Strange permission problem (postfix/postdrop)
462 views
Skip to first unread message
Till Dörges
Mar 30, 2017, 11:27:12 AM3/30/17
to kiwi-...@googlegroups.com
Hello all,
I'm using Kiwi 9.4.5 on openSUSE Leap 42.2 to build a live ISO like this
<type image="iso" primary="true" boot="isoboot/suse-leap42.2"
hybrid="true"
hybridpersistent="false"
flags="overlay"
kernelcmdline="kiwinoswapsearch=1"
editbootconfig="/tmp/script/edit_bootconfig">
</type>
The problem is that the live ISO system can't send mails throwing this error
postfix/postdrop[11600]: warning: mail_queue_enter: create file
maildrop/521351.11600: Permission denied
However, looking at the files in /var/spool/postfix, the permissions are definitely fine.
'rpm -V postfix' does not indicate any problem. Neither do 'ls -la
/var/spool/postfix/maildrop' nor 'stat /var/spool/postfix/maildrop/'.
The only fix I've come up with is to execute
/usr/sbin/postfix set-permissions
This seems to set the same permissions again (no visible changes to mode or ownership).
I do see a change in link count and size, though (see attached outputs for 'stat
/var/spool/postfix/maildrop/' before and after set-permissions).
I suspect a problem with overlayfs, but wanted to check here first, whether this is a
known issue. Or whether there are other possible causes.
Also I'd welcome any hints how to debug this further.
Regards -- Till
--
Dipl.-Inform. Till Dörges doe...@pre-sense.de
Tel. +49 - 40 - 244 2407 - 14
Fax +49 - 40 - 244 2407 - 24
PRESENSE Technologies GmbH Sachsenstr. 5, D-20097 HH
Geschäftsführer/Managing Directors AG Hamburg, HRB 107844
Till Dörges, Jürgen Sander USt-IdNr.: DE263765024
Wir sind wieder auf dem BSI IT-Sicherheitskongress
16.-18. Mai 2017 – Bonn
I'm using Kiwi 9.4.5 on openSUSE Leap 42.2 to build a live ISO like this
<type image="iso" primary="true" boot="isoboot/suse-leap42.2"
hybrid="true"
hybridpersistent="false"
flags="overlay"
kernelcmdline="kiwinoswapsearch=1"
editbootconfig="/tmp/script/edit_bootconfig">
</type>
The problem is that the live ISO system can't send mails throwing this error
postfix/postdrop[11600]: warning: mail_queue_enter: create file
maildrop/521351.11600: Permission denied
However, looking at the files in /var/spool/postfix, the permissions are definitely fine.
'rpm -V postfix' does not indicate any problem. Neither do 'ls -la
/var/spool/postfix/maildrop' nor 'stat /var/spool/postfix/maildrop/'.
The only fix I've come up with is to execute
/usr/sbin/postfix set-permissions
This seems to set the same permissions again (no visible changes to mode or ownership).
I do see a change in link count and size, though (see attached outputs for 'stat
/var/spool/postfix/maildrop/' before and after set-permissions).
I suspect a problem with overlayfs, but wanted to check here first, whether this is a
known issue. Or whether there are other possible causes.
Also I'd welcome any hints how to debug this further.
Regards -- Till
--
Dipl.-Inform. Till Dörges doe...@pre-sense.de
Tel. +49 - 40 - 244 2407 - 14
Fax +49 - 40 - 244 2407 - 24
PRESENSE Technologies GmbH Sachsenstr. 5, D-20097 HH
Geschäftsführer/Managing Directors AG Hamburg, HRB 107844
Till Dörges, Jürgen Sander USt-IdNr.: DE263765024
Wir sind wieder auf dem BSI IT-Sicherheitskongress
16.-18. Mai 2017 – Bonn
Till Dörges
Mar 30, 2017, 11:28:52 AM3/30/17
to kiwi-...@googlegroups.com
Am 30.03.2017 um 17:27 schrieb Till Dörges:
> I do see a change in link count and size, though (see attached outputs for 'stat
> /var/spool/postfix/maildrop/' before and after set-permissions).
Now they are.
> I do see a change in link count and size, though (see attached outputs for 'stat
> /var/spool/postfix/maildrop/' before and after set-permissions).
David Cassany
Mar 31, 2017, 5:19:56 AM3/31/17
to kiwi-...@googlegroups.com, Till Dörges
Hi Till,
Interesting issue... I will try to reproduce it and investigate it a little
today, looks like there might be a problem related to permissions and
overlayfs.
Up to now I don't have any clue about what could be causing this issue.
Regards,
David
Interesting issue... I will try to reproduce it and investigate it a little
today, looks like there might be a problem related to permissions and
overlayfs.
Up to now I don't have any clue about what could be causing this issue.
Regards,
David
Marcus Schäfer
Mar 31, 2017, 5:32:53 AM3/31/17
to kiwi-...@googlegroups.com, Till Dörges
Hi,
> Interesting issue... I will try to reproduce it and investigate it a little
> today, looks like there might be a problem related to permissions and
> overlayfs.
Most probably an overlayfs and file permission/flags problem
Regards,
Marcus
--
Public Key available via: https://keybase.io/marcus_schaefer/key.asc
keybase search marcus_schaefer
-------------------------------------------------------
Marcus Schäfer (Res. & Dev.) SUSE Linux GmbH
Tel: 0911-740 53 0 Maxfeldstrasse 5
FAX: 0911-740 53 479 D-90409 Nürnberg
HRB: 21284 (AG Nürnberg) Germany
GF: Felix Imendörffer, Jane Smithard, Graham Norton
http://www.suse.de
-------------------------------------------------------
> Interesting issue... I will try to reproduce it and investigate it a little
> today, looks like there might be a problem related to permissions and
> overlayfs.
Regards,
Marcus
--
Public Key available via: https://keybase.io/marcus_schaefer/key.asc
keybase search marcus_schaefer
-------------------------------------------------------
Marcus Schäfer (Res. & Dev.) SUSE Linux GmbH
Tel: 0911-740 53 0 Maxfeldstrasse 5
FAX: 0911-740 53 479 D-90409 Nürnberg
HRB: 21284 (AG Nürnberg) Germany
GF: Felix Imendörffer, Jane Smithard, Graham Norton
http://www.suse.de
-------------------------------------------------------
David Cassany
Mar 31, 2017, 9:55:26 AM3/31/17
to kiwi-...@googlegroups.com
Hi Till,
I am not capable to reproduce that issue.
I have build the iso with:
<type image="iso" primary="true" boot="isoboot/suse-leap42.2"
hybrid="true"
hybridpersistent="false"
flags="overlay"
kernelcmdline="kiwinoswapsearch=1">
</type>
Using the JeOS from here https://github.com/SUSE/kiwi-descriptions where I
only updated the iso type to match the above configuration and appended postfix
and mailx packages. Then I could successfully run:
$ mail -s "this is a test" some...@gmail.com < /dev/null
And I actually got the empty mail into the spambox.
Are you doing something different? Moreover, not sure it means anything, after
running the live iso without I already have /var/spool/postfix/maildrop/ with 2
Links, however I could not find out which the actual second link, running
find / -samfile /var/spool/postfix/maildrop/
did not enlight me.
Regards,
David
I am not capable to reproduce that issue.
I have build the iso with:
<type image="iso" primary="true" boot="isoboot/suse-leap42.2"
hybrid="true"
hybridpersistent="false"
flags="overlay"
kernelcmdline="kiwinoswapsearch=1">
Using the JeOS from here https://github.com/SUSE/kiwi-descriptions where I
only updated the iso type to match the above configuration and appended postfix
and mailx packages. Then I could successfully run:
$ mail -s "this is a test" some...@gmail.com < /dev/null
And I actually got the empty mail into the spambox.
Are you doing something different? Moreover, not sure it means anything, after
running the live iso without I already have /var/spool/postfix/maildrop/ with 2
Links, however I could not find out which the actual second link, running
find / -samfile /var/spool/postfix/maildrop/
did not enlight me.
Regards,
David
Till Dörges
Mar 31, 2017, 10:29:41 AM3/31/17
to kiwi-...@googlegroups.com
Am 31.03.2017 um 15:55 schrieb David Cassany:
> I am not capable to reproduce that issue.
>
> I have build the iso with:
>
> <type image="iso" primary="true" boot="isoboot/suse-leap42.2"
> hybrid="true"
> hybridpersistent="false"
> flags="overlay"
> kernelcmdline="kiwinoswapsearch=1">
> </type>
>
> Using the JeOS from here https://github.com/SUSE/kiwi-descriptions where I
> only updated the iso type to match the above configuration and appended postfix
> and mailx packages. Then I could successfully run:
>
> $ mail -s "this is a test" some...@gmail.com < /dev/null
The only immediate difference I can see is that I used this command line as an
> I am not capable to reproduce that issue.
>
> I have build the iso with:
>
> <type image="iso" primary="true" boot="isoboot/suse-leap42.2"
> hybrid="true"
> hybridpersistent="false"
> flags="overlay"
> kernelcmdline="kiwinoswapsearch=1">
> </type>
>
> Using the JeOS from here https://github.com/SUSE/kiwi-descriptions where I
> only updated the iso type to match the above configuration and appended postfix
> and mailx packages. Then I could successfully run:
>
> $ mail -s "this is a test" some...@gmail.com < /dev/null
unprivileged user (mutt vs. mail)
cat $file | /usr/bin/mutt -s "$subject" -- $address
> And I actually got the empty mail into the spambox.
>
> Are you doing something different? Moreover, not sure it means anything, after
> running the live iso without I already have /var/spool/postfix/maildrop/ with 2
> Links, however I could not find out which the actual second link, running
>
> find / -samfile /var/spool/postfix/maildrop/
>
> did not enlight me.
set-permissions. I suspect that the link information is bogus.
Since there doesn't seem to be an easy reproducer I'll see to whether I can narrow
this issue down some more. But given I've found a workaround for my setup this might
take a while.
Thanks for looking into this!
Reply all
Reply to author
Forward
0 new messages