LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 10-24-2011, 02:01 PM   #1
teknoratti
LQ Newbie
 
Registered: Aug 2006
Posts: 14

Rep: Reputation: 0
unable to start sendmail service


Fedora Core 14 2.6.35.6-45.fc14.i686

I have a server which runs sendmail to a relay server which we get alerts. I rarely touch this server, but all of a sudden I'm not getting emails through sendmail.

When I try to start the service: /etc/init.d/sendmail start it [Failed]

the boot.log file only tells me the sendmail and sm-client [Failed] to start during bootup.

I get no error messages as to why it stopped and won't start again.

The only thing I noticed that I haven't seen before is the following in the /var/log/maillog file:

Oct 24 13:31:07 monitor.nagios sendmail[7114]: NOQUEUE: SYSERR(root): /etc/mail/sendmail.cf: line 600: fileclass: cannot open '/etc/mail/trusted-users': World writable directory

Where can I begin my investigation as to why sendmail is not starting. I haven't made any changes to the server as I rarely touch the server.

Thanks
 
Old 10-24-2011, 02:12 PM   #2
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
Based on the message you got I suspect someone did the old "chmod 777 *" trick trying to open up everything to the world because they didn't want to troubleshoot why whatever they were doing worked. Many things have security setups to prevent them from working if they are 777.

What the permissions on /etc/mail/trusted-users? On /etc/mail?

The message seems to imply you should NOT have write permission for "world" on it.

My /etc/mail and /etc/mail/trusted-users have:
drwxr-xr-x 3 root root 4096 May 11 08:55 /etc/mail
-rw-r--r-- 1 root root 127 Mar 14 2007 /etc/mail/trusted-users

The message seems to imply that you instead have something like:
drwxr-xrwx 3 root root 4096 May 11 08:55 /etc/mail
-rw-r--rw- 1 root root 127 Mar 14 2007 /etc/mail/trusted-users

The extra w in that position would be your problem. You can change to what I have by typing:
chmod 755 /etc/mail
chmod 644 /etc/mail/trusted-users.

However, if somebody did the chmod 777 * they may have started at root so you may have other issues as well. Verify your root (/) is not world writable:
ls -ld /
drwxr-xr-x 26 root root 4096 Sep 8 13:47 /

If it IS world writable you need to investigate everything from root down as:
1) It would leave you open to easy hacking.
2) As noted many things break when they are world writable to prevent this being done as a way for easy hacking.
 
Old 10-24-2011, 02:13 PM   #3
eager
Member
 
Registered: Aug 2004
Location: Palo Alto, CA
Distribution: Fedora 8/9, Ubuntu
Posts: 35

Rep: Reputation: 16
Two suggestions:

First, "sudo chmod 0600 /etc/mail/trusted-users"

Second, as root, run "sh -x /etc/init.d/sendmail start" (or restart). See exactly what command is causing the failure. Run that command on its own to see if it generates error messages.
 
Old 10-24-2011, 03:23 PM   #4
teknoratti
LQ Newbie
 
Registered: Aug 2006
Posts: 14

Original Poster
Rep: Reputation: 0
@MensaWater, After I changed the permissions on the trusted-users file, here is the output of the sh -x /etc/init.d/sendmail start command

+ . /etc/rc.d/init.d/functions
++ TEXTDOMAIN=initscripts
++ umask 022
++ PATH=/sbin:/usr/sbin:/bin:/usr/bin
++ export PATH
++ '[' 6969 -ne 1 -a -z '' ']'
++ /bin/mountpoint -q /cgroup/systemd
++ /bin/mountpoint -q /sys/fs/cgroup/systemd
++ '[' -z '' ']'
++ COLUMNS=80
++ '[' -z '' ']'
+++ /sbin/consoletype
++ CONSOLETYPE=pty
++ '[' -z '' ']'
++ '[' -z '' ']'
++ '[' -f /etc/sysconfig/i18n ']'
++ . /etc/profile.d/lang.sh
++ unset LANGSH_SOURCED
++ '[' -z '' ']'
++ '[' -f /etc/sysconfig/init ']'
++ . /etc/sysconfig/init
+++ BOOTUP=color
+++ RES_COL=60
+++ MOVE_TO_COL='echo -en \033[60G'
+++ SETCOLOR_SUCCESS='echo -en \033[0;32m'
+++ SETCOLOR_FAILURE='echo -en \033[0;31m'
+++ SETCOLOR_WARNING='echo -en \033[0;33m'
+++ SETCOLOR_NORMAL='echo -en \033[0;39m'
+++ AUTOSWAP=no
+++ ACTIVE_CONSOLES='/dev/tty[1-6]'
+++ SINGLE=/sbin/sushell
++ '[' pty = serial ']'
++ __sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
++ '[' '' = 1 ']'
+ '[' -f /etc/sysconfig/network ']'
+ . /etc/sysconfig/network
++ NETWORKING=yes
++ HOSTNAME=aso00-nagios-01.met01.ymcaatlanta.com
+ '[' -f /etc/sysconfig/sendmail ']'
+ . /etc/sysconfig/sendmail
++ DAEMON=yes
++ QUEUE=1h
+ '[' -z '' ']'
+ SMQUEUE=1h
+ '[' -z 1h ']'
++ id -u
+ '[' 0 = 0 ']'
+ '[' yes = no ']'
+ '[' -x /usr/sbin/sendmail ']'
+ prog=sendmail
+ status -p /var/run/sendmail.pid
+ local base pid lock_file= pid_file=
+ '[' 2 = 0 ']'
+ '[' -p = -p ']'
+ pid_file=/var/run/sendmail.pid
+ shift 2
+ '[' '' = -l ']'
+ base=
+ '[' '' = 1 ']'
+ __pids_var_run '' /var/run/sendmail.pid
+ local base=
+ local pid_file=/var/run/sendmail.pid
+ pid=
+ '[' -f /var/run/sendmail.pid ']'
+ return 3
+ RC=3
+ '[' -z /var/run/sendmail.pid -a -z '' ']'
+ '[' -n '' ']'
+ case "$RC" in
+ '[' -z '' ']'
+ lock_file=
+ '[' -f /var/lock/subsys/ ']'
+ echo ' is stopped'
+ return 3
+ status -p /var/run/sm-client.pid
+ local base pid lock_file= pid_file=
+ '[' 2 = 0 ']'
+ '[' -p = -p ']'
+ pid_file=/var/run/sm-client.pid
+ shift 2
+ '[' '' = -l ']'
+ base=
+ '[' '' = 1 ']'
+ __pids_var_run '' /var/run/sm-client.pid
+ local base=
+ local pid_file=/var/run/sm-client.pid
+ pid=
+ '[' -f /var/run/sm-client.pid ']'
+ local line p
+ '[' '!' -r /var/run/sm-client.pid ']'
+ :
+ read line
+ '[' -z '' ']'
+ break
+ '[' -n '' ']'
+ return 1
+ RC=1
+ '[' -z /var/run/sm-client.pid -a -z '' ']'
+ '[' -n '' ']'
+ case "$RC" in
+ echo ' dead but pid file exists'
+ return 1
+ running=1
+ case "$1" in
+ '[' 1 -eq 0 ']'
+ start
+ ret=0
+ updateconf
+ /etc/mail/make
+ '[' 0 -eq 15 ']'
+ /etc/mail/make aliases
+ echo -n 'Starting sendmail: '
Starting sendmail: ++ '[' xyes = xyes ']'
++ echo -bd
++ '[' -n 1h ']'
++ echo -q1h
+ daemon /usr/sbin/sendmail -bd -q1h
+ local gotbase= force= nicelevel corelimit
+ local pid base= user= nice= bg= pid_file=
+ local cgroup=
+ nicelevel=0
+ '[' /usr/sbin/sendmail '!=' /usr/sbin/sendmail ']'
+ '[' -z '' ']'
+ base=sendmail
+ __pids_var_run sendmail ''
+ local base=sendmail
+ local pid_file=/var/run/sendmail.pid
+ pid=
+ '[' -f /var/run/sendmail.pid ']'
+ return 3
+ '[' -n '' -a -z '' ']'
+ corelimit='ulimit -S -c 0'
+ '[' -n '' ']'
+ '[' -n '' ']'
+ '[' color = verbose -a -z '' ']'
+ '[' -z '' ']'
+ /bin/bash -c 'ulimit -S -c 0 >/dev/null 2>&1 ; /usr/sbin/sendmail -bd -q1h'
451 4.0.0 /etc/mail/sendmail.cf: line 91: fileclass: cannot open '/etc/mail/local-host-names': World writable directory
451 4.0.0 /etc/mail/sendmail.cf: line 600: fileclass: cannot open '/etc/mail/trusted-users': World writable directory
+ '[' 71 -eq 0 ']'
+ failure 'sendmail startup'
+ local rc=1
+ '[' color '!=' verbose -a -z '' ']'
+ echo_failure
+ '[' color = color ']'
+ echo -en '\033[60G'
+ echo -n '['
[+ '[' color = color ']'
+ echo -en '\033[0;31m'
+ echo -n FAILED
FAILED+ '[' color = color ']'
+ echo -en '\033[0;39m'
+ echo -n ']'
]+ echo -ne '\r'
+ return 1
+ '[' -x /usr/bin/plymouth ']'
+ /usr/bin/plymouth --details
+ return 1
+ RETVAL=1
+ echo

+ '[' 1 -eq 0 ']'
+ let ret+=1
+ '[' '!' -f /var/run/sm-client.pid ']'
+ '[' 1 -eq 0 ']'
+ return 1
+ RETVAL=1
+ exit 1


@eager, the root perms were rwx for everyone

drwxrwxrwx. 23 root root 4096 Oct 24 12:28 /



Thanks guys for you prompt responses. Please advise.
 
Old 10-24-2011, 03:44 PM   #5
eager
Member
 
Registered: Aug 2004
Location: Palo Alto, CA
Distribution: Fedora 8/9, Ubuntu
Posts: 35

Rep: Reputation: 16
Change permissions to 600, not 777. The error message complains about an insecure directory.
 
Old 10-24-2011, 04:04 PM   #6
teknoratti
LQ Newbie
 
Registered: Aug 2006
Posts: 14

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by eager View Post
Change permissions to 600, not 777. The error message complains about an insecure directory.

Thanks eager, However, when I changed the perms to 600, The sendmail service started but with errors:

/sbin/consoletype: error while loading shared libraries: libc.so.6: cannot open shared object file: Permission denied

Also, when trying to restart sendmail, the sm-client [Failed]

Also, my monitoring system (nagios) didn't open up due to the fact that it couldn't open the main config file, so I decided to test the permissions. I changed the perms to 711 which seemed to make everything happy. no errors when checking the nagios configs but sm-client still failed to start

Last edited by teknoratti; 10-24-2011 at 04:13 PM.
 
Old 10-24-2011, 04:45 PM   #7
teknoratti
LQ Newbie
 
Registered: Aug 2006
Posts: 14

Original Poster
Rep: Reputation: 0
Changing the perms to 644 on the /etc/mail/trusted-users file did the trick.

sm-client and sendmail started ok.
 
Old 10-24-2011, 05:02 PM   #8
eager
Member
 
Registered: Aug 2004
Location: Palo Alto, CA
Distribution: Fedora 8/9, Ubuntu
Posts: 35

Rep: Reputation: 16
Glad to hear you got it running.

BTW, permissions of 0777 on / are probably not a good idea.
 
Old 10-25-2011, 09:33 AM   #9
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
Quote:
Originally Posted by eager View Post
Glad to hear you got it running.

BTW, permissions of 0777 on / are probably not a good idea.
Right - the point in my original post was that he likely had 777 and should NOT.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
unable to start httpd service amartlk Linux - Newbie 1 07-22-2011 05:24 AM
unable to start network service on my centos box sandeemuthathi Linux - Newbie 6 11-28-2010 09:13 AM
Unable to start RALUS service , need to download libstdc++.so.5 danibhai Linux - Newbie 4 09-02-2010 05:32 AM
Xfs service unable to start after migrating redhat_zephyr Linux From Scratch 0 11-02-2004 08:31 PM
sendmail service won't start tisource Linux - Networking 1 10-04-2002 06:30 PM


All times are GMT -5. The time now is 06:32 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration