29540 vchkpw   RET   close -1 errno 9 Bad file descriptor
 29540 vchkpw   CALL  execve(0xcfbfd9d2,0xcfbfd97c,0x16000)
 29540 vchkpw   NAMI  /var/qmail/bin/qmail-pop3d
 29540 qmail-pop3d EMUL  native
 29540 qmail-pop3d RET   execve 0
 29540 qmail-pop3d CALL  open(0x10e5,0,0)
 29540 qmail-pop3d NAMI  /usr/libexec/ld.so
 29540 qmail-pop3d RET   open 3
 29540 qmail-pop3d CALL  read(0x3,0xcfbfd984,0x20)
[...]

... Ooopss ... I've seen now the problem!
observe# ls -la
total 8
drwxr-xr-x  8 root  wheel512 Jan 12 01:10 .
drwxr-xr-x  5 root  wheel512 Dec 11 09:23 ..
drwxr-xr-x  2 vpopmail  vchkpw  1024 Jan 12 12:13 bin
drwxr-xr-x  4 vpopmail  vchkpw   512 Jul 15  2003 doc
drwx--  8 vpopmail  vchkpw   512 Dec 23 00:45 domains
drwxr-xr-x  2 root  wheel512 Jan 15 17:10 etc
drwxr-xr-x  2 vpopmail  vchkpw   512 Jan 12 12:13 include
drwxr-xr-x  2 vpopmail  vchkpw   512 Jan 12 12:13 lib

The etc directory is the problem, I think. Right?
What the right permission?

My etc dir:
observe# ls -la
total 10
drwxr-xr-x  2 root  wheel512 Jan 15 17:10 .
drwxr-xr-x  8 root  wheel512 Jan 12 01:10 ..
-rw-r--r--  1 root  wheel 25 Jan 12 12:13 inc_deps
-rw-r--r--  1 root  wheel 34 Jan 12 12:13 lib_deps
-rw-r--r--  1 vpopmail  vchkpw 0 Jan 15 16

[vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Peter Palmreuther
Hello Andrea,

On Thursday, January 15, 2004 at 5:28:30 PM you wrote (at least in
part):

 The etc directory is the problem, I think. Right?

Execute

chown vpopmail.vchkpw /home/vpopmail/etc

and test again. If this succeeds you /can/ further search for the
cause of 'setuid' vchkpw is run as, or you can live with the fact you
need 'write permissions for vpopmail on ~vpopmail/etc'.
-- 
Best regards
Peter Palmreuther

Dolby of Borg - They blinded me with irrelevance.



RE: [vchkpw] Re: Ucspi-ssl? -- test

2004-01-15 Thread Andrea Riela
Peter Palmreuther wrote:
 Execute
 
 chown vpopmail.vchkpw /home/vpopmail/etc
 
 and test again. If this succeeds you /can/ further search for
 the cause of 'setuid' vchkpw is run as, or you can live with
 the fact you need 'write permissions for vpopmail on ~vpopmail/etc'.

Now the etc dir is vpopmail:vchkpw.
But, after the pop3-ssl download, I see that in my /home/vpopmail/etc:

observe# ls -la
total 10
drwxr-xr-x  2 vpopmail  vchkpw   512 Jan 16 02:12 .
drwxr-xr-x  8 root  wheel512 Jan 12 01:10 ..
-rw-r--r--  1 root  wheel 25 Jan 12 12:13 inc_deps
-rw-r--r--  1 root  wheel 34 Jan 12 12:13 lib_deps
-rw-r--r--  1 vpopmail  vchkpw 0 Jan 16 01:40 open-smtp
-rw-r--r--  1 vpopmail  vchkpw 0 Jan 16 02:12 open-smtp.lock
-rw-r--r--  1 vpopmail  vchkpw 0 Jan 16 02:12 open-smtp.tmp.4179
-rw-r--r--  1 root  wheel454 Jan 12 01:07 tcp.smtp
-rw-r--r--  1 root  vchkpw  2352 Jan 16 01:56 tcp.smtp.cdb
-rw-r--r--  1 vpopmail  vchkpw  1107 Jan 12 01:09 vlimits.default

This is a piece of my kdump.out:

  4179 vchkpw   CALL  chown(0x16000,0x59,0x59)
  4179 vchkpw   NAMI  /home/vpopmail/domains/nesys.it/test/lastauth
  4179 vchkpw   RET   chown 0
  4179 vchkpw   CALL  gettimeofday(0xcfbfd784,0)
  4179 vchkpw   RET   gettimeofday 0
  4179 vchkpw   CALL  open(0x833c,0x602,0x1b6)
  4179 vchkpw   NAMI  /home/vpopmail/etc/open-smtp.lock
  4179 vchkpw   RET   open 3
  4179 vchkpw   CALL  fcntl(0x3,0x8,0xcfbfd734)   
  4179 vchkpw   RET   fcntl 0
  4179 vchkpw   CALL  open(0x835e,0x2,0x1b6)
  4179 vchkpw   NAMI  /home/vpopmail/etc/open-smtp
  4179 vchkpw   RET   open 4
  4179 vchkpw   CALL  getpid
  4179 vchkpw   RET   getpid 4179/0x1053
  4179 vchkpw   CALL  open(0xcfbfd9d8,0x602,0x1b6)
  4179 vchkpw   NAMI  /home/vpopmail/etc/open-smtp.tmp.4179
  4179 vchkpw   RET   open 5
  4179 vchkpw   CALL  fcntl(0x3,0x8,0xcfbfd764)
  4179 vchkpw   RET   fcntl 0
  4179 vchkpw   CALL  close(0x3)
  4179 vchkpw   RET   close 0
  4179 vchkpw   CALL  setgid(0x59)
  4179 vchkpw   RET   setgid 0
  4179 vchkpw   CALL  setuid(0x59)
  4179 vchkpw   RET   setuid 0
  4179 vchkpw   CALL  chdir(0x12c22)
  4179 vchkpw   NAMI  /home/vpopmail/domains/nesys.it/test
  4179 vchkpw   RET   chdir 0
  4179 vchkpw   CALL  close(0x)
  4179 vchkpw   RET   close -1 errno 9 Bad file descriptor
  4179 vchkpw   CALL  execve(0xcfbfdbca,0xcfbfdb74,0x16000)
  4179 vchkpw   NAMI  /var/qmail/bin/qmail-pop3d
  4179 qmail-pop3d EMUL  native
  4179 qmail-pop3d RET   execve 0
  4179 qmail-pop3d CALL  open(0x10e5,0,0)

Well, my /home/vpopmail/domains/nesys.it/test is:
drwx--   3 vpopmail  vchkpw   512 Jan 14 11:36 test

Question: the /home dir needs the nosuid in fstab file, or not?
My fstab:
/dev/wd0a / ffs rw 1 1
/dev/wd0h /home ffs rw,nodev,nosuid 1 2
/dev/wd0n /logs ffs rw,nodev,nosuid 1 2
/dev/wd0m /src ffs rw,nodev,nosuid 1 2
/dev/wd0d /tmp ffs rw,nodev,nosuid 1 2
/dev/wd0g /usr ffs rw,nodev 1 2
/dev/wd0e /var ffs rw,nodev 1 2
#/dev/wd0e /var ffs rw,nodev,nosuid 1 2
/dev/wd0l /web ffs rw,nodev 1 2
#/dev/wd0l /web ffs rw,nodev,nosuid 1 2

Thanks for all
Regards
Andrea



RE: [vchkpw] Re: Ucspi-ssl? -- test

2004-01-14 Thread Andrea Riela
This is my test:

The runscript
-
#!/bin/sh
CAFILE=/usr/local/ssl/certs/pop3s.cert
CERTFILE=/usr/local/ssl/certs/pop3s.cert
KEYFILE=/usr/local/ssl/certs/pop3s.key
DHFILE=/usr/local/ssl/certs/dh1024.pem
export CAFILE CERTFILE KEYFILE DHFILE
exec /usr/local/bin/softlimit -m 380 \
/usr/local/bin/sslserver -v -R -H -l 0 0 995 ktrace -f /tmp/ktrace.out
/var/qmail/bin/qmail-popup \
nesys.it /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 21

Test

observe# openssl s_client -connect 127.0.0.1:995
CONNECTED(0004)
cut
---
+OK [EMAIL PROTECTED]
USER [EMAIL PROTECTED]
+OK 
PASS test
+OK 
LIST
+OK 
.
QUIT
DONE
observe# kdump -f ktrace.out  kdump.out

The result
---
  5752 ktrace   RET   ktrace 0
  5752 ktrace   CALL  execve(0xcfbfd8e6,0xcfbfd884,0xcfbfd89c)
  5752 ktrace   NAMI  /var/qmail/bin/qmail-popup
  5752 qmail-popup EMUL  native
  5752 qmail-popup RET   execve 0
  5752 qmail-popup CALL  open(0x10e5,0,0)
  5752 qmail-popup NAMI  /usr/libexec/ld.so
  5752 qmail-popup RET   open 3
  5752 qmail-popup CALL  read(0x3,0xcfbfd90c,0x20)
  5752 qmail-popup GIO   fd 3 read 32 bytes
   [EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0
\0\0\0\0\0\0\0\0\0\0\0
  5752 qmail-popup RET   read 32/0x20
  5752 qmail-popup CALL  mmap(0,0xf000,0x5,0x2,0x3,0,0,0)
  5752 qmail-popup RET   mmap 1073762304/0x40005000
  5752 qmail-popup CALL  mmap(0x40012000,0x2000,0x7,0x12,0x3,0,0xd000,0)
  5752 qmail-popup RET   mmap 1073815552/0x40012000
  5752 qmail-popup CALL  issetugid
  5752 qmail-popup RET   issetugid 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd77c,0x2,0x40013a08,0xcfbfd778,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  mmap(0,0x8000,0x3,0x1004,0x,0,0,0)
  5752 qmail-popup RET   mmap 1073823744/0x40014000
  5752 qmail-popup CALL  open(0x40006b74,0,0)
  5752 qmail-popup NAMI  /var/run/ld.so.hints
  5752 qmail-popup RET   open 4
  5752 qmail-popup CALL  fstat(0x4,0xcfbfd724)
  5752 qmail-popup RET   fstat 0
  5752 qmail-popup CALL  mmap(0,0x1bcb,0x1,0x4,0x4,0,0,0)
  5752 qmail-popup RET   mmap 1073856512/0x4001c000
  5752 qmail-popup CALL  open(0x4001d093,0,0)
  5752 qmail-popup NAMI  /usr/lib/libc.so.29.0
  5752 qmail-popup RET   open 5
  5752 qmail-popup CALL  read(0x5,0xcfbfd804,0x20)
  5752 qmail-popup GIO   fd 5 read 32 bytes
   [EMAIL PROTECTED]
\0\0\0\0\0\0\0\0\0\0\0
  5752 qmail-popup RET   read 32/0x20
  5752 qmail-popup CALL  mmap(0,0xbd6f0,0x5,0x4,0x5,0,0,0)
  5752 qmail-popup RET   mmap 1073864704/0x4001e000
  5752 qmail-popup CALL  mprotect(0x400a4000,0x9000,0x7)
  5752 qmail-popup RET   mprotect 0
  5752 qmail-popup CALL
mmap(0x400ad000,0x2e6f0,0x3,0x1014,0x,0,0,0)
  5752 qmail-popup RET   mmap 1074450432/0x400ad000
  5752 qmail-popup CALL  close(0x5)
  5752 qmail-popup RET   close 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb6c,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb70,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb74,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb78,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb7c,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb80,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb84,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd72c,0x2,0x400abb88,0xcfbfd728,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  munmap(0x4001c000,0x1bcb)
  5752 qmail-popup RET   munmap 0
  5752 qmail-popup CALL  close(0x4)
  5752 qmail-popup RET   close 0
  5752 qmail-popup CALL  close(0x3)
  5752 qmail-popup RET   close 0
  5752 qmail-popup CALL  __sysctl(0xcfbfd8b4,0x2,0x400db6e8,0xcfbfd8b0,0,0)
  5752 qmail-popup RET   __sysctl 0
  5752 qmail-popup CALL  readlink(0x400655f6,0xcfbfd80c,0x3f)
  5752 qmail-popup NAMI  /etc/malloc.conf
  5752 qmail-popup RET   readlink -1 errno 2 No such file or directory
  5752 qmail-popup CALL  issetugid
  5752 qmail-popup RET   issetugid 0
  5752 qmail-popup CALL  mmap(0,0x1000,0x3,0x1002,0x,0,0,0)
  5752 qmail-popup RET   mmap 1073856512/0x4001c000
  5752 qmail-popup CALL  break(0x5558)
  5752 qmail-popup RET   break 0
  5752 qmail-popup CALL  break(0x5558)
  5752 qmail-popup RET   break 0
  5752 qmail-popup CALL  break(0x7000)
  5752 qmail-popup RET   break 0
  5752 qmail-popup CALL  break(0x7000)
  5752 qmail-popup RET   break 0
  5752 qmail-popup CALL  break(0x8000)
  5752 qmail-popup RET   break 0
  5752 qmail-popup CALL  mmap(0,0x1000,0x3,0x1002,0x,0,0,0)
  5752 qmail-popup RET   mmap 1073860608/0x4001d000
  5752 qmail-popup CALL  mprotect(0x4001d000,0x1000,0x1)
  5752 qmail-popup RET   mprotect 0
  5752 qmail-popup CALL  

RE: [vchkpw] Re: Ucspi-ssl? -- test [2]

2004-01-14 Thread Andrea Riela
Another test, with:

exec /usr/local/bin/softlimit -m 380 \ /usr/local/bin/sslserver -u 89 -g
89 -v -R -H -l 0 0 995 ktrace -f /tmp/ktrace.out /var/qmail/bin/qmail-popup
\ nesys.it /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 21

Now I've resolved the .tmp files problem. Now I haven't the
open-smtp.tmpnum.
But my open-smtp is blank. It's fine that directory (as permissions)?

observe# ls -la
total 10
drwxr-xr-x  2 root  wheel   1024 Jan 15 01:24 .
drwxr-xr-x  8 root  wheel512 Jan 12 01:10 ..
-rw-r--r--  1 root  wheel 25 Jan 12 12:13 inc_deps
-rw-r--r--  1 root  wheel 34 Jan 12 12:13 lib_deps
-rw-r--r--  1 vpopmail  vchkpw 0 Jan 15 00:40 open-smtp
-rw-r--r--  1 root  wheel  0 Jan 15 01:22 open-smtp.lock
-rw-r--r--  1 root  wheel454 Jan 12 01:07 tcp.smtp
-rw-r--r--  1 root  wheel   2352 Jan 15 00:59 tcp.smtp.cdb
-rw-r--r--  1 vpopmail  vchkpw  1107 Jan 12 01:09 vlimits.default

My test
---
Connect with Outlook -- 995, user [EMAIL PROTECTED], pass test
There's an email, I've downloaded that. But no roaming enabled.

Result
--
 31443 ktrace   RET   ktrace 0
 31443 ktrace   CALL  execve(0xcfbfd862,0xcfbfd800,0xcfbfd818)
 31443 ktrace   NAMI  /var/qmail/bin/qmail-popup
 31443 qmail-popup EMUL  native
 31443 qmail-popup RET   execve 0
 31443 qmail-popup CALL  open(0x10e5,0,0)
 31443 qmail-popup NAMI  /usr/libexec/ld.so
 31443 qmail-popup RET   open 3
 31443 qmail-popup CALL  read(0x3,0xcfbfda34,0x20)
 31443 qmail-popup GIO   fd 3 read 32 bytes
   [EMAIL PROTECTED] \0\0\0\0\0\0\0\0\0\0
\0\0\0\0\0\0\0\0\0\0\0
 31443 qmail-popup RET   read 32/0x20
 31443 qmail-popup CALL  mmap(0,0xf000,0x5,0x2,0x3,0,0,0)
 31443 qmail-popup RET   mmap 1073762304/0x40005000
 31443 qmail-popup CALL  mmap(0x40012000,0x2000,0x7,0x12,0x3,0,0xd000,0)
 31443 qmail-popup RET   mmap 1073815552/0x40012000
 31443 qmail-popup CALL  issetugid
 31443 qmail-popup RET   issetugid 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd8a4,0x2,0x40013a08,0xcfbfd8a0,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  mmap(0,0x8000,0x3,0x1004,0x,0,0,0)
 31443 qmail-popup RET   mmap 1073823744/0x40014000
 31443 qmail-popup CALL  open(0x40006b74,0,0)
 31443 qmail-popup NAMI  /var/run/ld.so.hints
 31443 qmail-popup RET   open 4
 31443 qmail-popup CALL  fstat(0x4,0xcfbfd84c)
 31443 qmail-popup RET   fstat 0
 31443 qmail-popup CALL  mmap(0,0x1bcb,0x1,0x4,0x4,0,0,0)
 31443 qmail-popup RET   mmap 1073856512/0x4001c000
 31443 qmail-popup CALL  open(0x4001d093,0,0)
 31443 qmail-popup NAMI  /usr/lib/libc.so.29.0
 31443 qmail-popup RET   open 5
 31443 qmail-popup CALL  read(0x5,0xcfbfd92c,0x20)
 31443 qmail-popup GIO   fd 5 read 32 bytes
   [EMAIL PROTECTED]
\0\0\0\0\0\0\0\0\0\0\0
 31443 qmail-popup RET   read 32/0x20
 31443 qmail-popup CALL  mmap(0,0xbd6f0,0x5,0x4,0x5,0,0,0)
 31443 qmail-popup RET   mmap 1073864704/0x4001e000
 31443 qmail-popup CALL  mprotect(0x400a4000,0x9000,0x7)
 31443 qmail-popup RET   mprotect 0
 31443 qmail-popup CALL
mmap(0x400ad000,0x2e6f0,0x3,0x1014,0x,0,0,0)
 31443 qmail-popup RET   mmap 1074450432/0x400ad000
 31443 qmail-popup CALL  close(0x5)
 31443 qmail-popup RET   close 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb6c,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb70,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb74,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb78,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb7c,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb80,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb84,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd854,0x2,0x400abb88,0xcfbfd850,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  munmap(0x4001c000,0x1bcb)
 31443 qmail-popup RET   munmap 0
 31443 qmail-popup CALL  close(0x4)
 31443 qmail-popup RET   close 0
 31443 qmail-popup CALL  close(0x3)
 31443 qmail-popup RET   close 0
 31443 qmail-popup CALL  __sysctl(0xcfbfd9dc,0x2,0x400db6e8,0xcfbfd9d8,0,0)
 31443 qmail-popup RET   __sysctl 0
 31443 qmail-popup CALL  readlink(0x400655f6,0xcfbfd934,0x3f)
 31443 qmail-popup NAMI  /etc/malloc.conf
 31443 qmail-popup RET   readlink -1 errno 2 No such file or directory
 31443 qmail-popup CALL  issetugid
 31443 qmail-popup RET   issetugid 0
 31443 qmail-popup CALL  mmap(0,0x1000,0x3,0x1002,0x,0,0,0)
 31443 qmail-popup RET   mmap 1073856512/0x4001c000
 31443 qmail-popup CALL  break(0x5558)
 31443 qmail-popup RET   break 0
 31443 qmail-popup CALL  break(0x5558)
 31443 qmail-popup RET   break 0
 31443 qmail-popup CALL  break(0x7000)
 31443 

[vchkpw] Sorry but must test something

2003-11-18 Thread Werner Amon
Sorry




[vchkpw] this is a test

2003-06-05 Thread Eduardo Garcia
sorry but this test.

but tha last email dont send.

enzo.