FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 10-04-2011, 07:15 PM
 
Default postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied

Alexander Farber wrote:
> I'm trying to configure mail forwarding through Gmail
> on CentOS 6 with postfix, following the blog
> http://carlton.oriley.net/blog/?p=31
> and I think the blog has missed the step:
>
> # postmap /etc/postfix/sasl_passwd
>
> - as I've seen in the /var/log/maillog:
>
> postfix/smtp[1926]: fatal: open database /etc/postfix/sasl_passwd.db:
> No such file or directory
<snip>
> But when I try to run postmap, I get
>
> postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission
> denied
>
> even though the postfix service is stopped,
> the SELinux is permissive and the file is writable:
>
> [root@preferans postfix]# ll
> -rw-r--r--. 1 root root 20K Jun 25 14:50 access
<snip>
One thing I keep finding very annoying with most versions of Linux is the
alias for ll, which is *not* what I was used to in sun, Solaris, Irix, or
Tru64. Out of curiosity, try ls -laF /etc/postfix, and the libexec, and
let's see what permissions and ownerships the *directories* have.

mark

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-04-2011, 07:15 PM
Alexander Farber
 
Default postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied

Nevermind - solved that by

# sudo chown root.root sasl_passwd

(sorry, too tired in the evening)

On Tue, Oct 4, 2011 at 9:04 PM, Alexander Farber
<alexander.farber@gmail.com> wrote:
> I'm trying to configure mail forwarding through Gmail
> on CentOS 6 with postfix, following the blog
> http://carlton.oriley.net/blog/?p=31
> and I think the blog has missed the step:
>
> # postmap /etc/postfix/sasl_passwd
>
> *- as I've seen in the /var/log/maillog:
>
> postfix/smtp[1926]: fatal: open database /etc/postfix/sasl_passwd.db:
> No such file or directory
> postfix/master[1831]: warning: process /usr/libexec/postfix/smtp pid
> 1926 exit status 1
> postfix/master[1831]: warning: /usr/libexec/postfix/smtp: bad command
> startup -- throttling
>
> But when I try to run postmap, I get
>
> postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied
>
> even though the postfix service is stopped,
> the SELinux is permissive and the file is writable:
>
> [root@preferans postfix]# ll
> -rw-r--r--. 1 root * *root *20K Jun 25 14:50 access
> -rw-r--r--. 1 root * *root *12K Jun 25 14:50 canonical
> -rw-r--r--. 1 root * *root 9.7K Jun 25 14:50 generic
> -rw-r--r--. 1 root * *root *18K Jun 25 14:50 header_checks
> -rw-r--r--. 1 root * *root *27K Oct *4 20:24 main.cf
> -rw-r--r--. 1 root * *root *27K Oct *4 20:23 main.cf.OLD
> -rw-r--r--. 1 root * *root 5.0K Jun 25 14:50 master.cf
> -rw-r--r--. 1 root * *root 6.7K Jun 25 14:50 relocated
> -rw-r--r--. 1 postfix root *113 Oct *4 20:25 sasl_passwd
> -rw-r--r--. 1 root * *root *13K Jun 25 14:50 transport
> -rw-r--r--. 1 root * *root *13K Jun 25 14:50 virtual
>
> Has anybody fought this problem already?
>
> Thank you
> Alex
>
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-04-2011, 07:18 PM
Alexander Farber
 
Default postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied

Thank you, the "ls -laF" tip is good....

And now I unfortunately get:

postfix/postfix-script[2054]: starting the Postfix mail system
postfix/master[2056]: daemon started -- version 2.6.6, configuration
/etc/postfix
postfix/qmgr[2059]: F10CC31D62CC: from=<root@preferans.localdomain>,
size=609, nrcpt=1 (queue active)
postfix/smtp[2061]: warning: cannot get RSA certificate from file
/etc/pki/tls/gmail_relay/server.pem: disabling TLS support
postfix/smtp[2061]: warning: TLS library problem:
2061:error:0906D06C:PEM routines:PEM_read_bio:no start
lineem_lib.c:698:Expecting: TRUSTED CERTIFICATE:
postfix/smtp[2061]: warning: TLS library problem:
2061:error:140DC009:SSL
routines:SSL_CTX_use_certificate_chain_file:PEM lib:ssl_rsa.c:729:
postfix/smtp[2061]: F10CC31D62CC: to=<Alexander.Farber@gmail.com>,
orig_to=<root>, relay=smtp.gmail.com[74.125.39.109]:587, delay=2963,
delays=2963/0.07/0.03/0.01, dsn=5.7.0, status=bounced (host
smtp.gmail.com[74.125.39.109] said: 530 5.7.0 Must issue a STARTTLS
command first. m26sm26530788fac.6 (in reply to MAIL FROM command))
postfix/cleanup[2064]: 2FE0C31D6686:
message-id=<20111004191529.2FE0C31D6686@preferans.localdom ain>
postfix/bounce[2063]: F10CC31D62CC: sender non-delivery notification:
2FE0C31D6686
postfix/qmgr[2059]: 2FE0C31D6686: from=<>, size=2696, nrcpt=1 (queue active)
postfix/qmgr[2059]: F10CC31D62CC: removed
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-04-2011, 07:21 PM
Alexander Farber
 
Default postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied

Eventhough I have at the bottom of main.cf:

#### GMail SSL SMTP Relay
relayhost = [smtp.gmail.com]:587
#auth
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

#tls
smtp_use_tls = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_note_starttls_offer = yes
tls_random_source = dev:/dev/urandom
smtp_tls_scert_verifydepth = 5
smtp_tls_key_file=/etc/pki/tls/gmail_relay/server.key
smtp_tls_cert_file=/etc/pki/tls/gmail_relay/server.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_req_ccert =no
smtp_tls_enforce_peername = no


On Tue, Oct 4, 2011 at 9:18 PM, Alexander Farber
<alexander.farber@gmail.com> wrote:
> postfix/smtp[2061]: F10CC31D62CC: to=<Alexander.Farber@gmail.com>,
> orig_to=<root>, relay=smtp.gmail.com[74.125.39.109]:587, delay=2963,
> delays=2963/0.07/0.03/0.01, dsn=5.7.0, status=bounced (host
> smtp.gmail.com[74.125.39.109] said: 530 5.7.0 Must issue a STARTTLS
> command first. m26sm26530788fac.6 (in reply to MAIL FROM command))
> postfix/cleanup[2064]: 2FE0C31D6686:
> message-id=<20111004191529.2FE0C31D6686@preferans.localdom ain>
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-04-2011, 08:46 PM
Alexander Farber
 
Default postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied

Hello,

On Tue, Oct 4, 2011 at 10:37 PM, Craig White <craig.white@ttiltd.com> wrote:
>> postfix/smtp[2061]: warning: TLS library problem:
>> 2061:error:0906D06C:PEM routines:PEM_read_bio:no start
>> lineem_lib.c:698:Expecting: TRUSTED CERTIFICATE:
>> postfix/smtp[2061]: warning: TLS library problem:
>> 2061:error:140DC009:SSL
>
> There's something wrong with this file as it is not a PEM encoded certificate file as is expected.
>
> Easy enough to verify...
>
> openssl x509 -in $YOUR_CERTIFICATE.pem -noout -text

oops, sorry, after struggling I've just deleted
that file and installed sendmail. I'll try your suggestion
later though with my development VM.

Could the reason also be that I've started with
a minimalistic CentOS 6 installation and was
missing the cyrus-sasl-plain and cyrus-sasl-md5 packages?

Thank you
Alex
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-05-2011, 08:44 AM
Alexander Farber
 
Default postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied

Thanks Craig for your comments.

I've got my sendmail on CentOS 6 working with:

# yum erase postfix
# yum install sendmail sendmail-cf

# mkdir /etc/mail/auth
# chmod 700 /etc/mail/auth
# mkdir /etc/mail/certs
# chmod 700 /etc/mail/certs

Create the file /etc/mail/auth/client-info:

AuthInfo:smtp.gmail.com "U:smmsp" "I:Alexander.Farber" "P:XXX" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:smmsp" "I:Alexander.Farber" "P:XXX" "M:PLAIN"

# cd /etc/mail/auth
# makemap -r hash client-info.db < client-info

# cd /etc/mail/certs
# openssl dsaparam 1024 -out dsa1024.pem
# openssl req -x509 -nodes -days 3650 -newkey dsa:dsa1024.pem -out
/etc/mail/certs/mycert.pem -keyout /etc/mail/certs/mykey.pem
# ln -s /etc/mail/certs/mycert.pem /etc/mail/certs/CAcert.pem
# rm dsa1024.pem
# chmod 400 *.pem

Added to file /etc/mail/sendmail.mc:

define(`SMART_HOST', `smtp.gmail.com')dnl

define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')
define(`confCACERT_PATH', `CERT_DIR')
define(`confCACERT', `CERT_DIR/CAcert.pem')
define(`confSERVER_CERT', `CERT_DIR/mycert.pem')
define(`confSERVER_KEY', `CERT_DIR/mykey.pem')
define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')
define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')

Then "make" in /etc/mail and "service sendmail restart"

I understand your point that it is stupid of me (and probably
many other users) to ask same questions again and
again, without really understanding what's going on :-)

The file /etc/pki/tls/misc/CA.pl on CentOS is cubersome
to understand though. I tried creating ./CA.pl -newca etc.
but then I wanted to start over because of an invalid
input made by myself and I didn't even know how.

I know CA.pl keeps a text file somewhere where it
stores increasing integer numbers... but couldn't find it

Regards
Alex
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-05-2011, 08:48 AM
Alexander Farber
 
Default postmap: fatal: open database /etc/postfix/sasl_passwd.db: Permission denied

Also needed for Gmail in sendmail.mc:

define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')dnl

FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:28 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org