SMTP Authentication Failed - /etc/userdomains wrong perms

silversurfer

Well-Known Member
Dec 29, 2002
274
0
168
After tonight's update, users started reporting they can't send emails. This is the log:

2005-07-21 02:16:41 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:01 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:13 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:14 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:14 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:14 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:15 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:22 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:30 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)


And this appears to be the reason:

[email protected] [/etc]# ls /etc/userdomains -all
-rw-rw---- 1 root root 8919 Jul 20 22:09 /etc/userdomains


Swell.
 

Izzee

Well-Known Member
Feb 6, 2004
469
0
166
Chirpy posted a fix for this yesterday, just can't put my finger on it. Perhaps you could spot it. It involves a permissions fix.
From memory you need to chown the file root mail.
Sorry to be a bit vague. It is there somewhere.
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,481
35
208
cPanel Access Level
DataCenter Provider
silversurfer said:
none are on edge. They are all on current.

/scripts/updateuserdomains will fix it if you are on the latest CURRENT (this is run at install time, so its strange that its gid is not set to mail)

otherwise


chown root:mail /etc/userdomains

UPDATE: just verified that the 10.4.0-CURRENT_150 installer does set those permissions
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,481
35
208
cPanel Access Level
DataCenter Provider
Also make sure your group file is readable, on most linux systems this should work and show a 12

# perl -e '$i=(getgrnam("mail"))[2];print "$i\n";'
12
 

sneader

Well-Known Member
Aug 21, 2003
1,195
67
178
La Crosse, WI
cPanel Access Level
Root Administrator
I got updated to Current 150 last night, and am having the same problem as everyone else. I ran /scripts/updateuserdomains and restarted Exim for good measure and my customers are happy.

I also entered the # perl -e '$i=(getgrnam("mail"))[2];print "$i\n";' that Nick mentions, and I do get 12 back, so that's apparently good.

So... what happened? I feel sorry for the guy with 100 servers to do this on, although that update script only takes a moment to run.

- Scott
 

silversurfer

Well-Known Member
Dec 29, 2002
274
0
168
I fixed it with

chgrp mail /etc/localdomains /etc/userdomains

even before Nick replied. It's easy to do, but 3 days in a roll with issues is just a bit too much. For good measure, I disabled auto-updates at the same time with:

replace CPANEL=current CPANEL=manual -- /etc/cpupdate.conf
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,481
35
208
cPanel Access Level
DataCenter Provider
silversurfer said:
I fixed it with

chgrp mail /etc/localdomains /etc/userdomains

even before Nick replied. It's easy to do, but 3 days in a roll with issues is just a bit too much. For good measure, I disabled auto-updates at the same time with:

replace CPANEL=current CPANEL=manual -- /etc/cpupdate.conf

I had QA do about 10 installs of CURRENT, and it didn't happen on any of them.

What OS are you running.. Did you go from RELEASE to CURRENT, how did you update ? (web or upcp) , Have you run a 10.4 build before (ie EDGE) ?
 

sneader

Well-Known Member
Aug 21, 2003
1,195
67
178
La Crosse, WI
cPanel Access Level
Root Administrator
I don't think you were asking me... but I am on "auto Current" -- so I get my Current updates whenever you push them out.

- Scott
 

Cash

Well-Known Member
Jun 9, 2004
47
0
156
I did:

/scripts/mailperm

/scripts/updatenow

/scripts/eximup

after that /scripts/updateuserdomains

Am i did correct way??
 

Cash

Well-Known Member
Jun 9, 2004
47
0
156
Cash said:
I did:

/scripts/mailperm

/scripts/updatenow

/scripts/eximup

after that /scripts/updateuserdomains

Am i did correct way??
The perl -e '$i=(getgrnam("mail"))[2];print "$i\n";'
return 12, do i setill need use chown root:mail /etc/userdomains ??
 

silversurfer

Well-Known Member
Dec 29, 2002
274
0
168
cpanelnick said:
I had QA do about 10 installs of CURRENT, and it didn't happen on any of them.

What OS are you running.. Did you go from RELEASE to CURRENT, how did you update ? (web or upcp) , Have you run a 10.4 build before (ie EDGE) ?
It varies. But the majority of the servers are running CentOS 4.1. And the problem is verified to be happening on this OS. I didn't check manually that every single box have the issue as it doesn't hurt (and is faster) to just make sure with the group perms. But it definitely was happening on quite a number of servers as I tail the exim_mainlogs and some had problems with /etc/localdomains and not /etc userdomains.

The updates are on the nightly cron job.

Most of the servers been running CURRENT from the day we get the servers. ie. we didn't change anything recently, and no. most of the machines never run edge before. save for 1 which we used to test the issue with Cwd 3 days ago.
 

Dacsoft

Well-Known Member
Aug 30, 2003
45
0
156
Melbourne, Florida
I was planning on doing the manual upgrade today. If I get a 12 when I run the command perl -e '$i=(getgrnam("mail"))[2];print "$i\n";', does that mean it is alright, or should I still run the script?

thanks