A. sasl2 not installed:
$ apt-cache policy sasl2-bin
sasl2-bin:
Installed: (none)
Candidate: 2.1.28+dfsg1-5ubuntu3.2~oracular1
Version table:
2.1.28+dfsg1-5ubuntu3.2~oracular1 500
500
https://ppa.launchpadcontent.net/bryce/cyrus-sasl2-sru-lp2078851/ubuntu
noble/main amd64 Packages
2.1.28+dfsg1-5ubuntu3.1 500
500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
2.1.28+dfsg1-5ubuntu3 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
$ ls -ld /run/saslauthd
ls: cannot access '/run/saslauthd': No such file or directory
$ ps aux | grep sasl2 | grep -v grep
$
----------------------------------------------------------------------------------------------------
B. Installing from noble-updates
$ apt-cache policy sasl2-bin | grep Installed:
Installed: 2.1.28+dfsg1-5ubuntu3.1
$ ls -ld /run/saslauthd
drwx--x--- 2 root sasl 40 Oct 3 16:14 /run/saslauthd/
$ ps aux | grep sasl2 | grep -v grep
$ sudo systemctl enable saslauthd
Synchronizing state of saslauthd.service with SysV service script with
/usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable saslauthd
Created symlink /etc/systemd/system/multi-user.target.wants/saslauthd.service →
/usr/lib/systemd/system/saslauthd.service.
$ ls -ld /run/saslauthd
drwx--x--- 2 root sasl 40 Oct 3 16:14 /run/saslauthd/
$ sudo ls /var/run/saslauthd/ -l
total 0
$ ls -l /usr/lib/systemd/system/saslauthd.service
-rw-r--r-- 1 root root 326 Apr 5 19:59
/usr/lib/systemd/system/saslauthd.service
$ sudo systemctl status saslauthd
○ saslauthd.service - SASL Authentication Daemon
Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled;
preset: enabled)
Active: inactive (dead)
Docs: man:saslauthd(8)
Sep 24 23:35:06 cyrus-sasl2-sru-lp2078851-noble systemd[1]: saslauthd.service:
Deactivated successfully.
Sep 24 23:35:06 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Stopped
saslauthd.service - SASL Authentication Daemon.
Sep 24 23:35:06 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Starting
saslauthd.service - SASL Authentication Daemon...
Sep 24 23:35:06 cyrus-sasl2-sru-lp2078851-noble saslauthd[9743]:
: master pid is: 9743
Sep 24 23:35:06 cyrus-sasl2-sru-lp2078851-noble saslauthd[9743]:
: listening on socket: /var/run/saslauthd/mux
Sep 24 23:35:06 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Started
saslauthd.service - SASL Authentication Daemon.
Oct 03 16:11:13 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Stopping
saslauthd.service - SASL Authentication Daemon...
Oct 03 16:11:13 cyrus-sasl2-sru-lp2078851-noble saslauthd[9743]:
: master exited: 9743
Oct 03 16:11:13 cyrus-sasl2-sru-lp2078851-noble systemd[1]: saslauthd.service:
Deactivated successfully.
Oct 03 16:11:13 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Stopped
saslauthd.service - SASL Authentication Daemon.
$ sudo systemctl start saslauthd
$ ps aux | grep sasl | grep -v grep
root 34437 0.0 0.0 19732 1104 ? Ss 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34438 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34439 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34440 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34441 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
$ sudo systemctl status saslauthd
● saslauthd.service - SASL Authentication Daemon
Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled;
preset: enabled)
Active: active (running) since Thu 2024-10-03 16:19:49 UTC; 1min 15s ago
Docs: man:saslauthd(8)
Process: 34436 ExecStart=/usr/sbin/saslauthd -a $MECHANISMS $MECH_OPTIONS
$OPTIONS -n $THREADS (code=exited, status=0/SUCCESS)
Main PID: 34437 (saslauthd)
Tasks: 5 (limit: 76969)
Memory: 2.9M ()
CPU: 8ms
CGroup: /system.slice/saslauthd.service
├─34437 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34438 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34439 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34440 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
└─34441 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
Oct 03 16:19:49 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Starting
saslauthd.service - SASL Authentication Daemon...
Oct 03 16:19:49 cyrus-sasl2-sru-lp2078851-noble saslauthd[34437]:
: master pid is: 34437
Oct 03 16:19:49 cyrus-sasl2-sru-lp2078851-noble saslauthd[34437]:
: listening on socket: /var/run/saslauthd/mux
Oct 03 16:19:49 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Started
saslauthd.service - SASL Authentication Daemon.
$ ls -ld /usr/sbin/saslauthd
-rwxr-xr-x 1 root root 84640 Aug 9 02:33 /usr/sbin/saslauthd* # <---- bug
reproduced
$ sudo ls -l /var/run/saslauthd/
total 968
-rw------- 1 root root 0 Oct 3 16:19 cache.flock
-rw------- 1 root root 986112 Oct 3 16:19 cache.mmap
srwxrwxrwx 1 root root 0 Oct 3 16:19 mux
-rw------- 1 root root 0 Oct 3 16:19 mux.accept
-rw------- 1 root root 6 Oct 3 16:19 saslauthd.pid
$ ps aux | grep sasl
root 34437 0.0 0.0 19732 1104 ? Ss 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34438 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34439 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34440 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34441 0.0 0.0 19732 1104 ? S 16:19 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
$ ls -l /usr/sbin/saslauthd
-rwxr-xr-x 1 root root 84640 Aug 9 02:33 /usr/sbin/saslauthd*
------------------------------------------------------------------------------------
C. Installing from the PPA
$ sudo apt-get install sasl2-bin
$ apt-cache policy sasl2-bin | grep Installed:
Installed: 2.1.28+dfsg1-5ubuntu3.2~oracular1
$ ls -ld /run/saslauthd
drwxr-xr-x 2 root sasl 140 Oct 3 16:27 /run/saslauthd/
$ ps aux | grep sasl2 | grep -v grep
$ sudo systemctl enable saslauthd
Synchronizing state of saslauthd.service with SysV service script with
/usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable saslauthd
$ ls -ld /run/saslauthd
drwxr-xr-x 2 root sasl 140 Oct 3 16:27 /run/saslauthd/
$ sudo ls /var/run/saslauthd/ -l
total 968
-rw------- 1 root sasl 0 Oct 3 16:27 cache.flock
-rw------- 1 root sasl 986112 Oct 3 16:27 cache.mmap
srwxrwxrwx 1 root sasl 0 Oct 3 16:27 mux
-rw------- 1 root sasl 0 Oct 3 16:27 mux.accept
-rw------- 1 root sasl 6 Oct 3 16:27 saslauthd.pid
$ ls -l /usr/lib/systemd/system/saslauthd.service
-rw-r--r-- 1 root root 337 Sep 23 05:40
/usr/lib/systemd/system/saslauthd.service
$ sudo systemctl status saslauthd
● saslauthd.service - SASL Authentication Daemon
Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled;
preset: enabled)
Active: active (running) since Thu 2024-10-03 16:27:17 UTC; 1min 23s ago
Docs: man:saslauthd(8)
Main PID: 34649 (saslauthd)
Tasks: 5 (limit: 76969)
Memory: 2.9M ()
CPU: 8ms
CGroup: /system.slice/saslauthd.service
├─34649 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34650 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34651 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34652 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
└─34653 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Starting
saslauthd.service - SASL Authentication Daemon...
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble saslauthd[34649]:
: master pid is: 34649
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble saslauthd[34649]:
: listening on socket: /var/run/saslauthd/mux
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Started
saslauthd.service - SASL Authentication Daemon.
$ sudo systemctl start saslauthd
$ ps aux | grep sasl | grep -v grep
root 34649 0.0 0.0 19732 1100 ? Ss 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34650 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34651 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34652 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34653 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
$ sudo systemctl status saslauthd
● saslauthd.service - SASL Authentication Daemon
Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled;
preset: enabled)
Active: active (running) since Thu 2024-10-03 16:27:17 UTC; 2min 5s ago
Docs: man:saslauthd(8)
Main PID: 34649 (saslauthd)
Tasks: 5 (limit: 76969)
Memory: 2.9M ()
CPU: 8ms
CGroup: /system.slice/saslauthd.service
├─34649 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34650 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34651 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
├─34652 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
└─34653 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Starting
saslauthd.service - SASL Authentication Daemon...
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble saslauthd[34649]:
: master pid is: 34649
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble saslauthd[34649]:
: listening on socket: /var/run/saslauthd/mux
Oct 03 16:27:17 cyrus-sasl2-sru-lp2078851-noble systemd[1]: Started
saslauthd.service - SASL Authentication Daemon.
$ ls -ld /usr/sbin/saslauthd
-rwxr-xr-x 1 root root 84640 Sep 23 20:14 /usr/sbin/saslauthd*
$ ls -ld /run/saslauthd
drwxr-xr-x 2 root sasl 140 Oct 3 16:27 /run/saslauthd/
$ sudo ls -l /var/run/saslauthd/
total 968
-rw------- 1 root sasl 0 Oct 3 16:27 cache.flock
-rw------- 1 root sasl 986112 Oct 3 16:27 cache.mmap
srwxrwxrwx 1 root sasl 0 Oct 3 16:27 mux
-rw------- 1 root sasl 0 Oct 3 16:27 mux.accept
-rw------- 1 root sasl 6 Oct 3 16:27 saslauthd.pid
$ ps aux | grep sasl | grep -v grep
root 34649 0.0 0.0 19732 1100 ? Ss 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34650 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34651 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34652 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
root 34653 0.0 0.0 19732 1100 ? S 16:27 0:00
/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu.
https://bugs.launchpad.net/bugs/2078851
Title:
saslauthd wrong permission of /var/spool/postfix/var/run/saslauthd
Status in cyrus-sasl2 package in Ubuntu:
Fix Released
Status in cyrus-sasl2 source package in Noble:
Incomplete
Status in cyrus-sasl2 source package in Oracular:
Fix Released
Bug description:
[Impact]
Incorrect ownership of files in saslauthd's run directory can result in
service issues (e.g. failure to authenticate, failure to restart, etc.)
[Workaround]
# systemctl edit saslauthd.service
Then, put the following lines inside the file:
[Service]
Group=sasl
Save the file, and restart the service. You should now see the right
permissions/owner/group under /run/saslauthd.
[Test Case]
$ sudo apt-get install postfix sasl2-bin
$ sudo systemctl enable saslauthd
$ ls -ld /run/saslauthd/
drwx--x--- 2 root sasl 40 Sep 24 23:07 /run/saslauthd/
$ sudo systemctl start saslauthd
$ ls -ld /run/saslauthd/
drwxr-xr-x 2 root root 140 Sep 24 23:09 /run/saslauthd
[Where Problems Could Occur]
Since the fix is only in packaging and deals only with permissions,
regressions would be expected to be limited to permission issues relating to
packaging files (configuration, daemons, logs, etc.)
Notably, the fix corrects permissions on the *directory* itself, but
not on its contents. Since the problem is that root ownership of the
directory prevents non-root users from adding non-root owned files
there, it is unlikely this situation would crop up in practice, and if
it did should be reviewed and analyzed by the user. (We would not
want to auto-fix unknown root-owned file permissions to non-root.)
[Original Report]
Folder group permission of /var/spool/postfix/var/run/saslauthd gets reset to
"root" (should be "sasl") every time saslauthd gets restarted.
This worked fine before upgrading from 22.04 to 24.04
My automated workaround currently is this crontab (root) entry:
*/1 * * * * /usr/bin/chgrp sasl /var/spool/postfix/var/run/saslauthd
2>&1
ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: postfix 3.8.6-1build2
ProcVersionSignature: Ubuntu 6.8.0-41.41-generic 6.8.12
Uname: Linux 6.8.0-41-generic x86_64
NonfreeKernelModules: zfs
ApportVersion: 2.28.1-0ubuntu3.1
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Tue Sep 3 19:52:59 2024
SourcePackage: postfix
UpgradeStatus: Upgraded to noble on 2024-08-31 (3 days ago)
mtime.conffile..etc.init.d.apport: 2024-07-22T16:59:07
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/2078851/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
