Can't get sendmail to configure

[Knute Johnson]

I'm stumped. I'm running the script as root but it complains about
permissions. I've removed and installed sendmail thinking that there
was a corrupt file. I've replaced the
/usr/share/sendmail/cf/mailer/smtp.m4 file with one from another running
system. Any ideas on where to start would be greatly appreciated.

This is from running sendmailconfig:

Creating /etc/mail/sendmail.cf...
m4:/usr/share/sendmail/cf/mailer/smtp.m4:123: ERROR: end of file in
argument list

Creating /etc/mail/submit.cf...
Informational: confCR_FILE file empty: /etc/mail/relay-domains
Informational: confCT_FILE file empty: /etc/mail/trusted-users
Updating /etc/mail/access...
makemap: error opening type hash map /etc/mail/access.new.db: Permission
denied

Thanks,

--

Knute Johnson

[Joe Zeff]

On Wed, 10 Jun 2015 19:44:30 -0700, Knute Johnson wrote:

> makemap: error opening type hash map /etc/mail/access.new.db: Permission
> denied

I know it's a long shot, but are you using SELinux? I've seen this type
of error before when the file doesn't have the right security context.

--
Joe Zeff -- The Guy With The Sideburns:
http://www.zeff.us http://www.lasfsinc.info
I have a freezer and a nuker, and I'm not afraid to use them.

[Knute Johnson]

On 6/10/2015 23:46, Joe Zeff wrote:
> On Wed, 10 Jun 2015 19:44:30 -0700, Knute Johnson wrote:
>
>> makemap: error opening type hash map /etc/mail/access.new.db: Permission
>> denied
>
> I know it's a long shot, but are you using SELinux? I've seen this type
> of error before when the file doesn't have the right security context.
>

Sorry no. I should say that I'm installing sendmail on a Debian Wheezy
derivative. I see lots of entries on Google for similar issues, but no
resolutions.

Thanks,

--

Knute Johnson

[Claus Aßmann]

Knute Johnson wrote:

> /usr/share/sendmail/cf/mailer/smtp.m4 file with one from another running
> system. Any ideas on where to start would be greatly appreciated.

> This is from running sendmailconfig:

Did you contact whoever wrote that script?
Did you try it as per the instructions coming with sendmail?

> Creating /etc/mail/sendmail.cf...
> m4:/usr/share/sendmail/cf/mailer/smtp.m4:123: ERROR: end of file in
> argument list

Maybe your mc file is broken, using the wrong args
provided smtp.m4 is not broken?

> Updating /etc/mail/access...
> makemap: error opening type hash map /etc/mail/access.new.db: Permission
> denied

Please see the README file and sendmail/SECURITY.
makemap (et.al.) has some extra checks, so take a look at the permissions
(which aren't part of your posting just like your mc file).

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

[Knute Johnson]

On 6/11/2015 08:44, Claus Aßmann wrote:
> Knute Johnson wrote:
>
>> /usr/share/sendmail/cf/mailer/smtp.m4 file with one from another running
>> system. Any ideas on where to start would be greatly appreciated.
>
>> This is from running sendmailconfig:
>
> Did you contact whoever wrote that script?

No, I thought that might be a little cheeky.

> Did you try it as per the instructions coming with sendmail?

No because I don't know where to look for those instructions. I did
look in your book but couldn't find anything that I thought was relevant.

>
>> Creating /etc/mail/sendmail.cf...
>> m4:/usr/share/sendmail/cf/mailer/smtp.m4:123: ERROR: end of file in
>> argument list
>
> Maybe your mc file is broken, using the wrong args
> provided smtp.m4 is not broken?

The sendmail.mc file could be broken, I had discounted that because I
had pretty much copied it from a running system.
I too thought the smtp.m4 file could be bad so I copied the smtp.m4 file
from a running system and still have the same error.

>> Updating /etc/mail/access...
>> makemap: error opening type hash map /etc/mail/access.new.db: Permission
>> denied
>
> Please see the README file and sendmail/SECURITY.
> makemap (et.al.) has some extra checks, so take a look at the permissions
> (which aren't part of your posting just like your mc file).
>

I compared the permissions from a running system to this one and found
the databases file was different. I made it the same as the running
system and still had the error. I put it back.

root@knute5 /etc/mail # ls -al
total 164
drwxr-sr-x 7 smmta smmsp 4096 Jun 11 09:18 ./
drwxr-xr-x 68 root root 4096 Jun 10 19:03 ../
-rw------- 1 root root 4333 Jun 10 19:40 access
-rw-r----- 1 smmta smmsp 1 Jun 10 19:22 access.db
-rw-r--r-- 1 root root 281 Feb 11 2013 address.resolve
lrwxrwxrwx 1 root smmsp 10 Jun 10 14:14 aliases -> ../aliases
-rw-r--r-- 1 root root 3558 Jun 10 19:40 databases
-rw-r----- 1 smmta smmsp 41 Jun 10 14:13 default-auth-info
-rw-r--r-- 1 root root 5657 Feb 11 2013 helpfile
-rw-r--r-- 1 root smmsp 19 Jun 10 14:14 local-host-names
drwxr-sr-x 2 smmta smmsp 4096 Jun 10 14:13 m4/
-rwxr-xr-- 1 root smmsp 10201 Jun 10 19:40 Makefile*
drwxr-xr-x 2 root root 4096 Jun 10 14:13 peers/
drwxr-xr-x 2 smmta smmsp 4096 Jun 10 14:13 sasl/
-rw-r--r-- 1 root smmsp 7034 Jun 10 19:40 sendmail.cf
-rw-r--r-- 1 root smmsp 82 Jun 10 19:40 sendmail.cf.errors
-rw-r--r-- 1 root root 12236 Jun 10 19:40 sendmail.conf
-rw-r--r-- 1 root smmsp 4351 Jun 10 19:40 sendmail.mc
-rw-r--r-- 1 root root 149 Feb 11 2013 service.switch
-rw-r--r-- 1 root root 180 Feb 11 2013 service.switch-nodns
drwxr-sr-x 2 smmta smmsp 4096 Jun 10 14:13 smrsh/
-rw-r--r-- 1 root smmsp 44357 Jun 10 19:40 submit.cf
-rw-r--r-- 1 root smmsp 2426 Jun 10 19:40 submit.mc
drwxr-xr-x 2 smmta smmsp 4096 Jun 10 14:14 tls/
-rw-r--r-- 1 root smmsp 0 Jun 10 14:14 trusted-users


root@knute5 /etc/mail # cat sendmail.mc
divert(-1)dnl
#-----------------------------------------------------------------------------
# $Sendmail: debproto.mc,v 8.14.4 2013-02-11 11:12:33 cowboy Exp $
#
# Copyright (c) 1998-2010 Richard Nelson. All Rights Reserved.
#
# cf/debian/sendmail.mc. Generated from sendmail.mc.in by configure.
#
# sendmail.mc prototype config file for building Sendmail 8.14.4
#
# Note: the .in file supports 8.7.6 - 9.0.0, but the generated
# file is customized to the version noted above.
#
# This file is used to configure Sendmail for use with Debian systems.
#
# If you modify this file, you will have to regenerate /etc/mail/sendmail.cf
# by running this file through the m4 preprocessor via one of the following:
# * make (or make -C /etc/mail)
# * sendmailconfig
# * m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# The first two options are preferred as they will also update other files
# that depend upon the contents of this file.
#
# The best documentation for this .mc file is:
# /usr/share/doc/sendmail-doc/cf.README.gz
#
#-----------------------------------------------------------------------------
divert(0)dnl
#
# Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved.
#
# This file is used to configure Sendmail for use with Debian systems.
#
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.14.4-4 2013-02-11 11:12:33 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS=
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
dnl #
dnl # General defines
dnl #
dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot()
dnl # into this directory before writing files.
dnl # If *all* your user accounts are under /home then use that
dnl # instead - it will prevent any writes outside of /home !
dnl # define(`confSAFE_FILE_ENV', `')dnl
dnl #
dnl # Daemon options - restrict to servicing LOCALHOST ONLY !!!
dnl # Remove `, Addr=' clauses to receive from any interface
dnl # If you want to support IPv6, switch the commented/uncommentd lines
dnl #
FEATURE(`no_default_msa')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea,
Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission, M=Ea)dnl
dnl #
define(`confAUTH_OPTIONS', `A p y')dnl
include(`/etc/mail/sasl/sasl.m4')dnl
include(`/etc/mail/tls/starttls.m4')dnl
dnl #
dnl # Be somewhat anal in what we allow
define(`confPRIVACY_FLAGS',dnl
`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
dnl #
dnl # Define connection throttling and window length
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
dnl #
dnl # Features
dnl
FEATURE(`smrsh')dnl
dnl #
dnl # use /etc/mail/local-host-names
FEATURE(`use_cw_file')dnl
dnl #
dnl # The access db is the basis for most of sendmail's checking
FEATURE(`access_db', , `skip')dnl
dnl #
dnl # The greet_pause feature stops some automail bots - but check the
dnl # provided access db for details on excluding localhosts...
FEATURE(`greet_pause', `1000')dnl 1 seconds
dnl #
dnl # Delay_checks allows sender<->recipient checking
FEATURE(`delay_checks', `friend', `n')dnl
dnl #
FEATURE(`blacklist_recipients')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see:
http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
FEATURE(`badmx');
dnl #
dnl # If we get too many bad recipients, slow things down...
define(`confBAD_RCPT_THROTTLE',`3')dnl
dnl #
dnl # Stop connections that overflow our concurrent and time connection
rates
FEATURE(`conncontrol', `nodelay', `terminate')dnl
FEATURE(`ratecontrol', `nodelay', `terminate')dnl
dnl #
dnl # If you're on a dialup link, you should enable this - so sendmail
dnl # will not bring up the link (it will queue mail for later)
dnl define(`confCON_EXPENSIVE',`True')dnl
dnl #
dnl # Dialup/LAN connection overrides
dnl #
dnl include(`/etc/mail/m4/dialup.m4')dnl
dnl include(`/etc/mail/m4/provider.m4')dnl
dnl #
dnl # Default Mailer setup
MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(`smtp')dnl

Thanks very much for looking at my problem.

--

Knute Johnson

[Claus Aßmann]

Knute Johnson wrote:

> -rw------- 1 root root 4333 Jun 10 19:40 access
> -rw-r----- 1 smmta smmsp 1 Jun 10 19:22 access.db

makemap won't write to that file if you run it as root.

> root@knute5 /etc/mail # cat sendmail.mc

These are obviously wrong:

> dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
> DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
> dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea,
> Addr=::1')dnl

(did you use some so called "MUA" from M$ to transfer the file?)

This is broken too:

> DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission, M=Ea)dnl

I didn't check any further.


See cf/README.

[Knute Johnson]

On 6/11/2015 13:09, Claus Aßmann wrote:
> Knute Johnson wrote:
>
>> -rw------- 1 root root 4333 Jun 10 19:40 access
>> -rw-r----- 1 smmta smmsp 1 Jun 10 19:22 access.db
>
> makemap won't write to that file if you run it as root.

I don't understand that and the script will not run as other than root.

>
>> root@knute5 /etc/mail # cat sendmail.mc
>
>
> These are obviously wrong:
>
>> dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
>> DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
>> dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea,
>> Addr=::1')dnl
>

I don't see what's wrong with that one.

> (did you use some so called "MUA" from M$ to transfer the file?)
>

I have no idea what that means.

> This is broken too:
>
>> DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission, M=Ea)dnl
>
> I didn't check any further.
>

That's embarrassing, found another typo too.

>
> See cf/README.
>

My script runs without error now, thank you. I've learned that the
error messages from this script can be very confusing and that I need to
proof my typing better.

--

Knute Johnson