Results 1 to 7 of 7

Thread: Problems upgrading from 5.0.7 Ubuntu 8 Community build to 5.0.9_GA_2533.UBUNTU8

  1. #1
    Join Date
    Jan 2008
    Posts
    6
    Rep Power
    7

    Default Problems upgrading from 5.0.7 Ubuntu 8 Community build to 5.0.9_GA_2533.UBUNTU8

    Did an upgrade this evening from the Ubuntu 8.04 5.0.7 community build on sourceforge to 5.0.9_GA_2533.UBUNTU8 FOSS edition. After the upgrade I couldn't send any messages from the web UI or through IMAP/SMTP. Reading messages worked fine.

    Narrowed it down to the following files:

    Aug 19 23:23:04 mail postfix/proxymap[20748]: fatal: open /opt/zimbra/conf/ldap-scm.cf: Permission denied
    Aug 19 23:24:05 mail postfix/proxymap[21181]: fatal: open /opt/zimbra/conf/ldap-vam.cf: Permission denied

    They had permissions set as the following:

    -rw-r----- 1 zimbra postfix 445 2008-08-19 23:09 ldap-scm.cf

    Setting these files to allow anyone to read them got my server back up and running. 644 probably isn't right, but it's working at the moment. What are the correct owner/permissions for these files?

    Not sure if this applies to 5.0.9 Ubuntu 8 in general, or if it was just caused by my strange upgrade path.

    Let me know if any more info is needed.

  2. #2
    Join Date
    Jul 2008
    Posts
    44
    Rep Power
    7

    Default

    i did the same thing this morning, and i did not hit the error you saw.

    my ldap-scm.cf shows the same as you posted

    -rw-r----- 1 zimbra postfix 433 2008-08-19 18:26 ldap-scm.cf

    my random guess:

    sounds like your postfix was not running as the expected user somehow. double check to see if you have processes running as user postfix and zimbra.

  3. #3
    Join Date
    Jan 2008
    Posts
    6
    Rep Power
    7

    Default

    Thanks for the reply,

    A quick look at my processes shows that everything on the server short of my current ssh session is running as either root, zimbra, or postfix. Can anyone give me any more insight as to which processes specifically I should be looking at?

    smtp, smtpd, lmtp are all running as the postfix user.

  4. #4
    Join Date
    Mar 2007
    Posts
    3
    Rep Power
    8

    Default

    I ran into the same problem upgrading from 5.0.7 to 5.0.9 on Fedora 7.

    Comparing permissions on the offending files between these versions, I get:

    5.0.7:

    -rw-rw-r-- zimbra zimbra 355 2008-08-31 11:45:40 ldap-vad.cf
    -rw-rw-r-- zimbra zimbra 439 2008-08-31 11:45:40 ldap-scm.cf
    -rw-rw-r-- zimbra zimbra 367 2008-08-31 11:45:40 ldap-transport.cf
    -rw-rw-r-- zimbra zimbra 498 2008-08-31 11:45:40 ldap-vam.cf
    -rw-rw-r-- zimbra zimbra 355 2008-08-31 11:45:40 ldap-vmd.cf
    -rw-rw-r-- zimbra zimbra 349 2008-08-31 11:45:40 ldap-vmm.cf

    5.0.9:

    -rw-r----- 1 zimbra postfix 439 2008-08-31 22:43 ldap-scm.cf
    -rw-r----- 1 zimbra postfix 367 2008-08-31 22:43 ldap-transport.cf
    -rw-r----- 1 zimbra postfix 355 2008-08-31 22:43 ldap-vad.cf
    -rw-r----- 1 zimbra postfix 498 2008-08-31 22:43 ldap-vam.cf
    -rw-r----- 1 zimbra postfix 355 2008-08-31 22:43 ldap-vmd.cf
    -rw-r----- 1 zimbra postfix 349 2008-08-31 22:43 ldap-vmm.cf

    Although the group switch from zimbra to postfix might be deliberate, it looks like the upgrade changed the permissions such that Postfix no longer works.

    Adding world-read permissions (chmod o+r ldap-*.cf) indeed fixed the problem.

  5. #5
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    12

    Default

    does zmfixperms resolve the error correctly without resorting to manual chmod?

    it's possibly worth filing a but against ubuntu8 official build on this. during an upgrade the old packages are removed and new ones installed - the incorrect postfix system file ownerships should not be an artifact of the upgrade.

  6. #6
    Join Date
    Mar 2007
    Posts
    3
    Rep Power
    8

    Default

    I've executed the experiment per your (good) suggestion, and it turns out that running zmfixperms doesn't resolve the error: it causes it(!)

    I've subsequently checked that script, and it contains code like:

    chgrp -f ${postfix_owner} ${zimbra_home}/conf/ldap-scm.cf
    chmod 640 ${zimbra_home}/conf/ldap-scm.cf

    which changes both the group and the permissions such that you end up with the incompatible permission set.

    While I assume that this script is the same in all distributions, could it be that this is not true? I'm trying to understand why more people haven't run into this issue.

  7. #7
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    12

    Default

    quite possibly they locked down permissions in 5.0.9. 640 where the group owner is postfix should be fine, as all the postfix processes should run as postfix user/group. check your postfix processes are all running as postfix?

    also check your sudoers file to ensure the postfix version matches what is actually active in /opt/zimbra. if the upgrade doesn't go 100% sometimes this file isn't updated.

Similar Threads

  1. Replies: 7
    Last Post: 09-19-2008, 12:56 PM
  2. ZCS 5.0.7 + ubuntu (community pkg)
    By ralph in forum Installation
    Replies: 5
    Last Post: 07-09-2008, 03:26 AM
  3. Ubuntu 8.04 64-bit build (Hardy A4)
    By ironstorm in forum Developers
    Replies: 17
    Last Post: 02-22-2008, 10:55 AM
  4. Ubuntu 6.06 LTS server install problems
    By Kavey1978 in forum Installation
    Replies: 17
    Last Post: 05-30-2007, 02:49 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •