LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 01-28-2009, 09:01 PM   #1
gabsik
Member
 
Registered: Dec 2005
Location: This planet
Distribution: Debian,Xubuntu
Posts: 567

Rep: Reputation: 30
Exclamation open lock file /var/lib/postfix/master.lock: cannot open file: Permission denied


Hi LQ!
My postfix stopped working after complaining about permissions on its $data_directory which are:
Code:
root@mail:~# ls -ld /var/lib/postfix/
drwxrw-rw- 2 postfix postdrop 4096 2008-11-17 22:49 /var/lib/postfix/
That's after i have changed it to get it working but it was owned by root.
These are the permissions for the file inside the $data_direcoty i have not changed:
Code:
root@mail:~# ls -la /var/lib/postfix/
total 120
drwxrw-rw-  2 postfix postdrop  4096 2008-11-17 22:49 .
drwx------ 65 root    root      4096 2009-01-28 22:03 ..
-rw-rw-rw-  1 postfix postdrop    17 2009-01-27 01:47 master.lock
-rw-rw-rw-  1 postfix postdrop  1024 2009-01-28 23:19 prng_exch
-rw-rw-rw-  1 postfix postdrop 16384 2008-11-17 21:28 smtpd_scache.db
-rw-rw-rw-  1 postfix postdrop 24576 2009-01-28 23:18 smtpd_tls_session_cache.db
-rw-rw-rw-  1 postfix postdrop  8192 2008-11-17 21:10 smtp_scache.db
-rw-rw-rw-  1 postfix postdrop 53248 2009-01-28 22:56 smtp_tls_session_cache.db
The logs started complaining about tlsmgr not able to open PNRG file:
Code:
Jan 28 23:41:47 mail postfix/tlsmgr[11160]: fatal: tls_prng_exch_open: cannot open PRNG exchange file /var/lib/postfix/prng_exch: Permission denied
Jan 28 23:41:48 mail postfix/master[6728]: warning: process /usr/lib/postfix/tlsmgr pid 11160 exit status 1
.
Than postfix stopped running because not able to open its lockfile:
Code:
fatal: open lock file /var/lib/postfix/master.lock: cannot open file: Permission denied
This is my main.cf.
Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = $mydomain
delay_warning_time = 4h
disable_dns_lookups = yes
disable_vrfy_command = yes
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
local_recipient_maps = 
mail_owner = postfix
mailbox_command = 
mailbox_size_limit = 0
masquerade_domains = domain.com
masquerade_exceptions = root
mydestination = $mydomain, mail.$mydomain ,smtp.$mydomain ,pop.$mydomain ,www.$mydomain ,ns2.$mydomain ,argo.$mydomain,localhost,/etc/postfix/mixmaster_domains
mydomain = domain.com
myhostname = mail.$mydomain
mynetworks = 127.0.0.0/8 , 192.168.1.0/24, 10.0.0.0/8
mynetworks_style = subnet
myorigin = $mydomain
queue_directory = /var/spool/postfix
recipient_delimiter = +
relay_domains = hash:/etc/postfix/relay_domains
relayhost = [smtp.relayhost]:587
setgid_group = postdrop
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = plain,login
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = 
smtp_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtp_tls_CApath = /etc/postfix/certs
smtp_tls_cert_file = /etc/postfix/ssl/cert.pem
smtp_tls_exclude_ciphers = aNULL
smtp_tls_fingerprint_cert_match = 51:20:AA:D3:1C:2B:5E:51:01:78:90:DE:6F:09:3D:EE:03:CF:69:85
smtp_tls_fingerprint_digest = sha1
smtp_tls_key_file = /etc/postfix/ssl/key.pem
smtp_tls_mandatory_exclude_ciphers = RC4
smtp_tls_mandatory_protocols = SSLv2, SSLv3, TLSv1
smtp_tls_note_starttls_offer = yes
smtp_tls_policy_maps = hash:/etc/postfix/tls_per_site
smtp_tls_security_level = fingerprint
smtp_tls_session_cache_database = ${data_directory}/smtp_tls_session_cache
smtpd_banner = $myhostname ESMTP $mail_name (Free/OS)
smtpd_client_restrictions = reject_unauth_hostname,         reject_invalid_hostname,         permit_mynetworks,         permit_tls_all_clientcerts,         permit_sasl_authenticated,         check_recipient_access hash:/etc/postfix/client_access.txt,         reject_rbl_client zen.spamhaus.org,         reject_rbl_client combined.njabl.org,         reject_rbl_client bl.spamcop.net,         reject_rhsbl_client rhsbl.sorbs.net,         permit
smtpd_error_sleep_time = 0
smtpd_helo_required = no
smtpd_reject_unlisted_sender = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = 
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_starttls_timeout = 300s
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_always_issue_session_ids = yes
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/key.pem
smtpd_tls_received_header = no
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = ${data_directory}/smtpd_tls_session_cache
smtpd_use_tls = yes
soft_bounce = yes
strict_rfc821_envelopes = no
tls_random_exchange_name = ${data_directory}/prng_exch
tls_random_source = dev:/dev/urandom
One last thing :
do they look regular permissions on $spool_directory:
Code:
root@mail:~# ls -ld /var/spool/postfix/
drwxr-xr-x 21 root root 4096 2008-11-17 02:56 /var/spool/postfix/
and inside:
Code:
root@mail:~# ls -la /var/spool/postfix/
total 84
drwxr-xr-x 21 root    root     4096 2008-11-17 02:56 .
drwxr-xr-x 12 root    root     4096 2009-01-11 06:50 ..
drwx------  2 postfix root     4096 2009-01-28 23:46 active
drwx------  2 postfix root     4096 2008-11-28 10:58 bounce
drwx------  2 postfix root     4096 2008-11-17 01:58 corrupt
drwx------ 18 postfix root     4096 2008-11-28 06:40 defer
drwx------ 18 postfix root     4096 2008-11-28 06:40 deferred
drwxr-xr-x  2 root    root     4096 2008-09-14 16:09 dev
drwxr-xr-x  3 root    root     4096 2009-01-29 04:04 etc
drwx------  2 postfix root     4096 2009-01-17 00:01 flush
drwx------  2 postfix root     4096 2008-11-17 01:58 hold
drwx------  2 postfix root     4096 2009-01-28 23:41 incoming
drwxr-xr-x  2 root    root     4096 2009-01-29 04:04 lib
drwx-wx--T  2 postfix postdrop 4096 2009-01-29 03:58 maildrop
drwxr-xr-x  2 postfix root     4096 2009-01-28 20:37 pid
drwx------  2 postfix root     4096 2009-01-28 23:57 private
drwx--s---  2 postfix postdrop 4096 2009-01-27 01:47 public
drwx------  2 postfix root     4096 2008-11-17 01:58 saved
drwx------  2 postfix root     4096 2009-01-28 20:37 trace
drwxr-xr-x  3 root    root     4096 2008-11-17 01:55 usr
drwxr-xr-x  3 root    root     4096 2008-11-17 02:56 var
I have tried to use also this directory as data directory but with no success , at this stage i could say i'm a little confused about ownerships and permissions of postfix directory and file and home dirs etc.
I hope i gave all the infos necessary to help me out , the problem is really urgent , whatever else you need just ask , thanks !!!

Last edited by gabsik; 01-28-2009 at 09:11 PM.
 
Old 01-28-2009, 09:37 PM   #2
auximini
Member
 
Registered: Dec 2003
Location: Calgary, AB
Distribution: Any!
Posts: 146

Rep: Reputation: 18
What distribution are you using? Is AppArmor or SELinux also installed?
 
Old 01-30-2009, 11:39 AM   #3
gabsik
Member
 
Registered: Dec 2005
Location: This planet
Distribution: Debian,Xubuntu
Posts: 567

Original Poster
Rep: Reputation: 30
Thumbs down

It's in my LQ references under my name gabsik ... anyway it's debian !
No Selinux it's not enabled .
 
Old 08-06-2009, 12:14 AM   #4
ca_mongrel
LQ Newbie
 
Registered: Apr 2007
Posts: 3

Rep: Reputation: 3
Similar problem

This question is directed to Gabsik... Did you solve your problem? If so, what was the issue? I have the same message regarding inability to open master.lock due to permission denied. My Postfix server has been running fine for months, and this suddenly happened. I have not touched the relevant directories or files.
 
Old 01-23-2010, 12:23 PM   #5
tibal
LQ Newbie
 
Registered: Jan 2010
Location: France, Europe
Distribution: Debian
Posts: 2

Rep: Reputation: 0
Hi

I had this problem, just after installing a tarball with tar xfz code.tar.gz -C / . . While this has nothing to do with Postfix, my email server didn't restarted after that.
If you read my message I bet you are experiencing the same issue about master.lock permissions, and you double checked carefully it's mode as well as parent directories. But did you check the root directory ???

Code:
# ls -ld /
drwx------ 16 root root 4096 2010-01-02 13:56 /
If you get the same result, then you're not far from resolving your Postfix problem
Actually 700 is a bad mode for the root !
Just change it to a regular 755 value.

Code:
# chmod 755 /
# ls -ld /
drwxr-xr-x 16 root root 4096 2010-01-02 13:59 /
And hopefully you'll get Postfix chrooting happily

Cheers!

Last edited by tibal; 01-23-2010 at 12:24 PM.
 
Old 05-23-2011, 09:40 AM   #6
jonasd1986
LQ Newbie
 
Registered: May 2011
Posts: 1

Rep: Reputation: Disabled
master.lock

For me it had to be file master.lock like postfix owner ant postfix group

chown postfix /var/lib/postfix/master.lock
chgrp postfix /var/lib/postfix/master.lock

/etc/init.d/postfix restart
 
Old 08-30-2012, 09:39 PM   #7
mictai
LQ Newbie
 
Registered: Aug 2012
Posts: 1

Rep: Reputation: Disabled
Question setenforce 0

i don't know why that i set "setenforce 0" ,my postfix does work again
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
E: Could not get lock /var/lib/dpkg/lock - open (11 Resource temporarily unavailable) phreakshew Linux - Newbie 24 04-12-2019 10:42 AM
Could not get lock /var/lib/dpkg/lock thelonius Debian 5 07-31-2006 07:48 PM
Could not open lock file in Debian Sarge3.1 canegames Linux - Software 5 04-02-2006 06:06 PM
cannot open shared object file: Permission denied cchristian Linux - Software 5 07-30-2005 10:52 AM
error: cannot get exclusive lock on /var/lib/rpm/Packages error: cannot open Packages inward_eye Linux - Software 3 08-24-2003 03:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 04:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration