 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
1 message in net.sourceforge.lists.courier-users[courier-users] Problems trying to co...| From | Sent On | Attachments |
|---|---|---|
| Greg Earle | Mar 10, 2004 10:35 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [courier-users] Problems trying to convert from userdb to passwd/NIS based auth | Actions... |
|---|---|---|
| From: | Greg Earle (ear...@isolar.DynDNS.ORG) | |
| Date: | Mar 10, 2004 10:35:15 am | |
| List: | net.sourceforge.lists.courier-users | |
I'm trying to convert my testbed Courier environment (0.44.2) from being "userdb"-based (which is what's currently running on our production Courier server) to being passwd-based (from NIS) instead.
Under the old "userdb" environment, the home directories in "userdb" were all of the form
/var/maildirs/virtual/my.do.main
and all the files/directories were owned/group-owned by user "courier" and group "courier".
I created a custom local NIS /etc/auto_home to re-point the home directories (as fetched from the NIS auto.home map) to the above mentioned Courier tree.
I then edited /opt/courier/etc/courierd and changed DEFAULTDELIVERY to use "procmail" instead of "maildrop" (for other, non-related reasons):
DEFAULTDELIVERY="| /opt/courier/bin/preline /opt/procmail/bin/procmail"
I removed "authuserdb" from /opt/courier/etc/authdaemonrc:
#authmodulelist="authcustom authcram authuserdb authldap authpam" authmodulelist="authcram authpam"
I restarted Courier completely and immediately ran into problems:
Mar 8 21:17:01 testbed courieresmtpd: [ID 702911 mail.error] error,relay=::ffff: 137.78.38.32,from=<bb...@machine.my.do.main>,to=<ear...@testbed.my.do.main>: 511 maildrop: Invalid home directory permissions - world writable.
(There were no world-writable directories in the path, and I don't understand why "maildrop" was called, given that I changed DEFAULTDELIVERY to use "procmail" instead.)
I thought I needed to change permissions on my own home directory on down to be owned by me instead of "courier", so I tried that.
That didn't work either. So I truss'ed the Courier "couriertcpd" process to watch the entire transaction of receiving mail, and I was surprised to see that "/opt/courier/libexec/courier/submit" did the following:
14954: open("/opt/courier/etc/authmodulelist", O_RDONLY) = 5 14954: read(5, " a u t h d a e m o n\n", 1024) = 11 14954: close(5) = 0 14954: so_socket(1, 2, 0, "", 1) = 5 [...] 14954: connect(5, 0xFFBEA388, 110, 1) = 0 14954: AF_UNIX name = /opt/courier/var/authdaemon/socket [...] 14954: poll(0xFFBEA2C0, 1, 15000) = 1 14954: fd=5 ev=POLLOUT rev=POLLOUT 14954: write(5, 0x00070E48, 20) = 20 14954: P R E . c o u r i e r e a r l e\n [...] 14954: read(5, 0xFFBEA4B8, 1023) = 107 14954: U S E R N A M E = e a r l e\n U I D = 6 9\n G I D = 6 9\n H O M 14954: E = / v a r / m a i l d i r s / v i r t u a l / m y . d o m a i 14954: n / e a r l e\n A D D R E S S = e a r l e\n N A M E = G r e g 14954: E a r l e\n .\n [...] 14942: close(5) = 0 14942: open("/opt/courier/etc/maildropfilter", O_RDONLY) = 5 [...] 14942: read(5, 0x001440CC, 8192) = 26 14942: / o p t / c o u r i e r / b i n / m a i l d r o p\n [...] 14942: pipe() = 5 [6] 14942: fork() = 14944 14944: fork() (returning as child ...) = 14942 [...] 14944: execve("/opt/courier/bin/maildrop", 0xFFBEA390, 0x00074388) argc = 10
Clearly the authdaemon listening on the other end of the socket still thinks I'm using "userdb", even though I disabled "authuserdb" in the authdaemonrc file. And "maildrop" is still getting invoked.
What am I doing wrong?
Thanks in advance,
- Greg