i'm trying to setup DKIM & DMARC, set it few days ago, it seemed to be
working ok(?), well, I did'nt notice errors noticed today multiple "Permission denied" errors since last night, across multiple domains grep " Permission denied" /var/log/maillog | wc 1943 19430 200491 May 29 13:41:43 geko opendmarc[27677]: AAADD4E821C9: /var/run/opendmarc.dat: fopen(): Permission denied # grep AAADD4E821C9 /var/log/maillog May 29 13:41:41 geko postfix/smtpd[30596]: AAADD4E821C9: client=mail01.hello.zendesk.com[142.0.163.127] May 29 13:41:42 geko postfix/cleanup[30785]: AAADD4E821C9: message-id=<32f4e19952284dd89d4be9c71563d796@2136619493> May 29 13:41:42 geko opendmarc[27677]: AAADD4E821C9: SPF(mailfrom): [hidden email] pass May 29 13:41:43 geko opendmarc[27677]: AAADD4E821C9: zendesk.com pass May 29 13:41:43 geko opendmarc[27677]: AAADD4E821C9: /var/run/opendmarc.dat: fopen(): Permission denied May 29 13:41:43 geko postfix/cleanup[30785]: AAADD4E821C9: milter-reject: END-OF-MESSAGE from mail01.hello.zendesk.com[142.0.163.127]: 4.7.1 Service unavailable - try again later; from=<[hidden email]> to=<[hidden email]> proto=ESMTP helo=<mail01.hello.zendesk.com> and, I don't have any such: # ls /var/run/open* /var/run/opendkim: opendkim.pid /var/run/opendmarc: opendmarc.pid in conf i have it as: # grep opendmarc.dat opendmarc.conf # HistoryFile /var/spool/opendmarc/opendmarc.dat HistoryFile /var/run/opendmarc.dat (the write up I was using suggested "/var/run/opendmarc.dat" do I need to... re-create opendmarc.dat ..? should it go in conf default path /var/spool/opendmarc ? what did I screw up this time ? meantime, removed dmarc from postfix main.cf V |
On Wed, 29 May 2019 at 05:11, <[hidden email]> wrote: i'm trying to setup DKIM & DMARC, set it few days ago, it seemed to be I think you need to use a suitable UMask setting in /etc/opendmarc.conf e.g. 0002 - see UMask in man opendmarc.conf. And I don't think /var/run is a logical place to put the history file. /var/log maybe? |
On Wed, May 29, 2019 4:51 pm, Dominic Raferd wrote:
> On Wed, 29 May 2019 at 05:11, <[hidden email]> wrote: > > I think you need to use a suitable UMask setting in /etc/opendmarc.conf > e.g. 0002 - see UMask in man opendmarc.conf. And I don't think /var/run is > a logical place to put the history file. /var/log maybe? > Dominic, thanks I've used https://www.stevejenkins.com/blog/2015/03/installing-opendmarc-rpm-via-yum-with-postfix-or-sendmail-for-rhel-centos-fedora/ I can see now there is inconsistency in that writeup, with location of the .dat I currently have like: UMask 007 UserID opendmarc:mail what about default path /var/run/opendmarc.dat, maybe I'll try that I'll try UMask 0002 thanks, V |
In reply to this post by lists-3
[hidden email] skrev den 2019-05-29 06:09:
> May 29 13:41:43 geko opendmarc[27677]: AAADD4E821C9: > /var/run/opendmarc.dat: fopen(): Permission denied change /var/run to /var/tmp if you reboot with your config you will loose data /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot permission denied comes from that opendmarc starts as root, and drops privelges to user later, and that makes it permision denied for the dat file, show ls -l /var/run/ if need more help if the dat file is owned or created by root, delete it and restart opendmarc |
On Thu, May 30, 2019 12:52 am, Benny Pedersen wrote:
> [hidden email] skrev den 2019-05-29 06:09: > change /var/run to /var/tmp > > if you reboot with your config you will loose data > > /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot > > > permission denied comes from that opendmarc starts as root, and drops > privelges to user later, and that makes it permision denied for the dat > file, show ls -l /var/run/ if need more help > > if the dat file is owned or created by root, delete it and restart > opendmarc > Benny, thanks following Dominic advice I've set "UMask 0002" as , and, also reverted to default path, restarted some 10 hours ago, so far, so good, no more fopen errors I'll change to /var/tmp next thanks for explanation, Voytek # ls -l /var/run/ total 32 .... drwxr-xr-x 3 root root 80 May 28 22:09 NetworkManager drwx------ 2 opendkim opendkim 60 May 28 22:09 opendkim drwx------ 2 opendmarc opendmarc 60 May 29 18:25 opendmarc drwxr-xr-x 2 root root 40 May 28 22:08 plymouth ... # ls -l /var/run/opendmarc total 4 -rw-rw-r-- 1 opendmarc opendmarc 6 May 29 18:25 opendmarc.pid # grep istory /etc/opendmarc.conf HistoryFile /var/spool/opendmarc/opendmarc.dat # HistoryFile /var/run/opendmarc.dat # ls -l /var/spool/opendmarc/ total 44 -rw-rw-r-- 1 opendmarc opendmarc 41543 May 30 06:42 opendmarc.dat |
> On Thu, May 30, 2019 12:52 am, Benny Pedersen wrote:
>> [hidden email] skrev den 2019-05-29 06:09: > >> change /var/run to /var/tmp >> >> if you reboot with your config you will loose data >> >> /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot /tmp and /var/tmp may be emptied at any time; they are not intended for persistent data. Sockets and temporary working files are fine; I wouldn't put anything in either one that I expected to keep around for very long. The exact default policy may also vary from *nix to *nix (either across Linux/*BSD/"real"-UNIX divisions, or between Linux distributions), and will almost certainly vary from system to system according to local administrator preference/policy. The default /var/spool/opendmarc/opendmarc.dat sounds reasonable; /var/lib/opendmarc/opendmarc.dat is probably another good choice. Files in these trees are expected to hang around. [hidden email] wrote: > following Dominic advice I've set "UMask 0002" as , and, also reverted to > default path, restarted some 10 hours ago, so far, so good, no more fopen > errors > > I'll change to /var/tmp next I'd just leave it in the default location; unless you have some strong reason to put it elsewhere. -kgd |
In reply to this post by Benny Pedersen-2
On 29 May 2019, at 08:52, Benny Pedersen <[hidden email]> wrote:
> /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot I've never heard that. Is that a real thing or just your own 'rule'? -- Lobotomy means never having to say you're sorry -- or anything else. |
On Thu, May 30, 2019 at 04:44:13AM -0600, @lbutlr wrote:
> On 29 May 2019, at 08:52, Benny Pedersen <[hidden email]> wrote: > > /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot > I've never heard that. Is that a real thing or just your own 'rule'? https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s15.html Bastian -- Hailing frequencies open, Captain. |
In reply to this post by @lbutlr
>On 29 May 2019, at 08:52, Benny Pedersen <[hidden email]> wrote:
>> /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot On 30.05.19 04:44, @lbutlr wrote: >I've never heard that. Is that a real thing or just your own 'rule'? it's standard FHS: https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard /tmp Temporary files (see also /var/tmp). Often not preserved between system reboots, and may be severely size restricted. /var/tmp Temporary files to be preserved between reboots. -- Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "Two words: Windows survives." - Craig Mundie, Microsoft senior strategist "So does syphillis. Good thing we have penicillin." - Matthew Alton |
On 30 May 2019, at 06:32, Matus UHLAR - fantomas <[hidden email]> wrote:
>> On 29 May 2019, at 08:52, Benny Pedersen <[hidden email]> wrote: >>> /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot > > On 30.05.19 04:44, @lbutlr wrote: >> I've never heard that. Is that a real thing or just your own 'rule'? > > it's standard FHS: > > https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard > > /tmp > > Temporary files (see also /var/tmp). Often not preserved between system reboots, and may be severely size restricted. > /var/tmp > > Temporary files to be preserved between reboots. But can still be deleted at any time, just "less frequently than /tmp"; certainly not a place to store necessary files. I don't see this anywhere for *BSD, thankfully, so I can safely ignore it. The only files in /var/tmp on my system are the database for pkg provides and a directory for vi.recovery containing a single file from April 2018. -- Two, Four, Six, Eight! Time to Transubstantiate! |
On 30 May 2019, at 07:24, @lbutlr <[hidden email]> wrote:
> But can still be deleted at any time, just "less frequently than /tmp"; certainly not a place to store necessary files. I don't see this anywhere for *BSD, thankfully, so I can safely ignore it. Goops, forgot to past this: /var/tmp/ Temporary files which are usually preserved across a system reboot, unless /var is a memory-based file system. which is much weaker than "…must not be deleted when the system is booted." -- "Two years from now, spam will be solved," -- Bill Gates, January, 2004 |
On 30.05.19 07:27, @lbutlr wrote:
>On 30 May 2019, at 07:24, @lbutlr <[hidden email]> wrote: >> But can still be deleted at any time, just "less frequently than /tmp"; certainly not a place to store necessary files. I don't see this anywhere for *BSD, thankfully, so I can safely ignore it. > >Goops, forgot to past this: > > >/var/tmp/ Temporary files which are usually preserved across a system reboot, unless /var is a memory-based file system. > >which is much weaker than "…must not be deleted when the system is booted." and what exxactly are you complaining about? btw the OP used /var/run, which is also designed to be cleaned upon boot. -- Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Fucking windows! Bring Bill Gates! (Southpark the movie) |
> On 30 May 2019, at 07:37, Matus UHLAR - fantomas <[hidden email]> wrote: > > On 30.05.19 07:27, @lbutlr wrote: >> On 30 May 2019, at 07:24, @lbutlr <[hidden email]> wrote: >>> But can still be deleted at any time, just "less frequently than /tmp"; certainly not a place to store necessary files. I don't see this anywhere for *BSD, thankfully, so I can safely ignore it. >> >> Goops, forgot to past this: >> >> >> /var/tmp/ Temporary files which are usually preserved across a system reboot, unless /var is a memory-based file system. >> >> which is much weaker than "…must not be deleted when the system is booted." > > and what exxactly are you complaining about? Nothing. Just commenting out the difference between Linux and *BSD in how they view this directory. > btw the OP used /var/run, which is also designed to be cleaned upon boot. That's not even part of the defined hierarchy for BSD, though it is often used for storing PID files and some sockets. Storing real data there seems like a bad idea, but sure enough, some programs seem to have put stuff there on my system, and some of it is quite old. Of course, without a specific policy in https://www.freebsd.org/doc/handbook/dirstructure.html it's hard to predict what will happen, though I would hope it is untouched. -- Far away, across the fields, the tolling of the iron bell calls the faithful to their knees to hear the softly spoken magic spells. |
Free forum by Nabble | Edit this page |