SMTP Authentication Failed - /etc/userdomains wrong perms

[silversurfer]

After tonight's update, users started reporting they can't send emails. This is the log:

2005-07-21 02:16:41 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:01 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:13 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:14 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:14 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:14 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:15 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:22 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)
2005-07-21 02:17:30 failed to open /etc/userdomains for linear search: Permission denied (euid=47 egid=12)


And this appears to be the reason:

root@server1 [/etc]# ls /etc/userdomains -all
-rw-rw---- 1 root root 8919 Jul 20 22:09 /etc/userdomains


Swell.

 

[Izzee]

Chirpy posted a fix for this yesterday, just can't put my finger on it. Perhaps you could spot it. It involves a permissions fix.
From memory you need to chown the file root mail.
Sorry to be a bit vague. It is there somewhere.

 

[silversurfer]

I know how to fix it. I just don't relish doing it on close to 100 servers.

 

[stasd]

I know how to fix it. I just don't relish doing it on close to 100 servers.

And evry one updated to edge %) It was crazy thing.

 

[silversurfer]

none are on edge. They are all on current.

 

[cPanelNick]

none are on edge. They are all on current.

/scripts/updateuserdomains will fix it if you are on the latest CURRENT (this is run at install time, so its strange that its gid is not set to mail)

otherwise


chown root:mail /etc/userdomains

UPDATE: just verified that the 10.4.0-CURRENT_150 installer does set those permissions

 

[cPanelNick]

Also make sure your group file is readable, on most linux systems this should work and show a 12

# perl -e '$i=(getgrnam("mail"))[2];print "$i\n";'
12

 

[BLazeD]

FYI I got this bug too

 

[sneader]

I got updated to Current 150 last night, and am having the same problem as everyone else. I ran /scripts/updateuserdomains and restarted Exim for good measure and my customers are happy.

I also entered the # perl -e '$i=(getgrnam("mail"))[2];print "$i\n";' that Nick mentions, and I do get 12 back, so that's apparently good.

So... what happened? I feel sorry for the guy with 100 servers to do this on, although that update script only takes a moment to run.

- Scott

 

[silversurfer]

I fixed it with

chgrp mail /etc/localdomains /etc/userdomains

even before Nick replied. It's easy to do, but 3 days in a roll with issues is just a bit too much. For good measure, I disabled auto-updates at the same time with:

replace CPANEL=current CPANEL=manual -- /etc/cpupdate.conf

 

[cPanelNick]

I fixed it with

chgrp mail /etc/localdomains /etc/userdomains

even before Nick replied. It's easy to do, but 3 days in a roll with issues is just a bit too much. For good measure, I disabled auto-updates at the same time with:

replace CPANEL=current CPANEL=manual -- /etc/cpupdate.conf

I had QA do about 10 installs of CURRENT, and it didn't happen on any of them.

What OS are you running.. Did you go from RELEASE to CURRENT, how did you update ? (web or upcp) , Have you run a 10.4 build before (ie EDGE) ?

 

[sneader]

I don't think you were asking me... but I am on "auto Current" -- so I get my Current updates whenever you push them out.

- Scott

 

[Cash]

I did:

/scripts/mailperm

/scripts/updatenow

/scripts/eximup

after that /scripts/updateuserdomains

Am i did correct way??

 

[Cash]

I did:

/scripts/mailperm

/scripts/updatenow

/scripts/eximup

after that /scripts/updateuserdomains

Am i did correct way??

The perl -e '$i=(getgrnam("mail"))[2];print "$i\n";'
return 12, do i setill need use chown root:mail /etc/userdomains ??

 

[silversurfer]

I had QA do about 10 installs of CURRENT, and it didn't happen on any of them.

What OS are you running.. Did you go from RELEASE to CURRENT, how did you update ? (web or upcp) , Have you run a 10.4 build before (ie EDGE) ?

It varies. But the majority of the servers are running CentOS 4.1. And the problem is verified to be happening on this OS. I didn't check manually that every single box have the issue as it doesn't hurt (and is faster) to just make sure with the group perms. But it definitely was happening on quite a number of servers as I tail the exim_mainlogs and some had problems with /etc/localdomains and not /etc userdomains.

The updates are on the nightly cron job.

Most of the servers been running CURRENT from the day we get the servers. ie. we didn't change anything recently, and no. most of the machines never run edge before. save for 1 which we used to test the issue with Cwd 3 days ago.

 

[Dacsoft]

I was planning on doing the manual upgrade today. If I get a 12 when I run the command perl -e '$i=(getgrnam("mail"))[2];print "$i\n";', does that mean it is alright, or should I still run the script?

thanks

 

[stormy]

FWIW I had the problem too. Techs at ev1servers couldn't fix it for 10 hours. Fortunately I found this in the forum!