So to recap:
- open-smtp is correctly being updated with new pop auth IPs?
- tcp.smtp.cdb is not being updated.
A few things need to fall in line to make that all happen.
And it sounds like you've got at least most of them.
I would look at the config.h vpopmail file for:
The #ifdef of where the tcprules program lives.
make sure it is there :) then make sure the user that the
vchkpw program runs as (when a user pops) has permission
to run it and update the #ifdef location of where the tcp.smtp.cdb
file lives.
Run the tcprules program just like vchkpw would, on the command
line and see what happens. Check if it updates the tcp.smtp.cdb file.
If all this is right then i dunno...
If all your email accounts are owned by vpopmail then you might
as well run the pop3d tcpserver (and logs) as vpopmail.vchkpw.
The alternative (worth trying) is have everything run as root.
Ken Jones
On Friday 20 September 2002 11:53 am, Tony A.T. Mendina wrote:
> This is a long story; but, I'd be happy if anyone with the patience to
> slog through it could offer further troubleshooting suggestions,
> pointers to docs that I missed, or any other advice they deem helpful
> <grin>.
>
> My problem is that tcp.smtp.cdb is not being updated when a pop3 user
> logs in, _unless_ I delete the open-smtp file just before the login.
> I'm not seeing errors in the logs or leftover temporary files on the
> disk, and users can log in and check mail successfully. The file
> open-smtp _is_ being updated each time a user checks mail.
> Clearopensmtp _does_ run without error from the system crontab,
> whether I've got the vpopmail system running as root or as vpopmail.
>
> I'm trying to use vpopmail with qmail 1.03 and redhat 7.2. My previous
> (working) qmail+vpopmail installs use vpopmail 5.2.1 just like I'm
> trying to do now, but this new one is a little different. Instead of
> running tcpserver directly from my init scripts and using Debian with
> a 2.2 kernel, I'm running it using supervise and using Redhat with a
> 2.4. Switching back to debian and cloning is not an option for work
> policy reasons. The qmail installs themselves are identical; both
> machines use the current ucspi-tcp, .88.
>
> At first, I was first letting the /supervise/qmail-pop3d/run script
> start tcpserver as root, and the open-smtp file, as well as the cdb
> file, were owned by root. Tcp.smtp.cdb was in /etc/, and clearopensmtp
> was run as root. I carefully compared the locations and permissions of
> executables and data files between a working debian+qmail+vpopmail
> system and this new redhat one, I and couldn't find any difference.
> After reading the tales of users with similar problems in the list
> archives, I saw that most of them had to do with the vpopmail user
> having access problems with needed files and with /etc.
>
> So as an experiment, I switched the whole setup to use the vpopmail
> user. The cron job for clearopensmtp was changed to run as vpopmail;
> vpopmail was recompiled to use /var/vchkpw/etc rather than /etc for
> the tcp rules file, the supervise scripts were changed accordingly,
> and so on. Users (well, test user accounts) can still log in and check
> mail without errors being returned to the client software, but just as
> before, the tcp.smtp.cdb file is _still_ not updated, except every 15
> minutes when clearopensmtp runs.
>
> Then, as a further experiment, I tried replacing vpopmail 5.2.1 with
> 5.3.8. I used /var/vchkpw/etc and ran all components as the vpopmail
> user. No luck.
>
> The one exception to the lack of updates is if I delete the file
> /var/vchkpw/etc/open-smtp. If I do that, tcp.smtp.cdb is updated when
> the next pop3 user logs in. Open-smtp is recreated, and further pop3
> logins don't result in updates to the cdb file, just open-smtp. This
> is the case whether the cdb file is in /etc and I'm running vpopmail
> as root or its in /var/vchkpw/etc and I'm running vpopmail as
> vpopmail.
>
> I've also tried running the tcpserver which runs qmail-popup, vchkpw,
> and qmail-pop3d from the command line as root and both with and
> without the -u 89 -g 89 parameters; I get the same problem as always,
> every time.
>
> In case this long and unhappy story wasn't long enough, I've included
> samples of scripts and the output of some of my debugging below. I've
> really run out of ideas for what to do next to try and identify the
> problem or to solve it, so ideas are very welcome! Vpopmail is
> *almost* working; if I could just get vchkpw to update the cdb file,
> I'd be set.
>
> Thanks for any help you can give,
>
> Tony
>
> First, the recordio output from when recordio was added to the startup
> script just ahead of "qmail-popup."
>
> tcpserver: pid 2093 from 66.6.197.35
> tcpserver: ok 2093 0:216.65.196.14:110 :66.6.197.35::1349
> 093 > +OK <[EMAIL PROTECTED]>
> 093 < USER [EMAIL PROTECTED]
> 093 > +OK
> 093 < PASS <I've removed it>
> 093 > +OK
> 093 < STAT
> 093 > +OK 18 17029
> 093 < LIST
> 093 > +OK
> 093 > 1 1451
> 093 > 2 919
> 093 > 3 719
> 093 > 4 1037
> 093 > 5 1037
> 093 > 6 1640
> 093 > 7 717
> 093 > 8 921
> 093 > 9 734
> 093 > 10 735
> 093 > 11 735
> 093 > 12 733
> 093 > 13 735
> 093 > 14 735
> 093 > 15 1156
> 093 > 16 1656
> 093 > 17 685
> 093 > 18 684
> 093 > .
> 093 < UIDL
> 093 > +OK
> 093 > 1 1032294648.21614.guilder.optimumreturn.com,S=1405
> 093 > 2 1032294707.21630.guilder.optimumreturn.com,S=858
> 093 > 3 1032294713.21634.guilder.optimumreturn.com,S=658
> 093 > 4 1032294893.21760.guilder.optimumreturn.com,S=976
> 2093 > 5 1032295236.21874.guilder.optimumreturn.com,S=+
> 093 > 976
> 093 > 6 1032295950.21943.guilder.optimumreturn.com,S=1594
> 093 > 7 1032297065.23654.guilder.optimumreturn.com,S=656
> 093 > 8 1032297102.23663.guilder.optimumreturn.com,S=860
> 093 > 9 1032297216.24457.guilder.optimumreturn.com,S=673
> 2093 > 10 1032297245.24465.guilder.optimumreturn.+
> 093 > com,S=674
> 093 > 11 1032297303.24488.guilder.optimumreturn.com,S=674
> 093 > 12 1032297335.24497.guilder.optimumreturn.com,S=672
> 093 > 13 1032297357.24541.guilder.optimumreturn.com,S=674
> 093 > 14 1032297465.25301.guilder.optimumreturn.com,S=674
> 2093 > 15 1032297722.25325.guilder.optim+
> 093 > umreturn.com,S=1095
> 093 > 16 1032297792.25357.guilder.optimumreturn.com,S=1610
> 093 > 17 1032298822.25498.guilder.optimumreturn.com,S=624
> 093 > 18 1032300495.25635.guilder.optimumreturn.com,S=623
> 093 > .
> 093 < QUIT
> 093 > +OK
> 2093 > [EOF]
> tcpserver: end 2093 status 256
> tcpserver: status: 0/50
>
> The message status 256 is something of a catch-all, and I'm wondering
> in this case if it indicates a problem with a child process...
>
> Config of current install:
> (The config of the 5.3.8 was the same except for the version string.)
>
> vpopmail 5.2.1
> Current settings
> ---------------------------------------
>
> vpopmail directory = /var/vchkpw/
> uid = 89
> gid = 89
> ip alias = OFF --enable-ip-alias-domains=n (default)
> address extentions = OFF --enable-qmail-ext=n (default)
> roaming users = ON --enable-roaming-users=y
> tcpserver file = /var/vchkpw/etc/tcp.smtp
> open_smtp file = /var/vchkpw//etc/open-smtp
> user quota = OFF --enable-defaultquota=NOQUOTA default
> table optimization = many domains --enable-many-domains=y default
> auth module = cdb default
> system passwords = OFF --enable-passwd=n default
> file locking = ON --enable-file-locking=y default
> file sync = OFF --enable-file-sync=n default disable vdelivermail
> fsync auth logging = ON --enable-auth-logging=y default
> mysql logging = OFF --enable-mysql-logging=n default
> clear passwd = ON --enable-clear-passwd=y (default)
> valias processing = OFF --enable-valias=n
> pop syslog = show successful and failure login attempts
> --enable-logging=y
> default domain = optimumreturn.com
> --enable-default-domain=optimumreturn.com auth inc = -Icdb
> auth lib =
>
> The location /root/ucspi-tcp-0.88 was also given on the command line to
> .cofigure, as I'm not using what the ./configure --help output says is the
> default location or version of ucspi-tcp. No errors were reported during
> make or make install.
>
> Permissions of /var/vchkpw/etc:
>
> drwxr-xr-x 2 vpopmail vchkpw 4096 Sep 20 09:41 .
> drwxr-xr-x 9 vpopmail vchkpw 4096 Sep 17 19:13 ..
> -rw-rw-rw- 1 vpopmail vchkpw 23 Sep 19 16:38 inc_deps
> -rw-rw-rw- 1 vpopmail vchkpw 30 Sep 19 16:38 lib_deps
> -rw-r--r-- 1 vpopmail vchkpw 57 Sep 20 09:41 open-smtp
> -rw-r--r-- 1 vpopmail vchkpw 0 Sep 19 16:38 open-smtp.lock
> -rw-r--r-- 1 vpopmail vchkpw 2048 Sep 20 09:41 tcp.pop3.cdb
> -rw-r--r-- 1 vpopmail vchkpw 386 Sep 19 16:20 tcp.smtp
> -rw-r--r-- 1 vpopmail vchkpw 2569 Sep 20 09:30 tcp.smtp.cdb
>
> I can su vopopmail and update the cdb file myself, without errors, by
> running:
>
> tcprules /var/vchkpw/etc/tcp.smtp.cdb /var/vchkpw/etc/tcp.smtp.tmp <
> tcp.smtp
>
> The script that starts the pop3 daemon in /service/qmail-pop3d/run is:
>
> #!/bin/sh
>
> MAXPOP3D=`head -1 /var/qmail/control/concurrencypop3`
>
> exec /usr/local/bin/softlimit -m 2000000 \
> /usr/local/bin/tcpserver -u 89 -g 89 -v -R -H -l 0 \
> -x /var/vchkpw/etc/tcp.pop3.cdb -c "$MAXPOP3D" \
> 0 110 /var/qmail/bin/qmail-popup guilder.optimumreturn.com \
> /var/vchkpw/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1
>
>
> This script has also been tried as root, with the tcp.smtp.cdb file in /etc
> and the clearopensmtp command being run as root from crontab. The results
> are no different. Increasing the memory limit by a factor of 10 doesn't
> help, either. I've tried running tcpserver with the UID and GID of
> user qmaild, as the INSTALL file suggests for vpopmail, but
> authorization always fails, so I don't even get to the cdb problem.
>
> Finally, I have an strace of my tcpserver invocation, run from the
> command line with -u 89 and -g 89 supplied to tcpserver. I don't
> really know how to interpret this, but it might be of interest to
> others. The two files reported as missing are also missing on the
> working debian system, so I don't expect that to be the solution. What
> I don't know how to do yet is get strace to be invoked when vchkpw is
> run; a simple shell script doesn't do the trick...
>
> execve("/usr/local/bin/tcpserver", ["/usr/local/bin/tcpserver", "-u", "89",
> "-g", "89", "-v", "-R", "-H", "-l", "0", "-x",
> "/var/vchkpw/etc/tcp.pop3.cdb", "-c", "40", "0", "110",
> "/var/qmail/bin/qmail-popup", "guilder.optimumreturn.com",
> "/var/vchkpw/bin/vchkpw", "/var/qmail/bin/qmail-pop3d", "Maildir"], [/* 26
> vars */]) = 0 uname({sys="Linux", node="guilder.optimumreturn.com", ...}) =
> 0
> brk(0) = 0x8051e10
> open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or
> directory) open("/etc/ld.so.cache", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=57589, ...}) = 0
> old_mmap(NULL, 57589, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40017000
> close(3) = 0
> open("/lib/i686/libc.so.6", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \306\1"..., 1024)
> = 1024 fstat64(3, {st_mode=S_IFREG|0755, st_size=5772268, ...}) = 0
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x40026000 old_mmap(NULL, 1290088, PROT_READ|PROT_EXEC, MAP_PRIVATE,
> 3, 0) = 0x40027000 mprotect(0x40159000, 36712, PROT_NONE) = 0
> old_mmap(0x40159000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
> 0x131000) = 0x40159000 old_mmap(0x4015e000, 16232, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4015e000 close(3)
> = 0
> munmap(0x40017000, 57589) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], NULL, 8) = 0
> rt_sigaction(SIGCHLD, {0x8049580, [], 0x4000000}, NULL, 8) = 0
> rt_sigaction(SIGTERM, {0x8049570, [], 0x4000000}, NULL, 8) = 0
> rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0
> gettimeofday({1032537367, 279040}, NULL) = 0
> open("/etc/dnsrewrite", O_RDONLY|O_NONBLOCK) = -1 ENOENT (No such file or
> directory) open("/etc/resolv.conf", O_RDONLY|O_NONBLOCK) = 3
> read(3, "nameserver 66.6.197.4\nnameserver"..., 64) = 45
> read(3, "", 64) = 0
> close(3) = 0
> uname({sys="Linux", node="guilder.optimumreturn.com", ...}) = 0
> socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
> fcntl64(0x3, 0x3, 0, 0x804f349) = 2
> fcntl64(0x3, 0x4, 0x802, 0x804f349) = 0
> setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
> bind(3, {sin_family=AF_INET, sin_port=htons(110),
> sin_addr=inet_addr("0.0.0.0")}}, 16) = 0 getsockname(3,
> {sin_family=AF_INET, sin_port=htons(110), sin_addr=inet_addr("0.0.0.0")}},
> [16]) = 0 listen(3, 20) = 0
> fcntl64(0x3, 0x3, 0, 0x3) = 2050
> fcntl64(0x3, 0x4, 0x2, 0x3) = 0
> setgroups32(0x1, 0xbffff940) = 0
> setgid32(0x59) = 0
> setuid32(0x59) = 0
> close(0) = 0
> close(1) = 0
> write(2, "tcpserver: status: 0/40\n", 24tcpserver: status: 0/40
> ) = 24
> rt_sigprocmask(SIG_UNBLOCK, [CHLD], NULL, 8) = 0
> accept(3, {sin_family=AF_INET, sin_port=htons(3957),
> sin_addr=inet_addr("66.6.197.35")}}, [16]) = 0 rt_sigprocmask(SIG_BLOCK,
> [CHLD], NULL, 8) = 0
> write(2, "tcpserver: status: 1/40\n", 24tcpserver: status: 1/40
> ) = 24
> fork() = 12604
> close(0) = 0
> rt_sigprocmask(SIG_UNBLOCK, [CHLD], tcpserver: pid 12604 from 66.6.197.35
> NULL, 8) = 0
> accept(3, tcpserver: ok 12604 0:216.65.196.14:110 :66.6.197.35::3957
> 0xbffff920, [16]) = ? ERESTARTSYS (To be restarted)
> --- SIGCHLD (Child exited) ---
> wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 1], WNOHANG, NULL) = 12604
> write(2, "tcpserver: end 12604 status 256\n", 32tcpserver: end 12604 status
> 256 ) = 32
> write(2, "tcpserver: status: 0/40\n", 24tcpserver: status: 0/40
> ) = 24
> wait4(-1, 0xbffff610, WNOHANG, NULL) = -1 ECHILD (No child processes)
> sigreturn() = ? (mask now [])
> rt_sigprocmask(SIG_BLOCK, [CHLD], NULL, 8) = 0
> rt_sigprocmask(SIG_UNBLOCK, [CHLD], NULL, 8) = 0
> accept(3, <unfinished ...>
> root@guilder:~$ls -la list.txt
> -rw-r--r-- 1 root root 3932 Sep 20 10:56 list.txt
> root@guilder:~$cat list.txt
> execve("/usr/local/bin/tcpserver", ["/usr/local/bin/tcpserver", "-u", "89",
> "-g", "89", "-v", "-R", "-H", "-l", "0", "-x",
> "/var/vchkpw/etc/tcp.pop3.cdb", "-c", "40", "0", "110",
> "/var/qmail/bin/qmail-popup", "guilder.optimumreturn.com",
> "/var/vchkpw/bin/vchkpw", "/var/qmail/bin/qmail-pop3d", "Maildir"], [/* 26
> vars */]) = 0 uname({sys="Linux", node="guilder.optimumreturn.com", ...}) =
> 0
> brk(0) = 0x8051e10
> open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or
> directory) open("/etc/ld.so.cache", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=57589, ...}) = 0
> old_mmap(NULL, 57589, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40017000
> close(3) = 0
> open("/lib/i686/libc.so.6", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \306\1"..., 1024)
> = 1024 fstat64(3, {st_mode=S_IFREG|0755, st_size=5772268, ...}) = 0
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x40026000 old_mmap(NULL, 1290088, PROT_READ|PROT_EXEC, MAP_PRIVATE,
> 3, 0) = 0x40027000 mprotect(0x40159000, 36712, PROT_NONE) = 0
> old_mmap(0x40159000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
> 0x131000) = 0x40159000 old_mmap(0x4015e000, 16232, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4015e000 close(3)
> = 0
> munmap(0x40017000, 57589) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], NULL, 8) = 0
> rt_sigaction(SIGCHLD, {0x8049580, [], 0x4000000}, NULL, 8) = 0
> rt_sigaction(SIGTERM, {0x8049570, [], 0x4000000}, NULL, 8) = 0
> rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0
> gettimeofday({1032537367, 279040}, NULL) = 0
> open("/etc/dnsrewrite", O_RDONLY|O_NONBLOCK) = -1 ENOENT (No such file or
> directory) open("/etc/resolv.conf", O_RDONLY|O_NONBLOCK) = 3
> read(3, "nameserver 66.6.197.4\nnameserver"..., 64) = 45
> read(3, "", 64) = 0
> close(3) = 0
> uname({sys="Linux", node="guilder.optimumreturn.com", ...}) = 0
> socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
> fcntl64(0x3, 0x3, 0, 0x804f349) = 2
> fcntl64(0x3, 0x4, 0x802, 0x804f349) = 0
> setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
> bind(3, {sin_family=AF_INET, sin_port=htons(110),
> sin_addr=inet_addr("0.0.0.0")}}, 16) = 0 getsockname(3,
> {sin_family=AF_INET, sin_port=htons(110), sin_addr=inet_addr("0.0.0.0")}},
> [16]) = 0 listen(3, 20) = 0
> fcntl64(0x3, 0x3, 0, 0x3) = 2050
> fcntl64(0x3, 0x4, 0x2, 0x3) = 0
> setgroups32(0x1, 0xbffff940) = 0
> setgid32(0x59) = 0
> setuid32(0x59) = 0
> close(0) = 0
> close(1) = 0
> write(2, "tcpserver: status: 0/40\n", 24tcpserver: status: 0/40
> ) = 24
> rt_sigprocmask(SIG_UNBLOCK, [CHLD], NULL, 8) = 0
> accept(3, {sin_family=AF_INET, sin_port=htons(3957),
> sin_addr=inet_addr("66.6.197.35")}}, [16]) = 0 rt_sigprocmask(SIG_BLOCK,
> [CHLD], NULL, 8) = 0
> write(2, "tcpserver: status: 1/40\n", 24tcpserver: status: 1/40
> ) = 24
> fork() = 12604
> close(0) = 0
> rt_sigprocmask(SIG_UNBLOCK, [CHLD], tcpserver: pid 12604 from 66.6.197.35
> NULL, 8) = 0
> accept(3, tcpserver: ok 12604 0:216.65.196.14:110 :66.6.197.35::3957
> 0xbffff920, [16]) = ? ERESTARTSYS (To be restarted)
> --- SIGCHLD (Child exited) ---
> wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 1], WNOHANG, NULL) = 12604
> write(2, "tcpserver: end 12604 status 256\n", 32tcpserver: end 12604 status
> 256 ) = 32
> write(2, "tcpserver: status: 0/40\n", 24tcpserver: status: 0/40
> ) = 24
> wait4(-1, 0xbffff610, WNOHANG, NULL) = -1 ECHILD (No child processes)
> sigreturn() = ? (mask now [])
> rt_sigprocmask(SIG_BLOCK, [CHLD], NULL, 8) = 0
> rt_sigprocmask(SIG_UNBLOCK, [CHLD], NULL, 8) = 0
> accept(3, <unfinished ...>
