Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: showq permissions failure

  1. #1
    Join Date
    Jan 2008
    Posts
    28
    Rep Power
    7

    Default showq permissions failure

    After a server restart, I keep getting:

    Jan 30 12:17:30 prmx055 postfix/postqueue[26041]: fatal: Connect to the Postfix showq service: Permission denied

    After a zmfixperms as root and a service restart:

    [zimbra@email ~]$ mailq
    postqueue: fatal: Connect to the Postfix showq service: Permission denied

    RHEL5 here-- any suggestions?

    EDIT: Upon further observation, it's been doing this since I built the server. What's my next logical troubleshooting step?
    Last edited by GoneWestCoast; 01-30-2008 at 01:43 PM. Reason: Further Observation

  2. #2
    Join Date
    Mar 2006
    Location
    Greenwood, IN
    Posts
    90
    Rep Power
    9

    Default

    check your /etc/sudoers file for:

    %zimbra ALL=NOPASSWD:/opt/zimbra/postfix-2.2.9/sbin/postfix, /opt/zimbra/postfix-2.2.9/sbin/postalias, /opt/zimbra/postfix 2.2.9/sbin/qshape.pl, /opt/zimbra/postfix 2.2.9/sbin/postconf,/opt/zimbra/postfix-2.2.9/sbin/postsuper

  3. #3
    Join Date
    Jan 2008
    Posts
    28
    Rep Power
    7

    Default

    %zimbra ALL=NOPASSWD:/opt/zimbra/postfix-2.4.3.3z/sbin/postfix, /opt/zimbra/postfix-2.4.3.3z/sbin/postalias, /opt/zimbra/postfix-2.4.3.3z/sbin/qshape.pl, /opt/zimbra/postfix-2.4.3.3z/sbin/postconf,/opt/zimbra/postfix-2.4.3.3z/sbin/postsuper


    My version numbers are different than yours, but should be correct-- I'm on 5.0.1.

  4. #4
    Join Date
    Feb 2006
    Location
    Pune, India
    Posts
    294
    Rep Power
    9

    Default

    Perhaps you have already checked this. But wanted to confirm that you have SELinux disabled.
    Regards,

    Chintan Zaveri
    (Yet another ZIMBRAN!)

    "Dhundhne par Bhagwan bhi ..."

  5. #5
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    Rerun /opt/zimbra/libexec/zmfixperms as root. Sounds like your postfix/spool and postfix/sbin/* files don't have the right perms.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  6. #6
    Join Date
    Jan 2008
    Posts
    28
    Rep Power
    7

    Default

    Quote Originally Posted by brian View Post
    Rerun /opt/zimbra/libexec/zmfixperms as root. Sounds like your postfix/spool and postfix/sbin/* files don't have the right perms.
    Done so, issue continues.

    SELinux is disabled.

    postfix/spool is owned by postfix, and the group is postfix for everything except maildrop and public, where it's postdrop.

    postfix/sbin:
    lrwxrwxrwx 1 root root 53 Jan 23 12:15 mailq -> ../../../../opt/zimbra/postfix-2.4.3.3z/sbin/sendmail
    lrwxrwxrwx 1 root root 53 Jan 23 12:15 newaliases -> ../../../../opt/zimbra/postfix-2.4.3.3z/sbin/sendmail
    -rwxr-xr-x 1 root root 715796 Jan 2 22:24 postalias
    -rwxr-xr-x 1 root root 406653 Jan 2 22:24 postcat
    -rwxr-xr-x 1 root root 822822 Jan 2 22:24 postconf
    -rwxr-sr-x 1 root postdrop 639202 Jan 2 22:24 postdrop
    -rwxr-xr-x 1 root root 359377 Jan 2 22:24 postfix
    -rwxr-xr-x 1 root root 396827 Jan 2 22:24 postkick
    -rwxr-xr-x 1 root root 386626 Jan 2 22:24 postlock
    -rwxr-xr-x 1 root root 365802 Jan 2 22:24 postlog
    -rwxr-xr-x 1 root root 684349 Jan 2 22:24 postmap
    -rwxr-sr-x 1 root postdrop 731520 Jan 2 22:24 postqueue
    -rwxr-xr-x 1 root root 424747 Jan 2 22:24 postsuper
    -r-xr-xr-x 1 root root 12846 Jan 9 19:17 qshape.pl
    -rwxr-xr-x 1 root root 735940 Jan 2 22:24 sendmail

  7. #7
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    Post the output of the following.

    Code:
    zmcontrol status
    postqueue -p
    netstat -an | grep showq
    Bugzilla - Wiki - Downloads - Before posting... Search!

  8. #8
    Join Date
    Jan 2008
    Posts
    28
    Rep Power
    7

    Default

    [root@prmx055 ~]# su - zimbra
    [zimbra@prmx055 ~]$ zmcontrol status
    Host prmx055.reachlocal.com
    antispam Running
    antivirus Running
    ldap Running
    logger Running
    mailbox Running
    mta Running
    snmp Running
    spell Running
    stats Running
    [zimbra@prmx055 ~]$ postqueue -p
    postqueue: fatal: Connect to the Postfix showq service: Permission denied
    [zimbra@prmx055 ~]$ netstat -an | grep showq
    unix 2 [ ACC ] STREAM LISTENING 780736 public/showq
    [zimbra@prmx055 ~]$

  9. #9
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    The postqueue binary should be setgid to the postdrop group so that it has permissions to view the maildrop directory. So a couple things could be happening.

    - setguid bit on the postqueue binary is not set
    - your filesystem is mounted without setuid support

    Your perms should look something like this.
    ls -ld /opt/zimbra/postfix/sbin/postqueue /opt/zimbra/postfix/spool/public/* /opt/zimbra/postfix/spool/maildrop
    -rwxr-sr-x 1 root postdrop 730361 Jan 22 14:38 /opt/zimbra/postfix/sbin/postqueue
    drwx-wx--- 2 postfix postdrop 4096 Jan 22 14:38 /opt/zimbra/postfix/spool/maildrop
    srw-rw-rw- 1 postfix postfix 0 Jan 24 22:19 /opt/zimbra/postfix/spool/public/cleanup
    srw-rw-rw- 1 postfix postfix 0 Jan 24 22:19 /opt/zimbra/postfix/spool/public/flush
    prw--w--w- 1 postfix postfix 0 Jan 31 09:15 /opt/zimbra/postfix/spool/public/pickup
    prw--w--w- 1 postfix postfix 0 Jan 31 09:16 /opt/zimbra/postfix/spool/public/qmgr
    srw-rw-rw- 1 postfix postfix 0 Jan 24 22:19 /opt/zimbra/postfix/spool/public/showq
    Bugzilla - Wiki - Downloads - Before posting... Search!

  10. #10
    Join Date
    Jan 2008
    Posts
    28
    Rep Power
    7

    Default

    Quote Originally Posted by brian View Post
    The postqueue binary should be setgid to the postdrop group so that it has permissions to view the maildrop directory. So a couple things could be happening.

    - setguid bit on the postqueue binary is not set
    - your filesystem is mounted without setuid support

    Your perms should look something like this.

    That's exactly what I have--

    [root@prmx055 log]# ls -ld /opt/zimbra/postfix/sbin/postqueue /opt/zimbra/postfix/spool/public/* /opt/zimbra/postfix/spool/maildrop
    -rwxr-sr-x 1 root postdrop 731520 Jan 2 22:24 /opt/zimbra/postfix/sbin/postqueue
    drwx-wx--- 2 postfix postdrop 4096 Jan 2 22:24 /opt/zimbra/postfix/spool/maildrop
    srw-rw-rw- 1 postfix postfix 0 Jan 31 05:30 /opt/zimbra/postfix/spool/public/cleanup
    srw-rw-rw- 1 postfix postfix 0 Jan 31 05:30 /opt/zimbra/postfix/spool/public/flush
    prw--w--w- 1 postfix postfix 0 Jan 31 09:47 /opt/zimbra/postfix/spool/public/pickup
    prw--w--w- 1 postfix postfix 0 Jan 31 09:48 /opt/zimbra/postfix/spool/public/qmgr
    srw-rw-rw- 1 postfix postfix 0 Jan 31 05:30 /opt/zimbra/postfix/spool/public/showq

Similar Threads

  1. Error loading on Mac OS X 10.4.10 server PPC
    By qprcanada in forum Installation
    Replies: 7
    Last Post: 10-26-2007, 07:25 AM
  2. 3.0 to 4.5.3 Upgrade failed (mysql error)
    By dealt in forum Installation
    Replies: 35
    Last Post: 03-19-2007, 11:30 PM
  3. MTA is Dying after yum update
    By tonyawbrey in forum Administrators
    Replies: 27
    Last Post: 04-02-2006, 07:11 PM
  4. Yet another get.DirectContext issue
    By dccpark in forum Installation
    Replies: 5
    Last Post: 03-08-2006, 01:25 PM
  5. system failure: getDirectContext
    By avisser in forum Installation
    Replies: 3
    Last Post: 10-12-2005, 06:32 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •